Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus


  • This topic is locked This topic is locked
16 replies to this topic

#1 Varun Muralidharan

Varun Muralidharan

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 19 August 2012 - 07:07 AM

Hi All,

My laptop is infected with redirect virus. I am using Windows 7 as my Operating System. I am unable to fix it, even after numerous trials with certain antivirus software.
Moreover my Microsoft Security Essentials shuts down immediately as soon as I open it. I am also unable to turn on Windows Security Center.
I strongly feel that everything is related to the redirect virus that has infected the laptop. My earlier restore points that I had set are all gone too and was also turned off.

I had already started a topic in "Am I infected? What do I do?" ( Redirect Virus ), but was unable to get it resolved. I was asked to create a topic in this forum.

I would love to get some help from you.

Thanks All!
-Varun

BC AdBot (Login to Remove)

 


#2 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 19 August 2012 - 11:58 AM

TDSS
----
00:35:34.0123 3400 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
00:35:34.0752 3400 ============================================================
00:35:34.0752 3400 Current date / time: 2012/08/19 00:35:34.0752
00:35:34.0752 3400 SystemInfo:
00:35:34.0752 3400
00:35:34.0752 3400 OS Version: 6.1.7601 ServicePack: 1.0
00:35:34.0752 3400 Product type: Workstation
00:35:34.0752 3400 ComputerName: ZAVIST
00:35:34.0752 3400 UserName: user
00:35:34.0752 3400 Windows directory: C:\Windows
00:35:34.0752 3400 System windows directory: C:\Windows
00:35:34.0752 3400 Processor architecture: Intel x86
00:35:34.0752 3400 Number of processors: 4
00:35:34.0752 3400 Page size: 0x1000
00:35:34.0753 3400 Boot type: Normal boot
00:35:34.0753 3400 ============================================================
00:35:35.0413 3400 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:35:35.0418 3400 ============================================================
00:35:35.0418 3400 \Device\Harddisk0\DR0:
00:35:35.0418 3400 MBR partitions:
00:35:35.0419 3400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:35:35.0419 3400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9104800
00:35:35.0429 3400 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0xC80C800
00:35:35.0448 3400 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x18B5D800, BlocksNum 0xC805000
00:35:35.0464 3400 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x25363000, BlocksNum 0xC805000
00:35:35.0477 3400 \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x31B68800, BlocksNum 0x881D000
00:35:35.0502 3400 ============================================================
00:35:35.0528 3400 C: <-> \Device\Harddisk0\DR0\Partition2
00:35:35.0566 3400 F: <-> \Device\Harddisk0\DR0\Partition3
00:35:35.0598 3400 G: <-> \Device\Harddisk0\DR0\Partition4
00:35:35.0634 3400 H: <-> \Device\Harddisk0\DR0\Partition5
00:35:35.0670 3400 I: <-> \Device\Harddisk0\DR0\Partition6
00:35:35.0670 3400 ============================================================
00:35:35.0671 3400 Initialize success
00:35:35.0671 3400 ============================================================
00:35:36.0984 5512 ============================================================
00:35:36.0984 5512 Scan started
00:35:36.0984 5512 Mode: Manual;
00:35:36.0984 5512 ============================================================
00:35:38.0954 5512 ================ Scan services =============================
00:35:39.0274 5512 [ 1b133875b8aa8ac48969bd3458afe9f5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:35:39.0279 5512 1394ohci - ok
00:35:39.0309 5512 [ cc1f1d3d70dc13c2c281488d347d4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
00:35:39.0312 5512 Accelerometer - ok
00:35:39.0329 5512 [ cea80c80bed809aa0da6febc04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:35:39.0335 5512 ACPI - ok
00:35:39.0362 5512 [ 1efbc664abff416d1d07db115dcb264f ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:35:39.0364 5512 AcpiPmi - ok
00:35:39.0487 5512 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:35:39.0491 5512 AdobeARMservice - ok
00:35:39.0556 5512 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:35:39.0561 5512 AdobeFlashPlayerUpdateSvc - ok
00:35:39.0606 5512 [ 21e785ebd7dc90a06391141aac7892fb ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:35:39.0623 5512 adp94xx - ok
00:35:39.0642 5512 [ 0c676bc278d5b59ff5abd57bbe9123f2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:35:39.0648 5512 adpahci - ok
00:35:39.0671 5512 [ 7c7b5ee4b7b822ec85321fe23a27db33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:35:39.0676 5512 adpu320 - ok
00:35:39.0714 5512 [ 8b5eefeec1e6d1a72a06c526628ad161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:35:39.0717 5512 AeLookupSvc - ok
00:35:39.0789 5512 [ 827dbc22c96eecf6d36a13162fabafd3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe
00:35:39.0792 5512 AESTFilters - ok
00:35:39.0837 5512 [ 9ebbba55060f786f0fcaa3893bfa2806 ] AFD C:\Windows\system32\drivers\afd.sys
00:35:39.0844 5512 AFD - ok
00:35:39.0876 5512 [ 507812c3054c21cef746b6ee3d04dd6e ] agp440 C:\Windows\system32\drivers\agp440.sys
00:35:39.0878 5512 agp440 - ok
00:35:39.0905 5512 [ 8b30250d573a8f6b4bd23195160d8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
00:35:39.0908 5512 aic78xx - ok
00:35:39.0927 5512 [ 18a54e132947cd98fea9accc57f98f13 ] ALG C:\Windows\System32\alg.exe
00:35:39.0930 5512 ALG - ok
00:35:39.0947 5512 [ 0d40bcf52ea90fc7df2aeab6503dea44 ] aliide C:\Windows\system32\drivers\aliide.sys
00:35:39.0949 5512 aliide - ok
00:35:39.0964 5512 [ 3c6600a0696e90a463771c7422e23ab5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:35:39.0966 5512 amdagp - ok
00:35:39.0976 5512 [ cd5914170297126b6266860198d1d4f0 ] amdide C:\Windows\system32\drivers\amdide.sys
00:35:39.0979 5512 amdide - ok
00:35:39.0993 5512 [ 00dda200d71bac534bf56a9db5dfd666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:35:39.0996 5512 AmdK8 - ok
00:35:40.0008 5512 [ 3cbf30f5370fda40dd3e87df38ea53b6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:35:40.0011 5512 AmdPPM - ok
00:35:40.0040 5512 [ d320bf87125326f996d4904fe24300fc ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:35:40.0043 5512 amdsata - ok
00:35:40.0077 5512 [ ea43af0c423ff267355f74e7a53bdaba ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:35:40.0082 5512 amdsbs - ok
00:35:40.0098 5512 [ 46387fb17b086d16dea267d5be23a2f2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:35:40.0100 5512 amdxata - ok
00:35:40.0143 5512 [ 7df70a08b56cbbc874744d9b0b396272 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
00:35:40.0149 5512 ApfiltrService - ok
00:35:40.0193 5512 [ aea177f783e20150ace5383ee368da19 ] AppID C:\Windows\system32\drivers\appid.sys
00:35:40.0196 5512 AppID - ok
00:35:40.0214 5512 [ 62a9c86cb6085e20db4823e4e97826f5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:35:40.0217 5512 AppIDSvc - ok
00:35:40.0261 5512 [ fb1959012294d6ad43e5304df65e3c26 ] Appinfo C:\Windows\System32\appinfo.dll
00:35:40.0263 5512 Appinfo - ok
00:35:40.0339 5512 [ d8e18021f91ad79ca8491cb5a5da22d4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:35:40.0342 5512 Apple Mobile Device - ok
00:35:40.0399 5512 [ 2932004f49677bd84dbc72edb754ffb3 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:35:40.0402 5512 arc - ok
00:35:40.0422 5512 [ 5d6f36c46fd283ae1b57bd2e9feb0bc7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:35:40.0425 5512 arcsas - ok
00:35:40.0444 5512 [ add2ade1c2b285ab8378d2daaf991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:35:40.0446 5512 AsyncMac - ok
00:35:40.0503 5512 [ 338c86357871c167a96ab976519bf59e ] atapi C:\Windows\system32\drivers\atapi.sys
00:35:40.0505 5512 atapi - ok
00:35:40.0592 5512 [ cfe432e8eeacbcea3dbf53ea76978a65 ] athr C:\Windows\system32\DRIVERS\athr.sys
00:35:40.0662 5512 athr - ok
00:35:40.0717 5512 [ ce3b4e731638d2ef62fcb419be0d39f0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:35:40.0727 5512 AudioEndpointBuilder - ok
00:35:40.0739 5512 [ ce3b4e731638d2ef62fcb419be0d39f0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:35:40.0744 5512 Audiosrv - ok
00:35:40.0798 5512 [ 6e30d02aac9cac84f421622e3a2f6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:35:40.0801 5512 AxInstSV - ok
00:35:40.0830 5512 [ 1a231abec60fd316ec54c66715543cec ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
00:35:40.0839 5512 b06bdrv - ok
00:35:40.0858 5512 [ bd8869eb9cde6bbe4508d869929869ee ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
00:35:40.0865 5512 b57nd60x - ok
00:35:40.0906 5512 [ ee1e9c3bb8228ae423dd38db69128e71 ] BDESVC C:\Windows\System32\bdesvc.dll
00:35:40.0909 5512 BDESVC - ok
00:35:40.0921 5512 [ 505506526a9d467307b3c393dedaf858 ] Beep C:\Windows\system32\drivers\Beep.sys
00:35:40.0926 5512 Beep - ok
00:35:40.0959 5512 [ 1e2bac209d184bb851e1a187d8a29136 ] BFE C:\Windows\System32\bfe.dll
00:35:40.0978 5512 BFE - ok
00:35:41.0053 5512 [ 1b63f2b7ca6b5290cc124cdd07520bc9 ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
00:35:41.0057 5512 BingDesktopUpdate - ok
00:35:41.0082 5512 [ e585445d5021971fae10393f0f1c3961 ] BITS C:\Windows\system32\qmgr.dll
00:35:41.0105 5512 BITS - ok
00:35:41.0121 5512 [ 2287078ed48fcfc477b05b20cf38f36f ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:35:41.0124 5512 blbdrive - ok
00:35:41.0191 5512 [ db5bea73edaf19ac68b2c0fad0f92b1a ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:35:41.0198 5512 Bonjour Service - ok
00:35:41.0236 5512 [ 8f2da3028d5fcbd1a060a3de64cd6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:35:41.0238 5512 bowser - ok
00:35:41.0248 5512 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:35:41.0251 5512 BrFiltLo - ok
00:35:41.0266 5512 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:35:41.0268 5512 BrFiltUp - ok
00:35:41.0309 5512 [ 77361d72a04f18809d0efb6cceb74d4b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:35:41.0312 5512 BridgeMP - ok
00:35:41.0349 5512 [ 3daa727b5b0a45039b0e1c9a211b8400 ] Browser C:\Windows\System32\browser.dll
00:35:41.0352 5512 Browser - ok
00:35:41.0450 5512 [ 6fb2eb796d1017eda57bdf7092e8e11c ] Browser Defender Update Service C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
00:35:41.0458 5512 Browser Defender Update Service - ok
00:35:41.0476 5512 [ 845b8ce732e67f3b4133164868c666ea ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:35:41.0496 5512 Brserid - ok
00:35:41.0535 5512 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:35:41.0538 5512 BrSerWdm - ok
00:35:41.0548 5512 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:35:41.0551 5512 BrUsbMdm - ok
00:35:41.0558 5512 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:35:41.0559 5512 BrUsbSer - ok
00:35:41.0603 5512 [ 2865a5c8e98c70c605f417908cebb3a4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
00:35:41.0606 5512 BthEnum - ok
00:35:41.0642 5512 [ ed3df7c56ce0084eb2034432fc56565a ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:35:41.0645 5512 BTHMODEM - ok
00:35:41.0669 5512 [ ad1872e5829e8a2c3b5b4b641c3eab0e ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:35:41.0672 5512 BthPan - ok
00:35:41.0698 5512 [ 1153de2e4f5941e10c399cb5592f78a1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
00:35:41.0706 5512 BTHPORT - ok
00:35:41.0737 5512 [ 1df19c96eef6c29d1c3e1a8678e07190 ] bthserv C:\Windows\system32\bthserv.dll
00:35:41.0740 5512 bthserv - ok
00:35:41.0762 5512 [ c81e9413a25a439f436b1d4b6a0cf9e9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
00:35:41.0765 5512 BTHUSB - ok
00:35:41.0823 5512 [ f549c3fb145a4928e40bb1518b2034dc ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
00:35:41.0826 5512 btusbflt - ok
00:35:41.0867 5512 [ d57d29132efe13a83133d9bd449e0cf1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:35:41.0870 5512 btwaudio - ok
00:35:41.0904 5512 [ d282c14a69357d0e1bafaecc2ca98c3a ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
00:35:41.0907 5512 btwavdt - ok
00:35:41.0981 5512 [ 7d2dd14e60ce4ff3308d66fda7990546 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:35:41.0990 5512 btwdins - ok
00:35:42.0003 5512 [ aafd7cb76ba61fbb08e302da208c974a ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
00:35:42.0006 5512 btwl2cap - ok
00:35:42.0017 5512 [ 02eb4d2b05967df2d32f29c84ab1fb17 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:35:42.0019 5512 btwrchid - ok
00:35:42.0158 5512 catchme - ok
00:35:42.0175 5512 [ 77ea11b065e0a8ab902d78145ca51e10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:35:42.0178 5512 cdfs - ok
00:35:42.0224 5512 [ be167ed0fdb9c1fa1133953c18d5a6c9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:35:42.0228 5512 cdrom - ok
00:35:42.0272 5512 [ 319c6b309773d063541d01df8ac6f55f ] CertPropSvc C:\Windows\System32\certprop.dll
00:35:42.0275 5512 CertPropSvc - ok
00:35:42.0333 5512 [ 74fffb94d7ffd4750bd429ccb197720e ] Change Modem Device Service C:\Windows\System32\ChgService.exe
00:35:42.0337 5512 Change Modem Device Service - ok
00:35:42.0367 5512 [ 3fe3fe94a34df6fb06e6418d0f6a0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:35:42.0370 5512 circlass - ok
00:35:42.0400 5512 [ 635181e0e9bbf16871bf5380d71db02d ] CLFS C:\Windows\system32\CLFS.sys
00:35:42.0406 5512 CLFS - ok
00:35:42.0496 5512 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:35:42.0499 5512 clr_optimization_v2.0.50727_32 - ok
00:35:42.0577 5512 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:35:42.0583 5512 clr_optimization_v4.0.30319_32 - ok
00:35:42.0612 5512 [ dea805815e587dad1dd2c502220b5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:35:42.0614 5512 CmBatt - ok
00:35:42.0649 5512 [ c537b1db64d495b9b4717b4d6d9edbf2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:35:42.0652 5512 cmdide - ok
00:35:42.0683 5512 [ ce0d4eac1cd08ecf5fb9eab4b1e403c7 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
00:35:42.0686 5512 cmnsusbser - ok
00:35:42.0717 5512 [ 247b4ce2dab1160cd422d532d5241e1f ] CNG C:\Windows\system32\Drivers\cng.sys
00:35:42.0725 5512 CNG - ok
00:35:42.0780 5512 [ 4eb6222be3c3c8071f4a9ca076241d1d ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
00:35:42.0782 5512 cnnctfy2 - ok
00:35:42.0806 5512 [ a6023d3823c37043986713f118a89bee ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:35:42.0809 5512 Compbatt - ok
00:35:42.0844 5512 [ cbe8c58a8579cfe5fccf809e6f114e89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:35:42.0847 5512 CompositeBus - ok
00:35:42.0863 5512 COMSysApp - ok
00:35:42.0928 5512 [ 87371905486db648ac56b37a5909cba0 ] Connectify C:\Program Files\Connectify\ConnectifyService.exe
00:35:42.0931 5512 Connectify - ok
00:35:43.0004 5512 [ d01f685f8b4598d144b0cce9ff95d8d5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
00:35:43.0006 5512 cpudrv - ok
00:35:43.0031 5512 cpuz134 - ok
00:35:43.0046 5512 [ 2c4ebcfc84a9b44f209dff6c6e6c61d1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:35:43.0048 5512 crcdisk - ok
00:35:43.0088 5512 [ 06e771aa596b8761107ab57e99f128d7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:35:43.0093 5512 CryptSvc - ok
00:35:43.0136 5512 [ 7660f01d3b38aca1747e397d21d790af ] DcomLaunch C:\Windows\system32\rpcss.dll
00:35:43.0153 5512 DcomLaunch - ok
00:35:43.0185 5512 [ 8d6e10a2d9a5eed59562d9b82cf804e1 ] defragsvc C:\Windows\System32\defragsvc.dll
00:35:43.0192 5512 defragsvc - ok
00:35:43.0229 5512 [ f024449c97ec1e464aaffda18593db88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:35:43.0233 5512 DfsC - ok
00:35:43.0280 5512 [ e9e01eb683c132f7fa27cd607b8a2b63 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:35:43.0286 5512 Dhcp - ok
00:35:43.0297 5512 [ 1a050b0274bfb3890703d490f330c0da ] discache C:\Windows\system32\drivers\discache.sys
00:35:43.0298 5512 discache - ok
00:35:43.0337 5512 [ 565003f326f99802e68ca78f2a68e9ff ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:35:43.0339 5512 Disk - ok
00:35:43.0364 5512 [ 33ef4861f19a0736b11314aad9ae28d0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:35:43.0370 5512 Dnscache - ok
00:35:43.0409 5512 [ 366ba8fb4b7bb7435e3b9eacb3843f67 ] dot3svc C:\Windows\System32\dot3svc.dll
00:35:43.0416 5512 dot3svc - ok
00:35:43.0472 5512 [ ae403e7585303cb7e413ebf956bcb76e ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
00:35:43.0482 5512 DpHost - ok
00:35:43.0517 5512 [ 8ec04ca86f1d68da9e11952eb85973d6 ] DPS C:\Windows\system32\dps.dll
00:35:43.0522 5512 DPS - ok
00:35:43.0557 5512 [ b918e7c5f9bf77202f89e1a9539f2eb4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:35:43.0559 5512 drmkaud - ok
00:35:43.0596 5512 [ 23f5d28378a160352ba8f817bd8c71cb ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:35:43.0621 5512 DXGKrnl - ok
00:35:43.0656 5512 [ 8600142fa91c1b96367d3300ad0f3f3a ] EapHost C:\Windows\System32\eapsvc.dll
00:35:43.0661 5512 EapHost - ok
00:35:43.0745 5512 [ 024e1b5cac09731e4d868e64dbfb4ab0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
00:35:43.0822 5512 ebdrv - ok
00:35:43.0865 5512 [ 81951f51e318aecc2d68559e47485cc4 ] EFS C:\Windows\System32\lsass.exe
00:35:43.0870 5512 EFS - ok
00:35:43.0924 5512 [ a8c362018efc87beb013ee28f29c0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:35:43.0942 5512 ehRecvr - ok
00:35:43.0964 5512 [ d389bff34f80caede417bf9d1507996a ] ehSched C:\Windows\ehome\ehsched.exe
00:35:43.0968 5512 ehSched - ok
00:35:44.0014 5512 [ 0ed67910c8c326796faa00b2bf6d9d3c ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:35:44.0024 5512 elxstor - ok
00:35:44.0067 5512 [ f13c945115b8a8c7c4427d5925f88f23 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
00:35:44.0070 5512 enecir - ok
00:35:44.0084 5512 [ 8fc3208352dd3912c94367a206ab3f11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:35:44.0086 5512 ErrDev - ok
00:35:44.0177 5512 [ 2407b8164e966755bc6a4242fc9de31e ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
00:35:44.0179 5512 esgiguard - ok
00:35:44.0216 5512 [ f6916efc29d9953d5d0df06882ae8e16 ] EventSystem C:\Windows\system32\es.dll
00:35:44.0224 5512 EventSystem - ok
00:35:44.0254 5512 [ 2dc9108d74081149cc8b651d3a26207f ] exfat C:\Windows\system32\drivers\exfat.sys
00:35:44.0259 5512 exfat - ok
00:35:44.0273 5512 [ 7e0ab74553476622fb6ae36f73d97d35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:35:44.0279 5512 fastfat - ok
00:35:44.0325 5512 [ 967ea5b213e9984cbe270205df37755b ] Fax C:\Windows\system32\fxssvc.exe
00:35:44.0347 5512 Fax - ok
00:35:44.0376 5512 [ e817a017f82df2a1f8cfdbda29388b29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:35:44.0378 5512 fdc - ok
00:35:44.0391 5512 [ f3222c893bd2f5821a0179e5c71e88fb ] fdPHost C:\Windows\system32\fdPHost.dll
00:35:44.0395 5512 fdPHost - ok
00:35:44.0412 5512 [ 7dbe8cbfe79efbdeb98c9fb08d3a9a5b ] FDResPub C:\Windows\system32\fdrespub.dll
00:35:44.0418 5512 FDResPub - ok
00:35:44.0442 5512 [ 6cf00369c97f3cf563be99be983d13d8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:35:44.0445 5512 FileInfo - ok
00:35:44.0463 5512 [ 42c51dc94c91da21cb9196eb64c45db9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:35:44.0466 5512 Filetrace - ok
00:35:44.0487 5512 [ 87907aa70cb3c56600f1c2fb8841579b ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:35:44.0490 5512 flpydisk - ok
00:35:44.0517 5512 [ 7520ec808e0c35e0ee6f841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:35:44.0522 5512 FltMgr - ok
00:35:44.0562 5512 [ b3a5ec6b6b6673db7e87c2bcdbddc074 ] FontCache C:\Windows\system32\FntCache.dll
00:35:44.0588 5512 FontCache - ok
00:35:44.0628 5512 [ e56f39f6b7fda0ac77a79b0fd3de1a2f ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:35:44.0631 5512 FontCache3.0.0.0 - ok
00:35:44.0641 5512 [ 1a16b57943853e598cff37fe2b8cbf1d ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:35:44.0643 5512 FsDepends - ok
00:35:44.0690 5512 [ d909075fa72c090f27aa926c32cb4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:35:44.0693 5512 fssfltr - ok
00:35:44.0792 5512 [ 4ce9dac1518ff7e77bd213e6394b9d77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
00:35:44.0830 5512 fsssvc - ok
00:35:44.0855 5512 [ 7dae5ebcc80e45d3253f4923dc424d05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:35:44.0858 5512 Fs_Rec - ok
00:35:44.0889 5512 [ 8a73e79089b282100b9393b644cb853b ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:35:44.0894 5512 fvevol - ok
00:35:44.0918 5512 [ 65ee0c7a58b65e74ae05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:35:44.0921 5512 gagp30kx - ok
00:35:44.0963 5512 [ e897eaf5ed6ba41e081060c9b447a673 ] gpsvc C:\Windows\System32\gpsvc.dll
00:35:44.0986 5512 gpsvc - ok
00:35:45.0077 5512 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:35:45.0081 5512 gupdate - ok
00:35:45.0112 5512 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:35:45.0114 5512 gupdatem - ok
00:35:45.0169 5512 [ c1b577b2169900f4cf7190c39f085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:35:45.0176 5512 gusvc - ok
00:35:45.0193 5512 [ c44e3c2bab6837db337ddee7544736db ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:35:45.0195 5512 hcw85cir - ok
00:35:45.0248 5512 [ a5ef29d5315111c80a5c1abad14c8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:35:45.0255 5512 HdAudAddService - ok
00:35:45.0278 5512 [ 9036377b8a6c15dc2eec53e489d159b5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:35:45.0282 5512 HDAudBus - ok
00:35:45.0328 5512 [ a88485dc6a7136c10d9a6c7e38fdfe3c ] HECI C:\Windows\system32\DRIVERS\HECI.sys
00:35:45.0330 5512 HECI - ok
00:35:45.0354 5512 [ 1d58a7f3e11a9731d0eaaaa8405acc36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:35:45.0357 5512 HidBatt - ok
00:35:45.0394 5512 [ 89448f40e6df260c206a193a4683ba78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:35:45.0398 5512 HidBth - ok
00:35:45.0422 5512 [ cf50b4cf4a4f229b9f3c08351f99ca5e ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:35:45.0425 5512 HidIr - ok
00:35:45.0449 5512 [ 2bc6f6a1992b3a77f5f41432ca6b3b6b ] hidserv C:\Windows\System32\hidserv.dll
00:35:45.0454 5512 hidserv - ok
00:35:45.0477 5512 [ 10c19f8290891af023eaec0832e1eb4d ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:35:45.0484 5512 HidUsb - ok
00:35:45.0678 5512 [ 196b4e3f4cccc24af836ce58facbb699 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:35:45.0682 5512 hkmsvc - ok
00:35:45.0701 5512 [ 6658f4404de03d75fe3ba09f7aba6a30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:35:45.0708 5512 HomeGroupListener - ok
00:35:45.0752 5512 [ dbc02d918fff1cad628acbe0c0eaa8e8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:35:45.0759 5512 HomeGroupProvider - ok
00:35:45.0868 5512 [ 45a12cacb97b4f15858fcfd59355a1e9 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:35:45.0871 5512 HP Health Check Service - ok
00:35:45.0902 5512 [ f55442690a70a0278a7eed4faaebf576 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
00:35:45.0905 5512 HPDrvMntSvc.exe - ok
00:35:45.0942 5512 [ 4ef10b866c62abbeaf7511cdd05a19be ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
00:35:45.0945 5512 hpdskflt - ok
00:35:45.0990 5512 [ 640e51db253265c3eac075866b3d2b33 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:35:46.0016 5512 hpqwmiex - ok
00:35:46.0061 5512 [ 295fdc419039090eb8b49ffdbb374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:35:46.0064 5512 HpSAMD - ok
00:35:46.0101 5512 [ c0beb56ed79b59b7b33d0aa6c38a0ba6 ] hpsrv C:\Windows\system32\Hpservice.exe
00:35:46.0105 5512 hpsrv - ok
00:35:46.0147 5512 [ 871917b07a141bff43d76d8844d48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:35:46.0164 5512 HTTP - ok
00:35:46.0226 5512 [ 988c0a49f09d75d3341cb419141793c1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
00:35:46.0229 5512 hwdatacard - ok
00:35:46.0247 5512 [ 0c4e035c7f105f1299258c90886c64c5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:35:46.0249 5512 hwpolicy - ok
00:35:46.0305 5512 [ f151f0bdc47f4a28b1b20a0818ea36d6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:35:46.0308 5512 i8042prt - ok
00:35:46.0360 5512 [ 0e899d0db39617aa0b2f992e7e95b5eb ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
00:35:46.0366 5512 IAANTMON - ok
00:35:46.0397 5512 [ 01446278d4563b3013c92830ae6cbb26 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:35:46.0401 5512 iaStor - ok
00:35:46.0436 5512 [ 5cd5f9a5444e6cdcb0ac89bd62d8b76e ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:35:46.0444 5512 iaStorV - ok
00:35:46.0511 5512 [ c521d7eb6497bb1af6afa89e322fb43c ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:35:46.0537 5512 idsvc - ok
00:35:46.0705 5512 [ 1396d38514c3c4b930f5d24e6c8521e6 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
00:35:46.0893 5512 igfx - ok
00:35:46.0939 5512 [ 4173ff5708f3236cf25195fecd742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:35:46.0942 5512 iirsp - ok
00:35:46.0993 5512 [ f95622f161474511b8d80d6b093aa610 ] IKEEXT C:\Windows\System32\ikeext.dll
00:35:47.0016 5512 IKEEXT - ok
00:35:47.0059 5512 [ a8ed88b2aae108b938816ddb5bb39b54 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
00:35:47.0063 5512 Impcd - ok
00:35:47.0089 5512 [ 0dbd8a173df83c31143601da7e03c4f9 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:35:47.0095 5512 IntcDAud - ok
00:35:47.0104 5512 [ a0f12f2c9ba6c72f3987ce780e77c130 ] intelide C:\Windows\system32\drivers\intelide.sys
00:35:47.0106 5512 intelide - ok
00:35:47.0135 5512 [ 3b514d27bfc4accb4037bc6685f766e0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:35:47.0137 5512 intelppm - ok
00:35:47.0162 5512 [ acb364b9075a45c0736e5c47be5cae19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:35:47.0167 5512 IPBusEnum - ok
00:35:47.0191 5512 [ 709d1761d3b19a932ff0238ea6d50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:35:47.0194 5512 IpFilterDriver - ok
00:35:47.0245 5512 [ 4d65a07b795d6674312f879d09aa7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:35:47.0263 5512 iphlpsvc - ok
00:35:47.0295 5512 [ 4bd7134618c1d2a27466a099062547bf ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:35:47.0298 5512 IPMIDRV - ok
00:35:47.0317 5512 [ a5fa468d67abcdaa36264e463a7bb0cd ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:35:47.0320 5512 IPNAT - ok
00:35:47.0345 5512 [ 42996cff20a3084a56017b7902307e9f ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:35:47.0347 5512 IRENUM - ok
00:35:47.0367 5512 [ 1f32bb6b38f62f7df1a7ab7292638a35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:35:47.0370 5512 isapnp - ok
00:35:47.0396 5512 [ cb7a9abb12b8415bce5d74994c7ba3ae ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:35:47.0402 5512 iScsiPrt - ok
00:35:47.0419 5512 [ adef52ca1aeae82b50df86b56413107e ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:35:47.0422 5512 kbdclass - ok
00:35:47.0433 5512 [ 9e3ced91863e6ee98c24794d05e27a71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:35:47.0436 5512 kbdhid - ok
00:35:47.0446 5512 [ 81951f51e318aecc2d68559e47485cc4 ] KeyIso C:\Windows\system32\lsass.exe
00:35:47.0449 5512 KeyIso - ok
00:35:47.0488 5512 [ b7895b4182c0d16f6efadeb8081e8d36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:35:47.0491 5512 KSecDD - ok
00:35:47.0508 5512 [ d30159ac9237519fbc62c6ec247d2d46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:35:47.0513 5512 KSecPkg - ok
00:35:47.0546 5512 [ 89a7b9cc98d0d80c6f31b91c0a310fcd ] KtmRm C:\Windows\system32\msdtckrm.dll
00:35:47.0556 5512 KtmRm - ok
00:35:47.0588 5512 [ d64af876d53eca3668bb97b51b4e70ab ] LanmanServer C:\Windows\System32\srvsvc.dll
00:35:47.0596 5512 LanmanServer - ok
00:35:47.0616 5512 [ 58405e4f68ba8e4057c6e914f326aba2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:35:47.0623 5512 LanmanWorkstation - ok
00:35:47.0660 5512 [ f7611ec07349979da9b0ae1f18ccc7a6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:35:47.0663 5512 lltdio - ok
00:35:47.0693 5512 [ 5700673e13a2117fa3b9020c852c01e2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:35:47.0700 5512 lltdsvc - ok
00:35:47.0717 5512 [ 55ca01ba19d0006c8f2639b6c045e08b ] lmhosts C:\Windows\System32\lmhsvc.dll
00:35:47.0722 5512 lmhosts - ok
00:35:47.0795 5512 [ 7485fbcef9136f530953575e2977859d ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:35:47.0800 5512 LMS - ok
00:35:47.0838 5512 [ eb119a53ccf2acc000ac71b065b78fef ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:35:47.0841 5512 LSI_FC - ok
00:35:47.0858 5512 [ 8ade1c877256a22e49b75d1cc9161f9c ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:35:47.0861 5512 LSI_SAS - ok
00:35:47.0883 5512 [ dc9dc3d3daa0e276fd2ec262e38b11e9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:35:47.0887 5512 LSI_SAS2 - ok
00:35:47.0898 5512 [ 0a036c7d7cab643a7f07135ac47e0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:35:47.0903 5512 LSI_SCSI - ok
00:35:47.0948 5512 [ 6703e366cc18d3b6e534f5cf7df39cee ] luafv C:\Windows\system32\drivers\luafv.sys
00:35:47.0959 5512 luafv - ok
00:35:47.0993 5512 [ bfb9ee8ee977efe85d1a3105abef6dd1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:35:47.0998 5512 Mcx2Svc - ok
00:35:48.0041 5512 [ 0fff5b045293002ab38eb1fd1fc2fb74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:35:48.0044 5512 megasas - ok
00:35:48.0064 5512 [ dcbab2920c75f390caf1d29f675d03d6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:35:48.0070 5512 MegaSR - ok
00:35:48.0139 5512 [ 123271bd5237ab991dc5c21fdf8835eb ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
00:35:48.0143 5512 Microsoft Office Groove Audit Service - ok
00:35:48.0168 5512 [ 146b6f43a673379a3c670e86d89be5ea ] MMCSS C:\Windows\system32\mmcss.dll
00:35:48.0173 5512 MMCSS - ok
00:35:48.0187 5512 [ f001861e5700ee84e2d4e52c712f4964 ] Modem C:\Windows\system32\drivers\modem.sys
00:35:48.0188 5512 Modem - ok
00:35:48.0208 5512 [ 79d10964de86b292320e9dfe02282a23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:35:48.0210 5512 monitor - ok
00:35:48.0239 5512 [ fb18cc1d4c2e716b6b903b0ac0cc0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:35:48.0241 5512 mouclass - ok
00:35:48.0271 5512 [ 2c388d2cd01c9042596cf3c8f3c7b24d ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:35:48.0274 5512 mouhid - ok
00:35:48.0312 5512 [ fc8771f45ecccfd89684e38842539b9b ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:35:48.0315 5512 mountmgr - ok
00:35:48.0381 5512 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:35:48.0385 5512 MozillaMaintenance - ok
00:35:48.0444 5512 [ d993bea500e7382dc4e760bf4f35efcb ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:35:48.0450 5512 MpFilter - ok
00:35:48.0492 5512 [ 2d699fb6e89ce0d8da14ecc03b3edfe0 ] mpio C:\Windows\system32\drivers\mpio.sys
00:35:48.0496 5512 mpio - ok
00:35:48.0563 5512 MpKsla7be5916 - ok
00:35:48.0594 5512 [ ad2723a7b53dd1aacae6ad8c0bfbf4d0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:35:48.0598 5512 mpsdrv - ok
00:35:48.0644 5512 [ 9835584e999d25004e1ee8e5f3e3b881 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:35:48.0670 5512 MpsSvc - ok
00:35:48.0708 5512 [ ceb46ab7c01c9f825f8cc6babc18166a ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:35:48.0712 5512 MRxDAV - ok
00:35:48.0744 5512 [ 5d16c921e3671636c0eba3bbaac5fd25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:35:48.0748 5512 mrxsmb - ok
00:35:48.0780 5512 [ 6d17a4791aca19328c685d256349fefc ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:35:48.0785 5512 mrxsmb10 - ok
00:35:48.0801 5512 [ b81f204d146000be76651a50670a5e9e ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:35:48.0804 5512 mrxsmb20 - ok
00:35:48.0818 5512 [ 012c5f4e9349e711e11e0f19a8589f0a ] msahci C:\Windows\system32\drivers\msahci.sys
00:35:48.0821 5512 msahci - ok
00:35:48.0836 5512 [ 55055f8ad8be27a64c831322a780a228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:35:48.0840 5512 msdsm - ok
00:35:48.0854 5512 [ e1bce74a3bd9902b72599c0192a07e27 ] MSDTC C:\Windows\System32\msdtc.exe
00:35:48.0862 5512 MSDTC - ok
00:35:48.0881 5512 [ daefb28e3af5a76abcc2c3078c07327f ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:35:48.0884 5512 Msfs - ok
00:35:48.0897 5512 [ 3e1e5767043c5af9367f0056295e9f84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:35:48.0900 5512 mshidkmdf - ok
00:35:48.0911 5512 [ 0a4e5757ae09fa9622e3158cc1aef114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:35:48.0913 5512 msisadrv - ok
00:35:48.0942 5512 [ 90f7d9e6b6f27e1a707d4a297f077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:35:48.0947 5512 MSiSCSI - ok
00:35:48.0954 5512 msiserver - ok
00:35:48.0976 5512 [ 8c0860d6366aaffb6c5bb9df9448e631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:35:48.0978 5512 MSKSSRV - ok
00:35:49.0073 5512 [ 24516bf4e12a46cb67302e2cdcb8cddf ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
00:35:49.0076 5512 MsMpSvc - ok
00:35:49.0088 5512 [ 3ea8b949f963562cedbb549eac0c11ce ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:35:49.0090 5512 MSPCLOCK - ok
00:35:49.0103 5512 [ f456e973590d663b1073e9c463b40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:35:49.0106 5512 MSPQM - ok
00:35:49.0122 5512 [ 0e008fc4819d238c51d7c93e7b41e560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:35:49.0128 5512 MsRPC - ok
00:35:49.0147 5512 [ fc6b9ff600cc585ea38b12589bd4e246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:35:49.0148 5512 mssmbios - ok
00:35:49.0161 5512 [ b42c6b921f61a6e55159b8be6cd54a36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:35:49.0163 5512 MSTEE - ok
00:35:49.0180 5512 [ 33599130f44e1f34631cea241de8ac84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:35:49.0182 5512 MTConfig - ok
00:35:49.0188 5512 [ 159fad02f64e6381758c990f753bcc80 ] Mup C:\Windows\system32\Drivers\mup.sys
00:35:49.0191 5512 Mup - ok
00:35:49.0232 5512 [ 61d57a5d7c6d9afe10e77dae6e1b445e ] napagent C:\Windows\system32\qagentRT.dll
00:35:49.0242 5512 napagent - ok
00:35:49.0278 5512 [ 26384429fcd85d83746f63e798ab1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:35:49.0285 5512 NativeWifiP - ok
00:35:49.0308 5512 [ e7c54812a2aaf43316eb6930c1ffa108 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:35:49.0329 5512 NDIS - ok
00:35:49.0346 5512 [ 0e1787aa6c9191d3d319e8bafe86f80c ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:35:49.0350 5512 NdisCap - ok
00:35:49.0371 5512 [ e4a8aec125a2e43a9e32afeea7c9c888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:35:49.0373 5512 NdisTapi - ok
00:35:49.0403 5512 [ d8a65dafb3eb41cbb622745676fcd072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:35:49.0406 5512 Ndisuio - ok
00:35:49.0440 5512 [ 38fbe267e7e6983311179230facb1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:35:49.0444 5512 NdisWan - ok
00:35:49.0692 5512 [ a4bdc541e69674fbff1a8ff00be913f2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:35:49.0695 5512 NDProxy - ok
00:35:49.0799 5512 [ 6d4028d458eaaa1782099750790dc8c9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
00:35:49.0834 5512 Nero BackItUp Scheduler 3 - ok
00:35:49.0859 5512 [ 80b275b1ce3b0e79909db7b39af74d51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:35:49.0863 5512 NetBIOS - ok
00:35:49.0900 5512 [ 280122ddcf04b378edd1ad54d71c1e54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:35:49.0906 5512 NetBT - ok
00:35:49.0921 5512 [ 81951f51e318aecc2d68559e47485cc4 ] Netlogon C:\Windows\system32\lsass.exe
00:35:49.0925 5512 Netlogon - ok
00:35:49.0967 5512 [ 7cccfca7510684768da22092d1fa4db2 ] Netman C:\Windows\System32\netman.dll
00:35:49.0985 5512 Netman - ok
00:35:50.0008 5512 [ 8c338238c16777a802d6a9211eb2ba50 ] netprofm C:\Windows\System32\netprofm.dll
00:35:50.0025 5512 netprofm - ok
00:35:50.0061 5512 [ f476ec40033cdb91efbe73eb99b8362d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:35:50.0065 5512 NetTcpPortSharing - ok
00:35:50.0092 5512 [ 1d85c4b390b0ee09c7a46b91efb2c097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:35:50.0095 5512 nfrd960 - ok
00:35:50.0137 5512 [ b52f26bade7d7e4a79706e3fd91834cd ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:35:50.0141 5512 NisDrv - ok
00:35:50.0197 5512 [ 290c0d4c4889398797f8df3be00b9698 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
00:35:50.0202 5512 NisSrv - ok
00:35:50.0243 5512 [ 912084381d30d8b89ec4e293053f4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:35:50.0251 5512 NlaSvc - ok
00:35:50.0327 5512 [ ff4d73b16ea3a32d34ceb3a7bc3c3773 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
00:35:50.0336 5512 NMIndexingService - ok
00:35:50.0375 5512 [ cfe3462a9e94a57dcd9676f6b7fe7f67 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
00:35:50.0377 5512 nmwcd - ok
00:35:50.0419 5512 [ 8f2a94f991f8c73cec26b4b5620d1edc ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
00:35:50.0422 5512 nmwcdc - ok
00:35:50.0468 5512 [ b48dc6abcd3aeff8618350ccbdc6b09a ] NPF C:\Windows\system32\drivers\npf.sys
00:35:50.0471 5512 NPF - ok
00:35:50.0486 5512 [ 1db262a9f8c087e8153d89bef3d2235f ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:35:50.0488 5512 Npfs - ok
00:35:50.0511 5512 [ ba387e955e890c8a88306d9b8d06bf17 ] nsi C:\Windows\system32\nsisvc.dll
00:35:50.0517 5512 nsi - ok
00:35:50.0536 5512 [ e9a0a4d07e53d8fea2bb8387a3293c58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:35:50.0537 5512 nsiproxy - ok
00:35:50.0588 5512 [ 81189c3d7763838e55c397759d49007a ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:35:50.0622 5512 Ntfs - ok
00:35:50.0628 5512 [ f9756a98d69098dca8945d62858a812c ] Null C:\Windows\system32\drivers\Null.sys
00:35:50.0630 5512 Null - ok
00:35:50.0648 5512 [ b3e25ee28883877076e0e1ff877d02e0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:35:50.0652 5512 nvraid - ok
00:35:50.0666 5512 [ 4380e59a170d88c4f1022eff6719a8a4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:35:50.0671 5512 nvstor - ok
00:35:50.0703 5512 [ 5a0983915f02bae73267cc2a041f717d ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:35:50.0706 5512 nv_agp - ok
00:35:50.0781 5512 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:35:50.0789 5512 odserv - ok
00:35:50.0806 5512 [ 08a70a1f2cdde9bb49b885cb817a66eb ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:35:50.0809 5512 ohci1394 - ok
00:35:50.0846 5512 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:35:50.0851 5512 ose - ok
00:35:50.0888 5512 [ 82a8521ddc60710c3d3d3e7325209bec ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:35:50.0896 5512 p2pimsvc - ok
00:35:50.0910 5512 [ 59c3ddd501e39e006dac31bf55150d91 ] p2psvc C:\Windows\system32\p2psvc.dll
00:35:50.0920 5512 p2psvc - ok
00:35:50.0948 5512 [ 2ea877ed5dd9713c5ac74e8ea7348d14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:35:50.0951 5512 Parport - ok
00:35:50.0983 5512 [ 3f34a1b4c5f6475f320c275e63afce9b ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:35:50.0986 5512 partmgr - ok
00:35:51.0000 5512 [ eb0a59f29c19b86479d36b35983daadc ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
00:35:51.0002 5512 Parvdm - ok
00:35:51.0014 5512 [ 358ab7956d3160000726574083dfc8a6 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:35:51.0022 5512 PcaSvc - ok
00:35:51.0064 5512 [ fd2041e9ba03db7764b2248f02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
00:35:51.0066 5512 pccsmcfd - ok
00:35:51.0085 5512 [ 673e55c3498eb970088e812ea820aa8f ] pci C:\Windows\system32\drivers\pci.sys
00:35:51.0090 5512 pci - ok
00:35:51.0101 5512 [ afe86f419014db4e5593f69ffe26ce0a ] pciide C:\Windows\system32\drivers\pciide.sys
00:35:51.0103 5512 pciide - ok
00:35:51.0117 5512 [ f396431b31693e71e8a80687ef523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:35:51.0122 5512 pcmcia - ok
00:35:51.0189 5512 [ 8bfb2c39dabfba0b6f7002d79fe22299 ] PCTAppEvent C:\Windows\system32\drivers\PCTAppEvent.sys
00:35:51.0193 5512 PCTAppEvent - ok
00:35:51.0215 5512 [ 3e8ce6c67b292a4fdf65ed625e5f5e81 ] PCTCore C:\Windows\system32\drivers\PCTCore.sys
00:35:51.0222 5512 PCTCore - ok
00:35:51.0236 5512 [ f820b4c61d1e591325b679d479d4eea4 ] pctDS C:\Windows\system32\drivers\pctDS.sys
00:35:51.0243 5512 pctDS - ok
00:35:51.0269 5512 [ acc8c15f3d59f17c5d903ff1de3b43d3 ] pctEFA C:\Windows\system32\drivers\pctEFA.sys
00:35:51.0298 5512 pctEFA - ok
00:35:51.0318 5512 [ 60af5fa418efe284fb81dbbf5a0391fb ] PCTFW-PacketFilter C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
00:35:51.0320 5512 PCTFW-PacketFilter - ok
00:35:51.0343 5512 [ bf22bd6d1e64177bc213bf571b8af666 ] pctgntdi C:\Windows\System32\drivers\pctgntdi.sys
00:35:51.0350 5512 pctgntdi - ok
00:35:51.0376 5512 [ fc38ec6e59d11c5ad4c5ea3878174995 ] pctNdis C:\Windows\system32\DRIVERS\pctNdis.sys
00:35:51.0379 5512 pctNdis - ok
00:35:51.0402 5512 [ fc38ec6e59d11c5ad4c5ea3878174995 ] pctNdisMP C:\Windows\system32\DRIVERS\pctNdis.sys
00:35:51.0404 5512 pctNdisMP - ok
00:35:51.0421 5512 [ 6c3aa72680d8cb7d285bd940a30eccef ] pctplfw C:\Windows\System32\drivers\pctplfw.sys
00:35:51.0423 5512 pctplfw - ok
00:35:51.0440 5512 [ 03d3a794c9d55ef1b450d5e11103c594 ] pctplsg C:\Windows\System32\drivers\pctplsg.sys
00:35:51.0441 5512 pctplsg - ok
00:35:51.0459 5512 [ 83ddd552f7f1043f764e8cc88ff41232 ] PCTSD C:\Windows\system32\Drivers\PCTSD.sys
00:35:51.0465 5512 PCTSD - ok
00:35:51.0493 5512 [ 250f6b43d2b613172035c6747aeeb19f ] pcw C:\Windows\system32\drivers\pcw.sys
00:35:51.0505 5512 pcw - ok
00:35:51.0646 5512 [ 9e0104ba49f4e6973749a02bf41344ed ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:35:51.0657 5512 PEAUTH - ok
00:35:51.0755 5512 [ 414bba67a3ded1d28437eb66aeb8a720 ] pla C:\Windows\system32\pla.dll
00:35:51.0793 5512 pla - ok
00:35:51.0831 5512 [ ec7bc28d207da09e79b3e9faf8b232ca ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:35:51.0848 5512 PlugPlay - ok
00:35:51.0868 5512 [ 63ff8572611249931eb16bb8eed6afc8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:35:51.0873 5512 PNRPAutoReg - ok
00:35:51.0894 5512 [ 82a8521ddc60710c3d3d3e7325209bec ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:35:51.0899 5512 PNRPsvc - ok
00:35:51.0922 5512 [ 53946b69ba0836bd95b03759530c81ec ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:35:51.0931 5512 PolicyAgent - ok
00:35:51.0964 5512 [ f87d30e72e03d579a5199ccb3831d6ea ] Power C:\Windows\system32\umpo.dll
00:35:51.0970 5512 Power - ok
00:35:51.0987 5512 [ 631e3e205ad6d86f2aed6a4a8e69f2db ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:35:51.0990 5512 PptpMiniport - ok
00:35:52.0005 5512 [ 85b1e3a0c7585bc4aae6899ec6fcf011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:35:52.0008 5512 Processor - ok
00:35:52.0036 5512 [ cadefac453040e370a1bdff3973be00d ] ProfSvc C:\Windows\system32\profsvc.dll
00:35:52.0042 5512 ProfSvc - ok
00:35:52.0051 5512 [ 81951f51e318aecc2d68559e47485cc4 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:35:52.0054 5512 ProtectedStorage - ok
00:35:52.0086 5512 [ 6270ccae2a86de6d146529fe55b3246a ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:35:52.0089 5512 Psched - ok
00:35:52.0131 5512 [ ab95ecf1f6659a60ddc166d8315b0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:35:52.0166 5512 ql2300 - ok
00:35:52.0184 5512 [ b4dd51dd25182244b86737dc51af2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:35:52.0188 5512 ql40xx - ok
00:35:52.0209 5512 [ 31ac809e7707eb580b2bdb760390765a ] QWAVE C:\Windows\system32\qwave.dll
00:35:52.0217 5512 QWAVE - ok
00:35:52.0231 5512 [ 584078ca1b95ca72df2a27c336f9719d ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:35:52.0233 5512 QWAVEdrv - ok
00:35:52.0292 5512 [ 8f97d374ad1857e1eed85a79f29a1d3d ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
00:35:52.0296 5512 RapiMgr - ok
00:35:52.0302 5512 [ 30a81b53c766d0133bb86d234e5556ab ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:35:52.0304 5512 RasAcd - ok
00:35:52.0331 5512 [ 57ec4aef73660166074d8f7f31c0d4fd ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:35:52.0333 5512 RasAgileVpn - ok
00:35:52.0355 5512 [ a60f1839849c0c00739787fd5ec03f13 ] RasAuto C:\Windows\System32\rasauto.dll
00:35:52.0360 5512 RasAuto - ok
00:35:52.0376 5512 [ d9f91eafec2815365cbe6d167e4e332a ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:35:52.0379 5512 Rasl2tp - ok
00:35:52.0432 5512 [ cb9e04dc05eacf5b9a36ca276d475006 ] RasMan C:\Windows\System32\rasmans.dll
00:35:52.0442 5512 RasMan - ok
00:35:52.0452 5512 [ 0fe8b15916307a6ac12bfb6a63e45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:35:52.0455 5512 RasPppoe - ok
00:35:52.0468 5512 [ 44101f495a83ea6401d886e7fd70096b ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:35:52.0471 5512 RasSstp - ok
00:35:52.0488 5512 [ d528bc58a489409ba40334ebf96a311b ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:35:52.0494 5512 rdbss - ok
00:35:52.0510 5512 [ 0d8f05481cb76e70e1da06ee9f0da9df ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:35:52.0513 5512 rdpbus - ok
00:35:52.0546 5512 [ 23dae03f29d253ae74c44f99e515f9a1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:35:52.0547 5512 RDPCDD - ok
00:35:52.0566 5512 [ 5a53ca1598dd4156d44196d200c94b8a ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:35:52.0567 5512 RDPENCDD - ok
00:35:52.0587 5512 [ 44b0a53cd4f27d50ed461dae0c0b4e1f ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:35:52.0589 5512 RDPREFMP - ok
00:35:52.0632 5512 [ f031683e6d1fea157abb2ff260b51e61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:35:52.0638 5512 RDPWD - ok
00:35:52.0673 5512 [ 518395321dc96fe2c9f0e96ac743b656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:35:52.0678 5512 rdyboost - ok
00:35:52.0706 5512 [ 7b5e1419717fac363a31cc302895217a ] RemoteAccess C:\Windows\System32\mprdim.dll
00:35:52.0711 5512 RemoteAccess - ok
00:35:52.0736 5512 [ cb9a8683f4ef2bf99e123d79950d7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:35:52.0742 5512 RemoteRegistry - ok
00:35:52.0773 5512 [ cb928d9e6daf51879dd6ba8d02f01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:35:52.0777 5512 RFCOMM - ok
00:35:52.0832 5512 [ b60f58f175de20a6739194e85b035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
00:35:52.0836 5512 rpcapd - ok
00:35:52.0862 5512 [ 78d072f35bc45d9e4e1b61895c152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:35:52.0869 5512 RpcEptMapper - ok
00:35:52.0896 5512 [ 94d36c0e44677dd26981d2bfeef2a29d ] RpcLocator C:\Windows\system32\locator.exe
00:35:52.0900 5512 RpcLocator - ok
00:35:52.0947 5512 [ 7660f01d3b38aca1747e397d21d790af ] RpcSs C:\Windows\system32\rpcss.dll
00:35:52.0955 5512 RpcSs - ok
00:35:52.0975 5512 [ 4dd30900d0818d4949946be0c5fac9df ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
00:35:52.0980 5512 RSPCIESTOR - ok
00:35:53.0008 5512 [ 032b0d36ad92b582d869879f5af5b928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:35:53.0012 5512 rspndr - ok
00:35:53.0026 5512 [ 6498270b845d319981f3c707672b8e32 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
00:35:53.0033 5512 RSUSBSTOR - ok
00:35:53.0077 5512 [ 5283b9a27ff230f2ff70d92451ff409a ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
00:35:53.0087 5512 RTL8167 - ok
00:35:53.0092 5512 RTSTOR - ok
00:35:53.0107 5512 [ 81951f51e318aecc2d68559e47485cc4 ] SamSs C:\Windows\system32\lsass.exe
00:35:53.0110 5512 SamSs - ok
00:35:53.0150 5512 [ 05d860da1040f111503ac416ccef2bca ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:35:53.0153 5512 sbp2port - ok
00:35:53.0178 5512 [ 8fc518ffe9519c2631d37515a68009c4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:35:53.0186 5512 SCardSvr - ok
00:35:53.0217 5512 [ 0693b5ec673e34dc147e195779a4dcf6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:35:53.0219 5512 scfilter - ok
00:35:53.0245 5512 [ a04bb13f8a72f8b6e8b4071723e4e336 ] Schedule C:\Windows\system32\schedsvc.dll
00:35:53.0271 5512 Schedule - ok
00:35:53.0303 5512 [ 319c6b309773d063541d01df8ac6f55f ] SCPolicySvc C:\Windows\System32\certprop.dll
00:35:53.0305 5512 SCPolicySvc - ok
00:35:53.0371 5512 [ cadc6d185d8560a1ec266b0a97c4f153 ] sdAuxService C:\Program Files\PC Tools Security\pctsAuxs.exe
00:35:53.0378 5512 sdAuxService - ok
00:35:53.0412 5512 [ 0328be1c7f1cba23848179f8762e391c ] sdbus C:\Windows\system32\drivers\sdbus.sys
00:35:53.0415 5512 sdbus - ok
00:35:53.0462 5512 [ 1b556ab08795428e2f3dafcfcb54c782 ] sdCoreService C:\Program Files\PC Tools Security\pctsSvc.exe
00:35:53.0499 5512 sdCoreService - ok
00:35:53.0525 5512 [ 08236c4bce5edd0a0318a438af28e0f7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:35:53.0533 5512 SDRSVC - ok
00:35:53.0679 5512 [ 16a252022535b680046f6e34e136d378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
00:35:53.0684 5512 SeaPort - ok
00:35:53.0707 5512 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:35:53.0709 5512 secdrv - ok
00:35:53.0733 5512 [ a59b3a4442c52060cc7a85293aa3546f ] seclogon C:\Windows\system32\seclogon.dll
00:35:53.0739 5512 seclogon - ok
00:35:53.0759 5512 [ dcb7fcdcc97f87360f75d77425b81737 ] SENS C:\Windows\system32\sens.dll
00:35:53.0765 5512 SENS - ok
00:35:53.0789 5512 [ 50087fe1ee447009c9cc2997b90de53f ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:35:53.0795 5512 SensrSvc - ok
00:35:53.0811 5512 [ 9ad8b8b515e3df6acd4212ef465de2d1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:35:53.0814 5512 Serenum - ok
00:35:53.0837 5512 [ 5fb7fcea0490d821f26f39cc5ea3d1e2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:35:53.0841 5512 Serial - ok
00:35:53.0860 5512 [ 79bffb520327ff916a582dfea17aa813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:35:53.0863 5512 sermouse - ok
00:35:53.0940 5512 [ f31e9531af225ca25350d5e87e999b31 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:35:53.0964 5512 ServiceLayer - ok
00:35:54.0026 5512 [ 4ae380f39a0032eab7dd953030b26d28 ] SessionEnv C:\Windows\system32\sessenv.dll
00:35:54.0033 5512 SessionEnv - ok
00:35:54.0071 5512 [ 9f976e1eb233df46fce808d9dea3eb9c ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:35:54.0073 5512 sffdisk - ok
00:35:54.0089 5512 [ 932a68ee27833cfd57c1639d375f2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:35:54.0092 5512 sffp_mmc - ok
00:35:54.0105 5512 [ 6d4ccaedc018f1cf52866bbbaa235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:35:54.0108 5512 sffp_sd - ok
00:35:54.0122 5512 [ db96666cc8312ebc45032f30b007a547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:35:54.0124 5512 sfloppy - ok
00:35:54.0168 5512 [ d1a079a0de2ea524513b6930c24527a2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:35:54.0176 5512 SharedAccess - ok
00:35:54.0215 5512 [ 414da952a35bf5d50192e28263b40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:35:54.0225 5512 ShellHWDetection - ok
00:35:54.0240 5512 [ 2565cac0dc9fe0371bdce60832582b2e ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:35:54.0243 5512 sisagp - ok
00:35:54.0271 5512 [ a9f0486851becb6dda1d89d381e71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:35:54.0274 5512 SiSRaid2 - ok
00:35:54.0285 5512 [ 3727097b55738e2f554972c3be5bc1aa ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:35:54.0289 5512 SiSRaid4 - ok
00:35:54.0306 5512 [ 3e21c083b8a01cb70ba1f09303010fce ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:35:54.0309 5512 Smb - ok
00:35:54.0347 5512 [ 6a984831644eca1a33ffeae4126f4f37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:35:54.0353 5512 SNMPTRAP - ok
00:35:54.0367 5512 [ 95cf1ae7527fb70f7816563cbc09d942 ] spldr C:\Windows\system32\drivers\spldr.sys
00:35:54.0370 5512 spldr - ok
00:35:54.0407 5512 [ 9aea093b8f9c37cf45538382caba2475 ] Spooler C:\Windows\System32\spoolsv.exe
00:35:54.0416 5512 Spooler - ok
00:35:54.0493 5512 [ cf87a1de791347e75b98885214ced2b8 ] sppsvc C:\Windows\system32\sppsvc.exe
00:35:54.0552 5512 sppsvc - ok
00:35:54.0598 5512 [ b0180b20b065d89232a78a40fe56eaa6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:35:54.0604 5512 sppuinotify - ok
00:35:54.0669 5512 [ d15da1ba189770d93eea2d7e18f95af9 ] sptd C:\Windows\system32\Drivers\sptd.sys
00:35:54.0670 5512 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
00:35:54.0683 5512 sptd ( LockedFile.Multi.Generic ) - warning
00:35:54.0683 5512 sptd - detected LockedFile.Multi.Generic (1)
00:35:54.0757 5512 [ f9ec94e35f5019a8e82665e1ef4b4d02 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
00:35:54.0765 5512 SpyHunter 4 Service - ok
00:35:54.0819 5512 [ e4c2764065d66ea1d2d3ebc28fe99c46 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:35:54.0844 5512 srv - ok
00:35:54.0884 5512 [ 03f0545bd8d4c77fa0ae1ceedfcc71ab ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:35:54.0892 5512 srv2 - ok
00:35:54.0923 5512 [ be6bd660caa6f291ae06a718a4fa8abc ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:35:54.0927 5512 srvnet - ok
00:35:54.0970 5512 [ d887c9fd02ac9fa880f6e5027a43e118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:35:54.0979 5512 SSDPSRV - ok
00:35:54.0997 5512 [ d318f23be45d5e3a107469eb64815b50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:35:55.0004 5512 SstpSvc - ok
00:35:55.0090 5512 [ 7a035df3d6d6cd1f39d4d93e1db8c6e0 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\STacSV.exe
00:35:55.0096 5512 STacSV - ok
00:35:55.0130 5512 [ db32d325c192b801df274bfd12a7e72b ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:35:55.0133 5512 stexstor - ok
00:35:55.0166 5512 [ 0b8426c5fc035a0cbbd4429f9874e728 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
00:35:55.0176 5512 STHDA - ok
00:35:55.0222 5512 [ e1fb3706030fb4578a0d72c2fc3689e4 ] StiSvc C:\Windows\System32\wiaservc.dll
00:35:55.0240 5512 StiSvc - ok
00:35:55.0270 5512 [ e58c78a848add9610a4db6d214af5224 ] swenum C:\Windows\system32\drivers\swenum.sys
00:35:55.0273 5512 swenum - ok
00:35:55.0294 5512 [ a28bd92df340e57b024ba433165d34d7 ] swprv C:\Windows\System32\swprv.dll
00:35:55.0304 5512 swprv - ok
00:35:55.0363 5512 [ 36650d618ca34c9d357dfd3d89b2c56f ] SysMain C:\Windows\system32\sysmain.dll
00:35:55.0399 5512 SysMain - ok
00:35:55.0417 5512 [ 763fecdc3d30c815fe72dd57936c6cd1 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:35:55.0423 5512 TabletInputService - ok
00:35:55.0529 5512 [ 8d55f015b94c46653fda12aa4973ffeb ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
00:35:55.0607 5512 TabletServicePen - ok
00:35:55.0696 5512 [ 613bf4820361543956909043a265c6ac ] TapiSrv C:\Windows\System32\tapisrv.dll
00:35:55.0706 5512 TapiSrv - ok
00:35:55.0718 5512 [ b799d9fdb26111737f58288d8dc172d9 ] TBS C:\Windows\System32\tbssvc.dll
00:35:55.0725 5512 TBS - ok
00:35:55.0800 5512 [ 7fa2e0f8b072bd04b77b421480b6cc22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:35:55.0835 5512 Tcpip - ok
00:35:55.0874 5512 [ 7fa2e0f8b072bd04b77b421480b6cc22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:35:55.0889 5512 TCPIP6 - ok
00:35:55.0934 5512 [ cca24162e055c3714ce5a88b100c64ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:35:55.0937 5512 tcpipreg - ok
00:35:55.0977 5512 [ 1cb91b2bd8f6dd367dfc2ef26fd751b2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:35:55.0980 5512 TDPIPE - ok
00:35:56.0009 5512 [ 2c2c5afe7ee4f620d69c23c0617651a8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:35:56.0012 5512 TDTCP - ok
00:35:56.0023 5512 [ b459575348c20e8121d6039da063c704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:35:56.0027 5512 tdx - ok
00:35:56.0064 5512 [ 04dbf4b01ea4bf25a9a3e84affac9b20 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:35:56.0067 5512 TermDD - ok
00:35:56.0108 5512 [ 382c804c92811be57829d8e550a900e2 ] TermService C:\Windows\System32\termsrv.dll
00:35:56.0134 5512 TermService - ok
00:35:56.0174 5512 [ 5dcf578c5e1ed53f9f6cc3296d9914de ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
00:35:56.0177 5512 TfFsMon - ok
00:35:56.0200 5512 [ 8d18700c1ca06d7e6a9993d1935e595b ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
00:35:56.0202 5512 TfNetMon - ok
00:35:56.0215 5512 [ f14140979ecd43179cab1a4d31fe8ecd ] TFSysMon C:\Windows\system32\drivers\TfSysMon.sys
00:35:56.0218 5512 TFSysMon - ok
00:35:56.0240 5512 [ 42fb6afd6b79d9fe07381609172e7ca4 ] Themes C:\Windows\system32\themeservice.dll
00:35:56.0246 5512 Themes - ok
00:35:56.0271 5512 [ 146b6f43a673379a3c670e86d89be5ea ] THREADORDER C:\Windows\system32\mmcss.dll
00:35:56.0275 5512 THREADORDER - ok
00:35:56.0315 5512 ThreatFire - ok
00:35:56.0342 5512 [ 4792c0378db99a9bc2ae2de6cfff0c3a ] TrkWks C:\Windows\System32\trkwks.dll
00:35:56.0349 5512 TrkWks - ok
00:35:56.0390 5512 [ 2c49b175aee1d4364b91b531417fe583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:35:56.0394 5512 TrustedInstaller - ok
00:35:56.0410 5512 [ 254bb140eee3c59d6114c1a86b636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:35:56.0414 5512 tssecsrv - ok
00:35:56.0465 5512 [ fd1d6c73e6333be727cbcc6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:35:56.0468 5512 TsUsbFlt - ok
00:35:56.0519 5512 [ b2fa25d9b17a68bb93d58b0556e8c90d ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:35:56.0523 5512 tunnel - ok
00:35:56.0550 5512 [ 750fbcb269f4d7dd2e420c56b795db6d ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:35:56.0553 5512 uagp35 - ok
00:35:56.0593 5512 [ ee43346c7e4b5e63e54f927babbb32ff ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:35:56.0599 5512 udfs - ok
00:35:56.0621 5512 [ 8344fd4fce927880aa1aa7681d4927e5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:35:56.0628 5512 UI0Detect - ok
00:35:56.0667 5512 [ 44e8048ace47befbfdc2e9be4cbc8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:35:56.0670 5512 uliagpkx - ok
00:35:56.0711 5512 [ d295bed4b898f0fd999fcfa9b32b071b ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:35:56.0714 5512 umbus - ok
00:35:56.0728 5512 [ 7550ad0c6998ba1cb4843e920ee0feac ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:35:56.0730 5512 UmPass - ok
00:35:56.0858 5512 [ 765f2dd351ba064f657751d8d75e58c0 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:35:56.0916 5512 UNS - ok
00:35:56.0954 5512 [ 833fbb672460efce8011d262175fad33 ] upnphost C:\Windows\System32\upnphost.dll
00:35:56.0979 5512 upnphost - ok
00:35:57.0026 5512 [ 83cafcb53201bbac04d822f32438e244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
00:35:57.0029 5512 USBAAPL - ok
00:35:57.0059 5512 [ bd9c55d7023c5de374507acc7a14e2ac ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:35:57.0062 5512 usbccgp - ok
00:35:57.0074 5512 [ 04ec7cec62ec3b6d9354eee93327fc82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:35:57.0077 5512 usbcir - ok
00:35:57.0092 5512 [ f92de757e4b7ce9c07c5e65423f3ae3b ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:35:57.0095 5512 usbehci - ok
00:35:57.0112 5512 [ 8dc94aec6a7e644a06135ae7506dc2e9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:35:57.0118 5512 usbhub - ok
00:35:57.0131 5512 [ e185d44fac515a18d9deddc23c2cdf44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:35:57.0134 5512 usbohci - ok
00:35:57.0156 5512 [ 797d862fe0875e75c7cc4c1ad7b30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:35:57.0159 5512 usbprint - ok
00:35:57.0206 5512 [ 31181de6190b39fc8007dffd1a48ffd6 ] usbser C:\Windows\system32\drivers\usbser.sys
00:35:57.0209 5512 usbser - ok
00:35:57.0256 5512 [ f991ab9cc6b908db552166768176896a ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:35:57.0259 5512 USBSTOR - ok
00:35:57.0271 5512 [ 68df884cf41cdada664beb01daf67e3d ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:35:57.0274 5512 usbuhci - ok
00:35:57.0297 5512 [ 45f4e7bf43db40a6c6b4d92c76cbc3f2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:35:57.0302 5512 usbvideo - ok
00:35:57.0311 5512 [ 081e6e1c91aec36758902a9f727cd23c ] UxSms C:\Windows\System32\uxsms.dll
00:35:57.0317 5512 UxSms - ok
00:35:57.0331 5512 [ 81951f51e318aecc2d68559e47485cc4 ] VaultSvc C:\Windows\system32\lsass.exe
00:35:57.0335 5512 VaultSvc - ok
00:35:57.0395 5512 [ 386e642f8b8d52f11787e96113d47645 ] vcsFPService C:\Windows\system32\vcsFPService.exe
00:35:57.0455 5512 vcsFPService - ok
00:35:57.0475 5512 [ a059c4c3edb09e07d21a8e5c0aabd3cb ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:35:57.0478 5512 vdrvroot - ok
00:35:57.0526 5512 [ c3cd30495687c2a2f66a65ca6fd89be9 ] vds C:\Windows\System32\vds.exe
00:35:57.0698 5512 vds - ok
00:35:57.0717 5512 [ 17c408214ea61696cec9c66e388b14f3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:35:57.0720 5512 vga - ok
00:35:57.0744 5512 [ 8e38096ad5c8570a6f1570a61e251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:35:57.0747 5512 VgaSave - ok
00:35:57.0784 5512 [ 5461686cca2fda57b024547733ab42e3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:35:57.0790 5512 vhdmp - ok
00:35:57.0808 5512 [ c829317a37b4bea8f39735d4b076e923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:35:57.0812 5512 viaagp - ok
00:35:57.0825 5512 [ e02f079a6aa107f06b16549c6e5c7b74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
00:35:57.0828 5512 ViaC7 - ok
00:35:57.0840 5512 [ e43574f6a56a0ee11809b48c09e4fd3c ] viaide C:\Windows\system32\drivers\viaide.sys
00:35:57.0843 5512 viaide - ok
00:35:57.0859 5512 [ 4c63e00f2f4b5f86ab48a58cd990f212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:35:57.0863 5512 volmgr - ok
00:35:57.0881 5512 [ b5bb72067ddddbbfb04b2f89ff8c3c87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:35:57.0888 5512 volmgrx - ok
00:35:57.0922 5512 [ f497f67932c6fa693d7de2780631cfe7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:35:57.0928 5512 volsnap - ok
00:35:57.0947 5512 [ 9dfa0cc2f8855a04816729651175b631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:35:57.0953 5512 vsmraid - ok
00:35:57.0992 5512 [ 209a3b1901b83aeb8527ed211cce9e4c ] VSS C:\Windows\system32\vssvc.exe
00:35:58.0026 5512 VSS - ok
00:35:58.0037 5512 [ 90567b1e658001e79d7c8bbd3dde5aa6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:35:58.0039 5512 vwifibus - ok
00:35:58.0063 5512 [ 7090d3436eeb4e7da3373090a23448f7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:35:58.0066 5512 vwififlt - ok
00:35:58.0094 5512 [ a3f04cbea6c2a10e6cb01f8b47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:35:58.0097 5512 vwifimp - ok
00:35:58.0145 5512 [ 55187fd710e27d5095d10a472c8baf1c ] W32Time C:\Windows\system32\w32time.dll
00:35:58.0162 5512 W32Time - ok
00:35:58.0211 5512 [ 427a8bc96f16c40df81c2d2f4edd32dd ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
00:35:58.0214 5512 wacommousefilter - ok
00:35:58.0228 5512 [ de3721e89c653aa281428c8a69745d90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:35:58.0231 5512 WacomPen - ok
00:35:58.0243 5512 [ 846b58ea44bf8c92e4b59f4e2252c4c0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
00:35:58.0245 5512 wacomvhid - ok
00:35:58.0265 5512 [ 3c3c78515f5ab448b022bdf5b8ffdd2e ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:35:58.0268 5512 WANARP - ok
00:35:58.0273 5512 [ 3c3c78515f5ab448b022bdf5b8ffdd2e ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:35:58.0275 5512 Wanarpv6 - ok
00:35:58.0355 5512 [ 353a04c273ec58475d8633e75ccd5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:35:58.0390 5512 WatAdminSvc - ok
00:35:58.0441 5512 [ 691e3285e53dca558e1a84667f13e15a ] wbengine C:\Windows\system32\wbengine.exe
00:35:58.0476 5512 wbengine - ok
00:35:58.0511 5512 [ 9614b5d29dc76ac3c29f6d2d3aa70e67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:35:58.0519 5512 WbioSrvc - ok
00:35:58.0550 5512 [ 59e19bd13c3bdb857646b9e436ba27f7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
00:35:58.0559 5512 WcesComm - ok
00:35:58.0603 5512 [ 34eee0dfaadb4f691d6d5308a51315dc ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:35:58.0613 5512 wcncsvc - ok
00:35:58.0629 5512 [ 5d930b6357a6d2af4d7653bdabbf352f ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:35:58.0635 5512 WcsPlugInService - ok
00:35:58.0663 5512 [ 1112a9badacb47b7c0bb0392e3158dff ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:35:58.0665 5512 Wd - ok
00:35:58.0690 5512 [ 9950e3d0f08141c7e89e64456ae7dc73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:35:58.0699 5512 Wdf01000 - ok
00:35:58.0716 5512 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:35:58.0723 5512 WdiServiceHost - ok
00:35:58.0728 5512 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:35:58.0734 5512 WdiSystemHost - ok
00:35:58.0759 5512 [ a9d880f97530d5b8fee278923349929d ] WebClient C:\Windows\System32\webclnt.dll
00:35:58.0769 5512 WebClient - ok
00:35:58.0784 5512 [ 760f0afe937a77cff27153206534f275 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:35:58.0791 5512 Wecsvc - ok
00:35:58.0803 5512 [ ac804569bb2364fb6017370258a4091b ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:35:58.0809 5512 wercplsupport - ok
00:35:58.0837 5512 [ 08e420d873e4fd85241ee2421b02c4a4 ] WerSvc C:\Windows\System32\WerSvc.dll
00:35:58.0844 5512 WerSvc - ok
00:35:58.0866 5512 [ 8b9a943f3b53861f2bfaf6c186168f79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:35:58.0868 5512 WfpLwf - ok
00:35:58.0884 5512 [ 5cf95b35e59e2a38023836fff31be64c ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:35:58.0887 5512 WIMMount - ok
00:35:58.0939 5512 [ 3fae8f94296001c32eab62cd7d82e0fd ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:35:58.0964 5512 WinDefend - ok
00:35:58.0973 5512 WinHttpAutoProxySvc - ok
00:35:59.0025 5512 [ f62e510b6ad4c21eb9fe8668ed251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:35:59.0030 5512 Winmgmt - ok
00:35:59.0046 5512 WinRing0_1_2_0 - ok
00:35:59.0105 5512 [ 1b91cd34ea3a90ab6a4ef0550174f4cc ] WinRM C:\Windows\system32\WsmSvc.dll
00:35:59.0140 5512 WinRM - ok
00:35:59.0192 5512 [ a67e5f9a400f3bd1be3d80613b45f708 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
00:35:59.0195 5512 WinUSB - ok
00:35:59.0243 5512 [ 16935c98ff639d185086a3529b1f2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:35:59.0272 5512 Wlansvc - ok
00:35:59.0329 5512 [ 6067acef367e79914af628fa1e9b5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:35:59.0332 5512 wlcrasvc - ok
00:35:59.0398 5512 [ 0a70f4022ec2e14c159efc4f69aa2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:35:59.0431 5512 wlidsvc - ok
00:35:59.0447 5512 [ 0217679b8fca58714c3bf2726d2ca84e ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:35:59.0449 5512 WmiAcpi - ok
00:35:59.0465 5512 [ 6eb6b66517b048d87dc1856ddf1f4c3f ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:35:59.0470 5512 wmiApSrv - ok
00:35:59.0542 5512 [ 3b40d3a61aa8c21b88ae57c58ab3122e ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:35:59.0634 5512 WMPNetworkSvc - ok
00:35:59.0688 5512 [ a2f0ec770a92f2b3f9de6d518e11409c ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:35:59.0694 5512 WPCSvc - ok
00:35:59.0725 5512 [ aa53356d60af47eacc85bc617a4f3f66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:35:59.0732 5512 WPDBusEnum - ok
00:35:59.0756 5512 [ 6db3276587b853bf886b69528fdb048c ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:35:59.0759 5512 ws2ifsl - ok
00:35:59.0769 5512 [ 6f5d49efe0e7164e03ae773a3fe25340 ] wscsvc C:\Windows\system32\wscsvc.dll
00:35:59.0776 5512 wscsvc - ok
00:35:59.0782 5512 WSearch - ok
00:35:59.0871 5512 [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv C:\Windows\system32\wuaueng.dll
00:35:59.0936 5512 wuauserv - ok
00:35:59.0949 5512 [ e714a1c0354636837e20ccbf00888ee7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:35:59.0953 5512 WudfPf - ok
00:35:59.0997 5512 [ 1023ee888c9b47178c5293ed5336ab69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:36:00.0002 5512 WUDFRd - ok
00:36:00.0034 5512 [ 8d1e1e529a2c9e9b6a85b55a345f7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:36:00.0041 5512 wudfsvc - ok
00:36:00.0061 5512 [ ff2d745b560f7c71b31f30f4d49f73d2 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:36:00.0070 5512 WwanSvc - ok
00:36:00.0111 5512 ================ Scan global ===============================
00:36:00.0152 5512 (dab748ae0439955ed2fa22357533dddb) C:\Windows\system32\basesrv.dll
00:36:00.0191 5512 (183b4188d5d91b271613ec3efd1b3cef) C:\Windows\system32\winsrv.dll
00:36:00.0214 5512 (183b4188d5d91b271613ec3efd1b3cef) C:\Windows\system32\winsrv.dll
00:36:00.0236 5512 (364455805e64882844ee9acb72522830) C:\Windows\system32\sxssrv.dll
00:36:00.0262 5512 (5f1b6a9c35d3d5ca72d6d6fdef9747d6) C:\Windows\system32\services.exe
00:36:00.0270 5512 [Global] - ok
00:36:00.0271 5512 ================ Scan MBR ==================================
00:36:00.0281 5512 MBR (0x1B8) (49a189f2d9f87c78c884d7a1709f45a2) \Device\Harddisk0\DR0
00:36:00.0357 5512 \Device\Harddisk0\DR0 - ok
00:36:00.0358 5512 ================ Scan VBR ==================================
00:36:00.0364 5512 Boot (0x1200) (72763317457ee9b918bc8dda421b038f) \Device\Harddisk0\DR0\Partition1
00:36:00.0366 5512 \Device\Harddisk0\DR0\Partition1 - ok
00:36:00.0395 5512 Boot (0x1200) (961b9917b39608bbde8faf57ce754870) \Device\Harddisk0\DR0\Partition2
00:36:00.0398 5512 \Device\Harddisk0\DR0\Partition2 - ok
00:36:00.0414 5512 Boot (0x1200) (971a1d37bf81960951977cf8d426f78e) \Device\Harddisk0\DR0\Partition3
00:36:00.0417 5512 \Device\Harddisk0\DR0\Partition3 - ok
00:36:00.0436 5512 Boot (0x1200) (9a7bb8eea5090c668038b4015730ae38) \Device\Harddisk0\DR0\Partition4
00:36:00.0439 5512 \Device\Harddisk0\DR0\Partition4 - ok
00:36:00.0460 5512 Boot (0x1200) (c7de8bbac773014e376448b7bc9a9aa8) \Device\Harddisk0\DR0\Partition5
00:36:00.0463 5512 \Device\Harddisk0\DR0\Partition5 - ok
00:36:00.0486 5512 Boot (0x1200) (644a25cfaeb2245e2cc32d79067b0b22) \Device\Harddisk0\DR0\Partition6
00:36:00.0489 5512 \Device\Harddisk0\DR0\Partition6 - ok
00:36:00.0490 5512 ============================================================
00:36:00.0490 5512 Scan finished
00:36:00.0490 5512 ============================================================
00:36:00.0509 1676 Detected object count: 1
00:36:00.0509 1676 Actual detected object count: 1
00:36:20.0493 1676 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:36:20.0493 1676 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
00:36:52.0775 5396 ============================================================
00:36:52.0775 5396 Scan started
00:36:52.0775 5396 Mode: Manual; SigCheck; TDLFS;
00:36:52.0775 5396 ============================================================
00:36:53.0145 5396 ================ Scan services =============================
00:36:53.0343 5396 [ 1b133875b8aa8ac48969bd3458afe9f5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:36:53.0536 5396 1394ohci - ok
00:36:53.0585 5396 [ cc1f1d3d70dc13c2c281488d347d4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
00:36:53.0614 5396 Accelerometer - ok
00:36:53.0646 5396 [ cea80c80bed809aa0da6febc04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:36:53.0675 5396 ACPI - ok
00:36:53.0712 5396 [ 1efbc664abff416d1d07db115dcb264f ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:36:53.0784 5396 AcpiPmi - ok
00:36:53.0878 5396 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:36:53.0898 5396 AdobeARMservice - ok
00:36:53.0939 5396 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:36:53.0960 5396 AdobeFlashPlayerUpdateSvc - ok
00:36:54.0006 5396 [ 21e785ebd7dc90a06391141aac7892fb ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:36:54.0045 5396 adp94xx - ok
00:36:54.0082 5396 [ 0c676bc278d5b59ff5abd57bbe9123f2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:36:54.0111 5396 adpahci - ok
00:36:54.0137 5396 [ 7c7b5ee4b7b822ec85321fe23a27db33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:36:54.0165 5396 adpu320 - ok
00:36:54.0205 5396 [ 8b5eefeec1e6d1a72a06c526628ad161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:36:54.0343 5396 AeLookupSvc - ok
00:36:54.0436 5396 [ 827dbc22c96eecf6d36a13162fabafd3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe
00:36:54.0496 5396 AESTFilters - ok
00:36:54.0534 5396 [ 9ebbba55060f786f0fcaa3893bfa2806 ] AFD C:\Windows\system32\drivers\afd.sys
00:36:54.0598 5396 AFD - ok
00:36:54.0638 5396 [ 507812c3054c21cef746b6ee3d04dd6e ] agp440 C:\Windows\system32\drivers\agp440.sys
00:36:54.0662 5396 agp440 - ok
00:36:54.0692 5396 [ 8b30250d573a8f6b4bd23195160d8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
00:36:54.0716 5396 aic78xx - ok
00:36:54.0739 5396 [ 18a54e132947cd98fea9accc57f98f13 ] ALG C:\Windows\System32\alg.exe
00:36:54.0799 5396 ALG - ok
00:36:54.0817 5396 [ 0d40bcf52ea90fc7df2aeab6503dea44 ] aliide C:\Windows\system32\drivers\aliide.sys
00:36:54.0840 5396 aliide - ok
00:36:54.0858 5396 [ 3c6600a0696e90a463771c7422e23ab5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:36:54.0882 5396 amdagp - ok
00:36:54.0894 5396 [ cd5914170297126b6266860198d1d4f0 ] amdide C:\Windows\system32\drivers\amdide.sys
00:36:54.0917 5396 amdide - ok
00:36:54.0946 5396 [ 00dda200d71bac534bf56a9db5dfd666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:36:54.0983 5396 AmdK8 - ok
00:36:55.0002 5396 [ 3cbf30f5370fda40dd3e87df38ea53b6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:36:55.0043 5396 AmdPPM - ok
00:36:55.0066 5396 [ d320bf87125326f996d4904fe24300fc ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:36:55.0089 5396 amdsata - ok
00:36:55.0129 5396 [ ea43af0c423ff267355f74e7a53bdaba ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:36:55.0152 5396 amdsbs - ok
00:36:55.0166 5396 [ 46387fb17b086d16dea267d5be23a2f2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:36:55.0200 5396 amdxata - ok
00:36:55.0228 5396 [ 7df70a08b56cbbc874744d9b0b396272 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
00:36:55.0299 5396 ApfiltrService - ok
00:36:55.0335 5396 [ aea177f783e20150ace5383ee368da19 ] AppID C:\Windows\system32\drivers\appid.sys
00:36:55.0423 5396 AppID - ok
00:36:55.0447 5396 [ 62a9c86cb6085e20db4823e4e97826f5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:36:55.0523 5396 AppIDSvc - ok
00:36:55.0568 5396 [ fb1959012294d6ad43e5304df65e3c26 ] Appinfo C:\Windows\System32\appinfo.dll
00:36:55.0660 5396 Appinfo - ok
00:36:55.0720 5396 [ d8e18021f91ad79ca8491cb5a5da22d4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:36:55.0736 5396 Apple Mobile Device - ok
00:36:55.0765 5396 [ 2932004f49677bd84dbc72edb754ffb3 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:36:55.0795 5396 arc - ok
00:36:55.0812 5396 [ 5d6f36c46fd283ae1b57bd2e9feb0bc7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:36:55.0843 5396 arcsas - ok
00:36:55.0859 5396 [ add2ade1c2b285ab8378d2daaf991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:36:55.0967 5396 AsyncMac - ok
00:36:56.0000 5396 [ 338c86357871c167a96ab976519bf59e ] atapi C:\Windows\system32\drivers\atapi.sys
00:36:56.0018 5396 atapi - ok
00:36:56.0101 5396 [ cfe432e8eeacbcea3dbf53ea76978a65 ] athr C:\Windows\system32\DRIVERS\athr.sys
00:36:56.0193 5396 athr - ok
00:36:56.0230 5396 [ ce3b4e731638d2ef62fcb419be0d39f0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:36:56.0283 5396 AudioEndpointBuilder - ok
00:36:56.0304 5396 [ ce3b4e731638d2ef62fcb419be0d39f0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:36:56.0360 5396 Audiosrv - ok
00:36:56.0394 5396 [ 6e30d02aac9cac84f421622e3a2f6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:36:56.0471 5396 AxInstSV - ok
00:36:56.0500 5396 [ 1a231abec60fd316ec54c66715543cec ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
00:36:56.0563 5396 b06bdrv - ok
00:36:56.0586 5396 [ bd8869eb9cde6bbe4508d869929869ee ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
00:36:56.0633 5396 b57nd60x - ok
00:36:56.0658 5396 [ ee1e9c3bb8228ae423dd38db69128e71 ] BDESVC C:\Windows\System32\bdesvc.dll
00:36:56.0718 5396 BDESVC - ok
00:36:56.0732 5396 [ 505506526a9d467307b3c393dedaf858 ] Beep C:\Windows\system32\drivers\Beep.sys
00:36:56.0803 5396 Beep - ok
00:36:56.0843 5396 [ 1e2bac209d184bb851e1a187d8a29136 ] BFE C:\Windows\System32\bfe.dll
00:36:56.0917 5396 BFE - ok
00:36:56.0979 5396 [ 1b63f2b7ca6b5290cc124cdd07520bc9 ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
00:36:57.0007 5396 BingDesktopUpdate - ok
00:36:57.0050 5396 [ e585445d5021971fae10393f0f1c3961 ] BITS C:\Windows\system32\qmgr.dll
00:36:57.0132 5396 BITS - ok
00:36:57.0155 5396 [ 2287078ed48fcfc477b05b20cf38f36f ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:36:57.0191 5396 blbdrive - ok
00:36:57.0249 5396 [ db5bea73edaf19ac68b2c0fad0f92b1a ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:36:57.0274 5396 Bonjour Service - ok
00:36:57.0310 5396 [ 8f2da3028d5fcbd1a060a3de64cd6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:36:57.0344 5396 bowser - ok
00:36:57.0356 5396 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:36:57.0398 5396 BrFiltLo - ok
00:36:57.0415 5396 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:36:57.0471 5396 BrFiltUp - ok
00:36:57.0491 5396 [ 77361d72a04f18809d0efb6cceb74d4b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:36:57.0552 5396 BridgeMP - ok
00:36:57.0588 5396 [ 3daa727b5b0a45039b0e1c9a211b8400 ] Browser C:\Windows\System32\browser.dll
00:36:57.0641 5396 Browser - ok
00:36:57.0723 5396 [ 6fb2eb796d1017eda57bdf7092e8e11c ] Browser Defender Update Service C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
00:36:57.0749 5396 Browser Defender Update Service - ok
00:36:57.0779 5396 [ 845b8ce732e67f3b4133164868c666ea ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:36:57.0821 5396 Brserid - ok
00:36:57.0832 5396 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:36:57.0875 5396 BrSerWdm - ok
00:36:57.0895 5396 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:36:57.0941 5396 BrUsbMdm - ok
00:36:57.0948 5396 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:36:57.0980 5396 BrUsbSer - ok
00:36:58.0008 5396 [ 2865a5c8e98c70c605f417908cebb3a4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
00:36:58.0066 5396 BthEnum - ok
00:36:58.0096 5396 [ ed3df7c56ce0084eb2034432fc56565a ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:36:58.0143 5396 BTHMODEM - ok
00:36:58.0173 5396 [ ad1872e5829e8a2c3b5b4b641c3eab0e ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:36:58.0215 5396 BthPan - ok
00:36:58.0243 5396 [ 1153de2e4f5941e10c399cb5592f78a1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
00:36:58.0274 5396 BTHPORT - ok
00:36:58.0306 5396 [ 1df19c96eef6c29d1c3e1a8678e07190 ] bthserv C:\Windows\system32\bthserv.dll
00:36:58.0372 5396 bthserv - ok
00:36:58.0389 5396 [ c81e9413a25a439f436b1d4b6a0cf9e9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
00:36:58.0426 5396 BTHUSB - ok
00:36:58.0450 5396 [ f549c3fb145a4928e40bb1518b2034dc ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
00:36:58.0467 5396 btusbflt - ok
00:36:58.0502 5396 [ d57d29132efe13a83133d9bd449e0cf1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:36:58.0520 5396 btwaudio - ok
00:36:58.0531 5396 [ d282c14a69357d0e1bafaecc2ca98c3a ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
00:36:58.0549 5396 btwavdt - ok
00:36:58.0600 5396 [ 7d2dd14e60ce4ff3308d66fda7990546 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:36:58.0632 5396 btwdins - ok
00:36:58.0647 5396 [ aafd7cb76ba61fbb08e302da208c974a ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
00:36:58.0663 5396 btwl2cap - ok
00:36:58.0677 5396 [ 02eb4d2b05967df2d32f29c84ab1fb17 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:36:58.0691 5396 btwrchid - ok
00:36:58.0769 5396 catchme - ok
00:36:58.0786 5396 [ 77ea11b065e0a8ab902d78145ca51e10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:36:58.0852 5396 cdfs - ok
00:36:58.0884 5396 [ be167ed0fdb9c1fa1133953c18d5a6c9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:36:58.0927 5396 cdrom - ok
00:36:58.0956 5396 [ 319c6b309773d063541d01df8ac6f55f ] CertPropSvc C:\Windows\System32\certprop.dll
00:36:59.0024 5396 CertPropSvc - ok
00:36:59.0059 5396 [ 74fffb94d7ffd4750bd429ccb197720e ] Change Modem Device Service C:\Windows\System32\ChgService.exe
00:36:59.0084 5396 Change Modem Device Service ( UnsignedFile.Multi.Generic ) - warning
00:36:59.0084 5396 Change Modem Device Service - detected UnsignedFile.Multi.Generic (1)
00:36:59.0110 5396 [ 3fe3fe94a34df6fb06e6418d0f6a0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:36:59.0143 5396 circlass - ok
00:36:59.0167 5396 [ 635181e0e9bbf16871bf5380d71db02d ] CLFS C:\Windows\system32\CLFS.sys
00:36:59.0197 5396 CLFS - ok
00:36:59.0247 5396 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:36:59.0268 5396 clr_optimization_v2.0.50727_32 - ok
00:36:59.0336 5396 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:36:59.0360 5396 clr_optimization_v4.0.30319_32 - ok
00:36:59.0371 5396 [ dea805815e587dad1dd2c502220b5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:36:59.0400 5396 CmBatt - ok
00:36:59.0433 5396 [ c537b1db64d495b9b4717b4d6d9edbf2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:36:59.0455 5396 cmdide - ok
00:36:59.0491 5396 [ ce0d4eac1cd08ecf5fb9eab4b1e403c7 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
00:36:59.0541 5396 cmnsusbser - ok
00:36:59.0583 5396 [ 247b4ce2dab1160cd422d532d5241e1f ] CNG C:\Windows\system32\Drivers\cng.sys
00:36:59.0622 5396 CNG - ok
00:36:59.0655 5396 [ 4eb6222be3c3c8071f4a9ca076241d1d ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
00:36:59.0674 5396 cnnctfy2 - ok
00:36:59.0689 5396 [ a6023d3823c37043986713f118a89bee ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:36:59.0710 5396 Compbatt - ok
00:36:59.0719 5396 [ cbe8c58a8579cfe5fccf809e6f114e89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:36:59.0772 5396 CompositeBus - ok
00:36:59.0778 5396 COMSysApp - ok
00:36:59.0820 5396 [ 87371905486db648ac56b37a5909cba0 ] Connectify C:\Program Files\Connectify\ConnectifyService.exe
00:36:59.0846 5396 Connectify ( UnsignedFile.Multi.Generic ) - warning
00:36:59.0846 5396 Connectify - detected UnsignedFile.Multi.Generic (1)
00:36:59.0879 5396 [ d01f685f8b4598d144b0cce9ff95d8d5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
00:36:59.0896 5396 cpudrv - ok
00:36:59.0901 5396 cpuz134 - ok
00:36:59.0921 5396 [ 2c4ebcfc84a9b44f209dff6c6e6c61d1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:36:59.0942 5396 crcdisk - ok
00:36:59.0971 5396 [ 06e771aa596b8761107ab57e99f128d7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:37:00.0030 5396 CryptSvc - ok
00:37:00.0069 5396 [ 7660f01d3b38aca1747e397d21d790af ] DcomLaunch C:\Windows\system32\rpcss.dll
00:37:00.0146 5396 DcomLaunch - ok
00:37:00.0175 5396 [ 8d6e10a2d9a5eed59562d9b82cf804e1 ] defragsvc C:\Windows\System32\defragsvc.dll
00:37:00.0256 5396 defragsvc - ok
00:37:00.0286 5396 [ f024449c97ec1e464aaffda18593db88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:37:00.0351 5396 DfsC - ok
00:37:00.0373 5396 [ e9e01eb683c132f7fa27cd607b8a2b63 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:37:00.0449 5396 Dhcp - ok
00:37:00.0469 5396 [ 1a050b0274bfb3890703d490f330c0da ] discache C:\Windows\system32\drivers\discache.sys
00:37:00.0539 5396 discache - ok
00:37:00.0562 5396 [ 565003f326f99802e68ca78f2a68e9ff ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:37:00.0586 5396 Disk - ok
00:37:00.0618 5396 [ 33ef4861f19a0736b11314aad9ae28d0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:37:00.0656 5396 Dnscache - ok
00:37:00.0698 5396 [ 366ba8fb4b7bb7435e3b9eacb3843f67 ] dot3svc C:\Windows\System32\dot3svc.dll
00:37:00.0761 5396 dot3svc - ok
00:37:00.0818 5396 [ ae403e7585303cb7e413ebf956bcb76e ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
00:37:00.0844 5396 DpHost ( UnsignedFile.Multi.Generic ) - warning
00:37:00.0844 5396 DpHost - detected UnsignedFile.Multi.Generic (1)
00:37:00.0879 5396 [ 8ec04ca86f1d68da9e11952eb85973d6 ] DPS C:\Windows\system32\dps.dll
00:37:00.0959 5396 DPS - ok
00:37:00.0985 5396 [ b918e7c5f9bf77202f89e1a9539f2eb4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:37:01.0024 5396 drmkaud - ok
00:37:01.0058 5396 [ 23f5d28378a160352ba8f817bd8c71cb ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:37:01.0099 5396 DXGKrnl - ok
00:37:01.0126 5396 [ 8600142fa91c1b96367d3300ad0f3f3a ] EapHost C:\Windows\System32\eapsvc.dll
00:37:01.0199 5396 EapHost - ok
00:37:01.0286 5396 [ 024e1b5cac09731e4d868e64dbfb4ab0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
00:37:01.0361 5396 ebdrv - ok
00:37:01.0393 5396 [ 81951f51e318aecc2d68559e47485cc4 ] EFS C:\Windows\System32\lsass.exe
00:37:01.0439 5396 EFS - ok
00:37:01.0525 5396 [ a8c362018efc87beb013ee28f29c0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:37:01.0589 5396 ehRecvr - ok
00:37:01.0616 5396 [ d389bff34f80caede417bf9d1507996a ] ehSched C:\Windows\ehome\ehsched.exe
00:37:01.0645 5396 ehSched - ok
00:37:01.0665 5396 [ 0ed67910c8c326796faa00b2bf6d9d3c ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:37:01.0696 5396 elxstor - ok
00:37:01.0727 5396 [ f13c945115b8a8c7c4427d5925f88f23 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
00:37:01.0777 5396 enecir - ok
00:37:01.0793 5396 [ 8fc3208352dd3912c94367a206ab3f11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:37:01.0831 5396 ErrDev - ok
00:37:01.0886 5396 [ 2407b8164e966755bc6a4242fc9de31e ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
00:37:01.0903 5396 esgiguard - ok
00:37:01.0934 5396 [ f6916efc29d9953d5d0df06882ae8e16 ] EventSystem C:\Windows\system32\es.dll
00:37:01.0989 5396 EventSystem - ok
00:37:02.0004 5396 [ 2dc9108d74081149cc8b651d3a26207f ] exfat C:\Windows\system32\drivers\exfat.sys
00:37:02.0053 5396 exfat - ok
00:37:02.0064 5396 [ 7e0ab74553476622fb6ae36f73d97d35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:37:02.0126 5396 fastfat - ok
00:37:02.0157 5396 [ 967ea5b213e9984cbe270205df37755b ] Fax C:\Windows\system32\fxssvc.exe
00:37:02.0213 5396 Fax - ok
00:37:02.0242 5396 [ e817a017f82df2a1f8cfdbda29388b29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:37:02.0281 5396 fdc - ok
00:37:02.0298 5396 [ f3222c893bd2f5821a0179e5c71e88fb ] fdPHost C:\Windows\system32\fdPHost.dll
00:37:02.0368 5396 fdPHost - ok
00:37:02.0385 5396 [ 7dbe8cbfe79efbdeb98c9fb08d3a9a5b ] FDResPub C:\Windows\system32\fdrespub.dll
00:37:02.0455 5396 FDResPub - ok
00:37:02.0473 5396 [ 6cf00369c97f3cf563be99be983d13d8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:37:02.0497 5396 FileInfo - ok
00:37:02.0511 5396 [ 42c51dc94c91da21cb9196eb64c45db9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:37:02.0568 5396 Filetrace - ok
00:37:02.0585 5396 [ 87907aa70cb3c56600f1c2fb8841579b ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:37:02.0678 5396 flpydisk - ok
00:37:02.0704 5396 [ 7520ec808e0c35e0ee6f841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:37:02.0732 5396 FltMgr - ok
00:37:02.0783 5396 [ b3a5ec6b6b6673db7e87c2bcdbddc074 ] FontCache C:\Windows\system32\FntCache.dll
00:37:02.0852 5396 FontCache - ok
00:37:02.0898 5396 [ e56f39f6b7fda0ac77a79b0fd3de1a2f ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:37:02.0915 5396 FontCache3.0.0.0 - ok
00:37:02.0927 5396 [ 1a16b57943853e598cff37fe2b8cbf1d ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:37:02.0949 5396 FsDepends - ok
00:37:02.0985 5396 [ d909075fa72c090f27aa926c32cb4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:37:03.0003 5396 fssfltr - ok
00:37:03.0095 5396 [ 4ce9dac1518ff7e77bd213e6394b9d77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
00:37:03.0153 5396 fsssvc - ok
00:37:03.0183 5396 [ 7dae5ebcc80e45d3253f4923dc424d05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:37:03.0202 5396 Fs_Rec - ok
00:37:03.0233 5396 [ 8a73e79089b282100b9393b644cb853b ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:37:03.0262 5396 fvevol - ok
00:37:03.0279 5396 [ 65ee0c7a58b65e74ae05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:37:03.0301 5396 gagp30kx - ok
00:37:03.0349 5396 [ e897eaf5ed6ba41e081060c9b447a673 ] gpsvc C:\Windows\System32\gpsvc.dll
00:37:03.0420 5396 gpsvc - ok
00:37:03.0487 5396 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:37:03.0507 5396 gupdate - ok
00:37:03.0520 5396 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:37:03.0539 5396 gupdatem - ok
00:37:03.0596 5396 [ c1b577b2169900f4cf7190c39f085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:37:03.0617 5396 gusvc - ok
00:37:03.0644 5396 [ c44e3c2bab6837db337ddee7544736db ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:37:03.0679 5396 hcw85cir - ok
00:37:03.0715 5396 [ a5ef29d5315111c80a5c1abad14c8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:37:03.0773 5396 HdAudAddService - ok
00:37:03.0796 5396 [ 9036377b8a6c15dc2eec53e489d159b5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:37:03.0828 5396 HDAudBus - ok
00:37:03.0854 5396 [ a88485dc6a7136c10d9a6c7e38fdfe3c ] HECI C:\Windows\system32\DRIVERS\HECI.sys
00:37:03.0903 5396 HECI - ok
00:37:03.0913 5396 [ 1d58a7f3e11a9731d0eaaaa8405acc36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:37:03.0955 5396 HidBatt - ok
00:37:03.0987 5396 [ 89448f40e6df260c206a193a4683ba78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:37:04.0028 5396 HidBth - ok
00:37:04.0047 5396 [ cf50b4cf4a4f229b9f3c08351f99ca5e ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:37:04.0090 5396 HidIr - ok
00:37:04.0124 5396 [ 2bc6f6a1992b3a77f5f41432ca6b3b6b ] hidserv C:\Windows\System32\hidserv.dll
00:37:04.0185 5396 hidserv - ok
00:37:04.0215 5396 [ 10c19f8290891af023eaec0832e1eb4d ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:37:04.0255 5396 HidUsb - ok
00:37:04.0286 5396 [ 196b4e3f4cccc24af836ce58facbb699 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:37:04.0338 5396 hkmsvc - ok
00:37:04.0359 5396 [ 6658f4404de03d75fe3ba09f7aba6a30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:37:04.0398 5396 HomeGroupListener - ok
00:37:04.0410 5396 [ dbc02d918fff1cad628acbe0c0eaa8e8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:37:04.0455 5396 HomeGroupProvider - ok
00:37:04.0534 5396 [ 45a12cacb97b4f15858fcfd59355a1e9 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:37:04.0551 5396 HP Health Check Service - ok
00:37:04.0576 5396 [ f55442690a70a0278a7eed4faaebf576 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
00:37:04.0593 5396 HPDrvMntSvc.exe - ok
00:37:04.0625 5396 [ 4ef10b866c62abbeaf7511cdd05a19be ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
00:37:04.0640 5396 hpdskflt - ok
00:37:04.0664 5396 [ 640e51db253265c3eac075866b3d2b33 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:37:04.0702 5396 hpqwmiex - ok
00:37:04.0727 5396 [ 295fdc419039090eb8b49ffdbb374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:37:04.0749 5396 HpSAMD - ok
00:37:04.0776 5396 [ c0beb56ed79b59b7b33d0aa6c38a0ba6 ] hpsrv C:\Windows\system32\Hpservice.exe
00:37:04.0791 5396 hpsrv - ok
00:37:04.0838 5396 [ 871917b07a141bff43d76d8844d48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:37:04.0894 5396 HTTP - ok
00:37:04.0933 5396 [ 988c0a49f09d75d3341cb419141793c1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
00:37:04.0980 5396 hwdatacard - ok
00:37:04.0996 5396 [ 0c4e035c7f105f1299258c90886c64c5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:37:05.0015 5396 hwpolicy - ok
00:37:05.0037 5396 [ f151f0bdc47f4a28b1b20a0818ea36d6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:37:05.0061 5396 i8042prt - ok
00:37:05.0109 5396 [ 0e899d0db39617aa0b2f992e7e95b5eb ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
00:37:05.0133 5396 IAANTMON - ok
00:37:05.0170 5396 [ 01446278d4563b3013c92830ae6cbb26 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:37:05.0193 5396 iaStor - ok
00:37:05.0226 5396 [ 5cd5f9a5444e6cdcb0ac89bd62d8b76e ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:37:05.0253 5396 iaStorV - ok
00:37:05.0308 5396 [ c521d7eb6497bb1af6afa89e322fb43c ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:37:05.0347 5396 idsvc - ok
00:37:05.0491 5396 [ 1396d38514c3c4b930f5d24e6c8521e6 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
00:37:05.0684 5396 igfx - ok
00:37:05.0704 5396 [ 4173ff5708f3236cf25195fecd742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:37:05.0728 5396 iirsp - ok
00:37:05.0775 5396 [ f95622f161474511b8d80d6b093aa610 ] IKEEXT C:\Windows\System32\ikeext.dll
00:37:05.0859 5396 IKEEXT - ok
00:37:05.0891 5396 [ a8ed88b2aae108b938816ddb5bb39b54 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
00:37:05.0921 5396 Impcd - ok
00:37:05.0945 5396 [ 0dbd8a173df83c31143601da7e03c4f9 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:37:05.0981 5396 IntcDAud - ok
00:37:06.0001 5396 [ a0f12f2c9ba6c72f3987ce780e77c130 ] intelide C:\Windows\system32\drivers\intelide.sys
00:37:06.0023 5396 intelide - ok
00:37:06.0040 5396 [ 3b514d27bfc4accb4037bc6685f766e0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:37:06.0082 5396 intelppm - ok
00:37:06.0108 5396 [ acb364b9075a45c0736e5c47be5cae19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:37:06.0175 5396 IPBusEnum - ok
00:37:06.0196 5396 [ 709d1761d3b19a932ff0238ea6d50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:37:06.0263 5396 IpFilterDriver - ok
00:37:06.0299 5396 [ 4d65a07b795d6674312f879d09aa7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:37:06.0360 5396 iphlpsvc - ok
00:37:06.0390 5396 [ 4bd7134618c1d2a27466a099062547bf ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:37:06.0415 5396 IPMIDRV - ok
00:37:06.0428 5396 [ a5fa468d67abcdaa36264e463a7bb0cd ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:37:06.0504 5396 IPNAT - ok
00:37:06.0523 5396 [ 42996cff20a3084a56017b7902307e9f ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:37:06.0564 5396 IRENUM - ok
00:37:06.0586 5396 [ 1f32bb6b38f62f7df1a7ab7292638a35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:37:06.0608 5396 isapnp - ok
00:37:06.0622 5396 [ cb7a9abb12b8415bce5d74994c7ba3ae ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:37:06.0650 5396 iScsiPrt - ok
00:37:06.0662 5396 [ adef52ca1aeae82b50df86b56413107e ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:37:06.0684 5396 kbdclass - ok
00:37:06.0694 5396 [ 9e3ced91863e6ee98c24794d05e27a71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:37:06.0748 5396 kbdhid - ok
00:37:06.0764 5396 [ 81951f51e318aecc2d68559e47485cc4 ] KeyIso C:\Windows\system32\lsass.exe
00:37:06.0790 5396 KeyIso - ok
00:37:06.0831 5396 [ b7895b4182c0d16f6efadeb8081e8d36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:37:06.0853 5396 KSecDD - ok
00:37:06.0867 5396 [ d30159ac9237519fbc62c6ec247d2d46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:37:06.0891 5396 KSecPkg - ok
00:37:06.0922 5396 [ 89a7b9cc98d0d80c6f31b91c0a310fcd ] KtmRm C:\Windows\system32\msdtckrm.dll
00:37:06.0997 5396 KtmRm - ok
00:37:07.0021 5396 [ d64af876d53eca3668bb97b51b4e70ab ] LanmanServer C:\Windows\System32\srvsvc.dll
00:37:07.0091 5396 LanmanServer - ok
00:37:07.0116 5396 [ 58405e4f68ba8e4057c6e914f326aba2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:37:07.0164 5396 LanmanWorkstation - ok
00:37:07.0192 5396 [ f7611ec07349979da9b0ae1f18ccc7a6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:37:07.0257 5396 lltdio - ok
00:37:07.0291 5396 [ 5700673e13a2117fa3b9020c852c01e2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:37:07.0358 5396 lltdsvc - ok
00:37:07.0365 5396 [ 55ca01ba19d0006c8f2639b6c045e08b ] lmhosts C:\Windows\System32\lmhsvc.dll
00:37:07.0414 5396 lmhosts - ok
00:37:07.0468 5396 [ 7485fbcef9136f530953575e2977859d ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:37:07.0496 5396 LMS - ok
00:37:07.0527 5396 [ eb119a53ccf2acc000ac71b065b78fef ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:37:07.0548 5396 LSI_FC - ok
00:37:07.0564 5396 [ 8ade1c877256a22e49b75d1cc9161f9c ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:37:07.0585 5396 LSI_SAS - ok
00:37:07.0606 5396 [ dc9dc3d3daa0e276fd2ec262e38b11e9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:37:07.0626 5396 LSI_SAS2 - ok
00:37:07.0633 5396 [ 0a036c7d7cab643a7f07135ac47e0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:37:07.0655 5396 LSI_SCSI - ok
00:37:07.0673 5396 [ 6703e366cc18d3b6e534f5cf7df39cee ] luafv C:\Windows\system32\drivers\luafv.sys
00:37:07.0735 5396 luafv - ok
00:37:07.0757 5396 [ bfb9ee8ee977efe85d1a3105abef6dd1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:37:07.0781 5396 Mcx2Svc - ok
00:37:07.0796 5396 [ 0fff5b045293002ab38eb1fd1fc2fb74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:37:07.0815 5396 megasas - ok
00:37:07.0835 5396 [ dcbab2920c75f390caf1d29f675d03d6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:37:07.0859 5396 MegaSR - ok
00:37:07.0920 5396 [ 123271bd5237ab991dc5c21fdf8835eb ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
00:37:07.0937 5396 Microsoft Office Groove Audit Service - ok
00:37:07.0965 5396 [ 146b6f43a673379a3c670e86d89be5ea ] MMCSS C:\Windows\system32\mmcss.dll
00:37:08.0036 5396 MMCSS - ok
00:37:08.0058 5396 [ f001861e5700ee84e2d4e52c712f4964 ] Modem C:\Windows\system32\drivers\modem.sys
00:37:08.0115 5396 Modem - ok
00:37:08.0121 5396 [ 79d10964de86b292320e9dfe02282a23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:37:08.0171 5396 monitor - ok
00:37:08.0194 5396 [ fb18cc1d4c2e716b6b903b0ac0cc0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:37:08.0218 5396 mouclass - ok
00:37:08.0257 5396 [ 2c388d2cd01c9042596cf3c8f3c7b24d ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:37:08.0296 5396 mouhid - ok
00:37:08.0339 5396 [ fc8771f45ecccfd89684e38842539b9b ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:37:08.0362 5396 mountmgr - ok
00:37:08.0409 5396 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:37:08.0432 5396 MozillaMaintenance - ok
00:37:08.0464 5396 [ d993bea500e7382dc4e760bf4f35efcb ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:37:08.0493 5396 MpFilter - ok
00:37:08.0528 5396 [ 2d699fb6e89ce0d8da14ecc03b3edfe0 ] mpio C:\Windows\system32\drivers\mpio.sys
00:37:08.0555 5396 mpio - ok
00:37:08.0616 5396 MpKsla7be5916 - ok
00:37:08.0655 5396 [ ad2723a7b53dd1aacae6ad8c0bfbf4d0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:37:08.0719 5396 mpsdrv - ok
00:37:08.0779 5396 [ 9835584e999d25004e1ee8e5f3e3b881 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:37:08.0854 5396 MpsSvc - ok
00:37:08.0876 5396 [ ceb46ab7c01c9f825f8cc6babc18166a ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:37:08.0923 5396 MRxDAV - ok
00:37:08.0953 5396 [ 5d16c921e3671636c0eba3bbaac5fd25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:37:09.0008 5396 mrxsmb - ok
00:37:09.0037 5396 [ 6d17a4791aca19328c685d256349fefc ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:37:09.0068 5396 mrxsmb10 - ok
00:37:09.0084 5396 [ b81f204d146000be76651a50670a5e9e ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:37:09.0122 5396 mrxsmb20 - ok
00:37:09.0151 5396 [ 012c5f4e9349e711e11e0f19a8589f0a ] msahci C:\Windows\system32\drivers\msahci.sys
00:37:09.0173 5396 msahci - ok
00:37:09.0186 5396 [ 55055f8ad8be27a64c831322a780a228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:37:09.0211 5396 msdsm - ok
00:37:09.0228 5396 [ e1bce74a3bd9902b72599c0192a07e27 ] MSDTC C:\Windows\System32\msdtc.exe
00:37:09.0260 5396 MSDTC - ok
00:37:09.0296 5396 [ daefb28e3af5a76abcc2c3078c07327f ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:37:09.0354 5396 Msfs - ok
00:37:09.0370 5396 [ 3e1e5767043c5af9367f0056295e9f84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:37:09.0428 5396 mshidkmdf - ok
00:37:09.0458 5396 [ 0a4e5757ae09fa9622e3158cc1aef114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:37:09.0479 5396 msisadrv - ok
00:37:09.0506 5396 [ 90f7d9e6b6f27e1a707d4a297f077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:37:09.0572 5396 MSiSCSI - ok
00:37:09.0578 5396 msiserver - ok
00:37:09.0598 5396 [ 8c0860d6366aaffb6c5bb9df9448e631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:37:09.0666 5396 MSKSSRV - ok
00:37:09.0711 5396 [ 24516bf4e12a46cb67302e2cdcb8cddf ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
00:37:09.0731 5396 MsMpSvc - ok
00:37:09.0742 5396 [ 3ea8b949f963562cedbb549eac0c11ce ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:37:09.0808 5396 MSPCLOCK - ok
00:37:09.0814 5396 [ f456e973590d663b1073e9c463b40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:37:09.0875 5396 MSPQM - ok
00:37:09.0900 5396 [ 0e008fc4819d238c51d7c93e7b41e560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:37:09.0925 5396 MsRPC - ok
00:37:09.0942 5396 [ fc6b9ff600cc585ea38b12589bd4e246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:37:09.0963 5396 mssmbios - ok
00:37:09.0981 5396 [ b42c6b921f61a6e55159b8be6cd54a36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:37:10.0033 5396 MSTEE - ok
00:37:10.0049 5396 [ 33599130f44e1f34631cea241de8ac84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:37:10.0086 5396 MTConfig - ok
00:37:10.0104 5396 [ 159fad02f64e6381758c990f753bcc80 ] Mup C:\Windows\system32\Drivers\mup.sys
00:37:10.0125 5396 Mup - ok
00:37:10.0160 5396 [ 61d57a5d7c6d9afe10e77dae6e1b445e ] napagent C:\Windows\system32\qagentRT.dll
00:37:10.0219 5396 napagent - ok
00:37:10.0238 5396 [ 26384429fcd85d83746f63e798ab1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:37:10.0287 5396 NativeWifiP - ok
00:37:10.0317 5396 [ e7c54812a2aaf43316eb6930c1ffa108 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:37:10.0354 5396 NDIS - ok
00:37:10.0364 5396 [ 0e1787aa6c9191d3d319e8bafe86f80c ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:37:10.0431 5396 NdisCap - ok
00:37:10.0456 5396 [ e4a8aec125a2e43a9e32afeea7c9c888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:37:10.0504 5396 NdisTapi - ok
00:37:10.0536 5396 [ d8a65dafb3eb41cbb622745676fcd072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:37:10.0581 5396 Ndisuio - ok
00:37:10.0598 5396 [ 38fbe267e7e6983311179230facb1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:37:10.0647 5396 NdisWan - ok
00:37:10.0685 5396 [ a4bdc541e69674fbff1a8ff00be913f2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:37:10.0731 5396 NDProxy - ok
00:37:10.0856 5396 [ 6d4028d458eaaa1782099750790dc8c9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
00:37:10.0892 5396 Nero BackItUp Scheduler 3 - ok
00:37:10.0909 5396 [ 80b275b1ce3b0e79909db7b39af74d51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:37:10.0959 5396 NetBIOS - ok
00:37:11.0000 5396 [ 280122ddcf04b378edd1ad54d71c1e54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:37:11.0067 5396 NetBT - ok
00:37:11.0079 5396 [ 81951f51e318aecc2d68559e47485cc4 ] Netlogon C:\Windows\system32\lsass.exe
00:37:11.0102 5396 Netlogon - ok
00:37:11.0133 5396 [ 7cccfca7510684768da22092d1fa4db2 ] Netman C:\Windows\System32\netman.dll
00:37:11.0205 5396 Netman - ok
00:37:11.0231 5396 [ 8c338238c16777a802d6a9211eb2ba50 ] netprofm C:\Windows\System32\netprofm.dll
00:37:11.0306 5396 netprofm - ok
00:37:11.0326 5396 [ f476ec40033cdb91efbe73eb99b8362d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:37:11.0344 5396 NetTcpPortSharing - ok
00:37:11.0366 5396 [ 1d85c4b390b0ee09c7a46b91efb2c097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:37:11.0384 5396 nfrd960 - ok
00:37:11.0427 5396 [ b52f26bade7d7e4a79706e3fd91834cd ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:37:11.0445 5396 NisDrv - ok
00:37:11.0462 5396 [ 290c0d4c4889398797f8df3be00b9698 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
00:37:11.0488 5396 NisSrv - ok
00:37:11.0525 5396 [ 912084381d30d8b89ec4e293053f4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:37:11.0592 5396 NlaSvc - ok
00:37:11.0675 5396 [ ff4d73b16ea3a32d34ceb3a7bc3c3773 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
00:37:11.0699 5396 NMIndexingService - ok
00:37:11.0723 5396 [ cfe3462a9e94a57dcd9676f6b7fe7f67 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
00:37:11.0800 5396 nmwcd - ok
00:37:11.0832 5396 [ 8f2a94f991f8c73cec26b4b5620d1edc ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
00:37:11.0889 5396 nmwcdc - ok
00:37:11.0915 5396 [ b48dc6abcd3aeff8618350ccbdc6b09a ] NPF C:\Windows\system32\drivers\npf.sys
00:37:11.0932 5396 NPF - ok
00:37:11.0941 5396 [ 1db262a9f8c087e8153d89bef3d2235f ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:37:12.0002 5396 Npfs - ok
00:37:12.0024 5396 [ ba387e955e890c8a88306d9b8d06bf17 ] nsi C:\Windows\system32\nsisvc.dll
00:37:12.0086 5396 nsi - ok
00:37:12.0106 5396 [ e9a0a4d07e53d8fea2bb8387a3293c58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:37:12.0174 5396 nsiproxy - ok
00:37:12.0225 5396 [ 81189c3d7763838e55c397759d49007a ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:37:12.0287 5396 Ntfs - ok
00:37:12.0295 5396 [ f9756a98d69098dca8945d62858a812c ] Null C:\Windows\system32\drivers\Null.sys
00:37:12.0355 5396 Null - ok
00:37:12.0376 5396 [ b3e25ee28883877076e0e1ff877d02e0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:37:12.0402 5396 nvraid - ok
00:37:12.0418 5396 [ 4380e59a170d88c4f1022eff6719a8a4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:37:12.0446 5396 nvstor - ok
00:37:12.0479 5396 [ 5a0983915f02bae73267cc2a041f717d ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:37:12.0525 5396 nv_agp - ok
00:37:12.0598 5396 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:37:12.0626 5396 odserv - ok
00:37:12.0647 5396 [ 08a70a1f2cdde9bb49b885cb817a66eb ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:37:12.0688 5396 ohci1394 - ok
00:37:12.0729 5396 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:37:12.0751 5396 ose - ok
00:37:12.0787 5396 [ 82a8521ddc60710c3d3d3e7325209bec ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:37:12.0844 5396 p2pimsvc - ok
00:37:12.0868 5396 [ 59c3ddd501e39e006dac31bf55150d91 ] p2psvc C:\Windows\system32\p2psvc.dll
00:37:12.0903 5396 p2psvc - ok
00:37:12.0930 5396 [ 2ea877ed5dd9713c5ac74e8ea7348d14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:37:12.0974 5396 Parport - ok
00:37:12.0998 5396 [ 3f34a1b4c5f6475f320c275e63afce9b ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:37:13.0022 5396 partmgr - ok
00:37:13.0039 5396 [ eb0a59f29c19b86479d36b35983daadc ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
00:37:13.0079 5396 Parvdm - ok
00:37:13.0103 5396 [ 358ab7956d3160000726574083dfc8a6 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:37:13.0154 5396 PcaSvc - ok
00:37:13.0178 5396 [ fd2041e9ba03db7764b2248f02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
00:37:13.0235 5396 pccsmcfd - ok
00:37:13.0274 5396 [ 673e55c3498eb970088e812ea820aa8f ] pci C:\Windows\system32\drivers\pci.sys
00:37:13.0299 5396 pci - ok
00:37:13.0314 5396 [ afe86f419014db4e5593f69ffe26ce0a ] pciide C:\Windows\system32\drivers\pciide.sys
00:37:13.0334 5396 pciide - ok
00:37:13.0347 5396 [ f396431b31693e71e8a80687ef523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:37:13.0371 5396 pcmcia - ok
00:37:13.0401 5396 [ 8bfb2c39dabfba0b6f7002d79fe22299 ] PCTAppEvent C:\Windows\system32\drivers\PCTAppEvent.sys
00:37:13.0420 5396 PCTAppEvent - ok
00:37:13.0437 5396 [ 3e8ce6c67b292a4fdf65ed625e5f5e81 ] PCTCore C:\Windows\system32\drivers\PCTCore.sys
00:37:13.0459 5396 PCTCore - ok
00:37:13.0482 5396 [ f820b4c61d1e591325b679d479d4eea4 ] pctDS C:\Windows\system32\drivers\pctDS.sys
00:37:13.0506 5396 pctDS - ok
00:37:13.0540 5396 [ acc8c15f3d59f17c5d903ff1de3b43d3 ] pctEFA C:\Windows\system32\drivers\pctEFA.sys
00:37:13.0573 5396 pctEFA - ok
00:37:13.0589 5396 [ 60af5fa418efe284fb81dbbf5a0391fb ] PCTFW-PacketFilter C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
00:37:13.0606 5396 PCTFW-PacketFilter - ok
00:37:13.0631 5396 [ bf22bd6d1e64177bc213bf571b8af666 ] pctgntdi C:\Windows\System32\drivers\pctgntdi.sys
00:37:13.0655 5396 pctgntdi - ok
00:37:13.0671 5396 [ fc38ec6e59d11c5ad4c5ea3878174995 ] pctNdis C:\Windows\system32\DRIVERS\pctNdis.sys
00:37:13.0687 5396 pctNdis - ok
00:37:13.0702 5396 [ fc38ec6e59d11c5ad4c5ea3878174995 ] pctNdisMP C:\Windows\system32\DRIVERS\pctNdis.sys
00:37:13.0718 5396 pctNdisMP - ok
00:37:13.0733 5396 [ 6c3aa72680d8cb7d285bd940a30eccef ] pctplfw C:\Windows\System32\drivers\pctplfw.sys
00:37:13.0752 5396 pctplfw - ok
00:37:13.0768 5396 [ 03d3a794c9d55ef1b450d5e11103c594 ] pctplsg C:\Windows\System32\drivers\pctplsg.sys
00:37:13.0787 5396 pctplsg - ok
00:37:13.0804 5396 [ 83ddd552f7f1043f764e8cc88ff41232 ] PCTSD C:\Windows\system32\Drivers\PCTSD.sys
00:37:13.0826 5396 PCTSD - ok
00:37:13.0847 5396 [ 250f6b43d2b613172035c6747aeeb19f ] pcw C:\Windows\system32\drivers\pcw.sys
00:37:13.0868 5396 pcw - ok
00:37:13.0892 5396 [ 9e0104ba49f4e6973749a02bf41344ed ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:37:13.0976 5396 PEAUTH - ok
00:37:14.0037 5396 [ 414bba67a3ded1d28437eb66aeb8a720 ] pla C:\Windows\system32\pla.dll
00:37:14.0118 5396 pla - ok
00:37:14.0159 5396 [ ec7bc28d207da09e79b3e9faf8b232ca ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:37:14.0214 5396 PlugPlay - ok
00:37:14.0230 5396 [ 63ff8572611249931eb16bb8eed6afc8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:37:14.0268 5396 PNRPAutoReg - ok
00:37:14.0288 5396 [ 82a8521ddc60710c3d3d3e7325209bec ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:37:14.0320 5396 PNRPsvc - ok
00:37:14.0342 5396 [ 53946b69ba0836bd95b03759530c81ec ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:37:14.0399 5396 PolicyAgent - ok
00:37:14.0433 5396 [ f87d30e72e03d579a5199ccb3831d6ea ] Power C:\Windows\system32\umpo.dll
00:37:14.0496 5396 Power - ok
00:37:14.0530 5396 [ 631e3e205ad6d86f2aed6a4a8e69f2db ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:37:14.0584 5396 PptpMiniport - ok
00:37:14.0597 5396 [ 85b1e3a0c7585bc4aae6899ec6fcf011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:37:14.0624 5396 Processor - ok
00:37:14.0653 5396 [ cadefac453040e370a1bdff3973be00d ] ProfSvc C:\Windows\system32\profsvc.dll
00:37:14.0704 5396 ProfSvc - ok
00:37:14.0718 5396 [ 81951f51e318aecc2d68559e47485cc4 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:37:14.0741 5396 ProtectedStorage - ok
00:37:14.0753 5396 [ 6270ccae2a86de6d146529fe55b3246a ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:37:14.0812 5396 Psched - ok
00:37:14.0857 5396 [ ab95ecf1f6659a60ddc166d8315b0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:37:14.0912 5396 ql2300 - ok
00:37:14.0926 5396 [ b4dd51dd25182244b86737dc51af2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:37:14.0947 5396 ql40xx - ok
00:37:14.0975 5396 [ 31ac809e7707eb580b2bdb760390765a ] QWAVE C:\Windows\system32\qwave.dll
00:37:15.0008 5396 QWAVE - ok
00:37:15.0022 5396 [ 584078ca1b95ca72df2a27c336f9719d ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:37:15.0079 5396 QWAVEdrv - ok
00:37:15.0123 5396 [ 8f97d374ad1857e1eed85a79f29a1d3d ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
00:37:15.0143 5396 RapiMgr - ok
00:37:15.0148 5396 [ 30a81b53c766d0133bb86d234e5556ab ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:37:15.0197 5396 RasAcd - ok
00:37:15.0229 5396 [ 57ec4aef73660166074d8f7f31c0d4fd ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:37:15.0290 5396 RasAgileVpn - ok
00:37:15.0310 5396 [ a60f1839849c0c00739787fd5ec03f13 ] RasAuto C:\Windows\System32\rasauto.dll
00:37:15.0374 5396 RasAuto - ok
00:37:15.0390 5396 [ d9f91eafec2815365cbe6d167e4e332a ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:37:15.0440 5396 Rasl2tp - ok
00:37:15.0479 5396 [ cb9e04dc05eacf5b9a36ca276d475006 ] RasMan C:\Windows\System32\rasmans.dll
00:37:15.0533 5396 RasMan - ok
00:37:15.0548 5396 [ 0fe8b15916307a6ac12bfb6a63e45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:37:15.0598 5396 RasPppoe - ok
00:37:15.0613 5396 [ 44101f495a83ea6401d886e7fd70096b ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:37:15.0673 5396 RasSstp - ok
00:37:15.0707 5396 [ d528bc58a489409ba40334ebf96a311b ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:37:15.0763 5396 rdbss - ok
00:37:15.0780 5396 [ 0d8f05481cb76e70e1da06ee9f0da9df ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:37:15.0821 5396 rdpbus - ok
00:37:15.0848 5396 [ 23dae03f29d253ae74c44f99e515f9a1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:37:15.0889 5396 RDPCDD - ok
00:37:15.0906 5396 [ 5a53ca1598dd4156d44196d200c94b8a ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:37:15.0959 5396 RDPENCDD - ok
00:37:15.0980 5396 [ 44b0a53cd4f27d50ed461dae0c0b4e1f ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:37:16.0037 5396 RDPREFMP - ok
00:37:16.0066 5396 [ f031683e6d1fea157abb2ff260b51e61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:37:16.0148 5396 RDPWD - ok
00:37:16.0181 5396 [ 518395321dc96fe2c9f0e96ac743b656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:37:16.0203 5396 rdyboost - ok
00:37:16.0222 5396 [ 7b5e1419717fac363a31cc302895217a ] RemoteAccess C:\Windows\System32\mprdim.dll
00:37:16.0278 5396 RemoteAccess - ok
00:37:16.0302 5396 [ cb9a8683f4ef2bf99e123d79950d7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:37:16.0361 5396 RemoteRegistry - ok
00:37:16.0388 5396 [ cb928d9e6daf51879dd6ba8d02f01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:37:16.0425 5396 RFCOMM - ok
00:37:16.0456 5396 [ b60f58f175de20a6739194e85b035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
00:37:16.0472 5396 rpcapd - ok
00:37:16.0486 5396 [ 78d072f35bc45d9e4e1b61895c152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:37:16.0532 5396 RpcEptMapper - ok
00:37:16.0553 5396 [ 94d36c0e44677dd26981d2bfeef2a29d ] RpcLocator C:\Windows\system32\locator.exe
00:37:16.0587 5396 RpcLocator - ok
00:37:16.0612 5396 [ 7660f01d3b38aca1747e397d21d790af ] RpcSs C:\Windows\system32\rpcss.dll
00:37:16.0660 5396 RpcSs - ok
00:37:16.0673 5396 [ 4dd30900d0818d4949946be0c5fac9df ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
00:37:16.0690 5396 RSPCIESTOR - ok
00:37:16.0705 5396 [ 032b0d36ad92b582d869879f5af5b928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:37:16.0760 5396 rspndr - ok
00:37:16.0781 5396 [ 6498270b845d319981f3c707672b8e32 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
00:37:16.0798 5396 RSUSBSTOR - ok
00:37:16.0841 5396 [ 5283b9a27ff230f2ff70d92451ff409a ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
00:37:16.0868 5396 RTL8167 - ok
00:37:16.0873 5396 RTSTOR - ok
00:37:16.0888 5396 [ 81951f51e318aecc2d68559e47485cc4 ] SamSs C:\Windows\system32\lsass.exe
00:37:16.0909 5396 SamSs - ok
00:37:16.0939 5396 [ 05d860da1040f111503ac416ccef2bca ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:37:16.0957 5396 sbp2port - ok
00:37:16.0983 5396 [ 8fc518ffe9519c2631d37515a68009c4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:37:17.0037 5396 SCardSvr - ok
00:37:17.0063 5396 [ 0693b5ec673e34dc147e195779a4dcf6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:37:17.0114 5396 scfilter - ok
00:37:17.0148 5396 [ a04bb13f8a72f8b6e8b4071723e4e336 ] Schedule C:\Windows\system32\schedsvc.dll
00:37:17.0208 5396 Schedule - ok
00:37:17.0232 5396 [ 319c6b309773d063541d01df8ac6f55f ] SCPolicySvc C:\Windows\System32\certprop.dll
00:37:17.0273 5396 SCPolicySvc - ok
00:37:17.0324 5396 [ cadc6d185d8560a1ec266b0a97c4f153 ] sdAuxService C:\Program Files\PC Tools Security\pctsAuxs.exe
00:37:17.0345 5396 sdAuxService - ok
00:37:17.0357 5396 [ 0328be1c7f1cba23848179f8762e391c ] sdbus C:\Windows\system32\drivers\sdbus.sys
00:37:17.0392 5396 sdbus - ok
00:37:17.0430 5396 [ 1b556ab08795428e2f3dafcfcb54c782 ] sdCoreService C:\Program Files\PC Tools Security\pctsSvc.exe
00:37:17.0468 5396 sdCoreService - ok
00:37:17.0504 5396 [ 08236c4bce5edd0a0318a438af28e0f7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:37:17.0554 5396 SDRSVC - ok
00:37:17.0608 5396 [ 16a252022535b680046f6e34e136d378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
00:37:17.0628 5396 SeaPort - ok
00:37:17.0652 5396 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:37:17.0721 5396 secdrv - ok
00:37:17.0745 5396 [ a59b3a4442c52060cc7a85293aa3546f ] seclogon C:\Windows\system32\seclogon.dll
00:37:17.0817 5396 seclogon - ok
00:37:17.0837 5396 [ dcb7fcdcc97f87360f75d77425b81737 ] SENS C:\Windows\system32\sens.dll
00:37:17.0899 5396 SENS - ok
00:37:17.0916 5396 [ 50087fe1ee447009c9cc2997b90de53f ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:37:17.0972 5396 SensrSvc - ok
00:37:17.0988 5396 [ 9ad8b8b515e3df6acd4212ef465de2d1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:37:18.0016 5396 Serenum - ok
00:37:18.0047 5396 [ 5fb7fcea0490d821f26f39cc5ea3d1e2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:37:18.0092 5396 Serial - ok
00:37:18.0121 5396 [ 79bffb520327ff916a582dfea17aa813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:37:18.0159 5396 sermouse - ok
00:37:18.0248 5396 [ f31e9531af225ca25350d5e87e999b31 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:37:18.0286 5396 ServiceLayer - ok
00:37:18.0327 5396 [ 4ae380f39a0032eab7dd953030b26d28 ] SessionEnv C:\Windows\system32\sessenv.dll
00:37:18.0380 5396 SessionEnv - ok
00:37:18.0413 5396 [ 9f976e1eb233df46fce808d9dea3eb9c ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:37:18.0452 5396 sffdisk - ok
00:37:18.0473 5396 [ 932a68ee27833cfd57c1639d375f2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:37:18.0512 5396 sffp_mmc - ok
00:37:18.0531 5396 [ 6d4ccaedc018f1cf52866bbbaa235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:37:18.0576 5396 sffp_sd - ok
00:37:18.0596 5396 [ db96666cc8312ebc45032f30b007a547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:37:18.0623 5396 sfloppy - ok
00:37:18.0651 5396 [ d1a079a0de2ea524513b6930c24527a2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:37:18.0711 5396 SharedAccess - ok
00:37:18.0747 5396 [ 414da952a35bf5d50192e28263b40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:37:18.0803 5396 ShellHWDetection - ok
00:37:18.0820 5396 [ 2565cac0dc9fe0371bdce60832582b2e ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:37:18.0843 5396 sisagp - ok
00:37:18.0853 5396 [ a9f0486851becb6dda1d89d381e71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:37:18.0875 5396 SiSRaid2 - ok
00:37:18.0892 5396 [ 3727097b55738e2f554972c3be5bc1aa ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:37:18.0915 5396 SiSRaid4 - ok
00:37:18.0929 5396 [ 3e21c083b8a01cb70ba1f09303010fce ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:37:18.0984 5396 Smb - ok
00:37:19.0020 5396 [ 6a984831644eca1a33ffeae4126f4f37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:37:19.0045 5396 SNMPTRAP - ok
00:37:19.0056 5396 [ 95cf1ae7527fb70f7816563cbc09d942 ] spldr C:\Windows\system32\drivers\spldr.sys
00:37:19.0078 5396 spldr - ok
00:37:19.0113 5396 [ 9aea093b8f9c37cf45538382caba2475 ] Spooler C:\Windows\System32\spoolsv.exe
00:37:19.0152 5396 Spooler - ok
00:37:19.0229 5396 [ cf87a1de791347e75b98885214ced2b8 ] sppsvc C:\Windows\system32\sppsvc.exe
00:37:19.0350 5396 sppsvc - ok
00:37:19.0378 5396 [ b0180b20b065d89232a78a40fe56eaa6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:37:19.0439 5396 sppuinotify - ok
00:37:19.0486 5396 [ d15da1ba189770d93eea2d7e18f95af9 ] sptd C:\Windows\system32\Drivers\sptd.sys
00:37:19.0487 5396 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
00:37:19.0489 5396 sptd ( LockedFile.Multi.Generic ) - warning
00:37:19.0489 5396 sptd - detected LockedFile.Multi.Generic (1)
00:37:19.0552 5396 [ f9ec94e35f5019a8e82665e1ef4b4d02 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
00:37:19.0584 5396 SpyHunter 4 Service - ok
00:37:19.0624 5396 [ e4c2764065d66ea1d2d3ebc28fe99c46 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:37:19.0681 5396 srv - ok
00:37:19.0730 5396 [ 03f0545bd8d4c77fa0ae1ceedfcc71ab ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:37:19.0755 5396 srv2 - ok
00:37:19.0786 5396 [ be6bd660caa6f291ae06a718a4fa8abc ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:37:19.0824 5396 srvnet - ok
00:37:19.0857 5396 [ d887c9fd02ac9fa880f6e5027a43e118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:37:19.0910 5396 SSDPSRV - ok
00:37:19.0934 5396 [ d318f23be45d5e3a107469eb64815b50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:37:19.0996 5396 SstpSvc - ok
00:37:20.0085 5396 [ 7a035df3d6d6cd1f39d4d93e1db8c6e0 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\STacSV.exe
00:37:20.0114 5396 STacSV - ok
00:37:20.0141 5396 [ db32d325c192b801df274bfd12a7e72b ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:37:20.0165 5396 stexstor - ok
00:37:20.0194 5396 [ 0b8426c5fc035a0cbbd4429f9874e728 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
00:37:20.0227 5396 STHDA - ok
00:37:20.0266 5396 [ e1fb3706030fb4578a0d72c2fc3689e4 ] StiSvc C:\Windows\System32\wiaservc.dll
00:37:20.0328 5396 StiSvc - ok
00:37:20.0355 5396 [ e58c78a848add9610a4db6d214af5224 ] swenum C:\Windows\system32\drivers\swenum.sys
00:37:20.0378 5396 swenum - ok
00:37:20.0404 5396 [ a28bd92df340e57b024ba433165d34d7 ] swprv C:\Windows\System32\swprv.dll
00:37:20.0482 5396 swprv - ok
00:37:20.0524 5396 [ 36650d618ca34c9d357dfd3d89b2c56f ] SysMain C:\Windows\system32\sysmain.dll
00:37:20.0603 5396 SysMain - ok
00:37:20.0626 5396 [ 763fecdc3d30c815fe72dd57936c6cd1 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:37:20.0663 5396 TabletInputService - ok
00:37:20.0737 5396 [ 8d55f015b94c46653fda12aa4973ffeb ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
00:37:20.0835 5396 TabletServicePen - ok
00:37:20.0856 5396 [ 613bf4820361543956909043a265c6ac ] TapiSrv C:\Windows\System32\tapisrv.dll
00:37:20.0923 5396 TapiSrv - ok
00:37:20.0944 5396 [ b799d9fdb26111737f58288d8dc172d9 ] TBS C:\Windows\System32\tbssvc.dll
00:37:21.0012 5396 TBS - ok
00:37:21.0065 5396 [ 7fa2e0f8b072bd04b77b421480b6cc22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:37:21.0123 5396 Tcpip - ok
00:37:21.0156 5396 [ 7fa2e0f8b072bd04b77b421480b6cc22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:37:21.0213 5396 TCPIP6 - ok
00:37:21.0259 5396 [ cca24162e055c3714ce5a88b100c64ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:37:21.0319 5396 tcpipreg - ok
00:37:21.0360 5396 [ 1cb91b2bd8f6dd367dfc2ef26fd751b2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:37:21.0388 5396 TDPIPE - ok
00:37:21.0416 5396 [ 2c2c5afe7ee4f620d69c23c0617651a8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:37:21.0439 5396 TDTCP - ok
00:37:21.0454 5396 [ b459575348c20e8121d6039da063c704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:37:21.0519 5396 tdx - ok
00:37:21.0546 5396 [ 04dbf4b01ea4bf25a9a3e84affac9b20 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:37:21.0566 5396 TermDD - ok
00:37:21.0606 5396 [ 382c804c92811be57829d8e550a900e2 ] TermService C:\Windows\System32\termsrv.dll
00:37:21.0664 5396 TermService - ok
00:37:21.0697 5396 [ 5dcf578c5e1ed53f9f6cc3296d9914de ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
00:37:21.0711 5396 TfFsMon - ok
00:37:21.0723 5396 [ 8d18700c1ca06d7e6a9993d1935e595b ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
00:37:21.0737 5396 TfNetMon - ok
00:37:21.0772 5396 [ f14140979ecd43179cab1a4d31fe8ecd ] TFSysMon C:\Windows\system32\drivers\TfSysMon.sys
00:37:21.0825 5396 TFSysMon - ok
00:37:21.0854 5396 [ 42fb6afd6b79d9fe07381609172e7ca4 ] Themes C:\Windows\system32\themeservice.dll
00:37:21.0901 5396 Themes - ok
00:37:21.0934 5396 [ 146b6f43a673379a3c670e86d89be5ea ] THREADORDER C:\Windows\system32\mmcss.dll
00:37:21.0986 5396 THREADORDER - ok
00:37:22.0019 5396 ThreatFire - ok
00:37:22.0037 5396 [ 4792c0378db99a9bc2ae2de6cfff0c3a ] TrkWks C:\Windows\System32\trkwks.dll
00:37:22.0102 5396 TrkWks - ok
00:37:22.0152 5396 [ 2c49b175aee1d4364b91b531417fe583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:37:22.0202 5396 TrustedInstaller - ok
00:37:22.0222 5396 [ 254bb140eee3c59d6114c1a86b636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:37:22.0268 5396 tssecsrv - ok
00:37:22.0301 5396 [ fd1d6c73e6333be727cbcc6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:37:22.0348 5396 TsUsbFlt - ok
00:37:22.0388 5396 [ b2fa25d9b17a68bb93d58b0556e8c90d ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:37:22.0451 5396 tunnel - ok
00:37:22.0485 5396 [ 750fbcb269f4d7dd2e420c56b795db6d ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:37:22.0505 5396 uagp35 - ok
00:37:22.0544 5396 [ ee43346c7e4b5e63e54f927babbb32ff ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:37:22.0609 5396 udfs - ok
00:37:22.0647 5396 [ 8344fd4fce927880aa1aa7681d4927e5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:37:22.0689 5396 UI0Detect - ok
00:37:22.0717 5396 [ 44e8048ace47befbfdc2e9be4cbc8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:37:22.0738 5396 uliagpkx - ok
00:37:22.0753 5396 [ d295bed4b898f0fd999fcfa9b32b071b ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:37:22.0792 5396 umbus - ok
00:37:22.0811 5396 [ 7550ad0c6998ba1cb4843e920ee0feac ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:37:22.0834 5396 UmPass - ok
00:37:22.0954 5396 [ 765f2dd351ba064f657751d8d75e58c0 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:37:23.0034 5396 UNS - ok
00:37:23.0053 5396 [ 833fbb672460efce8011d262175fad33 ] upnphost C:\Windows\System32\upnphost.dll
00:37:23.0122 5396 upnphost - ok
00:37:23.0143 5396 [ 83cafcb53201bbac04d822f32438e244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
00:37:23.0185 5396 USBAAPL - ok
00:37:23.0217 5396 [ bd9c55d7023c5de374507acc7a14e2ac ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:37:23.0245 5396 usbccgp - ok
00:37:23.0281 5396 [ 04ec7cec62ec3b6d9354eee93327fc82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:37:23.0309 5396 usbcir - ok
00:37:23.0324 5396 [ f92de757e4b7ce9c07c5e65423f3ae3b ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:37:23.0347 5396 usbehci - ok
00:37:23.0360 5396 [ 8dc94aec6a7e644a06135ae7506dc2e9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:37:23.0385 5396 usbhub - ok
00:37:23.0404 5396 [ e185d44fac515a18d9deddc23c2cdf44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:37:23.0426 5396 usbohci - ok
00:37:23.0446 5396 [ 797d862fe0875e75c7cc4c1ad7b30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:37:23.0475 5396 usbprint - ok
00:37:23.0512 5396 [ 31181de6190b39fc8007dffd1a48ffd6 ] usbser C:\Windows\system32\drivers\usbser.sys
00:37:23.0547 5396 usbser - ok
00:37:23.0579 5396 [ f991ab9cc6b908db552166768176896a ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:37:23.0633 5396 USBSTOR - ok
00:37:23.0643 5396 [ 68df884cf41cdada664beb01daf67e3d ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:37:23.0664 5396 usbuhci - ok
00:37:23.0677 5396 [ 45f4e7bf43db40a6c6b4d92c76cbc3f2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:37:23.0713 5396 usbvideo - ok
00:37:23.0733 5396 [ 081e6e1c91aec36758902a9f727cd23c ] UxSms C:\Windows\System32\uxsms.dll
00:37:23.0808 5396 UxSms - ok
00:37:23.0830 5396 [ 81951f51e318aecc2d68559e47485cc4 ] VaultSvc C:\Windows\system32\lsass.exe
00:37:23.0858 5396 VaultSvc - ok
00:37:23.0916 5396 [ 386e642f8b8d52f11787e96113d47645 ] vcsFPService C:\Windows\system32\vcsFPService.exe
00:37:23.0986 5396 vcsFPService - ok
00:37:24.0005 5396 [ a059c4c3edb09e07d21a8e5c0aabd3cb ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:37:24.0029 5396 vdrvroot - ok
00:37:24.0077 5396 [ c3cd30495687c2a2f66a65ca6fd89be9 ] vds C:\Windows\System32\vds.exe
00:37:24.0144 5396 vds - ok
00:37:24.0164 5396 [ 17c408214ea61696cec9c66e388b14f3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:37:24.0204 5396 vga - ok
00:37:24.0224 5396 [ 8e38096ad5c8570a6f1570a61e251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:37:24.0281 5396 VgaSave - ok
00:37:24.0297 5396 [ 5461686cca2fda57b024547733ab42e3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:37:24.0322 5396 vhdmp - ok
00:37:24.0337 5396 [ c829317a37b4bea8f39735d4b076e923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:37:24.0359 5396 viaagp - ok
00:37:24.0379 5396 [ e02f079a6aa107f06b16549c6e5c7b74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
00:37:24.0415 5396 ViaC7 - ok
00:37:24.0444 5396 [ e43574f6a56a0ee11809b48c09e4fd3c ] viaide C:\Windows\system32\drivers\viaide.sys
00:37:24.0464 5396 viaide - ok
00:37:24.0479 5396 [ 4c63e00f2f4b5f86ab48a58cd990f212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:37:24.0500 5396 volmgr - ok
00:37:24.0525 5396 [ b5bb72067ddddbbfb04b2f89ff8c3c87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:37:24.0554 5396 volmgrx - ok
00:37:24.0583 5396 [ f497f67932c6fa693d7de2780631cfe7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:37:24.0611 5396 volsnap - ok
00:37:24.0633 5396 [ 9dfa0cc2f8855a04816729651175b631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:37:24.0657 5396 vsmraid - ok
00:37:24.0710 5396 [ 209a3b1901b83aeb8527ed211cce9e4c ] VSS C:\Windows\system32\vssvc.exe
00:37:24.0793 5396 VSS - ok
00:37:24.0813 5396 [ 90567b1e658001e79d7c8bbd3dde5aa6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:37:24.0853 5396 vwifibus - ok
00:37:24.0873 5396 [ 7090d3436eeb4e7da3373090a23448f7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:37:24.0903 5396 vwififlt - ok
00:37:24.0912 5396 [ a3f04cbea6c2a10e6cb01f8b47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:37:24.0940 5396 vwifimp - ok
00:37:24.0971 5396 [ 55187fd710e27d5095d10a472c8baf1c ] W32Time C:\Windows\system32\w32time.dll
00:37:25.0044 5396 W32Time - ok
00:37:25.0060 5396 [ 427a8bc96f16c40df81c2d2f4edd32dd ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
00:37:25.0075 5396 wacommousefilter - ok
00:37:25.0095 5396 [ de3721e89c653aa281428c8a69745d90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:37:25.0132 5396 WacomPen - ok
00:37:25.0151 5396 [ 846b58ea44bf8c92e4b59f4e2252c4c0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
00:37:25.0164 5396 wacomvhid - ok
00:37:25.0182 5396 [ 3c3c78515f5ab448b022bdf5b8ffdd2e ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:37:25.0231 5396 WANARP - ok
00:37:25.0239 5396 [ 3c3c78515f5ab448b022bdf5b8ffdd2e ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:37:25.0286 5396 Wanarpv6 - ok
00:37:25.0344 5396 [ 353a04c273ec58475d8633e75ccd5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:37:25.0398 5396 WatAdminSvc - ok
00:37:25.0447 5396 [ 691e3285e53dca558e1a84667f13e15a ] wbengine C:\Windows\system32\wbengine.exe
00:37:25.0511 5396 wbengine - ok
00:37:25.0527 5396 [ 9614b5d29dc76ac3c29f6d2d3aa70e67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:37:25.0571 5396 WbioSrvc - ok
00:37:25.0599 5396 [ 59e19bd13c3bdb857646b9e436ba27f7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
00:37:25.0626 5396 WcesComm - ok
00:37:25.0660 5396 [ 34eee0dfaadb4f691d6d5308a51315dc ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:37:25.0696 5396 wcncsvc - ok
00:37:25.0711 5396 [ 5d930b6357a6d2af4d7653bdabbf352f ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:37:25.0762 5396 WcsPlugInService - ok
00:37:25.0786 5396 [ 1112a9badacb47b7c0bb0392e3158dff ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:37:25.0804 5396 Wd - ok
00:37:25.0829 5396 [ 9950e3d0f08141c7e89e64456ae7dc73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:37:25.0859 5396 Wdf01000 - ok
00:37:25.0872 5396 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:37:25.0927 5396 WdiServiceHost - ok
00:37:25.0938 5396 [ 46ef9dc96265fd0b423db72e7c38c2a5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:37:25.0970 5396 WdiSystemHost - ok
00:37:26.0006 5396 [ a9d880f97530d5b8fee278923349929d ] WebClient C:\Windows\System32\webclnt.dll
00:37:26.0055 5396 WebClient - ok
00:37:26.0080 5396 [ 760f0afe937a77cff27153206534f275 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:37:26.0151 5396 Wecsvc - ok
00:37:26.0165 5396 [ ac804569bb2364fb6017370258a4091b ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:37:26.0216 5396 wercplsupport - ok
00:37:26.0233 5396 [ 08e420d873e4fd85241ee2421b02c4a4 ] WerSvc C:\Windows\System32\WerSvc.dll
00:37:26.0318 5396 WerSvc - ok
00:37:26.0335 5396 [ 8b9a943f3b53861f2bfaf6c186168f79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:37:26.0391 5396 WfpLwf - ok
00:37:26.0403 5396 [ 5cf95b35e59e2a38023836fff31be64c ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:37:26.0421 5396 WIMMount - ok
00:37:26.0465 5396 [ 3fae8f94296001c32eab62cd7d82e0fd ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:37:26.0516 5396 WinDefend - ok
00:37:26.0523 5396 WinHttpAutoProxySvc - ok
00:37:26.0578 5396 [ f62e510b6ad4c21eb9fe8668ed251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:37:26.0623 5396 Winmgmt - ok
00:37:26.0629 5396 WinRing0_1_2_0 - ok
00:37:26.0682 5396 [ 1b91cd34ea3a90ab6a4ef0550174f4cc ] WinRM C:\Windows\system32\WsmSvc.dll
00:37:26.0766 5396 WinRM - ok
00:37:26.0810 5396 [ a67e5f9a400f3bd1be3d80613b45f708 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
00:37:26.0842 5396 WinUSB - ok
00:37:26.0877 5396 [ 16935c98ff639d185086a3529b1f2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:37:26.0950 5396 Wlansvc - ok
00:37:27.0005 5396 [ 6067acef367e79914af628fa1e9b5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:37:27.0024 5396 wlcrasvc - ok
00:37:27.0107 5396 [ 0a70f4022ec2e14c159efc4f69aa2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:37:27.0178 5396 wlidsvc - ok
00:37:27.0189 5396 [ 0217679b8fca58714c3bf2726d2ca84e ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:37:27.0216 5396 WmiAcpi - ok
00:37:27.0232 5396 [ 6eb6b66517b048d87dc1856ddf1f4c3f ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:37:27.0278 5396 wmiApSrv - ok
00:37:27.0350 5396 [ 3b40d3a61aa8c21b88ae57c58ab3122e ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:37:27.0407 5396 WMPNetworkSvc - ok
00:37:27.0430 5396 [ a2f0ec770a92f2b3f9de6d518e11409c ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:37:27.0524 5396 WPCSvc - ok
00:37:27.0558 5396 [ aa53356d60af47eacc85bc617a4f3f66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:37:27.0621 5396 WPDBusEnum - ok
00:37:27.0647 5396 [ 6db3276587b853bf886b69528fdb048c ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:37:27.0710 5396 ws2ifsl - ok
00:37:27.0734 5396 [ 6f5d49efe0e7164e03ae773a3fe25340 ] wscsvc C:\Windows\system32\wscsvc.dll
00:37:27.0786 5396 wscsvc - ok
00:37:27.0793 5396 WSearch - ok
00:37:27.0874 5396 [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv C:\Windows\system32\wuaueng.dll
00:37:27.0943 5396 wuauserv - ok
00:37:27.0980 5396 [ e714a1c0354636837e20ccbf00888ee7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:37:28.0072 5396 WudfPf - ok
00:37:28.0118 5396 [ 1023ee888c9b47178c5293ed5336ab69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:37:28.0183 5396 WUDFRd - ok
00:37:28.0214 5396 [ 8d1e1e529a2c9e9b6a85b55a345f7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:37:28.0265 5396 wudfsvc - ok
00:37:28.0282 5396 [ ff2d745b560f7c71b31f30f4d49f73d2 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:37:28.0331 5396 WwanSvc - ok
00:37:28.0356 5396 ================ Scan global ===============================
00:37:28.0381 5396 (dab748ae0439955ed2fa22357533dddb) C:\Windows\system32\basesrv.dll
00:37:28.0419 5396 (183b4188d5d91b271613ec3efd1b3cef) C:\Windows\system32\winsrv.dll
00:37:28.0441 5396 (183b4188d5d91b271613ec3efd1b3cef) C:\Windows\system32\winsrv.dll
00:37:28.0473 5396 (364455805e64882844ee9acb72522830) C:\Windows\system32\sxssrv.dll
00:37:28.0499 5396 (5f1b6a9c35d3d5ca72d6d6fdef9747d6) C:\Windows\system32\services.exe
00:37:28.0505 5396 [Global] - ok
00:37:28.0509 5396 ================ Scan MBR ==================================
00:37:28.0518 5396 MBR (0x1B8) (49a189f2d9f87c78c884d7a1709f45a2) \Device\Harddisk0\DR0
00:37:28.0734 5396 \Device\Harddisk0\DR0 - ok
00:37:28.0735 5396 ================ Scan VBR ==================================
00:37:28.0738 5396 Boot (0x1200) (72763317457ee9b918bc8dda421b038f) \Device\Harddisk0\DR0\Partition1
00:37:28.0741 5396 \Device\Harddisk0\DR0\Partition1 - ok
00:37:28.0772 5396 Boot (0x1200) (961b9917b39608bbde8faf57ce754870) \Device\Harddisk0\DR0\Partition2
00:37:28.0776 5396 \Device\Harddisk0\DR0\Partition2 - ok
00:37:28.0791 5396 Boot (0x1200) (971a1d37bf81960951977cf8d426f78e) \Device\Harddisk0\DR0\Partition3
00:37:28.0794 5396 \Device\Harddisk0\DR0\Partition3 - ok
00:37:28.0813 5396 Boot (0x1200) (9a7bb8eea5090c668038b4015730ae38) \Device\Harddisk0\DR0\Partition4
00:37:28.0816 5396 \Device\Harddisk0\DR0\Partition4 - ok
00:37:28.0837 5396 Boot (0x1200) (c7de8bbac773014e376448b7bc9a9aa8) \Device\Harddisk0\DR0\Partition5
00:37:28.0840 5396 \Device\Harddisk0\DR0\Partition5 - ok
00:37:28.0863 5396 Boot (0x1200) (644a25cfaeb2245e2cc32d79067b0b22) \Device\Harddisk0\DR0\Partition6
00:37:28.0867 5396 \Device\Harddisk0\DR0\Partition6 - ok
00:37:28.0868 5396 ============================================================
00:37:28.0868 5396 Scan finished
00:37:28.0868 5396 ============================================================
00:37:28.0883 1264 Detected object count: 4
00:37:28.0883 1264 Actual detected object count: 4
00:37:36.0862 1264 Change Modem Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:37:36.0862 1264 Change Modem Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:37:36.0863 1264 Connectify ( UnsignedFile.Multi.Generic ) - skipped by user
00:37:36.0863 1264 Connectify ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:37:36.0865 1264 DpHost ( UnsignedFile.Multi.Generic ) - skipped by user
00:37:36.0865 1264 DpHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:37:36.0867 1264 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:37:36.0868 1264 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
00:56:54.0272 3952 Deinitialize success

aswMBR
------


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-19 00:38:43
-----------------------------
00:38:43.791 OS Version: Windows 6.1.7601 Service Pack 1
00:38:43.792 Number of processors: 4 586 0x2502
00:38:43.794 ComputerName: ZAVIST UserName: user
00:38:58.798 Initialize success
00:45:06.509 AVAST engine defs: 12081800
00:45:51.248 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:45:51.252 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
00:45:51.279 Disk 0 MBR read successfully
00:45:51.283 Disk 0 MBR scan
00:45:51.307 Disk 0 unknown MBR code
00:45:51.336 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
00:45:51.349 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 74249 MB offset 206848
00:45:51.359 Disk 0 Partition - 00 0F Extended LBA 402588 MB offset 152270846
00:45:51.392 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 102425 MB offset 204802048
00:45:51.403 Disk 0 Partition - 00 05 Extended 102411 MB offset 414568448
00:45:51.455 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 102410 MB offset 414570496
00:45:51.468 Disk 0 Partition - 00 05 Extended 102411 MB offset 886603778
00:45:51.496 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 102410 MB offset 624308224
00:45:51.512 Disk 0 Partition - 00 05 Extended 69691 MB offset 1306079234
00:45:51.580 Disk 0 Partition 6 00 07 HPFS/NTFS NTFS 69690 MB offset 834045952
00:45:51.595 Disk 0 Partition - 00 05 Extended 188 MB offset 886184118
00:45:51.654 Disk 0 Partition 7 00 82 Linux swap 188 MB offset 204411123
00:45:51.671 Disk 0 Partition - 00 05 Extended 25458 MB offset 204411061
00:45:51.684 Disk 0 Partition 8 00 83 Linux 25458 MB offset 152270848
00:45:51.723 Disk 0 scanning sectors +976771072
00:45:51.831 Disk 0 scanning C:\Windows\system32\drivers
00:46:06.571 Service scanning
00:46:26.202 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
00:46:33.680 Modules scanning
00:46:42.821 Disk 0 trace - called modules:
00:46:42.846 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll PCTCore.sys ACPI.sys iaStor.sys spec.sys >>UNKNOWN [0x86594938]<<
00:46:42.860 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87ebbac8]
00:46:42.872 3 CLASSPNP.SYS[8ce6059e] -> nt!IofCallDriver -> [0x87ebb020]
00:46:42.883 5 hpdskflt.sys[8ce11f92] -> nt!IofCallDriver -> [0x87eba818]
00:46:42.895 7 PCTCore.sys[8c6186a1] -> nt!IofCallDriver -> [0x873c2868]
00:46:42.906 9 ACPI.sys[84b693d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x87394028]
00:46:43.946 AVAST engine scan C:\Windows
00:46:48.344 AVAST engine scan C:\Windows\system32
00:50:08.932 AVAST engine scan C:\Windows\system32\drivers
00:50:26.452 AVAST engine scan C:\Users\user
01:10:59.198 AVAST engine scan C:\ProgramData
01:22:49.998 Scan finished successfully
06:33:04.158 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
06:33:04.170 The log file has been saved successfully to "C:\aswMBR.txt"

ESET ONLINE SCANNER:
--------------------

C:\Users\user\Downloads\cnet2_mhotspot_exe.exe a variant of Win32/InstallCore.D application
C:\Users\user\Downloads\cnet_jpeg-to-pdf-converter_exe.exe a variant of Win32/InstallCore.D application
C:\Users\user\Downloads\SoftonicDownloader_for_hjsplit.exe a variant of Win32/SoftonicDownloader.A application
C:\Users\user\Downloads\swf_flv_player.exe Win32/Toolbar.Zugo application
C:\Users\user\Downloads\Nero 8.1.1.4\Nero-8.1.1.4_trial.exe Win32/Toolbar.AskSBar application

#3 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 19 August 2012 - 11:59 AM

MBAM
----


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.19.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
user :: ZAVIST [administrator]

Protection: Enabled

19-08-2012 10:50:30 AM
mbam-log-2012-08-19 (15-04-48).txt

Scan type: Full scan (C:\|F:\|G:\|H:\|I:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 736782
Time elapsed: 3 hour(s), 28 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 19 August 2012 - 12:04 PM

MINI TOOLBOX
------------


MiniToolBox by Farbar Version: 23-07-2012
Ran by user (administrator) on 19-08-2012 at 10:54:00
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add address name="Local Area Connection" address=192.168.70.110 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ZAVIST
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter Airtel:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Airtel
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 223.181.254.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 203.145.160.5
203.145.160.6
NetBIOS over Tcpip. . . . . . . . : Disabled

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 22-7B-CB-22-F6-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 70-5A-B6-8F-57-EE
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : F0-7B-CB-22-F6-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E7638853-35D7-49BA-A8EB-302F171CD7D3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28f3:300d:204a:1bb(Preferred)
Link-local IPv6 Address . . . . . : fe80::28f3:300d:204a:1bb%13(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{C78CD15E-4324-4A89-B97F-E370DC2E3DE9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{64877245-AA9A-42BF-BD44-09A50C748848}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {C7EB84D2-D48A-441F-A634-EA1AF0518653}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B512DB5F-B8AB-4DA8-8196-DDD6CAF93846}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:dfb5:fe44::dfb5:fe44(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::1
DNS Servers . . . . . . . . . . . : 203.145.160.5
203.145.160.6
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{3A1CD95F-82B4-4544-8C81-D8A830D4D50F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ABTS-TN-dynamic-005.160.145.203.airtelbroadband.in
Address: 203.145.160.5

Name: google.com
Addresses: 2404:6800:4007:802::1006
74.125.236.164
74.125.236.174
74.125.236.167
74.125.236.165
74.125.236.168
74.125.236.162
74.125.236.160
74.125.236.163
74.125.236.166
74.125.236.169
74.125.236.161


Pinging google.com [74.125.236.161] with 32 bytes of data:
Reply from 74.125.236.161: bytes=32 time=228ms TTL=56
Reply from 74.125.236.161: bytes=32 time=1249ms TTL=56

Ping statistics for 74.125.236.161:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 228ms, Maximum = 1249ms, Average = 738ms
Server: ABTS-TN-dynamic-005.160.145.203.airtelbroadband.in
Address: 203.145.160.5

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=412ms TTL=51
Reply from 98.139.183.24: bytes=32 time=427ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 412ms, Maximum = 427ms, Average = 419ms
Server: ABTS-TN-dynamic-005.160.145.203.airtelbroadband.in
Address: 203.145.160.5

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=14ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 14ms, Average = 9ms
===========================================================================
Interface List
31...........................Airtel
17...22 7b cb 22 f6 e3 ......Microsoft Virtual WiFi Miniport Adapter
14...70 5a b6 8f 57 ee ......Realtek PCIe FE Family Controller
10...f0 7b cb 22 f6 e3 ......Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
28...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
51...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 223.181.254.68 41
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
223.181.254.68 255.255.255.255 On-link 223.181.254.68 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 223.181.254.68 41
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 223.181.254.68 296
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
28 1140 ::/0 2002:c058:6301::1
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:28f3:300d:204a:1bb/128
On-link
28 1040 2002::/16 On-link
28 296 2002:dfb5:fe44::dfb5:fe44/128
On-link
13 306 fe80::/64 On-link
13 306 fe80::28f3:300d:204a:1bb/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/18/2012 09:47:10 PM) (Source: ConnectifySvc) (User: )
Description: ConnectifySvc error: 1063StartServiceCtrlDispatcher failed.

Error: (08/17/2012 10:47:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 21.0.1180.79, time stamp: 0x5029ba4e
Faulting module name: chrome.dll, version: 21.0.1180.79, time stamp: 0x5029ba11
Exception code: 0xc0000005
Fault offset: 0x00002295
Faulting process id: 0x11d8
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (08/17/2012 09:59:01 PM) (Source: ConnectifySvc) (User: )
Description: ConnectifySvc error: 1063StartServiceCtrlDispatcher failed.

Error: (08/16/2012 10:37:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 21.0.1180.79, time stamp: 0x5029ba4e
Faulting module name: chrome.dll, version: 21.0.1180.79, time stamp: 0x5029ba11
Exception code: 0xc0000005
Fault offset: 0x00002295
Faulting process id: 0x1070
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (08/16/2012 10:11:06 PM) (Source: RasClient) (User: )
Description: CoId={64AB401D-610A-4628-A2D6-50BC0493011B}: The user ZAVIST\user dialed a connection named Airtel which has failed. The error code returned on failure is 619.

Error: (08/16/2012 10:02:23 PM) (Source: ConnectifySvc) (User: )
Description: ConnectifySvc error: 1063StartServiceCtrlDispatcher failed.

Error: (08/16/2012 00:45:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 12.0.0.4493, time stamp: 0x4f920759
Faulting module name: NPSWF32_11_3_300_270.dll_unloaded, version: 0.0.0.0, time stamp: 0x5019828e
Exception code: 0xc0000005
Fault offset: 0x6240ad23
Faulting process id: 0xc50
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (08/15/2012 10:13:01 PM) (Source: ConnectifySvc) (User: )
Description: ConnectifySvc error: 1063StartServiceCtrlDispatcher failed.

Error: (08/15/2012 09:46:15 PM) (Source: ConnectifySvc) (User: )
Description: ConnectifySvc error: 1063StartServiceCtrlDispatcher failed.

Error: (08/15/2012 08:33:41 PM) (Source: ConnectifySvc) (User: )
Description: ConnectifySvc error: 1063StartServiceCtrlDispatcher failed.


System errors:
=============
Error: (08/19/2012 10:45:23 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/19/2012 10:45:22 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/18/2012 09:48:18 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/17/2012 09:59:49 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/17/2012 09:59:48 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/16/2012 00:40:20 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/16/2012 00:25:54 AM) (Source: Service Control Manager) (User: )
Description: The Change Modem Device Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/15/2012 10:17:21 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/15/2012 09:58:41 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (08/15/2012 09:46:22 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Alps Touch Pad Driver
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.0)
ATI Catalyst Install Manager (Version: 3.0.750.0)
Bing Desktop (Version: 1.0.45.0)
Bonjour (Version: 3.0.0.10)
Browser Defender 3.0 (Version: 3.0.0.312)
Capitel Connect 2.2.8.3.2.102.2 (Version: 2.2.8.3.2.102.2)
CCleaner (Version: 2.34)
Chinese Simplified Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Chinese Traditional Fonts Support For Adobe Reader X (Version: 10.0.0)
Connectify (Version: 3.4.0.23678)
CyberLink YouCam (Version: 2.0.2519)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Toolbar (Version: 1.1.2.0185)
Dev-C++ 5 beta 9 release (4.9.9.2)
DigitalPersona Personal 4.10 (Version: 4.10.3787)
DivX Setup (Version: 2.6.1.5)
ENE CIR Receiver Driver (Version: 2.7.4.0)
ESET Online Scanner v3
Facebook Messenger 2.1.4590.0 (Version: 2.1.4590.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Feedback Tool (Version: 1.1.0)
Feedback Tool (Version: 1.2.0)
File Splitter and Joiner (FFSJ v3.3)
FileZilla Client 3.5.0 (Version: 3.5.0)
FormatFactory 2.95 (Version: 2.95)
Google Chrome (Version: 21.0.1180.79)
Google Earth (Version: 6.1.0.5001)
Google Talk (remove only)
Google Talk Plugin (Version: 3.4.2.8800)
Google Update Helper (Version: 1.3.21.115)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Integrated Module with Bluetooth wireless technology (Version: 6.2.0.9602)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP Product Detection (Version: 10.7.9.0)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
Huawei Access Manager (Version: UTPS_HWEC1260DT05)
IDT Audio (Version: 1.0.6249.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1986)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Matrix Storage Manager
Internet Download Manager
Java Auto Updater (Version: 2.0.7.1)
Java DB 10.5.3.0 (Version: 10.5.3.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ Platform, Micro Edition Software Development Kit 3.0
Java™ SE Development Kit 6 Update 20 (Version: 1.6.0.200)
Jpeg to Pdf Converter 3000 7.4
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Mega Codec Pack 3.9.0 (Version: 3.9.0)
LanSurfer 3.0
Lizardtech DjVu Control
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MATLAB R2010a (Version: 7.10)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET 2.0 AJAX Extensions 1.0 (Version: 1.0.61025)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.70.1104.04)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mobile Partner (Version: 11.302.09.01.539)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVC80_x86 (Version: 1.0.1.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 (Version: 8.10.316)
neroxml (Version: 1.0.0)
Node.js (Version: 0.8.4)
Nokia Connectivity Cable Driver (Version: 7.1.45.0)
Nokia PC Suite (Version: 7.1.62.1)
Notepad++ (Version: 5.9)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenAL
PC Connectivity Solution (Version: 11.5.29.0)
PC Tools Internet Security (Version: 8.0)
Pen Tablet (Version: 5.1.1.15)
Picasa 3 (Version: 3.8)
PingPlotter Standard 3.30.4s (Version: 3.30.4s)
Python 2.7.3 (Version: 2.7.3150)
QuickTime (Version: 7.71.80.42)
Rampant Logic Postscript Viewer 1.1
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0011)
Realtek USB2.0&PCIE Card Reader (Version: 2009.11.09)
RealUpgrade 1.1 (Version: 1.1.0)
Recover My Files (Version: 4.6.6.830)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
SPlayer
SpyHunter (Version: 4.9.12.4023)
System Requirements Lab for Intel (Version: 4.4.24.0)
TestFunda MBA Prep Courseware (Version: 1.0.0.11)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Validity Sensors DDK (Version: 3.1.374)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VCRedistSetup (Version: 1.0.0)
VLC media player 2.0.2 (Version: 2.0.2)
WinDjView 1.0.3 (Version: 1.0.3)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
Wireshark 1.4.1 (Version: 1.4.1)
WordWeb (Version: 6)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 2934.84 MB
Available physical RAM: 1117.26 MB
Total Pagefile: 5865.91 MB
Available Pagefile: 3366.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.57 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:72.51 GB) (Free:0.77 GB) NTFS
4 Drive f: (MOVIES) (Fixed) (Total:100.02 GB) (Free:0.82 GB) NTFS
5 Drive g: (PHUNDERDAYNMAINT) (Fixed) (Total:100.01 GB) (Free:2.87 GB) NTFS
6 Drive h: (MOOSIC) (Fixed) (Total:100.01 GB) (Free:20.28 GB) NTFS
7 Drive i: (ACADEMICS) (Fixed) (Total:68.06 GB) (Free:3.93 GB) NTFS

========================= Users: ========================================

User accounts for \\ZAVIST

Administrator Guest user


**** End of log ****


FSS
---

Farbar Service Scanner Version: 06-08-2012
Ran by user (administrator) on 19-08-2012 at 10:59:30
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
WAN connected
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Adware
------


# AdwCleaner v1.801 - Logfile created 08/19/2012 at 15:04:26
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : user - ZAVIST
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\adapter@babylontc.com
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

*************************

AdwCleaner[R1].txt - [3337 octets] - [19/08/2012 15:04:01]
AdwCleaner[S1].txt - [3332 octets] - [19/08/2012 15:04:26]

########## EOF - C:\AdwCleaner[S1].txt - [3460 octets] ##########

#5 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 19 August 2012 - 12:06 PM

AutoRuns
--------


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\apoint2k\apoint.exe"
+ "DpAgent" "DigitalPersona Local Agent" "DigitalPersona, Inc." "c:\program files\digitalpersona\bin\dpagent.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamgui.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
+ "UCam_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe"
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Facebook Messenger.lnk" "Facebook Messenger" "Facebook" "c:\users\user\appdata\local\facebook\messenger\2.1.4590.0\facebookmessenger.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "FFSJ" "" "" "c:\windows\system32\ffsj\ffsjshl.dll"
+ "FormatFactoryShell" "FormatFactory Shell Menu Module" "Free Time" "c:\program files\freetime\formatfactory\shellex_101.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero8\nero backitup\nbshell.dll"
+ "Notepad++" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files\notepad++\nppshell_04.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "FormatFactoryShell" "FormatFactory Shell Menu Module" "Free Time" "c:\program files\freetime\formatfactory\shellex_101.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files\filezilla ftp client\fzshellext.dll"
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
+ "Nokia" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 7\phonebrowser.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files\common files\nero\lib\nerodigitalext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero8\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero8\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DigitalPersona Personal Extension" "DigitalPersona OTS Feedback" "DigitalPersona, Inc." "c:\program files\digitalpersona\bin\dpotspluginie8.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "IDMIEHlprObj Class" "IDM BHO Module" "Tonec Inc." "c:\program files\internet download manager\idmiecc.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "PC Tools Browser Guard BHO" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\pctbrowserdefender.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "PC Tools Browser Guard" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\pctbrowserdefender.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Yahoo! Messenger" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files\yahoo!\messenger\yahoomessenger.exe"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\user\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\user\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000Core" "Google Installer" "Google Inc." "c:\users\user\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000UA" "Google Installer" "Google Inc." "c:\users\user\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "Input Personalization Server" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ink\inputpersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-1976758566-2561994529-1232566511-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1976758566-2561994529-1232566511-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "\RunAsStdUser Task" "" "" "c:\program files\matlab\r2010a\matlab r2010a.lnk"
+ "\SpyHunter4Startup" "SpyHunter4 application" "Enigma Software Group USA, LLC." "c:\program files\enigma software group\spyhunter\spyhunter4.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "Change Modem Device Service" "" "" "c:\windows\system32\chgservice.exe"
+ "Connectify" "Turns your computer into a WiFi hotspot" "" "c:\program files\connectify\connectifyservice.exe"
+ "DpHost" "Provides fingerprint authentication of account logon." "DigitalPersona, Inc." "c:\program files\digitalpersona\bin\dphostw.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files\intel\intel® management engine components\lms\lms.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "CACE Technologies, Inc." "c:\program files\winpcap\rpcapd.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SpyHunter 4 Service" "SpyHunter 4 Helper Service" "Enigma Software Group USA, LLC." "c:\program files\enigma software group\spyhunter\sh4service.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_94cb740f1febe83e\stacsv.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files\intel\intel® management engine components\uns\uns.exe"
+ "vcsFPService" "Validity Fingerprint Service" "Validity Sensors, Inc." "c:\windows\system32\vcsfpservice.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Qualcomm Atheros Extensible Wireless LAN device driver" "Qualcomm Atheros Communications, Inc." "c:\windows\system32\drivers\athr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt" "Widcomm Bluetooth USB Filter for Windows XP" "Broadcom Corporation." "c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "catchme" "" "" "File not found: C:\Users\user\AppData\Local\Temp\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cmnsusbser" "USB Modem/Serial Device Driver" "QUALCOMM Incorporated" "c:\windows\system32\drivers\cmnsusbser.sys"
+ "cnnctfy2" "Connectify LightWeight Filter" "Connectify" "c:\windows\system32\drivers\cnnctfy2.sys"
+ "cpudrv" "" "" "c:\program files\systemrequirementslab\cpudrv.sys"
+ "cpuz134" "" "" "File not found: C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "esgiguard" "" "" "c:\program files\enigma software group\spyhunter\esgiguard.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECI" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "hwdatacard" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbmdm.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcDAud" "Intel® Display HD Audio driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MpKsla7be5916" "" "" "File not found: C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D14B7AD1-5B89-457E-AB3A-81BE313378BD}\MpKsla7be5916.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys"
+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys"
+ "NPF" "npf.sys (NT5/6 x86) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfd.sys"
+ "PCTAppEvent" "PC Tools App Monitor Driver" "PC Tools" "c:\windows\system32\drivers\pctappevent.sys"
+ "PCTCore" "PC Tools KDS Core Driver" "PC Tools" "c:\windows\system32\drivers\pctcore.sys"
+ "pctDS" "PC Tools Data Store" "PC Tools" "c:\windows\system32\drivers\pctds.sys"
+ "pctEFA" "PC Tools Extended File Attributes" "PC Tools" "c:\windows\system32\drivers\pctefa.sys"
+ "PCTFW-PacketFilter" "PC Tools NDIS - Packet Filter" "PC Tools" "c:\windows\system32\drivers\pctndis-packetfilter.sys"
+ "pctgntdi" "PC Tools Generic TDI Driver" "PC Tools" "c:\windows\system32\drivers\pctgntdi.sys"
+ "pctNdis" "PC Tools NDIS Driver" "PC Tools" "c:\windows\system32\drivers\pctndis.sys"
+ "pctNdisMP" "PC Tools NDIS Driver" "PC Tools" "c:\windows\system32\drivers\pctndis.sys"
+ "pctplfw" "PC Tools FW Plugin Driver" "PC Tools" "c:\windows\system32\drivers\pctplfw.sys"
+ "pctplsg" "PC Tools SG Plugin Driver" "PC Tools" "c:\windows\system32\drivers\pctplsg.sys"
+ "PCTSD" "PC Tools SD Driver" "PC Tools" "c:\windows\system32\drivers\pctsd.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rt86win7.sys"
+ "RTSTOR" "" "" "File not found: system32\drivers\RTSTOR.SYS"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "TfFsMon" "ThreatFire Filesystem Monitor" "PC Tools" "c:\windows\system32\drivers\tffsmon.sys"
+ "TfNetMon" "ThreatFire Network Monitor" "PC Tools" "c:\windows\system32\drivers\tfnetmon.sys"
+ "TFSysMon" "ThreatFire System Monitor" "PC Tools" "c:\windows\system32\drivers\tfsysmon.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wacommousefilter" "Wacom Mouse Filter Driver" "Wacom Technology" "c:\windows\system32\drivers\wacommousefilter.sys"
+ "wacomvhid" "Virtual Hid Device" "Wacom Technology" "c:\windows\system32\drivers\wacomvhid.sys"
+ "WinRing0_1_2_0" "" "" "File not found: C:\Program Files\BatteryCare\WinRing0.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.CSM0" "" "" "File not found: CSMX.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\program files\splayer\ir50_32.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\program files\splayer\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\program files\splayer\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\program files\splayer\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\program files\splayer\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ac3filter.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\youcam\yctlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files\cyberlink\youcam\yctrack.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files\cyberlink\youcam\ycrgl.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files\cyberlink\youcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper (YouCam)" "CLWMVDum Dynamic Link Library" "" "c:\program files\cyberlink\youcam\ycwmvdump.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\avisynthplugins\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\avisynthplugins\vsfilter.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\divxdech264.ax"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero8\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero8\nero vision\nvdv.dll"
+ "Dxshow Oms Source" "mxshsour" "Collegesoft Co., Ltd." "c:\program files\splayer\csfcodec\mpc_mxshsour.dll"
+ "Emuzed AAC/AAC+ Decoder TFilter" "Emuzed AAC/AAC+ Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzaacdecfilter.dll"
+ "Emuzed AMR/3GPP/MP4/MP3 Multiplexer-Filter" "Emuzed MP4/3GP2/AMR/QCP Multiplexer/Sink Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdmp4muxfilter.dll"
+ "Emuzed AMR/QCP/3GPP/MP4/3G2 Source Filter" "Emuzed MP4/3GP2/AMR/QCP Source Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp4source.dll"
+ "Emuzed H264 Video Decoder-Filter" "Emuzed H.264 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdh264dectfilter.dll"
+ "Emuzed MP3 Source/Decoder Filter" "Emuzed MP3 Source/Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp3sourcefilter.dll"
+ "Emuzed MP4SP/H263 Video Decoder-Filter" "Emuzed MP4SP/H.263 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzdecmp4_h263.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\freetime\formatfactory\ffmodules\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\program files\splayer\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\program files\splayer\ir50_32.dll"
+ "MPC - Avi Source" "Avi Splitter" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\filters\avisplitter.ax"
+ "MPC - Avi Splitter" "Avi Splitter" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\filters\avisplitter.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\flvsplitter.ax"
+ "MPC - Matroska Source" "Matroska Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\matroskasplitter.ax"
+ "MPC - Matroska Splitter" "Matroska Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\matroskasplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - Video decoder" "H.264/VC-1 DXVA video decoder" "MPC HomeCinema" "c:\program files\freetime\formatfactory\ffmodules\filters\mpcvideodec.ax"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files\common files\nero\dsfilter\neaudio2.ax"
+ "NeAudioRender" "Nero Audio Renderer" "Nero AG" "c:\program files\common files\nero\dsfilter\neaudiorender.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files\common files\nero\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neaudcd.ax"
+ "Nero Audio Transcoder" "Audio Transcoding Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\netranscoder.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\nero\dsfilter\neavsync.ax"
+ "Nero Colorspace Converter" "Colorspace Converter" "Nero AG" "c:\program files\common files\nero\dsfilter\necolorspace.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nedeinterlace.ax"
+ "Nero Digital Audio Encoder 8" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\nero\dsfilter\nendaud.ax"
+ "Nero Digital File Writer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Muxer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Null Renderer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Subpicture Enc 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Video Enc 8" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\nero\dsfilter\nendvid.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\nero\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nedvd.ax"
+ "Nero Elementary Stream Parser" "Nero Elementary Stream Parser" "Nero AG" "c:\program files\common files\nero\dsfilter\neesparser.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\nero\dsfilter\nefilesourceasync.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neflvsplitter.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\nero\dsfilter\necapture.ax"
+ "Nero Framerate Converter" "Framerate Conversion DirectShow Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neframerate.ax"
+ "Nero HD Audio Mixer" "Nero Audio Mixer" "Nero AG" "c:\program files\common files\nero\dsfilter\nehdaudiomixer.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neoggsplitter.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\nero\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "PS Muxer Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\nero\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\nero\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neresize.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\nero\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\nero\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\nero\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\nero\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\nero\dsfilter\nesbe.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\nero\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Renderer & Mixer" "Nero AG" "c:\program files\common files\nero\dsfilter\nesubtitle.ax"
+ "Nero Teletext Decoder" "Teletext Decoder Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\neteletext.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nebdthumbnail.ax"
+ "Nero TS Muxer" "Nero Transport Stream Muxltiplexer" "Nero AG" "c:\program files\common files\nero\dsfilter\netsmuxer.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\nero\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\nero\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files\common files\nero\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\nero\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\nero\dsfilter\nevideorenderer.ax"
+ "NeroVobuGenerator" "Nero Vobu Generator" "Nero AG" "c:\program files\common files\nero\dsfilter\nerovobugenerator.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\nero\dsfilter\nesoundswitch.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files\cyberlink\youcam\ycevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "FingerProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "KioskProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "PswWrapProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "SCardWrapProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "ProvFilter Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "PCTOOLS CONTENT FILTER PROVIDER" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [RAW/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [RAW/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [TCP/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [TCP/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [UDP/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [UDP/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files\common files\pc tools\lsp\pctlsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "DPPWDFLT" "DPPwdFlt Module" "DigitalPersona, Inc." "c:\windows\system32\dppwdflt.dll"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:45 PM

Posted 21 August 2012 - 12:36 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 21 August 2012 - 10:25 AM

DeFogger
----------------------
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:04 on 21/08/2012 (user)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

---------------------------------------------------------------------------------------------------

SecurityCheck
-------------

Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Internet Security Anti-Virus
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
SpyHunter
Malwarebytes Anti-Malware version 1.62.0.1300
CCleaner
Java DB 10.5.3.0
Java™ 6 Update 31
Java™ SE Development Kit 6 Update 20
Java version out of Date!
Adobe Flash Player 11.3.300.271
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
Google Chrome 21.0.1180.75
Google Chrome 21.0.1180.79
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

------------------------------------------------------------------------------------------------

DDS
---

DDS.txt

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by user at 20:42:27 on 2012-08-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2935.1771 [GMT 5.5:30]
.
AV: Internet Security Anti-Virus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Internet Security Anti-Spyware *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
FW: Internet Security Firewall *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe
C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\ChgService.exe
C:\Program Files\Connectify\ConnectifyService.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Connectify\ConnectifyD.exe
C:\Windows\system32\conhost.exe
C:\xampp\mysql\bin\mysqld.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Notepad++\notepad++.exe
C:\Users\user\Downloads\SecurityCheck.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Defrag.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DigitalPersona Personal Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - c:\program files\digitalpersona\bin\DpOtsPluginIe8.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [DpAgent] c:\program files\digitalpersona\bin\dpagent.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\facebo~1.lnk - c:\users\user\appdata\local\facebook\messenger\2.1.4590.0\FacebookMessenger.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: Interfaces\{8B8C01B6-8837-471C-9421-0F4C30DB4CC9} : NameServer = 4.2.2.2 218.248.240.135
TCP: Interfaces\{8F92B2EB-E10E-4459-B922-A7FA4E4BFF67} : NameServer = 218.248.240.23 218.248.240.134
TCP: Interfaces\{B512DB5F-B8AB-4DA8-8196-DDD6CAF93846}\4456560716B675946494 : DhcpNameServer = 192.168.2.1 192.168.1.1
TCP: Interfaces\{C78CD15E-4324-4A89-B97F-E370DC2E3DE9} : NameServer = 203.145.160.5 203.145.160.6
TCP: Interfaces\{E64C0378-785F-47C6-900F-E0D658AB218F} : NameServer = 218.248.240.23 218.248.240.134
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli DPPWDFLT
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\zfmsot8e.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\user\appdata\local\facebook\messenger\2.1.4590.0\npFbDesktopPlugin.dll
FF - plugin: c:\users\user\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\user\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\users\user\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\user\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-6-21 263888]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-6-21 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-6-21 656320]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-6-28 51984]
R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-6-28 69392]
R1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\drivers\cnnctfy2.sys [2012-1-21 27248]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2011-6-21 251560]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2011-6-21 233976]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-28 63960]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_94cb740f1febe83e\AEstSrv.exe [2010-6-18 81920]
R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2012-3-30 151656]
R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2010-12-11 135168]
R2 Connectify;Connectify;c:\program files\connectify\ConnectifyService.exe [2012-5-3 65536]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-19 655944]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2011-6-21 160576]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2012-7-11 763840]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2010-7-14 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-1-7 1656112]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2010-6-18 59904]
R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-6-18 125056]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2009-9-26 200192]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-19 22344]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [2011-10-31 56536]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2010-6-18 150048]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-6 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-6-23 29472]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2010-3-19 105984]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-15 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-25 113120]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2011-10-31 89472]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [2011-10-31 56536]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2011-10-31 125504]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2011-6-21 70664]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-6-18 181792]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-6-28 33552]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-19 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-16 1343400]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2012-5-30 337872]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-1-25 92216]
S4 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168]
S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools security\pctsAuxs.exe [2011-6-21 371472]
S4 sdCoreService;PC Tools Security Service;c:\program files\pc tools security\pctsSvc.exe [2011-6-21 1117144]
S4 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2010-6-23 2792232]
S4 ThreatFire;ThreatFire;c:\program files\pc tools security\tfengine\tfservice.exe service --> c:\program files\pc tools security\tfengine\TFService.exe service [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-08-20 17:29:07 -------- d-----w- C:\apache-tomcat-6.0.24
2012-08-19 11:05:54 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-19 05:18:59 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2012-08-19 05:18:34 -------- d-----w- c:\programdata\Malwarebytes
2012-08-19 05:18:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-19 05:18:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-19 01:03:22 -------- d-----w- c:\program files\ESET
2012-08-18 16:41:52 -------- d-----w- c:\users\user\appdata\roaming\FFSJ
2012-08-16 16:48:14 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-08-16 16:48:14 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-08-15 16:02:04 -------- d-sh--w- C:\$RECYCLE.BIN
2012-08-15 16:02:01 -------- d-----w- c:\users\user\appdata\local\temp
2012-08-15 15:25:42 -------- d-----w- C:\ComboFix
2012-08-15 10:39:37 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{cc1f6da0-21d2-425a-b1b6-5b164a598450}\IconF7A21AF7.exe
2012-08-15 10:39:37 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{cc1f6da0-21d2-425a-b1b6-5b164a598450}\IconD7F16134.exe
2012-08-15 10:39:37 110080 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{cc1f6da0-21d2-425a-b1b6-5b164a598450}\IconCF33A0CE.exe
2012-08-15 10:39:35 -------- d-----w- C:\sh4ldr
2012-08-15 10:39:35 -------- d-----w- c:\program files\Enigma Software Group
2012-08-15 10:38:57 -------- d-----w- c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP
2012-08-15 10:38:54 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2012-08-15 10:17:08 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 10:17:06 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 10:17:05 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 10:17:05 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 10:16:56 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 10:16:56 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 10:16:55 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 09:31:04 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-12 08:13:46 98816 ----a-w- c:\windows\sed.exe
2012-08-12 08:13:46 518144 ----a-w- c:\windows\SWREG.exe
2012-08-12 08:13:46 256000 ----a-w- c:\windows\PEV.exe
2012-08-12 08:13:46 208896 ----a-w- c:\windows\MBR.exe
2012-08-04 14:51:40 147456 --sha-r- c:\windows\system32\fvenotifyz.dll
2012-07-29 17:02:03 -------- d-----w- c:\users\user\appdata\roaming\npm
2012-07-29 17:02:03 -------- d-----w- c:\program files\nodejs
2012-07-27 20:51:30 184248 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-07-27 20:51:30 184248 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-07-23 15:27:37 -------- d-----w- c:\users\user\appdata\local\Eclipse
.
==================== Find3M ====================
.
2012-08-16 18:31:40 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-16 18:31:40 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-16 18:31:39 9826504 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-20 04:13:02 2957312 ----a-w- c:\windows\system32\drivers\athr.sys
2012-06-06 15:29:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 09:49:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 09:42:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2010-10-29 12:33:22 44 ---h--w- c:\program files\8d24c9fb.tmp
2006-05-04 03:17:54 506368 ----a-w- c:\program files\WinDjView-0.4.1.exe
.
============= FINISH: 20:43:51.74 ===============


Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 18-06-2010 6:22:36 PM
System Uptime: 21-08-2012 8:06:59 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 140A
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz | CPU | 1314/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 73 GiB total, 1.018 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 100 GiB total, 0.825 GiB free.
G: is FIXED (NTFS) - 100 GiB total, 2.868 GiB free.
H: is FIXED (NTFS) - 100 GiB total, 20.284 GiB free.
I: is FIXED (NTFS) - 68 GiB total, 3.893 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsla7be5916
Device ID: ROOT\LEGACY_MPKSLA7BE5916\0000
Manufacturer:
Name: MpKsla7be5916
PNP Device ID: ROOT\LEGACY_MPKSLA7BE5916\0000
Service: MpKsla7be5916
.
==== System Restore Points ===================
.
RP478: 11-08-2012 8:20:38 PM - ComboFix created restore point
RP479: 12-08-2012 2:03:47 PM - Windows Update
RP480: 15-08-2012 3:00:21 PM - Windows Update
RP481: 15-08-2012 4:09:01 PM - Installed SpyHunter
RP482: 15-08-2012 10:07:22 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.5
Alps Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
ATI Catalyst Install Manager
Bing Desktop
Bonjour
Browser Defender 3.0
Capitel Connect 2.2.8.3.2.102.2
CCleaner
Chinese Simplified Fonts Support For Adobe Reader 9
Chinese Traditional Fonts Support For Adobe Reader X
Connectify
CyberLink YouCam
D3DX10
DAEMON Tools Toolbar
Dev-C++ 5 beta 9 release (4.9.9.2)
DigitalPersona Personal 4.10
DivX Setup
ENE CIR Receiver Driver
ESET Online Scanner v3
Facebook Messenger 2.1.4590.0
Facebook Video Calling 1.2.0.159
Feedback Tool
File Splitter and Joiner (FFSJ v3.3)
FileZilla Client 3.5.0
FormatFactory 2.95
Google Chrome
Google Earth
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
HP 3D DriveGuard
HP Integrated Module with Bluetooth wireless technology
HP MediaSmart Software Notebook Demo
HP Product Detection
HPAsset component for HP Active Support Library
Huawei Access Manager
IDT Audio
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Matrix Storage Manager
Internet Download Manager
Java Auto Updater
Java DB 10.5.3.0
Java™ 6 Update 31
Java™ Platform, Micro Edition Software Development Kit 3.0
Java™ SE Development Kit 6 Update 20
Jpeg to Pdf Converter 3000 7.4
Junk Mail filter update
K-Lite Mega Codec Pack 3.9.0
LanSurfer 3.0
Lizardtech DjVu Control
Malwarebytes Anti-Malware version 1.62.0.1300
MATLAB R2010a
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft ASP.NET 2.0 AJAX Extensions 1.0
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XML Parser
Microsoft_VC100_CRT_SP1_x86
Mobile Partner
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8
neroxml
Node.js
Nokia Connectivity Cable Driver
Nokia PC Suite
Notepad++
OGA Notifier 2.0.0048.0
OpenAL
PC Connectivity Solution
PC Tools Internet Security
Pen Tablet
Picasa 3
PingPlotter Standard 3.30.4s
Python 2.7.3
QuickTime
Rampant Logic Postscript Viewer 1.1
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek Ethernet Controller Driver For Windows Vista and Later
Realtek USB2.0&PCIE Card Reader
RealUpgrade 1.1
Recover My Files
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype Toolbars
Skype™ 4.2
Spelling Dictionaries Support For Adobe Reader 9
SPlayer
SpyHunter
System Requirements Lab for Intel
TestFunda MBA Prep Courseware
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Validity Sensors DDK
VC80CRTRedist - 8.0.50727.6195
VCRedistSetup
VLC media player 2.0.2
WinDjView 1.0.3
Windows Driver Package - Nokia Modem (02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Windows Mobile Device Center
Windows Mobile Device Center Driver Update
WinPcap 4.1.2
WinRAR archiver
Wireshark 1.4.1
WordWeb
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
21-08-2012 8:10:07 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
20-08-2012 8:57:57 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
20-08-2012 10:58:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
20-08-2012 10:39:05 PM, Error: NetBT [4311] - Initialization failed because the driver device could not be created. Use the string "227BCB22F6E3" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name.
16-08-2012 12:25:54 AM, Error: Service Control Manager [7034] - The Change Modem Device Service service terminated unexpectedly. It has done this 1 time(s).
15-08-2012 9:29:04 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
15-08-2012 9:26:38 PM, Error: Service Control Manager [7031] - The Connectify service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
15-08-2012 9:17:50 PM, Error: Service Control Manager [7031] - The Connectify service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
15-08-2012 9:03:23 PM, Error: Service Control Manager [7031] - The Connectify service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
15-08-2012 8:57:26 PM, Error: Service Control Manager [7031] - The Connectify service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
15-08-2012 8:49:29 PM, Error: Service Control Manager [7034] - The SpyHunter 4 Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:45 PM

Posted 21 August 2012 - 12:57 PM

Hello Varun Muralidharan

here is what i want you to do next.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 23 August 2012 - 11:50 AM

ComboFix had a really good effect on my computer. The problem, though still remains the same. It was temporarily fixed, I could turn on the security center and also open Microsoft Security Essentials. I had updated MSE to the latest of versions and scanned for the infections. It had bunch of Sality Virus, autorun.inf was present and some more which I do not remember. I had removed all of them but unfortunately did not note down the types of virus present.
I had not check whether the search pages still redirect as well. :(

I would also like to inform you that the virus were mostly located at L:\ drive which I do not have. I am using USB internet, so I doubt if that is considered as L:\. I am not too sure on this.

After I had restarted my computer, it again had the same problems, unable to turn on security center, to open MSE and the redirects still exists.

I am posting the log of ComboFix here.

Combofix
-----------------------

ComboFix 12-08-22.01 - user 22-08-2012 22:34:09.7.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2935.1888 [GMT 5.5:30]
Running from: c:\users\user\Downloads\ComboFix.exe
AV: Internet Security Anti-Virus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
FW: Internet Security Firewall *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Internet Security Anti-Spyware *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\AppData\Roaming\FFSJ
c:\users\user\AppData\Roaming\FFSJ\FFSJ.cfg
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-22 to 2012-08-22 )))))))))))))))))))))))))))))))
.
.
2012-08-22 17:36 . 2012-08-22 17:36 -------- d-----w- c:\users\user\AppData\Local\temp
2012-08-22 17:36 . 2012-08-22 17:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-20 17:29 . 2012-08-20 17:29 -------- d-----w- C:\apache-tomcat-6.0.24
2012-08-19 11:05 . 2012-08-19 11:06 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-19 05:18 . 2012-08-19 05:18 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2012-08-19 05:18 . 2012-08-19 05:18 -------- d-----w- c:\programdata\Malwarebytes
2012-08-19 05:18 . 2012-08-19 05:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-19 05:18 . 2012-07-03 08:16 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-19 01:03 . 2012-08-19 01:03 -------- d-----w- c:\program files\ESET
2012-08-16 16:48 . 2012-08-16 16:48 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-08-16 16:48 . 2012-08-16 16:48 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-08-15 10:39 . 2012-08-15 10:39 110080 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{CC1F6DA0-21D2-425A-B1B6-5B164A598450}\IconF7A21AF7.exe
2012-08-15 10:39 . 2012-08-15 10:39 110080 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{CC1F6DA0-21D2-425A-B1B6-5B164A598450}\IconD7F16134.exe
2012-08-15 10:39 . 2012-08-15 10:39 110080 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{CC1F6DA0-21D2-425A-B1B6-5B164A598450}\IconCF33A0CE.exe
2012-08-15 10:39 . 2012-08-15 10:39 -------- d-----w- C:\sh4ldr
2012-08-15 10:39 . 2012-08-15 10:39 -------- d-----w- c:\program files\Enigma Software Group
2012-08-15 10:38 . 2012-08-15 10:39 -------- d-----w- c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP
2012-08-15 10:38 . 2012-08-15 10:38 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-08-15 10:17 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 10:17 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 10:17 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 10:17 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 10:16 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 10:16 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 10:16 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 09:31 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-04 14:51 . 2012-08-04 14:51 147456 --sha-r- c:\windows\system32\fvenotifyz.dll
2012-07-29 17:02 . 2012-07-29 17:02 -------- d-----w- c:\program files\nodejs
2012-07-29 17:02 . 2012-07-29 17:02 -------- d-----w- c:\users\user\AppData\Roaming\npm
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 18:31 . 2012-04-05 18:40 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-16 18:31 . 2011-05-16 05:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-20 04:13 . 2012-06-20 04:13 2957312 ----a-w- c:\windows\system32\drivers\athr.sys
2012-06-06 15:29 . 2012-06-06 15:29 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05 . 2012-07-12 12:51 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05 . 2012-07-12 12:51 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03 . 2012-07-12 12:45 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:19 . 2012-06-25 22:51 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-25 22:51 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-25 22:51 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-25 22:51 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-25 22:51 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-25 22:51 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-25 22:51 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 09:49 . 2012-06-25 22:51 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 09:42 . 2012-06-25 22:51 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:45 . 2012-07-12 13:26 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45 . 2012-07-12 13:26 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40 . 2012-07-12 13:26 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40 . 2012-07-12 13:26 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39 . 2012-07-12 13:26 219136 ----a-w- c:\windows\system32\ncrypt.dll
2010-10-29 12:33 . 2010-10-31 00:33 44 ---h--w- c:\program files\8d24c9fb.tmp
2006-05-04 03:17 . 2010-06-23 17:39 506368 ----a-w- c:\program files\WinDjView-0.4.1.exe
2012-08-16 16:48 . 2011-04-11 11:39 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-10-21 495708]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-15 282624]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-07-01 842816]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-12 175128]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-12 166936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-12-29 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 01:52 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-10-23 08:48 202024 ----a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop]
2012-03-30 09:11 1858152 ----a-w- c:\program files\Microsoft\BingDesktop\BingDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
2012-05-02 21:05 4116296 ----a-w- c:\program files\Connectify\Connectify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-14 12:12 138096 ----atw- c:\users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-17 14:17 136176 ----atw- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-11-21 02:11 3289088 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 13:06 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2010-11-01 16:39 3118512 ----a-w- c:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-09-20 03:21 1836328 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 09:27 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 09:51 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTools FGuard]
2011-05-20 06:14 247760 ----a-w- c:\program files\PC Tools Security\BDT\FGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 08:58 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 10:42 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-12-29 08:09 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WordWeb]
2009-11-08 17:48 65216 ------w- c:\program files\WordWeb\wweb32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
2006-06-20 10:32 4538368 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
R1 MpKsla7be5916;MpKsla7be5916;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D14B7AD1-5B89-457E-AB3A-81BE313378BD}\MpKsla7be5916.sys [x]
R2 Change Modem Device Service;Change Modem Device Service;c:\windows\System32\ChgService.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 cpuz134;cpuz134;c:\program files\CPUID\PC Wizard 2010\pcwiz_x32.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [x]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [x]
R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [x]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\BatteryCare\WinRing0.sys [x]
R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [x]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R4 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
R4 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R4 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
R4 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [x]
R4 ThreatFire;ThreatFire;c:\program files\PC Tools Security\TFEngine\TFService.exe service [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 18:31]
.
2012-08-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000Core.job
- c:\users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-02 12:12]
.
2012-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000UA.job
- c:\users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-02 12:12]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 13:51]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 13:51]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 14:17]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1976758566-2561994529-1232566511-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 14:17]
.
2012-08-22 c:\windows\Tasks\UUXSOGU.job
- c:\windows\system32\fvenotifyz.dll [2012-08-04 14:51]
.
.
------- Supplementary Scan -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: Interfaces\{8B8C01B6-8837-471C-9421-0F4C30DB4CC9}: NameServer = 4.2.2.2 218.248.240.135
TCP: Interfaces\{8F92B2EB-E10E-4459-B922-A7FA4E4BFF67}: NameServer = 218.248.240.23 218.248.240.134
TCP: Interfaces\{E64C0378-785F-47C6-900F-E0D658AB218F}: NameServer = 218.248.240.23 218.248.240.134
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zfmsot8e.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-05713086.sys
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1976758566-2561994529-1232566511-1000_Classes\CLSID\{6fdbc46d-4a15-43c9-9b8f-8e86e9185414}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000130
"Therad"=dword:00000014
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1976758566-2561994529-1232566511-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):f9,d7,07,4c,3c,0f,d6,e5,09,17,d3,05,fa,dc,fa,af,ef,d5,90,00,0b,
7e,25,f5,76,83,40,c5,a2,3b,e6,e1,d8,51,89,d2,03,af,18,bf,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(632)
c:\windows\system32\DPPWDFLT.DLL
.
Completion time: 2012-08-22 23:10:12
ComboFix-quarantined-files.txt 2012-08-22 17:40
ComboFix2.txt 2012-08-15 16:01
ComboFix3.txt 2012-08-12 08:20
ComboFix4.txt 2012-08-11 15:13
ComboFix5.txt 2012-08-22 17:02
.
Pre-Run: 1,621,102,592 bytes free
Post-Run: 988,868,608 bytes free
.
- - End Of File - - 22AB0ECCDE1D456D6C8EB8ED97171DC9

#10 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 23 August 2012 - 11:55 AM

I was also unable to scroll(through touch pad scroll) after the combofix finished its execution. Well that is not a serious issue, just thought of informing you:-P

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:45 PM

Posted 23 August 2012 - 12:07 PM

Hello

download Farbar Recovery Scan Tool and save it to a flash drive.


Plug the flash drive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.

[*]First Press the Scan button.
[*]It will make a log (FRST.txt)

[*]Second Type the following in the edit box after "Search:". services.exe
[*]Click the Search button
[*]It will make a log (Search.txt)
[/list]
I want you to poste Both the FRST.txt report and the Search.txt into your reply to me

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:45 PM

Posted 23 August 2012 - 12:09 PM

--Run RogueKiller--

  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator" to start
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Varun Muralidharan

Varun Muralidharan
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 24 August 2012 - 12:15 PM

I would like to know whether if running these Programs is safe? I have a lot of data here which I have not backed it up. I do not want to lose this data by any chance.
Waiting for your confirmation..
Can You Provide the installation file for rogue killer as well..
Thanks

--Varun

Edited by Varun Muralidharan, 24 August 2012 - 12:16 PM.


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:45 PM

Posted 24 August 2012 - 02:32 PM

Greetings

There is always a risk of something unforeseeable happening, it is always a good idea to have backed up anything that cannot be replaced


sorry about the roguekiller instructions this is the one you need to follow at this time and it will only scan the computer


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:45 PM

Posted 26 August 2012 - 11:46 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users