Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suddenly adware on all b rowsers, redirects and all - WHAT A MESS!


  • This topic is locked This topic is locked
3 replies to this topic

#1 elbarney

elbarney

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 16 November 2014 - 05:19 PM

I hope I'm posting in the right place - if not I assume someone will let me know. 

 

 

---

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.71.2
Run by Evelyn at 17:15:43 on 2014-11-16
#Option Extended Search is enabled.
#Option Whitelisting is disabled.
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8191.4723 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\CISVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVDA\nvda_service.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\system32\svchost.exe -k imgsvc
J:\Utorrent\uTorrent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Users\Evelyn\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files (x86)\Stickies\stickies.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Windows\system32\atwtusb.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe
C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uLocal Page = C:\Windows\System32\blank.htm
uSearch Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
mStart Page = about:blank
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
mCustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
uURLSearchHooks: Microsoft Url Search Hook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
mWinlogon: Shell = Explorer.exe
mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
mWinlogon: SFCDisable = dword:0
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [uTorrent] "J:\Utorrent\uTorrent.exe"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "J:\QuickTime\QTTask.exe" -atboottime
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Evelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Evelyn\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Evelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
StartupFolder: C:\Users\Evelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Stickies.lnk - C:\Program Files (x86)\Stickies\stickies.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableLUA = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: dontdisplaylastusername = dword:0
mPolicies-System: scforceoption = dword:0
mPolicies-System: shutdownwithoutlogon = dword:1
mPolicies-System: undockwithoutlogon = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:2
mPolicies-System: PromptOnSecureDesktop = dword:1
mPolicies-System: DisableRegistryTools = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoShellSearchButton = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoTrayItemsDisplay = dword:0
mPolicies-Explorer: NoSetFolders = dword:0
mPolicies-Explorer: NoClose = dword:0
mPolicies-Explorer: NoSetTaskbar = dword:0
mPolicies-Explorer: NoDeletePrinter = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoChangeStartMenu = dword:0
mPolicies-Explorer: NoLogoff = dword:0
mPolicies-Explorer: StartMenuLogoff = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveSearch = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoSaveSettings = dword:0
mPolicies-Explorer: NoHardwareTab = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoActiveDesktopChanges = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {24187A0F-0FDD-411b-80C6-F1F22F2ED10E} - {7FAD4718-729A-4fea-AA4B-EC340A7C0841} - C:\Program Files (x86)\UltraRecall\Integration\IEToolbar.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - J:\WinHTTrack\WinHTTrackIEBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {FD1FF307-68BC-462f-8718-AAEDB6DB7EA2} - {60D7C798-8979-4560-AF4C-2FADE1075EF7} - C:\Program Files (x86)\UltraRecall\Integration\IEToolbar.dll
LSP: %SystemRoot%\system32\mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8FE6B52D-B9D5-49B9-B139-722FF7DEDE99}\546724 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8FE6B52D-B9D5-49B9-B139-722FF7DEDE99}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{A6888C76-DB31-416F-B195-22C3AADA9494} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - <orphaned>
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll
SecurityProviders: SecurityProviders = credssp.dll
LSA: Authentication Packages =  msv1_0
LSA: Notification Packages =  scecli
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livessp
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 winsrv:ConServerDllInitialization,2 sxssrv,4
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
x64-mStart Page = about:blank
x64-mLocal Page = C:\Windows\System32\blank.htm
x64-mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
x64-mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mSearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
x64-mCustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
x64-mWinlogon: Shell = Explorer.exe
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
x64-mWinlogon: SFCDisable = dword:0
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
x64-Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
x64-Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll
x64-Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
x64-Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
x64-Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll
x64-mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
x64-mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
x64-mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Evelyn\AppData\Roaming\Mozilla\Firefox\Profiles\5bisc8p3.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 ACPI;Microsoft ACPI Driver;C:\Windows\System32\drivers\acpi.sys [2011-6-8 334208]
R0 amdsata;amdsata;C:\Windows\System32\drivers\amdsata.sys [2010-2-5 70712]
R0 amdxata;amdxata;C:\Windows\System32\drivers\amdxata.sys [2010-2-5 28728]
R0 atapi;IDE Channel;C:\Windows\System32\drivers\atapi.sys [2009-7-13 24128]
R0 CLFS;Common Log (CLFS);C:\Windows\System32\clfs.sys [2009-7-13 367696]
R0 CNG;CNG;C:\Windows\System32\drivers\cng.sys [2014-2-13 458712]
R0 Disk;Disk Driver;C:\Windows\System32\drivers\disk.sys [2009-7-13 73280]
R0 FileInfo;File Information FS MiniFilter;C:\Windows\System32\drivers\fileinfo.sys [2009-7-13 70224]
R0 FltMgr;FltMgr;C:\Windows\System32\drivers\fltMgr.sys [2011-6-8 289664]
R0 fvevol;Bitlocker Drive Encryption Filter Driver;C:\Windows\System32\drivers\fvevol.sys [2013-4-10 223752]
R0 hwpolicy;Hardware Policy Driver;C:\Windows\System32\drivers\hwpolicy.sys [2011-6-8 14720]
R0 KSecDD;KSecDD;C:\Windows\System32\drivers\ksecdd.sys [2014-5-14 95680]
R0 KSecPkg;KSecPkg;C:\Windows\System32\drivers\ksecpkg.sys [2014-11-12 155064]
R0 mountmgr;Mount Point Manager;C:\Windows\System32\drivers\mountmgr.sys [2011-6-8 94592]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 msahci;msahci;C:\Windows\System32\drivers\msahci.sys [2011-6-8 31104]
R0 msisadrv;msisadrv;C:\Windows\System32\drivers\msisadrv.sys [2009-7-13 15424]
R0 Mup;Mup;C:\Windows\System32\drivers\mup.sys [2009-7-13 60496]
R0 NDIS;NDIS System Driver;C:\Windows\System32\drivers\ndis.sys [2012-9-11 950128]
R0 partmgr;Partition Manager;C:\Windows\System32\drivers\partmgr.sys [2012-5-9 75120]
R0 pci;PCI Bus Driver;C:\Windows\System32\drivers\pci.sys [2011-6-8 184704]
R0 pcw;Performance Counters for Windows Driver;C:\Windows\System32\drivers\pcw.sys [2009-7-13 50768]
R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2011-6-8 213888]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2011-12-27 17720]
R0 spldr;Security Processor Loader Driver;C:\Windows\System32\drivers\spldr.sys [2009-7-13 19008]
R0 Tcpip;TCP/IP Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2014-6-10 1903552]
R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;C:\Windows\System32\drivers\vdrvroot.sys [2009-7-13 36432]
R0 volmgr;Volume Manager Driver;C:\Windows\System32\drivers\volmgr.sys [2011-6-8 71552]
R0 volmgrx;Dynamic Volume Manager;C:\Windows\System32\drivers\volmgrx.sys [2011-6-8 363392]
R0 volsnap;Storage volumes;C:\Windows\System32\drivers\volsnap.sys [2011-6-8 295808]
R0 Wdf01000;Kernel Mode Driver Frameworks service;C:\Windows\System32\drivers\Wdf01000.sys [2014-2-13 785624]
R1 AFD;Ancillary Function Driver for Winsock;C:\Windows\System32\drivers\afd.sys [2014-7-8 497152]
R1 Beep;Beep;C:\Windows\System32\drivers\beep.sys [2009-7-13 6656]
R1 blbdrive;blbdrive;C:\Windows\System32\drivers\blbdrive.sys [2009-7-13 45056]
R1 cdrom;CD-ROM Driver;C:\Windows\System32\drivers\cdrom.sys [2011-6-8 147456]
R1 DfsC;DFS Namespace Client Driver;C:\Windows\System32\drivers\dfsc.sys [2011-6-8 102400]
R1 discache;System Attribute Cache;C:\Windows\System32\drivers\discache.sys [2009-7-13 40448]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-26 283200]
R1 Msfs;Msfs;C:\Windows\System32\drivers\msfs.sys [2009-7-13 26112]
R1 mssmbios;Microsoft System Management BIOS Driver;C:\Windows\System32\drivers\mssmbios.sys [2009-7-13 32320]
R1 NetBIOS;NetBIOS Interface;C:\Windows\System32\drivers\netbios.sys [2009-7-13 44544]
R1 NetBT;NetBT;C:\Windows\System32\drivers\netbt.sys [2011-6-8 261632]
R1 Npfs;Npfs;C:\Windows\System32\drivers\npfs.sys [2009-7-13 44032]
R1 nsiproxy;NSI proxy service driver.;C:\Windows\System32\drivers\nsiproxy.sys [2009-7-13 24576]
R1 Null;Null;C:\Windows\System32\drivers\null.sys [2009-7-13 6144]
R1 Psched;QoS Packet Scheduler;C:\Windows\System32\drivers\pacer.sys [2011-6-8 131584]
R1 rdbss;Redirected Buffering Sub Sysytem;C:\Windows\System32\drivers\rdbss.sys [2011-6-8 309248]
R1 RDPCDD;RDPCDD;C:\Windows\System32\drivers\RDPCDD.sys [2009-7-13 7680]
R1 RDPENCDD;RDP Encoder Mirror Driver;C:\Windows\System32\drivers\RDPENCDD.sys [2009-7-13 7680]
R1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;C:\Windows\System32\drivers\RDPREFMP.sys [2009-7-13 8192]
R1 tdx;NetIO Legacy TDI Support Driver;C:\Windows\System32\drivers\tdx.sys [2011-6-8 119296]
R1 TermDD;Terminal Device Driver;C:\Windows\System32\drivers\termdd.sys [2011-6-8 63360]
R1 VgaSave;VgaSave;C:\Windows\System32\drivers\vga.sys [2009-7-13 29184]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;C:\Windows\System32\drivers\wanarp.sys [2011-6-8 88576]
R1 WfpLwf;WFP Lightweight Filter;C:\Windows\System32\drivers\wfplwf.sys [2009-7-13 12800]
R1 ws2ifsl;Winsock IFS Driver;C:\Windows\System32\drivers\ws2ifsl.sys [2009-7-13 21504]
R2 adfs;adfs;C:\Windows\System32\drivers\adfs.sys [2008-6-27 88632]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-9-4 64704]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-5 237056]
R2 Apple Mobile Device;Apple Mobile Device;C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 AudioSrv;Windows Audio;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 BFE;Base Filtering Engine;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 CISVC;Indexing Service;C:\Windows\System32\CISVC.EXE [2009-7-13 19456]
R2 CryptSvc;Cryptographic Services;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 DcomLaunch;DCOM Server Process Launcher;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 Dhcp;DHCP Client;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 Dnscache;DNS Client;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 DPS;Diagnostic Policy Service;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 EFS;Encrypting File System (EFS);C:\Windows\System32\lsass.exe [2014-5-14 31232]
R2 eventlog;Windows Event Log;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 EventSystem;COM+ Event System;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 FDResPub;Function Discovery Resource Publication;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 gpsvc;Group Policy Client;C:\Windows\System32\svchost.exe -k GPSvcGroup [2009-7-13 27136]
R2 iphlpsvc;IP Helper;C:\Windows\System32\svchost.exe -k NetSvcs [2009-7-13 27136]
R2 LanmanServer;Server;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 LanmanWorkstation;Workstation;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [2014-10-15 707888]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\Windows\System32\drivers\lltdio.sys [2009-7-13 60928]
R2 lmhosts;TCP/IP NetBIOS Helper;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 luafv;UAC File Virtualization;C:\Windows\System32\drivers\luafv.sys [2009-7-13 113152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-16 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-16 968504]
R2 MMCSS;Multimedia Class Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 MpsSvc;Windows Firewall;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 MsMpSvc;Microsoft Antimalware Service;C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-8-22 23784]
R2 NlaSvc;Network Location Awareness;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 nsi;Network Store Interface Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 nvda;nvda;C:\Program Files (x86)\NVDA\nvda_service.exe [2011-8-5 37616]
R2 PcaSvc;Program Compatibility Assistant Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-8 144672]
R2 PEAUTH;PEAUTH;C:\Windows\System32\drivers\PEAuth.sys [2014-10-14 663552]
R2 PlugPlay;Plug and Play;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 Power;Power;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 ProfSvc;User Profile Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-6-10 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-8-3 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-6-10 23552]
R2 RpcEptMapper;RPC Endpoint Mapper;C:\Windows\System32\svchost.exe -k RPCSS [2009-7-13 27136]
R2 RpcSs;Remote Procedure Call (RPC);C:\Windows\System32\svchost.exe -k rpcss [2009-7-13 27136]
R2 rspndr;Link-Layer Topology Discovery Responder;C:\Windows\System32\drivers\rspndr.sys [2009-7-13 76800]
R2 SamSs;Security Accounts Manager;C:\Windows\System32\lsass.exe [2014-5-14 31232]
R2 SbieSvc;Sandboxie Service;C:\Program Files\Sandboxie\SbieSvc.exe [2011-3-24 95976]
R2 Schedule;Task Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 secdrv;Security Driver;C:\Windows\System32\drivers\secdrv.sys [2009-7-13 23040]
R2 seclogon;Secondary Logon;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 SENS;System Event Notification Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 ShellHWDetection;Shell Hardware Detection;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 Spooler;Print Spooler;C:\Windows\System32\spoolsv.exe [2012-8-15 559104]
R2 stisvc;Windows Image Acquisition (WIA);C:\Windows\System32\svchost.exe -k imgsvc [2009-7-13 27136]
R2 SysMain;Superfetch;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 TabletInputService;Tablet PC Input Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\System32\drivers\tcpipreg.sys [2012-11-14 45568]
R2 Themes;Themes;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 TrkWks;Distributed Link Tracking Client;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 UxSms;Desktop Window Manager Session Manager;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 Winmgmt;Windows Management Instrumentation;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 Wlansvc;WLAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-3-28 2292096]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service;C:\Program Files\Windows Media Player\wmpnetwk.exe [2011-6-8 1525248]
R2 wscsvc;Security Center;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 WSearch;Windows Search;C:\Windows\System32\SearchIndexer.exe [2011-6-28 591872]
R2 WTService;WTService;C:\Windows\System32\atwtusb.exe -s --> C:\Windows\System32\atwtusb.exe -s [?]
R2 wuauserv;Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 AeLookupSvc;Application Experience;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-4-26 11172864]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-4-26 339456]
R3 AmdPPM;AMD Processor Driver;C:\Windows\System32\drivers\amdppm.sys [2009-7-13 60928]
R3 Appinfo;Application Information;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 bowser;Browser Support Driver;C:\Windows\System32\drivers\bowser.sys [2011-5-15 90624]
R3 Browser;Computer Browser;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-2-21 266240]
R3 CompositeBus;Composite Bus Enumerator Driver;C:\Windows\System32\drivers\CompositeBus.sys [2011-6-8 38912]
R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\System32\drivers\dxgkrnl.sys [2014-8-14 985536]
R3 EapHost;Extensible Authentication Protocol;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 fdPHost;Function Discovery Provider Host;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\HdAudio.sys [2011-6-8 350208]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio;C:\Windows\System32\drivers\hdaudbus.sys [2011-6-8 122368]
R3 hidserv;Human Interface Device Access;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 HidUsb;Microsoft HID Class Driver;C:\Windows\System32\drivers\hidusb.sys [2011-6-8 30208]
R3 HomeGroupListener;HomeGroup Listener;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 HomeGroupProvider;HomeGroup Provider;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R3 HTTP;HTTP;C:\Windows\System32\drivers\http.sys [2011-6-8 753664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM);C:\Windows\System32\drivers\RTKVHD64.sys [2011-5-14 2826984]
R3 kbdclass;Keyboard Class Driver;C:\Windows\System32\drivers\kbdclass.sys [2009-7-13 50768]
R3 kbdhid;Keyboard HID Driver;C:\Windows\System32\drivers\kbdhid.sys [2011-6-8 33280]
R3 KeyIso;CNG Key Isolation;C:\Windows\System32\lsass.exe [2014-5-14 31232]
R3 ksthunk;Kernel Streaming Thunks;C:\Windows\System32\drivers\ksthunk.sys [2009-7-13 20992]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-16 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-2-14 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-16 63704]
R3 monitor;Microsoft Monitor Class Function Driver Service;C:\Windows\System32\drivers\monitor.sys [2009-7-13 30208]
R3 mouclass;Mouse Class Driver;C:\Windows\System32\drivers\mouclass.sys [2009-7-13 49216]
R3 moufiltr;Tablet Mouse Filter Driver;C:\Windows\System32\drivers\moufiltr.sys [2012-2-3 7680]
R3 mouhid;Mouse HID Driver;C:\Windows\System32\drivers\mouhid.sys [2009-7-13 31232]
R3 mpsdrv;Windows Firewall Authorization Driver;C:\Windows\System32\drivers\mpsdrv.sys [2009-7-13 77312]
R3 mrxsmb;SMB MiniRedirector Wrapper and Engine;C:\Windows\System32\drivers\mrxsmb.sys [2011-6-16 158208]
R3 mrxsmb10;SMB 1.x MiniRedirector;C:\Windows\System32\drivers\mrxsmb10.sys [2011-8-10 288768]
R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\Windows\System32\drivers\mrxsmb20.sys [2011-6-16 128000]
R3 NativeWifiP;NativeWiFi Filter;C:\Windows\System32\drivers\nwifi.sys [2009-7-13 318976]
R3 NdisTapi;Remote Access NDIS TAPI Driver;C:\Windows\System32\drivers\ndistapi.sys [2009-7-13 24064]
R3 Ndisuio;NDIS Usermode I/O Protocol;C:\Windows\System32\drivers\ndisuio.sys [2011-6-8 56832]
R3 NdisWan;Remote Access NDIS WAN Driver;C:\Windows\System32\drivers\ndiswan.sys [2011-6-8 164352]
R3 NDProxy;NDIS Proxy;C:\Windows\System32\drivers\ndproxy.sys [2011-6-8 57856]
R3 Netman;Network Connections;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 netprofm;Network List Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544]
R3 Ntfs;Ntfs;C:\Windows\System32\drivers\ntfs.sys [2014-4-9 1684928]
R3 p2pimsvc;Peer Networking Identity Manager;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
R3 PolicyAgent;IPsec Policy Agent;C:\Windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [2009-7-13 27136]
R3 PptpMiniport;WAN Miniport (PPTP);C:\Windows\System32\drivers\raspptp.sys [2011-6-8 111104]
R3 ProtectedStorage;Protected Storage;C:\Windows\System32\lsass.exe [2014-5-14 31232]
R3 RasAgileVpn;WAN Miniport (IKEv2);C:\Windows\System32\drivers\agilevpn.sys [2009-7-13 60416]
R3 Rasl2tp;WAN Miniport (L2TP);C:\Windows\System32\drivers\rasl2tp.sys [2011-6-8 129536]
R3 RasMan;Remote Access Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 RasPppoe;Remote Access PPPOE Driver;C:\Windows\System32\drivers\raspppoe.sys [2009-7-13 92672]
R3 RasSstp;WAN Miniport (SSTP);C:\Windows\System32\drivers\rassstp.sys [2009-7-13 83968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-21 471144]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-3-24 148072]
R3 SDRSVC;Windows Backup;C:\Windows\System32\svchost.exe -k SDRSVC [2009-7-13 27136]
R3 srv;Server SMB 1.xxx Driver;C:\Windows\System32\drivers\srv.sys [2011-6-16 467456]
R3 srv2;Server SMB 2.xxx Driver;C:\Windows\System32\drivers\srv2.sys [2011-6-16 410112]
R3 srvnet;srvnet;C:\Windows\System32\drivers\srvnet.sys [2011-6-16 168448]
R3 SSDPSRV;SSDP Discovery;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 SstpSvc;Secure Socket Tunneling Protocol Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 StillCam;Still Serial Digital Camera Driver;C:\Windows\System32\drivers\serscan.sys [2009-7-13 12288]
R3 swenum;Software Bus Driver;C:\Windows\System32\drivers\swenum.sys [2009-7-13 12496]
R3 TapiSrv;Telephony;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R3 TrustedInstaller;Windows Modules Installer;C:\Windows\servicing\TrustedInstaller.exe [2011-6-8 194048]
R3 umbus;UMBus Enumerator Driver;C:\Windows\System32\drivers\umbus.sys [2011-6-8 48640]
R3 upnphost;UPnP Device Host;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 usbaudio;USB Audio Driver (WDM);C:\Windows\System32\drivers\USBAUDIO.sys [2014-2-13 109824]
R3 usbccgp;Microsoft USB Generic Parent Driver;C:\Windows\System32\drivers\usbccgp.sys [2014-2-13 99840]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\Windows\System32\drivers\usbehci.sys [2014-2-13 53248]
R3 usbhub;Microsoft USB Standard Hub Driver;C:\Windows\System32\drivers\usbhub.sys [2014-2-13 343040]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver;C:\Windows\System32\drivers\usbohci.sys [2014-2-13 25600]
R3 USBSTOR;USB Mass Storage Driver;C:\Windows\System32\drivers\USBSTOR.SYS [2011-7-12 91648]
R3 vhidmini;Generic Virtual HID Driver;C:\Windows\System32\drivers\walvhid.sys [2012-2-3 7808]
R3 vwifibus;Virtual WiFi Bus Driver;C:\Windows\System32\drivers\vwifibus.sys [2009-7-13 24576]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
R3 WdiServiceHost;Diagnostic Service Host;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 WdiSystemHost;Diagnostic System Host;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\Windows\System32\drivers\wmiacpi.sys [2009-7-13 14336]
R3 WPDBusEnum;Portable Device Enumerator Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 WudfPf;User Mode Driver Frameworks Platform Driver;C:\Windows\System32\drivers\WUDFPf.sys [2012-11-14 87040]
R3 WUDFRd;WUDFRd;C:\Windows\System32\drivers\WUDFRd.sys [2012-11-14 198656]
R3 wudfsvc;Windows Driver Foundation - User-mode Driver Framework;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R4 cdfs;CD/DVD File System Reader;C:\Windows\System32\drivers\cdfs.sys [2009-7-13 92160]
S1 aiptektp;Pen Pad;C:\Windows\System32\drivers\aiptektp.sys [2007-7-26 29696]
S2 ASTSRV;Nalpeiron Licensing Service; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-5 116648]
S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
S2 SharedAccess;Internet Connection Sharing (ICS);C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S2 sppsvc;Software Protection;C:\Windows\System32\sppsvc.exe [2011-6-8 3524608]
S3 1394ohci;1394 OHCI Compliant Host Controller;C:\Windows\System32\drivers\1394ohci.sys [2011-6-8 229888]
S3 AcpiPmi;ACPI Power Meter Driver;C:\Windows\System32\drivers\acpipmi.sys [2011-6-8 12800]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-6 267440]
S3 adp94xx;adp94xx;C:\Windows\System32\drivers\adp94xx.sys [2009-6-10 491088]
S3 adpahci;adpahci;C:\Windows\System32\drivers\adpahci.sys [2009-7-13 339536]
S3 adpu320;adpu320;C:\Windows\System32\drivers\adpu320.sys [2009-7-13 182864]
S3 agp440;Intel AGP Bus Filter;C:\Windows\System32\drivers\AGP440.sys [2009-7-13 61008]
S3 ALG;Application Layer Gateway Service;C:\Windows\System32\alg.exe [2009-7-13 79360]
S3 aliide;aliide;C:\Windows\System32\drivers\aliide.sys [2009-7-13 15440]
S3 amdide;amdide;C:\Windows\System32\drivers\amdide.sys [2009-7-13 15440]
S3 AmdK8;AMD K8 Processor Driver;C:\Windows\System32\drivers\amdk8.sys [2009-7-13 64512]
S3 amdsbs;amdsbs;C:\Windows\System32\drivers\amdsbs.sys [2009-6-10 194128]
S3 AppID;AppID Driver;C:\Windows\System32\drivers\appid.sys [2014-10-14 61440]
S3 AppIDSvc;Application Identity;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 arc;arc;C:\Windows\System32\drivers\arc.sys [2009-7-13 87632]
S3 arcsas;arcsas;C:\Windows\System32\drivers\arcsas.sys [2009-7-13 97856]
S3 aspnet_state;ASP.NET State Service;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-9-11 51808]
S3 AsyncMac;RAS Asynchronous Media Driver;C:\Windows\System32\drivers\asyncmac.sys [2009-7-13 23040]
S3 AxInstSV;ActiveX Installer (AxInstSV);C:\Windows\System32\svchost.exe -k AxInstSVGroup [2009-7-13 27136]
S3 b06bdrv;Broadcom NetXtreme II VBD;C:\Windows\System32\drivers\bxvbda.sys [2009-6-10 468480]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60a.sys [2009-6-10 270848]
S3 BDESVC;BitLocker Drive Encryption Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 BITS;Background Intelligent Transfer Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\Windows\System32\drivers\BrFiltLo.sys [2009-7-13 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\Windows\System32\drivers\BrFiltUp.sys [2009-7-13 8704]
S3 BridgeMP;MAC Bridge Miniport;C:\Windows\System32\drivers\bridge.sys [2009-7-13 95232]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\Windows\System32\drivers\BrSerId.sys [2009-7-13 286720]
S3 BrSerWdm;Brother WDM Serial driver;C:\Windows\System32\drivers\BrSerWdm.sys [2009-7-13 47104]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\Windows\System32\drivers\BrUsbMdm.sys [2009-7-13 14976]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\Windows\System32\drivers\BrUsbSer.sys [2009-7-13 14720]
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\Windows\System32\drivers\bthmodem.sys [2009-7-13 72192]
S3 bthserv;Bluetooth Support Service;C:\Windows\System32\svchost.exe -k bthsvcs [2009-7-13 27136]
S3 CertPropSvc;Certificate Propagation;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 circlass;Consumer IR Devices;C:\Windows\System32\drivers\circlass.sys [2009-7-13 45568]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver;C:\Windows\System32\drivers\CmBatt.sys [2009-7-13 17664]
S3 cmdide;cmdide;C:\Windows\System32\drivers\cmdide.sys [2009-7-13 17488]
S3 Compbatt;Compbatt;C:\Windows\System32\drivers\compbatt.sys [2009-7-13 21584]
S3 COMSysApp;COM+ System Application;C:\Windows\System32\dllhost.exe [2009-7-13 9728]
S3 dc3d;MS Hardware Device Detection Driver;C:\Windows\System32\drivers\dc3d.sys [2014-1-7 76496]
S3 defragsvc;Disk Defragmenter;C:\Windows\System32\svchost.exe -k defragsvc [2009-7-13 27136]
S3 dot3svc;Wired AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 drmkaud;Microsoft Trusted Audio Drivers;C:\Windows\System32\drivers\drmkaud.sys [2009-7-13 5632]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;C:\Windows\System32\drivers\evbda.sys [2009-6-10 3286016]
S3 ehRecvr;Windows Media Center Receiver Service;C:\Windows\ehome\ehrecvr.exe [2011-6-8 696832]
S3 ehSched;Windows Media Center Scheduler Service;C:\Windows\ehome\ehsched.exe [2009-7-13 127488]
S3 elxstor;elxstor;C:\Windows\System32\drivers\elxstor.sys [2009-6-10 530496]
S3 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\System32\drivers\errdev.sys [2009-7-13 9728]
S3 exfat;exFAT File System Driver;C:\Windows\System32\drivers\exfat.sys [2009-7-13 195072]
S3 fastfat;FAT12/16/32 File System Driver;C:\Windows\System32\drivers\fastfat.sys [2009-7-13 204800]
S3 Fax;Fax;C:\Windows\System32\FXSSVC.exe [2011-6-8 689152]
S3 fdc;Floppy Disk Controller Driver;C:\Windows\System32\drivers\fdc.sys [2009-7-13 29696]
S3 Filetrace;Filetrace;C:\Windows\System32\drivers\filetrace.sys [2009-7-13 34304]
S3 flpydisk;Floppy Disk Driver;C:\Windows\System32\drivers\flpydisk.sys [2009-7-13 24576]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2011-6-8 42856]
S3 FsDepends;File System Dependency Minifilter;C:\Windows\System32\drivers\fsdepends.sys [2009-7-13 55376]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\Windows\System32\drivers\GAGP30KX.SYS [2009-7-13 65088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-5 116648]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver;C:\Windows\System32\drivers\hcw85cir.sys [2009-7-13 31232]
S3 HidBatt;HID UPS Battery Driver;C:\Windows\System32\drivers\hidbatt.sys [2009-7-13 26624]
S3 HidBth;Microsoft Bluetooth HID Miniport;C:\Windows\System32\drivers\hidbth.sys [2009-7-13 100864]
S3 HidIr;Microsoft Infrared HID Driver;C:\Windows\System32\drivers\hidir.sys [2009-7-13 46592]
S3 hkmsvc;Health Key and Certificate Management;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 HpSAMD;HpSAMD;C:\Windows\System32\drivers\HpSAMD.sys [2011-6-8 78720]
S3 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;C:\Windows\System32\drivers\i8042prt.sys [2009-7-13 105472]
S3 iaStorV;Intel RAID Controller Windows 7;C:\Windows\System32\drivers\iaStorV.sys [2011-7-12 410496]
S3 IDriverT;InstallDriver Table Manager;C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace;C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2014-8-15 859280]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 iirsp;iirsp;C:\Windows\System32\drivers\iirsp.sys [2009-7-13 44112]
S3 IKEEXT;IKE and AuthIP IPsec Keying Modules;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 intelide;intelide;C:\Windows\System32\drivers\intelide.sys [2009-7-13 16960]
S3 intelppm;Intel Processor Driver;C:\Windows\System32\drivers\intelppm.sys [2009-7-13 62464]
S3 IPBusEnum;PnP-X IP Bus Enumerator;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 IpFilterDriver;IP Traffic Filter Driver;C:\Windows\System32\drivers\ipfltdrv.sys [2011-6-8 82944]
S3 IPMIDRV;IPMIDRV;C:\Windows\System32\drivers\IPMIDrv.sys [2011-6-8 78848]
S3 IPNAT;IP Network Address Translator;C:\Windows\System32\drivers\ipnat.sys [2009-7-13 116224]
S3 IRENUM;IR Bus Enumerator;C:\Windows\System32\drivers\irenum.sys [2009-7-13 17920]
S3 isapnp;isapnp;C:\Windows\System32\drivers\isapnp.sys [2009-7-13 20544]
S3 iScsiPrt;iScsiPort Driver;C:\Windows\System32\drivers\msiscsi.sys [2014-4-9 274880]
S3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;C:\Windows\System32\drivers\jnprvamgr.sys [2014-1-20 45352]
S3 KtmRm;KtmRm for Distributed Transaction Coordinator;C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [2009-7-13 27136]
S3 lltdsvc;Link-Layer Topology Discovery Mapper;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 LSI_FC;LSI_FC;C:\Windows\System32\drivers\lsi_fc.sys [2009-7-13 114752]
S3 LSI_SAS;LSI_SAS;C:\Windows\System32\drivers\lsi_sas.sys [2009-7-13 106560]
S3 LSI_SAS2;LSI_SAS2;C:\Windows\System32\drivers\lsi_sas2.sys [2009-7-13 65600]
S3 LSI_SCSI;LSI_SCSI;C:\Windows\System32\drivers\lsi_scsi.sys [2009-7-13 115776]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136]
S3 mcdbus;Driver for MagicISO SCSI Host Controller;C:\Windows\System32\drivers\mcdbus.sys [2011-5-14 255552]
S3 megasas;megasas;C:\Windows\System32\drivers\megasas.sys [2009-6-10 35392]
S3 MegaSR;MegaSR;C:\Windows\System32\drivers\MegaSR.sys [2009-7-13 284736]
S3 MEMSWEEP2;MEMSWEEP2;C:\Windows\System32\753B.tmp [2012-1-25 6144]
S3 Modem;Modem;C:\Windows\System32\drivers\modem.sys [2009-7-13 40448]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-3-22 114288]
S3 mpio;Microsoft Multi-Path Bus Driver;C:\Windows\System32\drivers\mpio.sys [2011-6-8 155008]
S3 MRxDAV;WebDav Client Redirector Driver;C:\Windows\System32\drivers\mrxdav.sys [2014-2-13 140800]
S3 msdsm;Microsoft Multi-Path Device Specific Module;C:\Windows\System32\drivers\msdsm.sys [2011-6-8 140672]
S3 MSDTC;Distributed Transaction Coordinator;C:\Windows\System32\msdtc.exe [2009-7-13 141824]
S3 mshidkmdf;Pass-through HID to KMDF Filter Driver;C:\Windows\System32\drivers\mshidkmdf.sys [2009-7-13 8192]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 msiserver;Windows Installer;C:\Windows\System32\msiexec.exe [2011-6-8 128000]
S3 MSKSSRV;Microsoft Streaming Service Proxy;C:\Windows\System32\drivers\mskssrv.sys [2009-7-13 11136]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;C:\Windows\System32\drivers\mspclock.sys [2009-7-13 7168]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;C:\Windows\System32\drivers\mspqm.sys [2009-7-13 6784]
S3 MsRPC;MsRPC;C:\Windows\System32\drivers\msrpc.sys [2011-6-8 366976]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;C:\Windows\System32\drivers\mstee.sys [2009-7-13 8064]
S3 MTConfig;Microsoft Input Configuration Driver;C:\Windows\System32\drivers\MTConfig.sys [2009-7-13 15360]
S3 napagent;Network Access Protection Agent;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 NdisCap;NDIS Capture LightWeight Filter;C:\Windows\System32\drivers\ndiscap.sys [2009-7-13 35328]
S3 Netlogon;Netlogon;C:\Windows\System32\lsass.exe [2014-5-14 31232]
S3 nfrd960;nfrd960;C:\Windows\System32\drivers\nfrd960.sys [2009-7-13 51264]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 125584]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 nv_agp;NVIDIA nForce AGP Bus Filter;C:\Windows\System32\drivers\NV_AGP.SYS [2009-7-13 122960]
S3 nvraid;nvraid;C:\Windows\System32\drivers\nvraid.sys [2011-7-12 148352]
S3 nvstor;nvstor;C:\Windows\System32\drivers\nvstor.sys [2011-7-12 166272]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy);C:\Windows\System32\drivers\ohci1394.sys [2009-7-13 72832]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-1 5132888]
S3 p2psvc;Peer Networking Grouping;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 Parport;Parallel port driver;C:\Windows\System32\drivers\parport.sys [2009-7-13 97280]
S3 pciide;pciide;C:\Windows\System32\drivers\pciide.sys [2009-7-13 12352]
S3 pcmcia;pcmcia;C:\Windows\System32\drivers\pcmcia.sys [2009-7-13 220752]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2009-7-13 20992]
S3 pla;Performance Logs & Alerts;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 PNRPsvc;Peer Name Resolution Protocol;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 Processor;Processor Driver;C:\Windows\System32\drivers\processr.sys [2009-7-13 60416]
S3 ptun0901;TAP Adapter V9 for Private Tunnel;C:\Windows\System32\drivers\ptun0901.sys [2014-8-29 27136]
S3 ql2300;ql2300;C:\Windows\System32\drivers\ql2300.sys [2009-6-10 1524816]
S3 ql40xx;ql40xx;C:\Windows\System32\drivers\ql40xx.sys [2009-7-13 128592]
S3 QWAVE;Quality Windows Audio Video Experience;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 QWAVEdrv;QWAVE driver;C:\Windows\System32\drivers\qwavedrv.sys [2009-7-13 46592]
S3 RasAcd;Remote Access Auto Connection Driver;C:\Windows\System32\drivers\rasacd.sys [2009-7-13 14848]
S3 RasAuto;Remote Access Auto Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;C:\Windows\System32\drivers\rdpbus.sys [2009-7-13 24064]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-2-13 19456]
S3 RDPWD;RDP Winstation Driver;C:\Windows\System32\drivers\rdpwd.sys [2014-10-14 212480]
S3 RemoteRegistry;Remote Registry;C:\Windows\System32\svchost.exe -k regsvc [2009-7-13 27136]
S3 RpcLocator;Remote Procedure Call (RPC) Locator;C:\Windows\System32\Locator.exe [2009-7-13 10240]
S3 sbp2port;SBP-2 Transport/Protocol Bus Driver;C:\Windows\System32\drivers\sbp2port.sys [2011-6-8 103808]
S3 SCardSvr;Smart Card;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 scfilter;Smart card PnP Class Filter Driver;C:\Windows\System32\drivers\scfilter.sys [2011-6-8 29696]
S3 SCPolicySvc;Smart Card Removal Policy;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 SensrSvc;Adaptive Brightness;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 Serenum;Serenum Filter Driver;C:\Windows\System32\drivers\serenum.sys [2009-7-13 23552]
S3 Serial;Serial;C:\Windows\System32\drivers\serial.sys [2009-7-13 94208]
S3 sermouse;Serial Mouse Driver;C:\Windows\System32\drivers\sermouse.sys [2009-7-13 26624]
S3 SessionEnv;Remote Desktop Configuration;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 sffdisk;SFF Storage Class Driver;C:\Windows\System32\drivers\sffdisk.sys [2009-7-13 14336]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;C:\Windows\System32\drivers\sffp_mmc.sys [2009-7-13 13824]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus;C:\Windows\System32\drivers\sffp_sd.sys [2011-6-8 14336]
S3 sfloppy;High-Capacity Floppy Disk Drive;C:\Windows\System32\drivers\sfloppy.sys [2009-7-13 16896]
S3 SiSRaid2;SiSRaid2;C:\Windows\System32\drivers\sisraid2.sys [2009-6-10 43584]
S3 SiSRaid4;SiSRaid4;C:\Windows\System32\drivers\sisraid4.sys [2009-7-13 80464]
S3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);C:\Windows\System32\drivers\smb.sys [2009-7-13 93184]
S3 SNMPTRAP;SNMP Trap;C:\Windows\System32\snmptrap.exe [2009-7-13 14336]
S3 sppuinotify;SPP Notification Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\Windows\System32\drivers\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter;C:\Windows\System32\drivers\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers;C:\Windows\System32\drivers\sscdmdm.sys [2010-11-11 172104]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\sscdserd.sys [2010-11-11 141384]
S3 stexstor;stexstor;C:\Windows\System32\drivers\stexstor.sys [2009-7-13 24656]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 swprv;Microsoft Software Shadow Copy Provider;C:\Windows\System32\svchost.exe -k swprv [2009-7-13 27136]
S3 TBS;TPM Base Services;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 TCPIP6;Microsoft IPv6 Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2014-6-10 1903552]
S3 TDPIPE;TDPIPE;C:\Windows\System32\drivers\tdpipe.sys [2009-7-13 15872]
S3 TDTCP;TDTCP;C:\Windows\System32\drivers\tdtcp.sys [2012-3-14 23552]
S3 TermService;Remote Desktop Services;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 THREADORDER;Thread Ordering Server;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 Trufos;Trufos;C:\Windows\System32\drivers\Trufos.sys [2014-4-22 389240]
S3 tssecsrv;Remote Desktop Services Security Filter Driver;C:\Windows\System32\drivers\tssecsrv.sys [2014-10-14 39936]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-13 56832]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;C:\Windows\System32\drivers\tunnel.sys [2011-6-8 125440]
S3 uagp35;Microsoft AGPv3.5 Filter;C:\Windows\System32\drivers\UAGP35.SYS [2009-7-13 64080]
S3 UI0Detect;Interactive Services Detection;C:\Windows\System32\UI0Detect.exe [2009-7-13 40960]
S3 uliagpkx;Uli AGP Bus Filter;C:\Windows\System32\drivers\ULIAGPKX.SYS [2009-7-13 64592]
S3 UmPass;Microsoft UMPass Driver;C:\Windows\System32\drivers\umpass.sys [2009-7-13 9728]
S3 usbcir;eHome Infrared Receiver (USBCIR);C:\Windows\System32\drivers\usbcir.sys [2014-2-13 100864]
S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
S3 usbprint;Microsoft USB PRINTER Class;C:\Windows\System32\drivers\usbprint.sys [2009-7-13 25088]
S3 usbscan;USB Scanner Driver;C:\Windows\System32\drivers\usbscan.sys [2014-2-13 42496]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\Windows\System32\drivers\usbuhci.sys [2014-2-13 30720]
S3 VaultSvc;Credential Manager;C:\Windows\System32\lsass.exe [2014-5-14 31232]
S3 VClone;VClone;C:\Windows\System32\drivers\VClone.sys [2011-1-15 36352]
S3 vds;Virtual Disk;C:\Windows\System32\vds.exe [2011-6-8 533504]
S3 vga;vga;C:\Windows\System32\drivers\vgapnp.sys [2009-7-13 29184]
S3 vhdmp;vhdmp;C:\Windows\System32\drivers\vhdmp.sys [2011-6-8 215936]
S3 viaide;viaide;C:\Windows\System32\drivers\viaide.sys [2009-7-13 17488]
S3 ViaUsbEtsDriver;Nokia 1508 USB Device Driver;C:\Windows\System32\drivers\ViaUsbEts.sys [2008-5-29 21760]
S3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2011-5-14 13312]
S3 vncmirror;vncmirror;C:\Windows\System32\drivers\vncmirror.sys [2013-12-6 4608]
S3 vsmraid;vsmraid;C:\Windows\System32\drivers\vsmraid.sys [2009-6-10 161872]
S3 VSS;Volume Shadow Copy;C:\Windows\System32\VSSVC.exe [2011-6-8 1600512]
S3 W32Time;Windows Time;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\System32\drivers\wacompen.sys [2009-7-13 27776]
S3 wampapache;wampapache;J:\wamp\bin\apache\Apache2.2.21\bin\httpd.exe [2014-4-15 21504]
S3 wampmysqld;wampmysqld;j:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe wampmysqld --> j:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe wampmysqld [?]
S3 WANARP;Remote Access IP ARP Driver;C:\Windows\System32\drivers\wanarp.sys [2011-6-8 88576]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-15 1255736]
S3 wbengine;Block Level Backup Engine Service;C:\Windows\System32\wbengine.exe [2011-6-8 1504256]
S3 WbioSrvc;Windows Biometric Service;C:\Windows\System32\svchost.exe -k WbioSvcGroup [2009-7-13 27136]
S3 wcncsvc;Windows Connect Now - Config Registrar;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 WcsPlugInService;Windows Color System;C:\Windows\System32\svchost.exe -k wcssvc [2009-7-13 27136]
S3 Wd;Wd;C:\Windows\System32\drivers\wd.sys [2009-7-13 21056]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WebClient;WebClient;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 Wecsvc;Windows Event Collector;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 WerSvc;Windows Error Reporting Service;C:\Windows\System32\svchost.exe -k WerSvcGroup [2009-7-13 27136]
S3 WIMMount;WIMMount;C:\Windows\System32\drivers\wimmount.sys [2009-7-13 22096]
S3 WinDefend;Windows Defender;C:\Windows\System32\svchost.exe -k secsvcs [2009-7-13 27136]
S3 WinRM;Windows Remote Management (WS-Management);C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 WinUsb;WinUsb;C:\Windows\System32\drivers\winusb.sys [2011-6-8 41984]
S3 wmiApSrv;WMI Performance Adapter;C:\Windows\System32\wbem\WmiApSrv.exe [2009-7-13 203264]
S3 WPCSvc;Parental Controls;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
S3 WwanSvc;WWAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86;C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2014-8-15 67224]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-8-15 90776]
S4 crcdisk;Crcdisk Filter Driver;C:\Windows\System32\drivers\crcdisk.sys [2009-7-13 24144]
S4 Mcx2Svc;Media Center Extender Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S4 NetMsmqActivator;Net.Msmq Listener Adapter;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 NetPipeActivator;Net.Pipe Listener Adapter;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 NetTcpActivator;Net.Tcp Listener Adapter;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 RemoteAccess;Routing and Remote Access;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S4 udfs;udfs;C:\Windows\System32\drivers\udfs.sys [2011-6-8 328192]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .bat: batfile="%1" %*
FileExt: .cmd: cmdfile="%1" %*
FileExt: .com: ComFile="%1" %*
FileExt: .exe: exefile="%1" %*
FileExt: .pif: piffile="%1" %*
FileExt: .scr: scrfile="%1" /S
FileExt: .reg: regfile=regedit.exe "%1"
FileExt: .txt: Applications\NotePro.exe="C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe" "%1" [UserChoice]
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1
FileExt: .ini: inifile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: 7z.exe: open="C:\Program Files\7-Zip\7z.exe" "%1"
ShellExec: Acrobat.exe: Open="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe" "%1"
ShellExec: AcroRD32.exe: Read="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "%1"
ShellExec: Adobe Extension Manager CS5.5.exe: open="C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5.5\Adobe Extension Manager CS5.5.exe" "%1"
ShellExec: Bridge.exe: open="C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe" "%1"
ShellExec: CamtasiaIcons.exe: open="C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe" "%1"
ShellExec: cse120.exe: edit="J:\HTMLValidator120\cmdlineprocessor.exe" -o "%1"
ShellExec: Dreamweaver.exe: open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe" "%1"
ShellExec: ehshell.exe: open="C:\Windows\eHome\ehshell.exe" "%1"
ShellExec: EXCEL.EXE: open="C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" "%1"
ShellExec: IconWorkshop.exe: open="C:\Program Files (x86)\Axialis\IconWorkshop\IconWorkshop.exe" "%1"
ShellExec: iexplore.exe: open="C:\Program Files\Internet Explorer\iexplore.exe" %1
ShellExec: Illustrator.exe: open="J:\adobecs6\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe" "%1"
ShellExec: MagicDisc.exe: open="C:\Program Files (x86)\MagicDisc\MagicDisc.exe" "%1"
ShellExec: MovieMaker.exe: Open="C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
ShellExec: mspaint.exe: edit="C:\Windows\System32\mspaint.exe" "%1"
ShellExec: notepad.exe: edit=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: notepad.exe: open=C:\Windows\SysWow64\notepad.exe %1
ShellExec: NotePro.exe: open="C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe" "%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Opera.exe" "%1"
ShellExec: Photoshop.exe: edit="J:\adobecs6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "%1"
ShellExec: Photoshop.exe: open="J:\adobecs6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "%1"
ShellExec: photoviewer.dll: open=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: photoviewer.dll: print=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: RealPlay.exe: open="c:\program files (x86)\real\realplayer\realplay.exe" "%1"
ShellExec: SnagItEditor.exe: open="C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe" "%1"
ShellExec: uTorrent.exe: open="J:\Utorrent\uTorrent.exe" "%1"
ShellExec: vlc.exe: Open="C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
ShellExec: webuild.exe: edit="J:\WeBuilder 2014\webuild.exe" "%1"
ShellExec: webuild.exe: open="J:\WeBuilder 2014\webuild.exe" "%1"
ShellExec: winword.exe: edit="C:\Program Files\Microsoft Office\Office15\WINWORD.EXE" /n "%1"
ShellExec: WLXPhotoViewer.dll: open="C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
ShellExec: wmplayer.exe: open="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "%L"
ShellExec: wmplayer.exe: play="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play "%L"
ShellExec: wordpad.exe: open="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1"
.
=============== Created Last 60 ================
.
2014-11-16 22:05:51 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E0A2B60-266B-4991-BB0B-1205305DBB5B}\mpengine.dll
2014-11-16 21:59:23 -------- d-sh--w- C:\$RECYCLE.BIN
2014-11-16 21:20:54 98816 ----a-w- C:\Windows\sed.exe
2014-11-16 21:20:54 80412 ----a-w- C:\Windows\grep.exe
2014-11-16 21:20:54 68096 ----a-w- C:\Windows\zip.exe
2014-11-16 21:20:54 60416 ----a-w- C:\Windows\NIRCMD.exe
2014-11-16 21:20:54 518144 ----a-w- C:\Windows\SWREG.exe
2014-11-16 21:20:54 406528 ----a-w- C:\Windows\SWSC.exe
2014-11-16 21:20:54 256000 ----a-w- C:\Windows\PEV.exe
2014-11-16 21:20:54 208896 ----a-w- C:\Windows\MBR.exe
2014-11-16 21:17:41 -------- d---a-w- C:\Qoobox
2014-11-16 19:37:43 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-16 19:37:43 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-16 19:37:43 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-16 19:37:43 -------- dc----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-16 17:12:47 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-16 06:57:13 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ABCE2A64-A1D5-462D-B2AD-7338E037FC8E}\gapaengine.dll
2014-11-14 19:53:42 -------- d-----w- C:\ProgramData\Trusted Publisher
2014-11-14 19:53:26 -------- dc----w- C:\Program Files (x86)\DeltaFix
2014-11-14 19:51:15 -------- d-----w- C:\ProgramData\dnkbiamkioalbhngdkhjkfgjiacojcik
2014-11-12 10:20:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-12 10:20:53 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-11-12 10:20:53 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-12 10:20:49 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-11-12 10:20:49 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-12 10:20:49 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-11-12 10:20:49 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 10:20:49 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-11-12 10:20:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-12 10:20:48 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-12 10:20:48 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-12 10:20:48 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-11-12 10:20:41 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-12 10:20:41 30720 ----a-w- C:\Windows\SysWow64\iernonce.dll
2014-11-12 10:20:41 276480 ----a-w- C:\Program Files\Internet Explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll
2014-11-12 10:20:40 76288 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2014-11-12 10:20:40 716800 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-11-12 10:20:40 49664 ----a-w- C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll
2014-11-12 10:20:40 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-12 10:20:40 34304 ----a-w- C:\Windows\System32\iernonce.dll
2014-11-12 10:20:40 341168 ----a-w- C:\Windows\SysWow64\iedkcs32.dll
2014-11-12 10:20:40 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-12 10:20:40 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-11-12 10:20:40 1310208 ----a-w- C:\Windows\SysWow64\urlmon.dll
2014-11-12 10:20:40 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-12 10:20:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-12 10:20:39 688640 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2014-11-12 10:20:39 666624 ----a-w- C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2014-11-12 10:20:39 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-12 10:20:39 285696 ----a-w- C:\Windows\SysWow64\dxtrans.dll
2014-11-12 10:20:39 243712 ----a-w- C:\Program Files\Internet Explorer\DiagnosticsTap.dll
2014-11-12 10:20:39 19781632 ----a-w- C:\Windows\SysWow64\mshtml.dll
2014-11-12 10:20:39 174080 ----a-w- C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll
2014-11-12 10:20:39 171008 ----a-w- C:\Program Files\Internet Explorer\Timeline_is.dll
2014-11-12 10:20:38 708096 ----a-w- C:\Windows\SysWow64\ieapfltr.dll
2014-11-12 10:20:38 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-12 10:20:38 468992 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-11-12 10:20:38 388272 ----a-w- C:\Windows\System32\iedkcs32.dll
2014-11-12 10:20:38 285696 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2014-11-12 10:20:38 285184 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2014-11-12 10:20:38 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-12 10:20:38 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-11-12 10:20:37 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-11-12 10:20:37 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-12 10:20:37 47104 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2014-11-12 10:20:37 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-12 10:20:37 2277376 ----a-w- C:\Windows\SysWow64\iertutil.dll
2014-11-12 10:20:37 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-12 10:20:37 1550336 ----a-w- C:\Windows\System32\urlmon.dll
2014-11-12 10:20:37 10747904 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2014-11-12 10:20:36 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-12 10:20:36 800768 ----a-w- C:\Windows\System32\msfeeds.dll
2014-11-12 10:20:36 478208 ----a-w- C:\Windows\SysWow64\ieui.dll
2014-11-12 10:20:36 418304 ----a-w- C:\Windows\SysWow64\dxtmsft.dll
2014-11-12 10:20:36 371712 ----a-w- C:\Program Files\Internet Explorer\F12Tools.dll
2014-11-12 10:20:36 316928 ----a-w- C:\Windows\System32\dxtrans.dll
2014-11-12 10:20:36 255488 ----a-w- C:\Program Files (x86)\Internet Explorer\F12Tools.dll
2014-11-12 10:20:36 219136 ----a-w- C:\Program Files\Internet Explorer\Timeline.dll
2014-11-12 10:20:36 12819456 ----a-w- C:\Windows\SysWow64\ieframe.dll
2014-11-12 10:20:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-12 10:20:36 1075200 ----a-w- C:\Program Files (x86)\Internet Explorer\networkinspection.dll
2014-11-12 10:20:35 799232 ----a-w- C:\Windows\System32\ieapfltr.dll
2014-11-12 10:20:35 742400 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2014-11-12 10:20:35 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-12 10:20:35 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-12 10:20:35 2884096 ----a-w- C:\Windows\System32\iertutil.dll
2014-11-12 10:20:35 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-12 10:20:34 813744 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-11-12 10:20:34 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-12 10:20:34 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-12 10:20:34 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-12 10:20:33 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2014-11-12 10:20:33 772608 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2014-11-12 10:20:33 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-12 10:20:33 633856 ----a-w- C:\Windows\System32\ieui.dll
2014-11-12 10:20:33 54784 ----a-w- C:\Windows\System32\jsproxy.dll
2014-11-12 10:20:33 490496 ----a-w- C:\Windows\System32\dxtmsft.dll
2014-11-12 10:20:33 235192 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2014-11-12 10:20:33 2143744 ----a-w- C:\Program Files\Internet Explorer\F12.dll
2014-11-12 10:20:33 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-12 10:20:33 1862144 ----a-w- C:\Program Files\Internet Explorer\MemoryAnalyzer.dll
2014-11-12 10:20:33 168960 ----a-w- C:\Windows\SysWow64\msrating.dll
2014-11-12 10:20:33 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-12 10:20:33 1217024 ----a-w- C:\Program Files\Internet Explorer\networkinspection.dll
2014-11-12 10:20:32 92160 ----a-w- C:\Windows\System32\mshtmled.dll
2014-11-12 10:20:32 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-12 10:20:32 14390272 ----a-w- C:\Windows\System32\ieframe.dll
2014-11-12 10:20:32 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-12 10:20:31 950784 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2014-11-12 10:20:31 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-12 10:20:31 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-12 10:20:31 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-12 10:20:31 378880 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2014-11-12 10:20:31 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-12 10:20:30 293040 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2014-11-12 10:20:30 25110016 ----a-w- C:\Windows\System32\mshtml.dll
2014-11-12 10:20:30 199680 ----a-w- C:\Windows\System32\msrating.dll
2014-11-12 10:20:30 1016832 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-11-12 10:20:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-11-12 10:20:14 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-11-12 10:20:14 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-11-12 10:20:13 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2014-11-12 10:20:13 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2014-11-12 10:20:13 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-11-12 10:20:12 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-11-12 10:20:12 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-11-12 10:20:12 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-11-12 10:20:12 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-11-12 10:20:12 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-11-12 10:20:12 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-11-12 10:20:12 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-11-12 10:20:11 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-11-12 10:20:10 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-11-12 10:20:10 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-11-12 10:20:10 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-11-12 10:20:10 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-11-12 10:20:09 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-11-12 10:20:09 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-12 10:20:09 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-11-12 10:20:09 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-12 10:20:09 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-11-12 10:20:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-11-12 10:20:09 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-11-12 10:20:09 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-11-12 10:20:09 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-11-12 10:20:09 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-11-12 10:20:01 77824 ----a-w- C:\Windows\System32\packager.dll
2014-11-12 10:20:01 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-11-12 10:20:01 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-11-12 10:19:59 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-11-12 10:19:58 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-11-12 10:19:55 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-12 10:19:55 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-11-12 06:07:08 17926832 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-10-31 05:23:46 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2014-10-31 05:23:42 272808 ----a-w- C:\Windows\SysWow64\javaws.exe
2014-10-31 05:23:36 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-31 05:23:36 175528 ----a-w- C:\Windows\SysWow64\javaw.exe
2014-10-31 05:23:36 175528 ----a-w- C:\Windows\SysWow64\java.exe
2014-10-22 19:05:36 5680856 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-10-22 19:05:36 5382328 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-10-22 19:05:36 26366648 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-10-22 19:01:38 3643576 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\1033\MSOINTL.DLL
2014-10-22 19:01:20 7764184 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-10-22 19:01:20 7538872 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-10-22 19:01:20 654512 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-10-22 19:01:20 36816576 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-10-19 17:02:40 -------- d-----w- C:\Users\Evelyn\AppData\Local\Orzeszek
2014-10-19 16:29:23 -------- dc----w- C:\Program Files\Common Files\Lavasoft
2014-10-15 04:27:52 234176 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\1033\OSFINTL.DLL
2014-10-15 01:52:45 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2014-10-15 01:52:45 156312 ----a-w- C:\Windows\System32\mscorier.dll
2014-10-15 01:52:45 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2014-10-15 01:52:44 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2014-10-15 01:52:44 73880 ----a-w- C:\Windows\System32\mscories.dll
2014-10-15 01:52:44 1943696 ----a-w- C:\Windows\System32\dfshim.dll
2014-10-15 01:52:34 842240 ----a-w- C:\Windows\System32\blackbox.dll
2014-10-15 01:52:34 744960 ----a-w- C:\Windows\SysWow64\blackbox.dll
2014-10-15 01:52:34 1202176 ----a-w- C:\Windows\System32\drmv2clt.dll
2014-10-15 01:52:33 988160 ----a-w- C:\Windows\SysWow64\drmv2clt.dll
2014-10-15 01:52:32 14632960 ----a-w- C:\Windows\System32\wmp.dll
2014-10-15 01:52:30 782848 ----a-w- C:\Windows\System32\wmdrmsdk.dll
2014-10-15 01:52:30 617984 ----a-w- C:\Windows\SysWow64\wmdrmsdk.dll
2014-10-15 01:52:30 4120576 ----a-w- C:\Windows\System32\mf.dll
2014-10-15 01:52:29 11411456 ----a-w- C:\Windows\SysWow64\wmp.dll
2014-10-15 01:52:28 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys
2014-10-15 01:52:28 616352 ----a-w- C:\Windows\System32\winresume.efi
2014-10-15 01:52:28 497664 ----a-w- C:\Windows\System32\drmmgrtn.dll
2014-10-15 01:52:28 457400 ----a-w- C:\Windows\System32\ci.dll
2014-10-15 01:52:28 406016 ----a-w- C:\Windows\SysWow64\drmmgrtn.dll
2014-10-15 01:52:28 3208704 ----a-w- C:\Windows\SysWow64\mf.dll
2014-10-15 01:52:27 693176 ----a-w- C:\Windows\System32\winload.efi
2014-10-15 01:52:27 619056 ----a-w- C:\Windows\System32\winload.exe
2014-10-15 01:52:27 532176 ----a-w- C:\Windows\System32\winresume.exe
2014-10-15 01:52:27 1574400 ----a-w- C:\Windows\System32\quartz.dll
2014-10-15 01:52:26 631808 ----a-w- C:\Windows\System32\evr.dll
2014-10-15 01:52:26 5551032 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-10-15 01:52:26 3970488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-10-15 01:52:26 229376 ----a-w- C:\Windows\System32\wintrust.dll
2014-10-15 01:52:26 187904 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-10-15 01:52:25 179200 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-10-15 01:52:25 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2014-10-15 01:52:25 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-10-15 01:52:25 1069056 ----a-w- C:\Windows\System32\cryptui.dll
2014-10-15 01:52:24 489984 ----a-w- C:\Windows\SysWow64\evr.dll
2014-10-15 01:52:24 432128 ----a-w- C:\Windows\System32\mfplat.dll
2014-10-15 01:52:24 3914680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-10-15 01:52:24 1329664 ----a-w- C:\Windows\SysWow64\quartz.dll
2014-10-15 01:52:23 82432 ----a-w- C:\Windows\System32\cryptsp.dll
2014-10-15 01:52:23 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-10-15 01:52:23 354816 ----a-w- C:\Windows\SysWow64\mfplat.dll
2014-10-15 01:52:23 188416 ----a-w- C:\Windows\System32\pcasvc.dll
2014-10-15 01:52:23 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-10-15 01:52:23 1005056 ----a-w- C:\Windows\SysWow64\cryptui.dll
2014-10-15 01:52:22 81408 ----a-w- C:\Windows\SysWow64\cryptsp.dll
2014-10-15 01:52:22 641024 ----a-w- C:\Windows\System32\msscp.dll
2014-10-15 01:52:22 325632 ----a-w- C:\Windows\System32\msnetobj.dll
2014-10-15 01:52:22 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-10-15 01:52:21 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2014-10-15 01:52:21 58880 ----a-w- C:\Windows\System32\appidapi.dll
2014-10-15 01:52:21 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-10-15 01:52:21 504320 ----a-w- C:\Windows\SysWow64\msscp.dll
2014-10-15 01:52:21 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-10-15 01:52:21 32256 ----a-w- C:\Windows\System32\appidsvc.dll
2014-10-15 01:52:21 265216 ----a-w- C:\Windows\SysWow64\msnetobj.dll
2014-10-15 01:52:20 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-10-15 01:52:20 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-10-15 01:52:20 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-10-15 01:52:20 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-10-15 01:52:20 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-10-15 01:52:19 9728 ----a-w- C:\Windows\System32\spwmp.dll
2014-10-15 01:52:19 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2014-10-15 01:52:19 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-10-15 01:52:19 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2014-10-15 01:52:19 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2014-10-15 01:52:19 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-10-15 01:52:19 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-10-15 01:52:19 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2014-10-15 01:52:19 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2014-10-15 01:52:19 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-10-15 01:52:19 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-10-15 01:52:19 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-10-15 01:52:19 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-10-15 01:52:19 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-10-15 01:52:19 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-10-15 01:52:19 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-10-15 01:52:19 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe
2014-10-15 01:52:19 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe
2014-10-15 01:52:19 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2014-10-15 01:52:19 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2014-10-15 01:52:18 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-10-15 01:51:28 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-10-15 01:51:24 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-10-15 01:51:24 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-10-15 01:51:14 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-10-15 01:51:14 235520 ----a-w- C:\Windows\System32\winsta.dll
2014-10-15 01:51:14 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-10-15 01:51:14 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2014-10-15 01:51:14 150528 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2014-10-15 01:51:13 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-10-15 01:51:02 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-10-15 01:51:02 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-01 00:23:36 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-01 00:23:36 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 17:37:30 81383096 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2014-09-25 17:32:46 81383104 -c--a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2014-09-24 08:16:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-24 08:16:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-23 19:46:26 -------- dc----w- C:\Program Files\7-Zip
2014-09-23 17:42:29 -------- dc----w- C:\Program Files (x86)\globalUpdate
2014-09-23 17:42:29 -------- d-----w- C:\Users\Evelyn\AppData\Local\globalUpdate
2014-09-22 23:20:27 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
.
==================== Find6M  ====================
.
2014-11-16 22:05:27 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-12 14:34:57 103374192 ----a-w- C:\Windows\System32\MRT.exe
2014-11-12 06:07:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-12 06:07:26 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-29 17:03:22 27136 ----a-w- C:\Windows\System32\drivers\ptun0901.sys
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-03 18:38:00 201800 ----a-w- C:\Windows\SysWow64\rmoc3260.dll
2014-08-03 18:37:46 278600 ----a-w- C:\Windows\SysWow64\pncrt.dll
2014-08-03 18:37:34 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-08-03 18:37:34 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-01 11:35:06 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-17 22:05:06 269008 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-07-17 22:05:06 125584 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDTAT.DLL
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDRU1.DLL
2014-07-09 02:03:23 6656 ----a-w- C:\Windows\System32\KBDRU.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDTAT.DLL
2014-07-09 01:31:42 6656 ----a-w- C:\Windows\SysWow64\KBDRU1.DLL
2014-07-09 01:31:42 6656 ----a-w- C:\Windows\SysWow64\KBDRU.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24:50 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-06-30 22:14:53 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-06-27 02:08:12 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-06-27 01:45:52 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-06-25 02:05:42 14175744 ----a-w- C:\Windows\System32\shell32.dll
2014-06-25 01:41:30 12874240 ----a-w- C:\Windows\SysWow64\shell32.dll
2014-06-24 03:29:36 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-06-24 02:59:49 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-06 06:16:07 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-06-06 06:12:57 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 17:15:55.32 ===============


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 21 November 2014 - 05:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/556443 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 elbarney

elbarney
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 23 November 2014 - 11:47 AM

I removed Firefox and Chrome along with all setting, and reinstalled.  the obvious problem is now gone. there may be others lurking but i'll come back it it seems problematic.

 

THANK YOU!



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 26 November 2014 - 05:25 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users