WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Infection cannot be removed by AVG [Solved]
Started by
krbybng
, Nov 03 2012 01:13 PM
-
This topic is locked
23 replies to this topic
#1
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 03 November 2012 - 01:13 PM
Register to Remove
#2
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 03 November 2012 - 03:47 PM
Hello krbybng
My name is Satchfan and I would be glad to help you with your computer problem.
Please read the following guidelines which will help to make cleaning your machine easier:
Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested
===================================================
Run DDS
Please download DDS by sUBs from one of the following links and save it to your desktop.
Run aswMBR
DDS.txt
Attach.txt
aswMBR log
Thanks
Satchfan
My name is Satchfan and I would be glad to help you with your computer problem.
Please read the following guidelines which will help to make cleaning your machine easier:
- please follow all instructions in the order posted
- please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
- all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
- if you don't understand something, please don't hesitate to ask for clarification before proceeding
- the fixes are specific to your problem and should only be used for this issue on this machine.
- please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!
Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested
===================================================
Run DDS
Please download DDS by sUBs from one of the following links and save it to your desktop.
- disable any script blocking protection (How to Disable your Security Programs)
- double click DDS icon to run the tool (may take up to 3 minutes to run)
- when done, DDS.txt will open.
- after a few moments, attach.txt will open in a second window.
- save both reports to your desktop.
- Post the contents of the DDS.txt and Attach.txt reports in your next reply
Run aswMBR
- download aswMBR.exe to your desktop.
- double click aswMBR.exe to run it
- if asked, accept the AVAST virus definition download
- click the "Scan" button to start scan
- on completion of the scan click Save log, save it to your desktop and post in your next reply. Note - do NOT attempt any Fix yet.
DDS.txt
Attach.txt
aswMBR log
Thanks
Satchfan
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.
#3
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 03 November 2012 - 06:26 PM
thanks Satchfan. Attached are the files you requested.
Please advise next steps.
Thanks
Bill
Attached Files
-
dds.txt 16.19KB
275 downloads
-
attach.txt 15.78KB
300 downloads
-
aswMBR.txt 1.95KB
235 downloads
#4
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 04 November 2012 - 03:40 AM
Thanks for the logs but please copy and paste other logs in the reply, not attach them. Thanks.
Unfortunately you have a serious infection on your computer but hopefully we'll be able to deal with it.
Download and run ComboFix
Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2
**Note: It MUST be saved directly to your desktop. Choose save as and then make sure you choose Desktop
--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
--------------------------------------------------------------------
Double click on ComboFix.exe & follow the prompts.
Unfortunately you have a serious infection on your computer but hopefully we'll be able to deal with it.
Download and run ComboFix
Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2
**Note: It MUST be saved directly to your desktop. Choose save as and then make sure you choose Desktop
--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
--------------------------------------------------------------------
Double click on ComboFix.exe & follow the prompts.
- when finished, it will produce a report for you.
- please post the C:\ComboFix.txt for further review.
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.
#5
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 04 November 2012 - 07:41 AM
Hello Satchfan:
Here is the log file created...
ComboFix 12-11-04.01 - Bill 11/04/2012 6:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.882 [GMT -7:00]
Running from: c:\users\Bill\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-18\$a2f3eef0ef820791172bab225f7f19a0\@
c:\$recycle.bin\S-1-5-18\$a2f3eef0ef820791172bab225f7f19a0\n
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\users\Bill\%appda~1
c:\users\Bill\%appda~1\Microsoft\Internet Explorer\UserData\index.dat
c:\users\Bill\Media
c:\users\Bill\Media\15x15dot.png
c:\users\Bill\Media\NavigationLeft_ButtonGraphic.png
c:\users\Bill\Media\NavigationLeft_SelectionSubpicture.png
c:\users\Bill\Media\NavigationRight_ButtonGraphic.png
c:\users\Bill\Media\NavigationRight_SelectionSubpicture.png
c:\users\Bill\Media\NavigationUp_ButtonGraphic.png
c:\users\Bill\Media\NavigationUp_SelectionSubpicture.png
c:\users\Bill\Media\sample_button_thumbnail.bmp
c:\users\Bill\Media\sample_menu_thumbnail.png
c:\users\Bill\Media\SampleDVDMenuStyle.xml
c:\users\Bill\Media\SampleTFX.xml
c:\users\Bill\Media\scene_button_subpicture.png
c:\users\Bill\Media\Shader.fx
c:\users\Bill\Media\Thumbs.db
c:\windows\assembly\GAC\Desktop.ini
c:\windows\iun6002.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\140a4ecacce7dc94.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5eecfe28933f44f2.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\spool\prtprocs\w32x86\LXAIPP5C.DLL
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 )))))))))))))))))))))))))))))))
.
.
2012-11-04 13:26 . 2012-11-04 13:26 -------- d-----w- c:\users\Michayla\AppData\Local\temp
2012-11-04 13:26 . 2012-11-04 13:26 -------- d-----w- c:\users\Melissa\AppData\Local\temp
2012-11-04 13:26 . 2012-11-04 13:26 -------- d-----w- c:\users\Matthew\AppData\Local\temp
2012-11-04 13:26 . 2012-11-04 13:26 -------- d-----w- c:\users\Family Music\AppData\Local\temp
2012-11-04 13:26 . 2012-11-04 13:33 -------- d-----w- c:\users\Bill\AppData\Local\temp
2012-11-04 13:26 . 2012-11-04 13:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-14 23:36 . 2012-10-14 23:36 -------- d-----w- c:\users\Family Music\AppData\Roaming\AVG2013
2012-10-14 23:36 . 2012-10-14 23:36 -------- d-----w- c:\users\Family Music\AppData\Local\Avg2013
2012-10-13 12:37 . 2012-10-13 12:37 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-10-10 22:53 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 22:53 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 22:53 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 22:53 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 22:53 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 22:53 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 22:53 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 01:49 . 2012-05-12 13:52 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 01:49 . 2011-05-16 17:58 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-05 10:26 . 2012-10-05 10:26 93536 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-10-02 10:30 . 2012-10-02 10:30 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-09-21 10:46 . 2012-09-21 10:46 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-21 10:46 . 2012-09-21 10:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-09-21 10:45 . 2012-09-21 10:45 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-09-21 10:45 . 2012-09-21 10:45 55008 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-09-14 10:05 . 2012-09-14 10:05 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-09-13 10:11 . 2012-09-13 10:11 177504 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-09-06 00:40 . 2012-09-06 00:40 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-24 06:59 . 2012-09-22 16:25 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-22 16:25 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-22 16:25 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 16:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 16:25 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-22 16:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2008-06-28 16:32 . 2008-06-28 16:31 2788800 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2008-06-28 16:25 . 2008-06-28 16:25 411248 ----a-w- c:\program files\FLV PlayerRCSetup.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-10-01 16:32 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll" [2012-10-01 1734240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
NETGEAR WNDA3100v2 Genie.lnk - c:\program files\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-6-3 8453376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" /startup
"ehTray.exe"=c:\windows\ehome\ehTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" -osboot
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-12 01:49]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 00:18]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 00:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.excite.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-Replay_Converter_1 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Networking 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ACPI]
"ImagePath"="system32\drivers\acpi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AdobeARMservice]
"ImagePath"="\"c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adp94xx]
"ImagePath"="\SystemRoot\system32\drivers\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpahci]
"ImagePath"="\SystemRoot\system32\drivers\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu160m]
"ImagePath"="\SystemRoot\system32\drivers\adpu160m.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu320]
"ImagePath"="\SystemRoot\system32\drivers\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adsi]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AERTFilters]
"ImagePath"="%SystemRoot%\system32\AERTSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\agp440]
"ImagePath"="\SystemRoot\system32\drivers\agp440.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aic78xx]
"ImagePath"="\SystemRoot\system32\drivers\djsvs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aliide]
"ImagePath"="\SystemRoot\system32\drivers\aliide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amacpi]
"ImagePath"="system32\DRIVERS\null.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amdagp]
"ImagePath"="\SystemRoot\system32\drivers\amdagp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amdide]
"ImagePath"="\SystemRoot\system32\drivers\amdide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AmdK7]
"ImagePath"="\SystemRoot\system32\drivers\amdk7.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AmdK8]
"ImagePath"="system32\DRIVERS\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Apple Mobile Device]
"ImagePath"="\"c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\arc]
"ImagePath"="\SystemRoot\system32\drivers\arc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\arcsas]
"ImagePath"="\SystemRoot\system32\drivers\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\atapi]
"ImagePath"="system32\drivers\atapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Audiosrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avg]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVG Security Toolbar Service]
"ImagePath"="c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSAgent]
"ImagePath"="\"c:\program files\AVG\AVG2013\avgidsagent.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdriverx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSHX]
"ImagePath"="system32\DRIVERS\avgidshx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSShim]
"ImagePath"="system32\DRIVERS\avgidsshimx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgldx86]
"ImagePath"="system32\DRIVERS\avgldx86.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avglogx]
"ImagePath"="system32\DRIVERS\avglogx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgmfx86]
"ImagePath"="system32\DRIVERS\avgmfx86.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AvgRkx86]
"ImagePath"="system32\DRIVERS\avgrkx86.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgtdix]
"ImagePath"="system32\DRIVERS\avgtdix.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\avgtp]
"ImagePath"="\??\c:\windows\system32\drivers\avgtpx86.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\avgwd]
"ImagePath"="\"c:\program files\AVG\AVG2013\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BCMH43XX]
"ImagePath"="system32\DRIVERS\bcmwlhigh6.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\blbdrive]
"ImagePath"="\SystemRoot\system32\drivers\blbdrive.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Bonjour Service]
"ImagePath"="\"c:\program files\Bonjour\mDNSResponder.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\drivers\brfiltlo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\drivers\brfiltup.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Brserid]
"ImagePath"="\SystemRoot\system32\drivers\brserid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrSerWdm]
"ImagePath"="\SystemRoot\system32\drivers\brserwdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrUsbMdm]
"ImagePath"="\SystemRoot\system32\drivers\brusbmdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrUsbSer]
"ImagePath"="\SystemRoot\system32\drivers\brusbser.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\drivers\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\users\Bill\AppData\Local\Temp\catchme.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\circlass]
"ImagePath"="\SystemRoot\system32\drivers\circlass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CLFS]
"ImagePath"="System32\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\clr_optimization_v4.0.30319_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cmdide]
"ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Compbatt]
"ImagePath"="\SystemRoot\system32\drivers\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\crcdisk]
"ImagePath"="system32\drivers\crcdisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Crusoe]
"ImagePath"="\SystemRoot\system32\drivers\crusoe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\crypt32]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DCLocator]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DFSR]
"ImagePath"="%SystemRoot%\system32\DFSR.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcsvc.dll"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\disk]
"ImagePath"="system32\drivers\disk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dot4]
"ImagePath"="system32\DRIVERS\Dot4.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dot4Print]
"ImagePath"="system32\DRIVERS\Dot4Prt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dot4usb]
"ImagePath"="system32\DRIVERS\dot4usb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DSBrokerService]
"ImagePath"="\"c:\program files\DellSupport\brkrsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DSproct]
"ImagePath"="\??\c:\program files\DellSupport\GTAction\triggers\DSproct.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dsunidrv]
"ImagePath"="system32\DRIVERS\dsunidrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\e1express]
"ImagePath"="system32\DRIVERS\e1e6032.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\E1G60]
"ImagePath"="system32\DRIVERS\E1G60I32.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ecache]
"ImagePath"="System32\drivers\ecache.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehstart]
"ServiceDll"="%SystemRoot%\ehome\ehstart.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\elxstor]
"ImagePath"="\SystemRoot\system32\drivers\elxstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EmdCache]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EMDMgmt]
"ServiceDll"="%systemroot%\system32\emdmgmt.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ENETHUSB]
"ImagePath"="system32\DRIVERS\enethusb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ESENT]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\exfat]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fastfat]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FreeAgentGoNext Service]
"ImagePath"="\"c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gagp30kx]
"ImagePath"="\SystemRoot\system32\drivers\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GEARAspiWDM]
"ImagePath"="system32\DRIVERS\GEARAspiWDM.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GoogleDesktopManager-051210-111108]
"ImagePath"="\"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gupdate]
"ImagePath"="\"c:\program files\Google\Update\GoogleUpdate.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gupdatem]
"ImagePath"="\"c:\program files\Google\Update\GoogleUpdate.exe\" /medsvc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidBth]
"ImagePath"="\SystemRoot\system32\drivers\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidIr]
"ImagePath"="\SystemRoot\system32\drivers\hidir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HpCISSs]
"ImagePath"="\SystemRoot\system32\drivers\hpcisss.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hpqcxs08]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqcxs08.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hpqddsvc]
"ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqddsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HSF_DPV]
"ImagePath"="system32\DRIVERS\HSX_DPV.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HSXHWBS2]
"ImagePath"="system32\DRIVERS\HSXHWBS2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\i2omp]
"ImagePath"="\SystemRoot\system32\drivers\i2omp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iaStorV]
"ImagePath"="\SystemRoot\system32\drivers\iastorv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IDriverT]
"ImagePath"="\"c:\program files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iirsp]
"ImagePath"="\SystemRoot\system32\drivers\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RTKVHDA.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\intelide]
"ImagePath"="\SystemRoot\system32\drivers\intelide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IntuitUpdateServiceV4]
"ImagePath"="\"c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\drivers\ipmidrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPNAT]
"ImagePath"="system32\DRIVERS\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iPod Service]
"ImagePath"="\"c:\program files\iPod\bin\iPodService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\isapnp]
"ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iScsiPrt]
"ImagePath"="system32\DRIVERS\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iteatapi]
"ImagePath"="\SystemRoot\system32\drivers\iteatapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iteraid]
"ImagePath"="\SystemRoot\system32\drivers\iteraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Lavasoft Kernexplorer]
"ImagePath"="\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Lbd]
"ImagePath"="system32\DRIVERS\Lbd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LexBceS]
"ImagePath"="c:\windows\System32\LEXBCES.EXE"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Lsa]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_FC]
"ImagePath"="\SystemRoot\system32\drivers\lsi_fc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\drivers\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LVPr2Mon]
"ImagePath"="system32\Drivers\LVPr2Mon.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LVRS]
"ImagePath"="system32\DRIVERS\lvrs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LVUVC]
"ImagePath"="system32\DRIVERS\lvuvc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MCSTRM]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mdmxsdk]
"ImagePath"="system32\DRIVERS\mdmxsdk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\megasas]
"ImagePath"="\SystemRoot\system32\drivers\megasas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MountMgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mpio]
"ImagePath"="\SystemRoot\system32\drivers\mpio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mraid35x]
"ImagePath"="\SystemRoot\system32\drivers\mraid35x.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msahci]
"ImagePath"="\SystemRoot\system32\drivers\msahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msdsm]
"ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC Bridge 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msisadrv]
"ImagePath"="system32\drivers\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MsRPC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\system32\HPZinw12.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netbt]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netr73]
"ImagePath"="system32\DRIVERS\WUSB54GCx86.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nfrd960]
"ImagePath"="\SystemRoot\system32\drivers\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NTDS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ntrigdigi]
"ImagePath"="\SystemRoot\system32\drivers\ntrigdigi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NVENETFD]
"ImagePath"="system32\DRIVERS\nvmfdx32.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvlddmkm]
"ImagePath"="system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvraid]
"ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvstor]
"ImagePath"="system32\drivers\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvstor32]
"ImagePath"="system32\DRIVERS\nvstor32.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvsvc]
"ImagePath"="%SystemRoot%\system32\nvvsvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nv_agp]
"ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\odserv]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ohci1394]
"ImagePath"="\SystemRoot\system32\drivers\ohci1394.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Parport]
"ImagePath"="\SystemRoot\system32\drivers\parport.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Parvdm]
"ImagePath"="\SystemRoot\system32\drivers\parvdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pci]
"ImagePath"="system32\drivers\pci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pciide]
"ImagePath"="system32\drivers\pciide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pcmcia]
"ImagePath"="\SystemRoot\system32\drivers\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\system32\HPZipm12.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PortProxy]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Processor]
"ImagePath"="\SystemRoot\system32\drivers\processr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ql2300]
"ImagePath"="\SystemRoot\system32\drivers\ql2300.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ql40xx]
"ImagePath"="\SystemRoot\system32\drivers\ql40xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\R300]
"ImagePath"="system32\DRIVERS\atikmdag.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rdpdr]
"ImagePath"="\SystemRoot\system32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RimUsb]
"ImagePath"="System32\Drivers\RimUsb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RoxMediaDB9]
"ImagePath"="\"c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RoxWatch9]
"ImagePath"="\"c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sbp2port]
"ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCMNdisP]
"ImagePath"="system32\DRIVERS\scmndisp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\secdrv]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Serenum]
"ImagePath"="\SystemRoot\system32\drivers\serenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Serial]
"ImagePath"="\SystemRoot\system32\drivers\serial.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sermouse]
"ImagePath"="\SystemRoot\system32\drivers\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffdisk]
"ImagePath"="\SystemRoot\system32\drivers\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffp_sd]
"ImagePath"="\SystemRoot\system32\drivers\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sfloppy]
"ImagePath"="\SystemRoot\system32\drivers\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sisagp]
"ImagePath"="\SystemRoot\system32\drivers\sisagp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\drivers\sisraid2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SkypeUpdate]
"ImagePath"="\"c:\program files\Skype\Updater\Updater.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\slsvc]
"ImagePath"="%SystemRoot%\system32\SLsvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SLUINotify]
"ServiceDll"="%SystemRoot%\system32\SLUINotify.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SMSvcHost 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\spldr]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sprtsvc_dellsupportcenter]
"ImagePath"="c:\program files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\stllssvr]
"ImagePath"="\"c:\program files\Common Files\SureThing Shared\stllssvr.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Symc8xx]
"ImagePath"="\SystemRoot\system32\drivers\symc8xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sym_hi]
"ImagePath"="\SystemRoot\system32\drivers\sym_hi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sym_u3]
"ImagePath"="\SystemRoot\system32\drivers\sym_u3.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\system32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TuneUp.UtilitiesSvc]
"ImagePath"="\"c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TuneUpUtilitiesDrv]
"ImagePath"="\??\c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tunmp]
"ImagePath"="system32\DRIVERS\tunmp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uagp35]
"ImagePath"="\SystemRoot\system32\drivers\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UGatherer]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uliagpkx]
"ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uliahci]
"ImagePath"="\SystemRoot\system32\drivers\uliahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UlSata]
"ImagePath"="\SystemRoot\system32\drivers\ulsata.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ulsata2]
"ImagePath"="\SystemRoot\system32\drivers\ulsata2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UMVPFSrv]
"ImagePath"="c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usb]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\USBAAPL]
"ImagePath"="System32\Drivers\usbaapl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbaudio]
"ImagePath"="system32\drivers\usbaudio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbcir]
"ImagePath"="\SystemRoot\system32\drivers\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbvideo]
"ImagePath"="System32\Drivers\usbvideo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaagp]
"ImagePath"="\SystemRoot\system32\drivers\viaagp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ViaC7]
"ImagePath"="\SystemRoot\system32\drivers\viac7.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaide]
"ImagePath"="\SystemRoot\system32\drivers\viaide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\volmgr]
"ImagePath"="system32\drivers\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\volsnap]
"ImagePath"="system32\drivers\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vsmraid]
"ImagePath"="\SystemRoot\system32\drivers\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vToolbarUpdater12.2.6]
"ImagePath"="c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\VxD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\W3SVC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WacomPen]
"ImagePath"="\SystemRoot\system32\drivers\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wd]
"ImagePath"="\SystemRoot\system32\drivers\wd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WDC_SAM]
"ImagePath"="system32\DRIVERS\wdcsam.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\winachsf]
"ImagePath"="system32\DRIVERS\HSX_CNXT.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WmiAcpi]
"ImagePath"="\SystemRoot\system32\drivers\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"%ProgramFiles%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WpdUsb]
"ImagePath"="system32\DRIVERS\wpdusb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WPFFontCache_v0400]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WSWNDA3100v2]
"ImagePath"="c:\program files\NETGEAR\WNDA3100v2\WifiSvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\XAudio]
"ImagePath"="system32\DRIVERS\xaudio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\XAudioService]
"ImagePath"="%SystemRoot%\system32\DRIVERS\xaudio.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\xmlprov]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{07E1923B-A4B9-4797-9536-5FA50D4970D0}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{0B9986B9-BBAF-4C56-8C3D-B3D4A3D36301}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{2026623E-13CD-43C8-9954-37AD494112A2}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{2C18802D-D2A7-445C-9EAE-044082031935}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{42AE7821-98B0-42A9-BBB9-777268B85E72}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{578DE1EE-8D03-4852-BF8C-3BFF5B257C26}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{6425BCBF-9003-421F-B5C8-940E30A20879}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{6C161769-BE20-4340-9CED-CC7200D73034}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{8B7EDE32-4A42-43EF-AFF4-8F244DD2AAAA}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{C7A82815-C56B-4D00-8219-35A9E35A09C5}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{ECB3F1E2-E3F1-488B-A36C-2E35EE0E4D97}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{FE3B39BE-D1B4-4D8B-9E87-9D278AC966D1}]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\windows\System32\LEXPPS.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\AVG\AVG2013\avgidsagent.exe
c:\program files\AVG\AVG2013\avgwdsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\RtHDVCpl.exe
c:\program files\AVG Secure Search\vprot.exe
c:\program files\AVG\AVG2013\avgui.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\msiexec.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-11-04 06:38:07 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-04 13:37
.
Pre-Run: 77,874,995,200 bytes free
Post-Run: 78,890,270,720 bytes free
.
- - End Of File - - 32F4B653127CD57B9B1F2793C897DD49
Thanks again.
Please advise next steps...
Bill
#6
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 04 November 2012 - 07:58 AM
Registry cleaners
I see you are using a “Registry Cleaner”, TuneUp Utilities 2012. It comes as an optional add-on when you download Free YouYube to MP3 Converter. However, It's not recommended to use registry cleaners/boosters.
The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results". Unless you have a particular problem that requires a registry edit to correct it, (and you are expert in the registry), I would suggest you leave the registry alone.
I strongly advise you to get rid of TuneUp Utilities 2012 and any other cleaner/optimizer/booster/tuneup/tweak type utilities that you have on this or any other computer.
One of the malware experts, miekiemoes, has an excellent write-up here
Another excellent article by Bill Castner is located here
===================================================
Run TDSSKiller
Please download TDSSKiller.zip
Please also include a new aswMBR scan
Thanks
Satchfan
I see you are using a “Registry Cleaner”, TuneUp Utilities 2012. It comes as an optional add-on when you download Free YouYube to MP3 Converter. However, It's not recommended to use registry cleaners/boosters.
The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results". Unless you have a particular problem that requires a registry edit to correct it, (and you are expert in the registry), I would suggest you leave the registry alone.
I strongly advise you to get rid of TuneUp Utilities 2012 and any other cleaner/optimizer/booster/tuneup/tweak type utilities that you have on this or any other computer.
One of the malware experts, miekiemoes, has an excellent write-up here
Another excellent article by Bill Castner is located here
===================================================
Run TDSSKiller
Please download TDSSKiller.zip
- extract it to your desktop
- double click TDSSKiller.exe
- press Start Scan
only if Malicious objects are found then ensure Cure is selected. Do not change it to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.
- click Continue > Reboot now
- copy and paste the log in your next reply
- a copy of the log will be saved automatically to the root of the drive (typically C:\) called TDSSKiller_*** (*** denotes version & date)
Please also include a new aswMBR scan
Thanks
Satchfan
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.
#7
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 04 November 2012 - 02:58 PM
Thanks again...
TDSSKILLER Report
13:45:44.0513 6840 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:45:45.0044 6840 ============================================================
13:45:45.0044 6840 Current date / time: 2012/11/04 13:45:45.0044
13:45:45.0044 6840 SystemInfo:
13:45:45.0044 6840
13:45:45.0044 6840 OS Version: 6.0.6002 ServicePack: 2.0
13:45:45.0044 6840 Product type: Workstation
13:45:45.0044 6840 ComputerName: MARTINICH2
13:45:45.0044 6840 UserName: Bill
13:45:45.0044 6840 Windows directory: C:\Windows
13:45:45.0044 6840 System windows directory: C:\Windows
13:45:45.0044 6840 Processor architecture: Intel x86
13:45:45.0044 6840 Number of processors: 2
13:45:45.0044 6840 Page size: 0x1000
13:45:45.0044 6840 Boot type: Normal boot
13:45:45.0044 6840 ============================================================
13:45:45.0637 6840 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:45:45.0637 6840 ============================================================
13:45:45.0637 6840 \Device\Harddisk0\DR0:
13:45:45.0637 6840 MBR partitions:
13:45:45.0637 6840 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1400000
13:45:45.0637 6840 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1414000, BlocksNum 0x1BD94800
13:45:45.0637 6840 ============================================================
13:45:45.0668 6840 C: <-> \Device\Harddisk0\DR0\Partition2
13:45:45.0699 6840 D: <-> \Device\Harddisk0\DR0\Partition1
13:45:45.0699 6840 ============================================================
13:45:45.0699 6840 Initialize success
13:45:45.0699 6840 ============================================================
13:45:56.0354 5948 ============================================================
13:45:56.0354 5948 Scan started
13:45:56.0354 5948 Mode: Manual;
13:45:56.0354 5948 ============================================================
13:45:56.0697 5948 ================ Scan system memory ========================
13:45:56.0697 5948 System memory - ok
13:45:56.0697 5948 ================ Scan services =============================
13:45:56.0978 5948 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:45:56.0993 5948 ACPI - ok
13:45:57.0087 5948 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:45:57.0087 5948 AdobeARMservice - ok
13:45:57.0181 5948 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:57.0181 5948 AdobeFlashPlayerUpdateSvc - ok
13:45:57.0259 5948 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:45:57.0274 5948 adp94xx - ok
13:45:57.0305 5948 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:45:57.0321 5948 adpahci - ok
13:45:57.0352 5948 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:45:57.0368 5948 adpu160m - ok
13:45:57.0399 5948 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:45:57.0415 5948 adpu320 - ok
13:45:57.0493 5948 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:45:57.0493 5948 AeLookupSvc - ok
13:45:57.0539 5948 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
13:45:57.0539 5948 AERTFilters - ok
13:45:57.0586 5948 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
13:45:57.0602 5948 AFD - ok
13:45:57.0664 5948 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:45:57.0664 5948 agp440 - ok
13:45:57.0711 5948 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:45:57.0727 5948 aic78xx - ok
13:45:57.0773 5948 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
13:45:57.0773 5948 ALG - ok
13:45:57.0820 5948 [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide C:\Windows\system32\drivers\aliide.sys
13:45:57.0820 5948 aliide - ok
13:45:57.0898 5948 [ C5DBBCDA07D780BDA9B685DF333BB41E ] amacpi C:\Windows\system32\DRIVERS\null.sys
13:45:57.0898 5948 amacpi - ok
13:45:57.0945 5948 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:45:57.0945 5948 amdagp - ok
13:45:57.0961 5948 [ 835C4C3355088298A5EBD818FA31430F ] amdide C:\Windows\system32\drivers\amdide.sys
13:45:57.0961 5948 amdide - ok
13:45:58.0007 5948 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:45:58.0007 5948 AmdK7 - ok
13:45:58.0085 5948 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:45:58.0085 5948 AmdK8 - ok
13:45:58.0132 5948 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
13:45:58.0132 5948 Appinfo - ok
13:45:58.0195 5948 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:45:58.0210 5948 Apple Mobile Device - ok
13:45:58.0304 5948 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
13:45:58.0304 5948 arc - ok
13:45:58.0335 5948 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:45:58.0335 5948 arcsas - ok
13:45:58.0429 5948 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:58.0429 5948 AsyncMac - ok
13:45:58.0475 5948 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
13:45:58.0491 5948 atapi - ok
13:45:58.0553 5948 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:45:58.0553 5948 AudioEndpointBuilder - ok
13:45:58.0569 5948 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:45:58.0585 5948 Audiosrv - ok
13:45:58.0709 5948 [ 3A457C2F798CAD79CD30224E723E01FB ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
13:45:58.0725 5948 AVG Security Toolbar Service - ok
13:45:58.0990 5948 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
13:45:59.0068 5948 AVGIDSAgent - ok
13:45:59.0131 5948 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
13:45:59.0146 5948 AVGIDSDriver - ok
13:45:59.0193 5948 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
13:45:59.0193 5948 AVGIDSHX - ok
13:45:59.0240 5948 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
13:45:59.0240 5948 AVGIDSShim - ok
13:45:59.0302 5948 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
13:45:59.0302 5948 Avgldx86 - ok
13:45:59.0333 5948 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
13:45:59.0333 5948 Avglogx - ok
13:45:59.0380 5948 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
13:45:59.0380 5948 Avgmfx86 - ok
13:45:59.0396 5948 [ F3D57358DE0B8B3491013C615754A7C7 ] AvgRkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
13:45:59.0396 5948 AvgRkx86 - ok
13:45:59.0427 5948 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
13:45:59.0443 5948 Avgtdix - ok
13:45:59.0458 5948 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
13:45:59.0458 5948 avgtp - ok
13:45:59.0521 5948 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
13:45:59.0521 5948 avgwd - ok
13:45:59.0599 5948 [ 5165CF423964FC17606442FAE7AB2BF8 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
13:45:59.0614 5948 BCMH43XX - ok
13:45:59.0645 5948 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
13:45:59.0645 5948 Beep - ok
13:45:59.0692 5948 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
13:45:59.0692 5948 BFE - ok
13:45:59.0755 5948 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
13:45:59.0770 5948 BITS - ok
13:45:59.0770 5948 blbdrive - ok
13:45:59.0833 5948 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:45:59.0833 5948 Bonjour Service - ok
13:45:59.0864 5948 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:45:59.0864 5948 bowser - ok
13:45:59.0911 5948 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:45:59.0911 5948 BrFiltLo - ok
13:45:59.0926 5948 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:45:59.0926 5948 BrFiltUp - ok
13:45:59.0957 5948 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
13:45:59.0957 5948 Browser - ok
13:45:59.0989 5948 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:45:59.0989 5948 Brserid - ok
13:46:00.0020 5948 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:46:00.0020 5948 BrSerWdm - ok
13:46:00.0035 5948 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:46:00.0035 5948 BrUsbMdm - ok
13:46:00.0051 5948 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:46:00.0051 5948 BrUsbSer - ok
13:46:00.0113 5948 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:46:00.0113 5948 BTHMODEM - ok
13:46:00.0129 5948 catchme - ok
13:46:00.0160 5948 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:46:00.0160 5948 cdfs - ok
13:46:00.0207 5948 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:46:00.0207 5948 cdrom - ok
13:46:00.0301 5948 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
13:46:00.0301 5948 CertPropSvc - ok
13:46:00.0347 5948 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
13:46:00.0347 5948 circlass - ok
13:46:00.0410 5948 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
13:46:00.0410 5948 CLFS - ok
13:46:00.0488 5948 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:00.0503 5948 clr_optimization_v2.0.50727_32 - ok
13:46:00.0581 5948 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:46:00.0581 5948 clr_optimization_v4.0.30319_32 - ok
13:46:00.0613 5948 [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:46:00.0613 5948 cmdide - ok
13:46:00.0659 5948 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:46:00.0659 5948 Compbatt - ok
13:46:00.0659 5948 COMSysApp - ok
13:46:00.0691 5948 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:46:00.0706 5948 crcdisk - ok
13:46:00.0722 5948 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:46:00.0737 5948 Crusoe - ok
13:46:00.0784 5948 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:46:00.0800 5948 CryptSvc - ok
13:46:00.0847 5948 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:46:00.0862 5948 DcomLaunch - ok
13:46:00.0878 5948 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:46:00.0893 5948 DfsC - ok
13:46:01.0003 5948 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
13:46:01.0034 5948 DFSR - ok
13:46:01.0096 5948 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:46:01.0096 5948 Dhcp - ok
13:46:01.0159 5948 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
13:46:01.0159 5948 disk - ok
13:46:01.0221 5948 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:46:01.0221 5948 Dnscache - ok
13:46:01.0268 5948 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:46:01.0268 5948 dot3svc - ok
13:46:01.0299 5948 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:46:01.0315 5948 Dot4 - ok
13:46:01.0330 5948 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:46:01.0346 5948 Dot4Print - ok
13:46:01.0361 5948 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:46:01.0361 5948 dot4usb - ok
13:46:01.0408 5948 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
13:46:01.0408 5948 DPS - ok
13:46:01.0471 5948 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:46:01.0471 5948 drmkaud - ok
13:46:01.0533 5948 [ 245F62A2AA67F4A61F10174BF1017327 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
13:46:01.0533 5948 DSBrokerService - ok
13:46:01.0580 5948 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:46:01.0580 5948 DSproct - ok
13:46:01.0611 5948 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\Windows\system32\DRIVERS\dsunidrv.sys
13:46:01.0611 5948 dsunidrv - ok
13:46:01.0658 5948 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:46:01.0673 5948 DXGKrnl - ok
13:46:01.0720 5948 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
13:46:01.0736 5948 e1express - ok
13:46:01.0767 5948 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:46:01.0767 5948 E1G60 - ok
13:46:01.0814 5948 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
13:46:01.0814 5948 EapHost - ok
13:46:01.0876 5948 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
13:46:01.0876 5948 Ecache - ok
13:46:01.0923 5948 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:46:01.0923 5948 ehRecvr - ok
13:46:01.0970 5948 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
13:46:01.0970 5948 ehSched - ok
13:46:01.0985 5948 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
13:46:01.0985 5948 ehstart - ok
13:46:02.0032 5948 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:46:02.0032 5948 elxstor - ok
13:46:02.0095 5948 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:46:02.0110 5948 EMDMgmt - ok
13:46:02.0173 5948 [ C37B713737C60FA46CF249507722D68C ] ENETHUSB C:\Windows\system32\DRIVERS\enethusb.sys
13:46:02.0173 5948 ENETHUSB - ok
13:46:02.0235 5948 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
13:46:02.0251 5948 EventSystem - ok
13:46:02.0297 5948 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
13:46:02.0313 5948 exfat - ok
13:46:02.0344 5948 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:46:02.0344 5948 fastfat - ok
13:46:02.0375 5948 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:46:02.0375 5948 fdc - ok
13:46:02.0407 5948 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
13:46:02.0407 5948 fdPHost - ok
13:46:02.0438 5948 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:46:02.0438 5948 FDResPub - ok
13:46:02.0485 5948 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:46:02.0485 5948 FileInfo - ok
13:46:02.0516 5948 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:46:02.0516 5948 Filetrace - ok
13:46:02.0547 5948 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:02.0547 5948 flpydisk - ok
13:46:02.0578 5948 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:46:02.0594 5948 FltMgr - ok
13:46:02.0672 5948 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
13:46:02.0687 5948 FontCache - ok
13:46:02.0750 5948 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:46:02.0750 5948 FontCache3.0.0.0 - ok
13:46:02.0843 5948 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
13:46:02.0843 5948 FreeAgentGoNext Service - ok
13:46:02.0875 5948 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:46:02.0875 5948 Fs_Rec - ok
13:46:02.0906 5948 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:46:02.0921 5948 gagp30kx - ok
13:46:02.0984 5948 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:02.0999 5948 GEARAspiWDM - ok
13:46:03.0046 5948 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:46:03.0062 5948 GoogleDesktopManager-051210-111108 - ok
13:46:03.0109 5948 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
13:46:03.0171 5948 gpsvc - ok
13:46:03.0233 5948 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:03.0233 5948 gupdate - ok
13:46:03.0280 5948 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:03.0280 5948 gupdatem - ok
13:46:03.0327 5948 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:46:03.0358 5948 HDAudBus - ok
13:46:03.0405 5948 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:46:03.0405 5948 HidBth - ok
13:46:03.0421 5948 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:46:03.0421 5948 HidIr - ok
13:46:03.0452 5948 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
13:46:03.0467 5948 hidserv - ok
13:46:03.0483 5948 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:46:03.0483 5948 HidUsb - ok
13:46:03.0561 5948 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:46:03.0561 5948 hkmsvc - ok
13:46:03.0592 5948 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:46:03.0592 5948 HpCISSs - ok
13:46:03.0701 5948 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:46:03.0717 5948 hpqcxs08 - ok
13:46:03.0748 5948 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:46:03.0748 5948 hpqddsvc - ok
13:46:03.0826 5948 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:46:03.0873 5948 HSF_DPV - ok
13:46:03.0904 5948 [ ED98350ECD4A5A9C9F1E641C09872BB2 ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
13:46:03.0920 5948 HSXHWBS2 - ok
13:46:03.0967 5948 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:46:03.0998 5948 HTTP - ok
13:46:04.0013 5948 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:46:04.0029 5948 i2omp - ok
13:46:04.0076 5948 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:46:04.0076 5948 i8042prt - ok
13:46:04.0107 5948 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:46:04.0123 5948 iaStorV - ok
13:46:04.0216 5948 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:46:04.0216 5948 IDriverT - ok
13:46:04.0279 5948 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:46:04.0325 5948 idsvc - ok
13:46:04.0357 5948 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:46:04.0357 5948 iirsp - ok
13:46:04.0419 5948 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
13:46:04.0435 5948 IKEEXT - ok
13:46:04.0528 5948 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:46:04.0591 5948 IntcAzAudAddService - ok
13:46:04.0622 5948 [ 0084046C084D68E494F8CF36BCF08186 ] intelide C:\Windows\system32\drivers\intelide.sys
13:46:04.0622 5948 intelide - ok
13:46:04.0653 5948 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:46:04.0653 5948 intelppm - ok
13:46:04.0715 5948 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
13:46:04.0715 5948 IntuitUpdateServiceV4 - ok
13:46:04.0747 5948 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:46:04.0747 5948 IPBusEnum - ok
13:46:04.0778 5948 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:04.0778 5948 IpFilterDriver - ok
13:46:04.0825 5948 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:46:04.0840 5948 iphlpsvc - ok
13:46:04.0856 5948 IpInIp - ok
13:46:04.0903 5948 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:46:04.0903 5948 IPMIDRV - ok
13:46:04.0934 5948 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:46:04.0949 5948 IPNAT - ok
13:46:05.0027 5948 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:46:05.0059 5948 iPod Service - ok
13:46:05.0090 5948 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:46:05.0105 5948 IRENUM - ok
13:46:05.0137 5948 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:46:05.0137 5948 isapnp - ok
13:46:05.0199 5948 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:46:05.0215 5948 iScsiPrt - ok
13:46:05.0230 5948 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:46:05.0230 5948 iteatapi - ok
13:46:05.0261 5948 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:46:05.0277 5948 iteraid - ok
13:46:05.0308 5948 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:05.0308 5948 kbdclass - ok
13:46:05.0355 5948 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:05.0355 5948 kbdhid - ok
13:46:05.0371 5948 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
13:46:05.0371 5948 KeyIso - ok
13:46:05.0417 5948 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:46:05.0449 5948 KSecDD - ok
13:46:05.0511 5948 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:46:05.0511 5948 KtmRm - ok
13:46:05.0542 5948 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
13:46:05.0542 5948 LanmanServer - ok
13:46:05.0589 5948 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:05.0589 5948 LanmanWorkstation - ok
13:46:05.0620 5948 Lavasoft Kernexplorer - ok
13:46:05.0683 5948 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
13:46:05.0698 5948 Lbd - ok
13:46:05.0745 5948 [ 7B3F06CA6F927402D27EA6C64558E021 ] LexBceS C:\Windows\System32\LEXBCES.EXE
13:46:05.0761 5948 LexBceS - ok
13:46:05.0792 5948 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:46:05.0792 5948 lltdio - ok
13:46:05.0823 5948 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:46:05.0854 5948 lltdsvc - ok
13:46:05.0885 5948 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:46:05.0901 5948 lmhosts - ok
13:46:05.0948 5948 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:46:05.0948 5948 LSI_FC - ok
13:46:05.0979 5948 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:46:05.0979 5948 LSI_SAS - ok
13:46:06.0010 5948 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:46:06.0010 5948 LSI_SCSI - ok
13:46:06.0041 5948 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
13:46:06.0057 5948 luafv - ok
13:46:06.0104 5948 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\Windows\system32\Drivers\LVPr2Mon.sys
13:46:06.0104 5948 LVPr2Mon - ok
13:46:06.0166 5948 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
13:46:06.0166 5948 LVRS - ok
13:46:06.0353 5948 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
13:46:06.0478 5948 LVUVC - ok
13:46:06.0525 5948 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] MCSTRM C:\Windows\system32\drivers\MCSTRM.sys
13:46:06.0541 5948 MCSTRM - ok
13:46:06.0572 5948 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:46:06.0572 5948 Mcx2Svc - ok
13:46:06.0603 5948 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:46:06.0603 5948 mdmxsdk - ok
13:46:06.0650 5948 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
13:46:06.0650 5948 megasas - ok
13:46:06.0681 5948 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
13:46:06.0697 5948 MMCSS - ok
13:46:06.0712 5948 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
13:46:06.0712 5948 Modem - ok
13:46:06.0759 5948 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:46:06.0759 5948 monitor - ok
13:46:06.0790 5948 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:46:06.0790 5948 mouclass - ok
13:46:06.0821 5948 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:46:06.0821 5948 mouhid - ok
13:46:06.0853 5948 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:46:06.0853 5948 MountMgr - ok
13:46:06.0899 5948 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
13:46:06.0899 5948 mpio - ok
13:46:06.0946 5948 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:46:06.0946 5948 mpsdrv - ok
13:46:06.0993 5948 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:46:07.0009 5948 MpsSvc - ok
13:46:07.0024 5948 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:46:07.0040 5948 Mraid35x - ok
13:46:07.0055 5948 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:46:07.0071 5948 MRxDAV - ok
13:46:07.0102 5948 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:07.0102 5948 mrxsmb - ok
13:46:07.0149 5948 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:07.0149 5948 mrxsmb10 - ok
13:46:07.0196 5948 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:07.0196 5948 mrxsmb20 - ok
13:46:07.0258 5948 [ D420BC42A637AC3CC4F411220549C0DC ] msahci C:\Windows\system32\drivers\msahci.sys
13:46:07.0258 5948 msahci - ok
13:46:07.0289 5948 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:46:07.0289 5948 msdsm - ok
13:46:07.0336 5948 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
13:46:07.0352 5948 MSDTC - ok
13:46:07.0399 5948 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:46:07.0399 5948 Msfs - ok
13:46:07.0461 5948 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:46:07.0461 5948 msisadrv - ok
13:46:07.0492 5948 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:46:07.0492 5948 MSiSCSI - ok
13:46:07.0508 5948 msiserver - ok
13:46:07.0539 5948 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:46:07.0555 5948 MSKSSRV - ok
13:46:07.0601 5948 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:07.0601 5948 MSPCLOCK - ok
13:46:07.0617 5948 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:46:07.0633 5948 MSPQM - ok
13:46:07.0664 5948 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:46:07.0679 5948 MsRPC - ok
13:46:07.0726 5948 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:46:07.0726 5948 mssmbios - ok
13:46:07.0757 5948 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:46:07.0757 5948 MSTEE - ok
13:46:07.0789 5948 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
13:46:07.0789 5948 Mup - ok
13:46:07.0835 5948 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
13:46:07.0851 5948 napagent - ok
13:46:07.0898 5948 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:46:07.0898 5948 NativeWifiP - ok
13:46:07.0960 5948 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:46:07.0960 5948 NDIS - ok
13:46:08.0007 5948 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:08.0007 5948 NdisTapi - ok
13:46:08.0038 5948 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:08.0038 5948 Ndisuio - ok
13:46:08.0085 5948 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:08.0085 5948 NdisWan - ok
13:46:08.0116 5948 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:46:08.0132 5948 NDProxy - ok
13:46:08.0179 5948 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:46:08.0179 5948 Net Driver HPZ12 - ok
13:46:08.0241 5948 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:46:08.0241 5948 NetBIOS - ok
13:46:08.0288 5948 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:46:08.0288 5948 netbt - ok
13:46:08.0319 5948 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
13:46:08.0319 5948 Netlogon - ok
13:46:08.0366 5948 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
13:46:08.0381 5948 Netman - ok
13:46:08.0428 5948 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
13:46:08.0444 5948 netprofm - ok
13:46:08.0506 5948 [ 757F999AA72B55780EE810D4CD1BDD47 ] netr73 C:\Windows\system32\DRIVERS\WUSB54GCx86.sys
13:46:08.0522 5948 netr73 - ok
13:46:08.0553 5948 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:08.0569 5948 NetTcpPortSharing - ok
13:46:08.0600 5948 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:46:08.0600 5948 nfrd960 - ok
13:46:08.0647 5948 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:46:08.0662 5948 NlaSvc - ok
13:46:08.0693 5948 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:46:08.0693 5948 Npfs - ok
13:46:08.0725 5948 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
13:46:08.0740 5948 nsi - ok
13:46:08.0771 5948 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:46:08.0771 5948 nsiproxy - ok
13:46:08.0849 5948 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:46:08.0881 5948 Ntfs - ok
13:46:08.0912 5948 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:46:08.0912 5948 ntrigdigi - ok
13:46:08.0943 5948 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
13:46:08.0959 5948 Null - ok
13:46:09.0021 5948 [ A1108084B0D2FC43DCC401735770E2A3 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
13:46:09.0052 5948 NVENETFD - ok
13:46:09.0364 5948 [ E572EBF0A86A76E7CFCAAB00648F0F83 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:46:09.0551 5948 nvlddmkm - ok
13:46:09.0583 5948 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:46:09.0583 5948 nvraid - ok
13:46:09.0614 5948 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:46:09.0614 5948 nvstor - ok
13:46:09.0645 5948 [ DC5F166422BEEBF195E3E4BB8AB4EE22 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
13:46:09.0645 5948 nvstor32 - ok
13:46:09.0676 5948 [ F397A6FA4B83D243AD25A1DC401237A0 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:46:09.0676 5948 nvsvc - ok
13:46:09.0692 5948 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:46:09.0707 5948 nv_agp - ok
13:46:09.0707 5948 NwlnkFlt - ok
13:46:09.0723 5948 NwlnkFwd - ok
13:46:09.0801 5948 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:46:09.0817 5948 odserv - ok
13:46:09.0848 5948 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:46:09.0863 5948 ohci1394 - ok
13:46:09.0895 5948 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:09.0895 5948 ose - ok
13:46:09.0941 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:46:09.0973 5948 p2pimsvc - ok
13:46:09.0988 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
13:46:10.0004 5948 p2psvc - ok
13:46:10.0019 5948 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
13:46:10.0019 5948 Parport - ok
13:46:10.0066 5948 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:46:10.0082 5948 partmgr - ok
13:46:10.0097 5948 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:46:10.0097 5948 Parvdm - ok
13:46:10.0144 5948 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
13:46:10.0144 5948 PcaSvc - ok
13:46:10.0175 5948 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
13:46:10.0175 5948 pci - ok
13:46:10.0207 5948 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
13:46:10.0207 5948 pciide - ok
13:46:10.0222 5948 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:46:10.0222 5948 pcmcia - ok
13:46:10.0300 5948 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:46:10.0331 5948 PEAUTH - ok
13:46:10.0425 5948 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
13:46:10.0503 5948 pla - ok
13:46:10.0534 5948 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:46:10.0550 5948 PlugPlay - ok
13:46:10.0612 5948 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:46:10.0612 5948 Pml Driver HPZ12 - ok
13:46:10.0628 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:46:10.0643 5948 PNRPAutoReg - ok
13:46:10.0675 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:46:10.0675 5948 PNRPsvc - ok
13:46:10.0721 5948 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:46:10.0721 5948 PolicyAgent - ok
13:46:10.0753 5948 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:46:10.0753 5948 PptpMiniport - ok
13:46:10.0784 5948 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
13:46:10.0784 5948 Processor - ok
13:46:10.0799 5948 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
13:46:10.0799 5948 ProfSvc - ok
13:46:10.0815 5948 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:10.0815 5948 ProtectedStorage - ok
13:46:10.0846 5948 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:46:10.0846 5948 PSched - ok
13:46:10.0862 5948 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
13:46:10.0862 5948 PxHelp20 - ok
13:46:10.0909 5948 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:46:10.0940 5948 ql2300 - ok
13:46:10.0971 5948 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:46:10.0971 5948 ql40xx - ok
13:46:11.0002 5948 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
13:46:11.0018 5948 QWAVE - ok
13:46:11.0080 5948 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:46:11.0080 5948 QWAVEdrv - ok
13:46:11.0189 5948 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:11.0283 5948 R300 - ok
13:46:11.0330 5948 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:46:11.0330 5948 RasAcd - ok
13:46:11.0361 5948 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
13:46:11.0361 5948 RasAuto - ok
13:46:11.0408 5948 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:11.0408 5948 Rasl2tp - ok
13:46:11.0455 5948 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
13:46:11.0470 5948 RasMan - ok
13:46:11.0501 5948 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:11.0501 5948 RasPppoe - ok
13:46:11.0548 5948 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:46:11.0548 5948 RasSstp - ok
13:46:11.0595 5948 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:46:11.0595 5948 rdbss - ok
13:46:11.0626 5948 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:11.0626 5948 RDPCDD - ok
13:46:11.0673 5948 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:46:11.0689 5948 rdpdr - ok
13:46:11.0689 5948 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:46:11.0720 5948 RDPENCDD - ok
13:46:11.0751 5948 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:46:11.0767 5948 RDPWD - ok
13:46:11.0798 5948 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:46:11.0813 5948 RemoteAccess - ok
13:46:11.0845 5948 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:46:11.0860 5948 RemoteRegistry - ok
13:46:11.0907 5948 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
13:46:11.0907 5948 RimUsb - ok
13:46:12.0016 5948 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:46:12.0063 5948 RoxMediaDB9 - ok
13:46:12.0094 5948 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:46:12.0110 5948 RoxWatch9 - ok
13:46:12.0141 5948 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:46:12.0141 5948 RpcLocator - ok
13:46:12.0188 5948 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
13:46:12.0188 5948 RpcSs - ok
13:46:12.0219 5948 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:46:12.0235 5948 rspndr - ok
13:46:12.0235 5948 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
13:46:12.0250 5948 SamSs - ok
13:46:12.0281 5948 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:46:12.0281 5948 sbp2port - ok
13:46:12.0344 5948 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:46:12.0344 5948 SCardSvr - ok
13:46:12.0406 5948 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
13:46:12.0406 5948 Schedule - ok
13:46:12.0469 5948 [ 3B68015683C27CB00C7A6B60A37CBCFD ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
13:46:12.0469 5948 SCMNdisP - ok
13:46:12.0500 5948 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:46:12.0515 5948 SCPolicySvc - ok
13:46:12.0547 5948 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:46:12.0562 5948 SDRSVC - ok
13:46:12.0578 5948 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:46:12.0578 5948 secdrv - ok
13:46:12.0609 5948 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
13:46:12.0609 5948 seclogon - ok
13:46:12.0640 5948 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
13:46:12.0640 5948 SENS - ok
13:46:12.0671 5948 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:46:12.0687 5948 Serenum - ok
13:46:12.0703 5948 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
13:46:12.0703 5948 Serial - ok
13:46:12.0749 5948 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:46:12.0749 5948 sermouse - ok
13:46:12.0827 5948 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
13:46:12.0827 5948 SessionEnv - ok
13:46:12.0874 5948 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:46:12.0874 5948 sffdisk - ok
13:46:12.0890 5948 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:46:12.0905 5948 sffp_mmc - ok
13:46:12.0921 5948 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:46:12.0921 5948 sffp_sd - ok
13:46:12.0937 5948 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:46:12.0937 5948 sfloppy - ok
13:46:12.0999 5948 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:46:13.0015 5948 SharedAccess - ok
13:46:13.0046 5948 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:13.0061 5948 ShellHWDetection - ok
13:46:13.0093 5948 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:46:13.0093 5948 sisagp - ok
13:46:13.0108 5948 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:46:13.0124 5948 SiSRaid2 - ok
13:46:13.0139 5948 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:46:13.0155 5948 SiSRaid4 - ok
13:46:13.0249 5948 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:46:13.0249 5948 SkypeUpdate - ok
13:46:13.0405 5948 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
13:46:13.0467 5948 slsvc - ok
13:46:13.0514 5948 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:46:13.0514 5948 SLUINotify - ok
13:46:13.0545 5948 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:46:13.0561 5948 Smb - ok
13:46:13.0607 5948 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:46:13.0607 5948 SNMPTRAP - ok
13:46:13.0654 5948 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
13:46:13.0654 5948 spldr - ok
13:46:13.0701 5948 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
13:46:13.0701 5948 Spooler - ok
13:46:13.0748 5948 sprtsvc_dellsupportcenter - ok
13:46:13.0795 5948 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:46:13.0810 5948 srv - ok
13:46:13.0841 5948 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:46:13.0841 5948 srv2 - ok
13:46:13.0888 5948 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:46:13.0888 5948 srvnet - ok
13:46:13.0919 5948 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:46:13.0935 5948 SSDPSRV - ok
13:46:13.0982 5948 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:46:13.0997 5948 SstpSvc - ok
13:46:14.0060 5948 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
13:46:14.0060 5948 stisvc - ok
13:46:14.0107 5948 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:46:14.0107 5948 stllssvr - ok
13:46:14.0153 5948 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:46:14.0153 5948 swenum - ok
13:46:14.0200 5948 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
13:46:14.0216 5948 swprv - ok
13:46:14.0247 5948 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:46:14.0247 5948 Symc8xx - ok
13:46:14.0263 5948 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:46:14.0278 5948 Sym_hi - ok
13:46:14.0309 5948 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:46:14.0309 5948 Sym_u3 - ok
13:46:14.0356 5948 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
13:46:14.0387 5948 SysMain - ok
13:46:14.0419 5948 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:14.0434 5948 TabletInputService - ok
13:46:14.0465 5948 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:46:14.0481 5948 TapiSrv - ok
13:46:14.0497 5948 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
13:46:14.0512 5948 TBS - ok
13:46:14.0575 5948 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:46:14.0606 5948 Tcpip - ok
13:46:14.0653 5948 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:46:14.0668 5948 Tcpip6 - ok
13:46:14.0699 5948 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:46:14.0699 5948 tcpipreg - ok
13:46:14.0715 5948 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:46:14.0715 5948 TDPIPE - ok
13:46:14.0746 5948 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:46:14.0746 5948 TDTCP - ok
13:46:14.0777 5948 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:46:14.0777 5948 tdx - ok
13:46:14.0793 5948 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:46:14.0809 5948 TermDD - ok
13:46:14.0840 5948 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
13:46:14.0840 5948 TermService - ok
13:46:14.0855 5948 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
13:46:14.0871 5948 Themes - ok
13:46:14.0887 5948 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
13:46:14.0887 5948 THREADORDER - ok
13:46:14.0918 5948 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
13:46:14.0918 5948 TrkWks - ok
13:46:14.0980 5948 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:14.0980 5948 TrustedInstaller - ok
13:46:14.0996 5948 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:15.0011 5948 tssecsrv - ok
13:46:15.0105 5948 [ 67F888F5379CFFCA30878C8A57ADF156 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
13:46:15.0167 5948 TuneUp.UtilitiesSvc - ok
13:46:15.0199 5948 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
13:46:15.0199 5948 TuneUpUtilitiesDrv - ok
13:46:15.0245 5948 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:46:15.0245 5948 tunmp - ok
13:46:15.0277 5948 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:46:15.0292 5948 tunnel - ok
13:46:15.0323 5948 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:46:15.0323 5948 uagp35 - ok
13:46:15.0370 5948 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:46:15.0370 5948 udfs - ok
13:46:15.0417 5948 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:46:15.0433 5948 UI0Detect - ok
13:46:15.0448 5948 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:46:15.0464 5948 uliagpkx - ok
13:46:15.0495 5948 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:46:15.0495 5948 uliahci - ok
13:46:15.0526 5948 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:46:15.0526 5948 UlSata - ok
13:46:15.0542 5948 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:46:15.0542 5948 ulsata2 - ok
13:46:15.0573 5948 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:46:15.0573 5948 umbus - ok
13:46:15.0651 5948 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:46:15.0667 5948 UMVPFSrv - ok
13:46:15.0698 5948 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
13:46:15.0698 5948 upnphost - ok
13:46:15.0729 5948 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:46:15.0729 5948 USBAAPL - ok
13:46:15.0760 5948 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:46:15.0760 5948 usbaudio - ok
13:46:15.0807 5948 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:15.0807 5948 usbccgp - ok
13:46:15.0838 5948 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:46:15.0838 5948 usbcir - ok
13:46:15.0869 5948 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:46:15.0869 5948 usbehci - ok
13:46:15.0901 5948 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:46:15.0916 5948 usbhub - ok
13:46:15.0932 5948 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:46:15.0932 5948 usbohci - ok
13:46:15.0963 5948 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:46:15.0963 5948 usbprint - ok
13:46:15.0994 5948 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:46:15.0994 5948 usbscan - ok
13:46:16.0025 5948 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:16.0025 5948 USBSTOR - ok
13:46:16.0072 5948 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:46:16.0072 5948 usbuhci - ok
13:46:16.0103 5948 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:46:16.0119 5948 usbvideo - ok
13:46:16.0150 5948 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
13:46:16.0166 5948 UxSms - ok
13:46:16.0213 5948 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
13:46:16.0228 5948 vds - ok
13:46:16.0259 5948 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:16.0259 5948 vga - ok
13:46:16.0291 5948 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:46:16.0291 5948 VgaSave - ok
13:46:16.0337 5948 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:46:16.0337 5948 viaagp - ok
13:46:16.0369 5948 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:46:16.0369 5948 ViaC7 - ok
13:46:16.0400 5948 [ F3B4762EB85A2AFF4999401F14C3262B ] viaide C:\Windows\system32\drivers\viaide.sys
13:46:16.0400 5948 viaide - ok
13:46:16.0415 5948 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:46:16.0415 5948 volmgr - ok
13:46:16.0462 5948 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:46:16.0478 5948 volmgrx - ok
13:46:16.0525 5948 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:46:16.0540 5948 volsnap - ok
13:46:16.0571 5948 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:46:16.0587 5948 vsmraid - ok
13:46:16.0634 5948 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
13:46:16.0696 5948 VSS - ok
13:46:16.0790 5948 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
13:46:16.0821 5948 vToolbarUpdater12.2.6 - ok
13:46:16.0868 5948 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
13:46:16.0868 5948 W32Time - ok
13:46:16.0915 5948 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:46:16.0915 5948 WacomPen - ok
13:46:16.0946 5948 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:46:16.0961 5948 Wanarp - ok
13:46:16.0961 5948 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:46:16.0977 5948 Wanarpv6 - ok
13:46:17.0008 5948 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:46:17.0024 5948 wcncsvc - ok
13:46:17.0055 5948 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:17.0071 5948 WcsPlugInService - ok
13:46:17.0102 5948 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
13:46:17.0117 5948 Wd - ok
13:46:17.0149 5948 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
13:46:17.0149 5948 WDC_SAM - ok
13:46:17.0211 5948 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:46:17.0242 5948 Wdf01000 - ok
13:46:17.0273 5948 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:46:17.0273 5948 WdiServiceHost - ok
13:46:17.0289 5948 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:46:17.0305 5948 WdiSystemHost - ok
13:46:17.0336 5948 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
13:46:17.0351 5948 WebClient - ok
13:46:17.0398 5948 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:46:17.0414 5948 Wecsvc - ok
13:46:17.0476 5948 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:46:17.0492 5948 wercplsupport - ok
13:46:17.0523 5948 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
13:46:17.0539 5948 WerSvc - ok
13:46:17.0585 5948 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:46:17.0617 5948 winachsf - ok
13:46:17.0695 5948 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:46:17.0710 5948 WinDefend - ok
13:46:17.0726 5948 WinHttpAutoProxySvc - ok
13:46:17.0788 5948 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:46:17.0788 5948 Winmgmt - ok
13:46:17.0866 5948 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
13:46:17.0929 5948 WinRM - ok
13:46:17.0991 5948 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:46:18.0022 5948 Wlansvc - ok
13:46:18.0053 5948 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:46:18.0053 5948 WmiAcpi - ok
13:46:18.0100 5948 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:46:18.0116 5948 wmiApSrv - ok
13:46:18.0178 5948 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:46:18.0225 5948 WMPNetworkSvc - ok
13:46:18.0241 5948 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:46:18.0256 5948 WPCSvc - ok
13:46:18.0287 5948 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:46:18.0303 5948 WPDBusEnum - ok
13:46:18.0334 5948 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:46:18.0334 5948 WpdUsb - ok
13:46:18.0412 5948 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:46:18.0428 5948 WPFFontCache_v0400 - ok
13:46:18.0459 5948 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:46:18.0459 5948 ws2ifsl - ok
13:46:18.0490 5948 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
13:46:18.0490 5948 wscsvc - ok
13:46:18.0506 5948 WSearch - ok
13:46:18.0553 5948 [ D161D62AE8D3F3EC1197B012D5E47431 ] WSWNDA3100v2 C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
13:46:18.0568 5948 WSWNDA3100v2 - ok
13:46:18.0646 5948 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:46:18.0724 5948 wuauserv - ok
13:46:18.0771 5948 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:18.0771 5948 WUDFRd - ok
13:46:18.0818 5948 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:46:18.0833 5948 wudfsvc - ok
13:46:18.0865 5948 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
13:46:18.0865 5948 XAudio - ok
13:46:18.0896 5948 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
13:46:18.0896 5948 XAudioService - ok
13:46:18.0989 5948 ================ Scan global ===============================
13:46:19.0021 5948 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:46:19.0067 5948 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:46:19.0099 5948 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:46:19.0130 5948 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:46:19.0130 5948 [Global] - ok
13:46:19.0130 5948 ================ Scan MBR ==================================
13:46:19.0145 5948 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:46:19.0317 5948 \Device\Harddisk0\DR0 - ok
13:46:19.0317 5948 ================ Scan VBR ==================================
13:46:19.0333 5948 [ D3C38EE1DC3DAAC1880C4D5E2C1DEC0C ] \Device\Harddisk0\DR0\Partition1
13:46:19.0333 5948 \Device\Harddisk0\DR0\Partition1 - ok
13:46:19.0348 5948 [ 454A1B110B40E0AD643037A0C78701B2 ] \Device\Harddisk0\DR0\Partition2
13:46:19.0348 5948 \Device\Harddisk0\DR0\Partition2 - ok
13:46:19.0348 5948 ============================================================
13:46:19.0348 5948 Scan finished
13:46:19.0348 5948 ============================================================
13:46:19.0364 6352 Detected object count: 0
13:46:19.0364 6352 Actual detected object count: 0
aswMBR Report
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-03 17:14:38
-----------------------------
17:14:38.382 OS Version: Windows 6.0.6002 Service Pack 2
17:14:38.382 Number of processors: 2 586 0x4B02
17:14:38.397 ComputerName: MARTINICH2 UserName: Bill
17:14:40.082 Initialize success
17:16:01.083 AVAST engine defs: 12110301
17:16:06.886 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
17:16:06.901 Disk 0 Vendor: ST325082 3.AD Size: 238418MB BusType: 6
17:16:06.917 Disk 0 MBR read successfully
17:16:06.933 Disk 0 MBR scan
17:16:06.933 Disk 0 Windows VISTA default MBR code
17:16:06.948 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:16:06.964 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 81920
17:16:06.995 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228137 MB offset 21053440
17:16:07.042 Disk 0 scanning sectors +488278016
17:16:07.354 Disk 0 scanning C:\Windows\system32\drivers
17:16:23.016 Service scanning
17:16:51.798 Modules scanning
17:17:00.643 Disk 0 trace - called modules:
17:17:00.675 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
17:17:00.690 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865b59b8]
17:17:00.690 3 CLASSPNP.SYS[885a28b3] -> nt!IofCallDriver -> [0x84bffcf8]
17:17:00.706 5 acpi.sys[8300e6bc] -> nt!IofCallDriver -> \Device\0000005d[0x85631c90]
17:17:01.798 AVAST engine scan C:\Windows
17:17:04.356 AVAST engine scan C:\Windows\system32
17:19:41.186 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
17:20:51.107 AVAST engine scan C:\Windows\system32\drivers
17:21:06.302 AVAST engine scan C:\Users\Bill
17:23:28.029 Disk 0 MBR has been saved successfully to "C:\Users\Bill\Desktop\MBR.dat"
17:23:28.060 The log file has been saved successfully to "C:\Users\Bill\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-04 13:47:34
-----------------------------
13:47:34.877 OS Version: Windows 6.0.6002 Service Pack 2
13:47:34.877 Number of processors: 2 586 0x4B02
13:47:34.877 ComputerName: MARTINICH2 UserName: Bill
13:47:42.849 Initialize success
13:48:59.398 AVAST engine defs: 12110400
13:49:20.882 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f
13:49:20.889 Disk 0 Vendor: ST325082 3.AD Size: 238418MB BusType: 6
13:49:20.914 Disk 0 MBR read successfully
13:49:20.922 Disk 0 MBR scan
13:49:20.935 Disk 0 Windows VISTA default MBR code
13:49:20.945 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:49:20.979 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 81920
13:49:21.010 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228137 MB offset 21053440
13:49:21.040 Disk 0 scanning sectors +488278016
13:49:21.148 Disk 0 scanning C:\Windows\system32\drivers
13:49:37.242 Service scanning
13:50:12.200 Modules scanning
13:50:37.190 Disk 0 trace - called modules:
13:50:37.211 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys tcpip.sys NETIO.SYS partmgr.sys volmgr.sys ecache.sys volsnap.sys Ntfs.sys 13:50:37.212 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863ebac8]
13:50:37.213 3 CLASSPNP.SYS[885a58b3] -> nt!IofCallDriver -> [0x84c1bf08]
13:50:37.213 5 acpi.sys[830156bc] -> nt!IofCallDriver -> \Device\0000005f[0x85649958]
13:50:38.160 AVAST engine scan C:\Windows
13:50:48.139 AVAST engine scan C:\Windows\system32
13:55:19.875 AVAST engine scan C:\Windows\system32\drivers
13:55:37.958 AVAST engine scan C:\Users\Bill
13:57:57.943 Disk 0 MBR has been saved successfully to "C:\Users\Bill\Desktop\MBR.dat"
13:57:57.989 The log file has been saved successfully to "C:\Users\Bill\Desktop\aswMBR.txt"
Please advise next steps.
Thanks,
Bill
#8
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 04 November 2012 - 02:58 PM
Thanks again...
TDSSKILLER Report
13:45:44.0513 6840 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:45:45.0044 6840 ============================================================
13:45:45.0044 6840 Current date / time: 2012/11/04 13:45:45.0044
13:45:45.0044 6840 SystemInfo:
13:45:45.0044 6840
13:45:45.0044 6840 OS Version: 6.0.6002 ServicePack: 2.0
13:45:45.0044 6840 Product type: Workstation
13:45:45.0044 6840 ComputerName: MARTINICH2
13:45:45.0044 6840 UserName: Bill
13:45:45.0044 6840 Windows directory: C:\Windows
13:45:45.0044 6840 System windows directory: C:\Windows
13:45:45.0044 6840 Processor architecture: Intel x86
13:45:45.0044 6840 Number of processors: 2
13:45:45.0044 6840 Page size: 0x1000
13:45:45.0044 6840 Boot type: Normal boot
13:45:45.0044 6840 ============================================================
13:45:45.0637 6840 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:45:45.0637 6840 ============================================================
13:45:45.0637 6840 \Device\Harddisk0\DR0:
13:45:45.0637 6840 MBR partitions:
13:45:45.0637 6840 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1400000
13:45:45.0637 6840 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1414000, BlocksNum 0x1BD94800
13:45:45.0637 6840 ============================================================
13:45:45.0668 6840 C: <-> \Device\Harddisk0\DR0\Partition2
13:45:45.0699 6840 D: <-> \Device\Harddisk0\DR0\Partition1
13:45:45.0699 6840 ============================================================
13:45:45.0699 6840 Initialize success
13:45:45.0699 6840 ============================================================
13:45:56.0354 5948 ============================================================
13:45:56.0354 5948 Scan started
13:45:56.0354 5948 Mode: Manual;
13:45:56.0354 5948 ============================================================
13:45:56.0697 5948 ================ Scan system memory ========================
13:45:56.0697 5948 System memory - ok
13:45:56.0697 5948 ================ Scan services =============================
13:45:56.0978 5948 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
13:45:56.0993 5948 ACPI - ok
13:45:57.0087 5948 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:45:57.0087 5948 AdobeARMservice - ok
13:45:57.0181 5948 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:57.0181 5948 AdobeFlashPlayerUpdateSvc - ok
13:45:57.0259 5948 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:45:57.0274 5948 adp94xx - ok
13:45:57.0305 5948 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:45:57.0321 5948 adpahci - ok
13:45:57.0352 5948 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
13:45:57.0368 5948 adpu160m - ok
13:45:57.0399 5948 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:45:57.0415 5948 adpu320 - ok
13:45:57.0493 5948 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:45:57.0493 5948 AeLookupSvc - ok
13:45:57.0539 5948 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
13:45:57.0539 5948 AERTFilters - ok
13:45:57.0586 5948 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
13:45:57.0602 5948 AFD - ok
13:45:57.0664 5948 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:45:57.0664 5948 agp440 - ok
13:45:57.0711 5948 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:45:57.0727 5948 aic78xx - ok
13:45:57.0773 5948 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
13:45:57.0773 5948 ALG - ok
13:45:57.0820 5948 [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide C:\Windows\system32\drivers\aliide.sys
13:45:57.0820 5948 aliide - ok
13:45:57.0898 5948 [ C5DBBCDA07D780BDA9B685DF333BB41E ] amacpi C:\Windows\system32\DRIVERS\null.sys
13:45:57.0898 5948 amacpi - ok
13:45:57.0945 5948 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:45:57.0945 5948 amdagp - ok
13:45:57.0961 5948 [ 835C4C3355088298A5EBD818FA31430F ] amdide C:\Windows\system32\drivers\amdide.sys
13:45:57.0961 5948 amdide - ok
13:45:58.0007 5948 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
13:45:58.0007 5948 AmdK7 - ok
13:45:58.0085 5948 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:45:58.0085 5948 AmdK8 - ok
13:45:58.0132 5948 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
13:45:58.0132 5948 Appinfo - ok
13:45:58.0195 5948 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:45:58.0210 5948 Apple Mobile Device - ok
13:45:58.0304 5948 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
13:45:58.0304 5948 arc - ok
13:45:58.0335 5948 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:45:58.0335 5948 arcsas - ok
13:45:58.0429 5948 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:58.0429 5948 AsyncMac - ok
13:45:58.0475 5948 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
13:45:58.0491 5948 atapi - ok
13:45:58.0553 5948 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:45:58.0553 5948 AudioEndpointBuilder - ok
13:45:58.0569 5948 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:45:58.0585 5948 Audiosrv - ok
13:45:58.0709 5948 [ 3A457C2F798CAD79CD30224E723E01FB ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
13:45:58.0725 5948 AVG Security Toolbar Service - ok
13:45:58.0990 5948 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
13:45:59.0068 5948 AVGIDSAgent - ok
13:45:59.0131 5948 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
13:45:59.0146 5948 AVGIDSDriver - ok
13:45:59.0193 5948 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
13:45:59.0193 5948 AVGIDSHX - ok
13:45:59.0240 5948 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
13:45:59.0240 5948 AVGIDSShim - ok
13:45:59.0302 5948 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
13:45:59.0302 5948 Avgldx86 - ok
13:45:59.0333 5948 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
13:45:59.0333 5948 Avglogx - ok
13:45:59.0380 5948 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
13:45:59.0380 5948 Avgmfx86 - ok
13:45:59.0396 5948 [ F3D57358DE0B8B3491013C615754A7C7 ] AvgRkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
13:45:59.0396 5948 AvgRkx86 - ok
13:45:59.0427 5948 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
13:45:59.0443 5948 Avgtdix - ok
13:45:59.0458 5948 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
13:45:59.0458 5948 avgtp - ok
13:45:59.0521 5948 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
13:45:59.0521 5948 avgwd - ok
13:45:59.0599 5948 [ 5165CF423964FC17606442FAE7AB2BF8 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
13:45:59.0614 5948 BCMH43XX - ok
13:45:59.0645 5948 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
13:45:59.0645 5948 Beep - ok
13:45:59.0692 5948 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
13:45:59.0692 5948 BFE - ok
13:45:59.0755 5948 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
13:45:59.0770 5948 BITS - ok
13:45:59.0770 5948 blbdrive - ok
13:45:59.0833 5948 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:45:59.0833 5948 Bonjour Service - ok
13:45:59.0864 5948 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:45:59.0864 5948 bowser - ok
13:45:59.0911 5948 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
13:45:59.0911 5948 BrFiltLo - ok
13:45:59.0926 5948 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
13:45:59.0926 5948 BrFiltUp - ok
13:45:59.0957 5948 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
13:45:59.0957 5948 Browser - ok
13:45:59.0989 5948 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
13:45:59.0989 5948 Brserid - ok
13:46:00.0020 5948 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
13:46:00.0020 5948 BrSerWdm - ok
13:46:00.0035 5948 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
13:46:00.0035 5948 BrUsbMdm - ok
13:46:00.0051 5948 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
13:46:00.0051 5948 BrUsbSer - ok
13:46:00.0113 5948 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:46:00.0113 5948 BTHMODEM - ok
13:46:00.0129 5948 catchme - ok
13:46:00.0160 5948 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:46:00.0160 5948 cdfs - ok
13:46:00.0207 5948 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:46:00.0207 5948 cdrom - ok
13:46:00.0301 5948 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
13:46:00.0301 5948 CertPropSvc - ok
13:46:00.0347 5948 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
13:46:00.0347 5948 circlass - ok
13:46:00.0410 5948 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
13:46:00.0410 5948 CLFS - ok
13:46:00.0488 5948 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:00.0503 5948 clr_optimization_v2.0.50727_32 - ok
13:46:00.0581 5948 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:46:00.0581 5948 clr_optimization_v4.0.30319_32 - ok
13:46:00.0613 5948 [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:46:00.0613 5948 cmdide - ok
13:46:00.0659 5948 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:46:00.0659 5948 Compbatt - ok
13:46:00.0659 5948 COMSysApp - ok
13:46:00.0691 5948 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:46:00.0706 5948 crcdisk - ok
13:46:00.0722 5948 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
13:46:00.0737 5948 Crusoe - ok
13:46:00.0784 5948 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:46:00.0800 5948 CryptSvc - ok
13:46:00.0847 5948 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:46:00.0862 5948 DcomLaunch - ok
13:46:00.0878 5948 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:46:00.0893 5948 DfsC - ok
13:46:01.0003 5948 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
13:46:01.0034 5948 DFSR - ok
13:46:01.0096 5948 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
13:46:01.0096 5948 Dhcp - ok
13:46:01.0159 5948 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
13:46:01.0159 5948 disk - ok
13:46:01.0221 5948 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:46:01.0221 5948 Dnscache - ok
13:46:01.0268 5948 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:46:01.0268 5948 dot3svc - ok
13:46:01.0299 5948 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:46:01.0315 5948 Dot4 - ok
13:46:01.0330 5948 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:46:01.0346 5948 Dot4Print - ok
13:46:01.0361 5948 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:46:01.0361 5948 dot4usb - ok
13:46:01.0408 5948 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
13:46:01.0408 5948 DPS - ok
13:46:01.0471 5948 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:46:01.0471 5948 drmkaud - ok
13:46:01.0533 5948 [ 245F62A2AA67F4A61F10174BF1017327 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
13:46:01.0533 5948 DSBrokerService - ok
13:46:01.0580 5948 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:46:01.0580 5948 DSproct - ok
13:46:01.0611 5948 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\Windows\system32\DRIVERS\dsunidrv.sys
13:46:01.0611 5948 dsunidrv - ok
13:46:01.0658 5948 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:46:01.0673 5948 DXGKrnl - ok
13:46:01.0720 5948 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
13:46:01.0736 5948 e1express - ok
13:46:01.0767 5948 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
13:46:01.0767 5948 E1G60 - ok
13:46:01.0814 5948 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
13:46:01.0814 5948 EapHost - ok
13:46:01.0876 5948 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
13:46:01.0876 5948 Ecache - ok
13:46:01.0923 5948 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:46:01.0923 5948 ehRecvr - ok
13:46:01.0970 5948 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
13:46:01.0970 5948 ehSched - ok
13:46:01.0985 5948 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
13:46:01.0985 5948 ehstart - ok
13:46:02.0032 5948 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:46:02.0032 5948 elxstor - ok
13:46:02.0095 5948 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
13:46:02.0110 5948 EMDMgmt - ok
13:46:02.0173 5948 [ C37B713737C60FA46CF249507722D68C ] ENETHUSB C:\Windows\system32\DRIVERS\enethusb.sys
13:46:02.0173 5948 ENETHUSB - ok
13:46:02.0235 5948 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
13:46:02.0251 5948 EventSystem - ok
13:46:02.0297 5948 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
13:46:02.0313 5948 exfat - ok
13:46:02.0344 5948 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:46:02.0344 5948 fastfat - ok
13:46:02.0375 5948 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:46:02.0375 5948 fdc - ok
13:46:02.0407 5948 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
13:46:02.0407 5948 fdPHost - ok
13:46:02.0438 5948 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
13:46:02.0438 5948 FDResPub - ok
13:46:02.0485 5948 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:46:02.0485 5948 FileInfo - ok
13:46:02.0516 5948 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:46:02.0516 5948 Filetrace - ok
13:46:02.0547 5948 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:02.0547 5948 flpydisk - ok
13:46:02.0578 5948 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:46:02.0594 5948 FltMgr - ok
13:46:02.0672 5948 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
13:46:02.0687 5948 FontCache - ok
13:46:02.0750 5948 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:46:02.0750 5948 FontCache3.0.0.0 - ok
13:46:02.0843 5948 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
13:46:02.0843 5948 FreeAgentGoNext Service - ok
13:46:02.0875 5948 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:46:02.0875 5948 Fs_Rec - ok
13:46:02.0906 5948 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:46:02.0921 5948 gagp30kx - ok
13:46:02.0984 5948 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:02.0999 5948 GEARAspiWDM - ok
13:46:03.0046 5948 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:46:03.0062 5948 GoogleDesktopManager-051210-111108 - ok
13:46:03.0109 5948 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
13:46:03.0171 5948 gpsvc - ok
13:46:03.0233 5948 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:03.0233 5948 gupdate - ok
13:46:03.0280 5948 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:03.0280 5948 gupdatem - ok
13:46:03.0327 5948 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:46:03.0358 5948 HDAudBus - ok
13:46:03.0405 5948 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:46:03.0405 5948 HidBth - ok
13:46:03.0421 5948 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:46:03.0421 5948 HidIr - ok
13:46:03.0452 5948 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
13:46:03.0467 5948 hidserv - ok
13:46:03.0483 5948 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:46:03.0483 5948 HidUsb - ok
13:46:03.0561 5948 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:46:03.0561 5948 hkmsvc - ok
13:46:03.0592 5948 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
13:46:03.0592 5948 HpCISSs - ok
13:46:03.0701 5948 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:46:03.0717 5948 hpqcxs08 - ok
13:46:03.0748 5948 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:46:03.0748 5948 hpqddsvc - ok
13:46:03.0826 5948 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:46:03.0873 5948 HSF_DPV - ok
13:46:03.0904 5948 [ ED98350ECD4A5A9C9F1E641C09872BB2 ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
13:46:03.0920 5948 HSXHWBS2 - ok
13:46:03.0967 5948 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:46:03.0998 5948 HTTP - ok
13:46:04.0013 5948 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
13:46:04.0029 5948 i2omp - ok
13:46:04.0076 5948 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:46:04.0076 5948 i8042prt - ok
13:46:04.0107 5948 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
13:46:04.0123 5948 iaStorV - ok
13:46:04.0216 5948 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:46:04.0216 5948 IDriverT - ok
13:46:04.0279 5948 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:46:04.0325 5948 idsvc - ok
13:46:04.0357 5948 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:46:04.0357 5948 iirsp - ok
13:46:04.0419 5948 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
13:46:04.0435 5948 IKEEXT - ok
13:46:04.0528 5948 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:46:04.0591 5948 IntcAzAudAddService - ok
13:46:04.0622 5948 [ 0084046C084D68E494F8CF36BCF08186 ] intelide C:\Windows\system32\drivers\intelide.sys
13:46:04.0622 5948 intelide - ok
13:46:04.0653 5948 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:46:04.0653 5948 intelppm - ok
13:46:04.0715 5948 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
13:46:04.0715 5948 IntuitUpdateServiceV4 - ok
13:46:04.0747 5948 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:46:04.0747 5948 IPBusEnum - ok
13:46:04.0778 5948 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:04.0778 5948 IpFilterDriver - ok
13:46:04.0825 5948 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:46:04.0840 5948 iphlpsvc - ok
13:46:04.0856 5948 IpInIp - ok
13:46:04.0903 5948 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
13:46:04.0903 5948 IPMIDRV - ok
13:46:04.0934 5948 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
13:46:04.0949 5948 IPNAT - ok
13:46:05.0027 5948 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:46:05.0059 5948 iPod Service - ok
13:46:05.0090 5948 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:46:05.0105 5948 IRENUM - ok
13:46:05.0137 5948 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:46:05.0137 5948 isapnp - ok
13:46:05.0199 5948 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:46:05.0215 5948 iScsiPrt - ok
13:46:05.0230 5948 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
13:46:05.0230 5948 iteatapi - ok
13:46:05.0261 5948 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
13:46:05.0277 5948 iteraid - ok
13:46:05.0308 5948 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:05.0308 5948 kbdclass - ok
13:46:05.0355 5948 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:05.0355 5948 kbdhid - ok
13:46:05.0371 5948 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
13:46:05.0371 5948 KeyIso - ok
13:46:05.0417 5948 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:46:05.0449 5948 KSecDD - ok
13:46:05.0511 5948 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:46:05.0511 5948 KtmRm - ok
13:46:05.0542 5948 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
13:46:05.0542 5948 LanmanServer - ok
13:46:05.0589 5948 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:05.0589 5948 LanmanWorkstation - ok
13:46:05.0620 5948 Lavasoft Kernexplorer - ok
13:46:05.0683 5948 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
13:46:05.0698 5948 Lbd - ok
13:46:05.0745 5948 [ 7B3F06CA6F927402D27EA6C64558E021 ] LexBceS C:\Windows\System32\LEXBCES.EXE
13:46:05.0761 5948 LexBceS - ok
13:46:05.0792 5948 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:46:05.0792 5948 lltdio - ok
13:46:05.0823 5948 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:46:05.0854 5948 lltdsvc - ok
13:46:05.0885 5948 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:46:05.0901 5948 lmhosts - ok
13:46:05.0948 5948 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:46:05.0948 5948 LSI_FC - ok
13:46:05.0979 5948 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:46:05.0979 5948 LSI_SAS - ok
13:46:06.0010 5948 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:46:06.0010 5948 LSI_SCSI - ok
13:46:06.0041 5948 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
13:46:06.0057 5948 luafv - ok
13:46:06.0104 5948 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\Windows\system32\Drivers\LVPr2Mon.sys
13:46:06.0104 5948 LVPr2Mon - ok
13:46:06.0166 5948 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
13:46:06.0166 5948 LVRS - ok
13:46:06.0353 5948 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
13:46:06.0478 5948 LVUVC - ok
13:46:06.0525 5948 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] MCSTRM C:\Windows\system32\drivers\MCSTRM.sys
13:46:06.0541 5948 MCSTRM - ok
13:46:06.0572 5948 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:46:06.0572 5948 Mcx2Svc - ok
13:46:06.0603 5948 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:46:06.0603 5948 mdmxsdk - ok
13:46:06.0650 5948 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
13:46:06.0650 5948 megasas - ok
13:46:06.0681 5948 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
13:46:06.0697 5948 MMCSS - ok
13:46:06.0712 5948 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
13:46:06.0712 5948 Modem - ok
13:46:06.0759 5948 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:46:06.0759 5948 monitor - ok
13:46:06.0790 5948 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:46:06.0790 5948 mouclass - ok
13:46:06.0821 5948 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:46:06.0821 5948 mouhid - ok
13:46:06.0853 5948 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
13:46:06.0853 5948 MountMgr - ok
13:46:06.0899 5948 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
13:46:06.0899 5948 mpio - ok
13:46:06.0946 5948 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:46:06.0946 5948 mpsdrv - ok
13:46:06.0993 5948 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:46:07.0009 5948 MpsSvc - ok
13:46:07.0024 5948 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
13:46:07.0040 5948 Mraid35x - ok
13:46:07.0055 5948 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:46:07.0071 5948 MRxDAV - ok
13:46:07.0102 5948 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:07.0102 5948 mrxsmb - ok
13:46:07.0149 5948 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:07.0149 5948 mrxsmb10 - ok
13:46:07.0196 5948 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:07.0196 5948 mrxsmb20 - ok
13:46:07.0258 5948 [ D420BC42A637AC3CC4F411220549C0DC ] msahci C:\Windows\system32\drivers\msahci.sys
13:46:07.0258 5948 msahci - ok
13:46:07.0289 5948 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:46:07.0289 5948 msdsm - ok
13:46:07.0336 5948 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
13:46:07.0352 5948 MSDTC - ok
13:46:07.0399 5948 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:46:07.0399 5948 Msfs - ok
13:46:07.0461 5948 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:46:07.0461 5948 msisadrv - ok
13:46:07.0492 5948 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:46:07.0492 5948 MSiSCSI - ok
13:46:07.0508 5948 msiserver - ok
13:46:07.0539 5948 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:46:07.0555 5948 MSKSSRV - ok
13:46:07.0601 5948 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:07.0601 5948 MSPCLOCK - ok
13:46:07.0617 5948 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:46:07.0633 5948 MSPQM - ok
13:46:07.0664 5948 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:46:07.0679 5948 MsRPC - ok
13:46:07.0726 5948 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:46:07.0726 5948 mssmbios - ok
13:46:07.0757 5948 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:46:07.0757 5948 MSTEE - ok
13:46:07.0789 5948 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
13:46:07.0789 5948 Mup - ok
13:46:07.0835 5948 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
13:46:07.0851 5948 napagent - ok
13:46:07.0898 5948 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:46:07.0898 5948 NativeWifiP - ok
13:46:07.0960 5948 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:46:07.0960 5948 NDIS - ok
13:46:08.0007 5948 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:08.0007 5948 NdisTapi - ok
13:46:08.0038 5948 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:08.0038 5948 Ndisuio - ok
13:46:08.0085 5948 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:08.0085 5948 NdisWan - ok
13:46:08.0116 5948 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:46:08.0132 5948 NDProxy - ok
13:46:08.0179 5948 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:46:08.0179 5948 Net Driver HPZ12 - ok
13:46:08.0241 5948 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:46:08.0241 5948 NetBIOS - ok
13:46:08.0288 5948 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
13:46:08.0288 5948 netbt - ok
13:46:08.0319 5948 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
13:46:08.0319 5948 Netlogon - ok
13:46:08.0366 5948 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
13:46:08.0381 5948 Netman - ok
13:46:08.0428 5948 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
13:46:08.0444 5948 netprofm - ok
13:46:08.0506 5948 [ 757F999AA72B55780EE810D4CD1BDD47 ] netr73 C:\Windows\system32\DRIVERS\WUSB54GCx86.sys
13:46:08.0522 5948 netr73 - ok
13:46:08.0553 5948 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:08.0569 5948 NetTcpPortSharing - ok
13:46:08.0600 5948 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:46:08.0600 5948 nfrd960 - ok
13:46:08.0647 5948 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:46:08.0662 5948 NlaSvc - ok
13:46:08.0693 5948 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:46:08.0693 5948 Npfs - ok
13:46:08.0725 5948 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
13:46:08.0740 5948 nsi - ok
13:46:08.0771 5948 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:46:08.0771 5948 nsiproxy - ok
13:46:08.0849 5948 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:46:08.0881 5948 Ntfs - ok
13:46:08.0912 5948 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
13:46:08.0912 5948 ntrigdigi - ok
13:46:08.0943 5948 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
13:46:08.0959 5948 Null - ok
13:46:09.0021 5948 [ A1108084B0D2FC43DCC401735770E2A3 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
13:46:09.0052 5948 NVENETFD - ok
13:46:09.0364 5948 [ E572EBF0A86A76E7CFCAAB00648F0F83 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:46:09.0551 5948 nvlddmkm - ok
13:46:09.0583 5948 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:46:09.0583 5948 nvraid - ok
13:46:09.0614 5948 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:46:09.0614 5948 nvstor - ok
13:46:09.0645 5948 [ DC5F166422BEEBF195E3E4BB8AB4EE22 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
13:46:09.0645 5948 nvstor32 - ok
13:46:09.0676 5948 [ F397A6FA4B83D243AD25A1DC401237A0 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:46:09.0676 5948 nvsvc - ok
13:46:09.0692 5948 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:46:09.0707 5948 nv_agp - ok
13:46:09.0707 5948 NwlnkFlt - ok
13:46:09.0723 5948 NwlnkFwd - ok
13:46:09.0801 5948 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:46:09.0817 5948 odserv - ok
13:46:09.0848 5948 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:46:09.0863 5948 ohci1394 - ok
13:46:09.0895 5948 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:09.0895 5948 ose - ok
13:46:09.0941 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
13:46:09.0973 5948 p2pimsvc - ok
13:46:09.0988 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
13:46:10.0004 5948 p2psvc - ok
13:46:10.0019 5948 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
13:46:10.0019 5948 Parport - ok
13:46:10.0066 5948 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:46:10.0082 5948 partmgr - ok
13:46:10.0097 5948 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
13:46:10.0097 5948 Parvdm - ok
13:46:10.0144 5948 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
13:46:10.0144 5948 PcaSvc - ok
13:46:10.0175 5948 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
13:46:10.0175 5948 pci - ok
13:46:10.0207 5948 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
13:46:10.0207 5948 pciide - ok
13:46:10.0222 5948 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:46:10.0222 5948 pcmcia - ok
13:46:10.0300 5948 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:46:10.0331 5948 PEAUTH - ok
13:46:10.0425 5948 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
13:46:10.0503 5948 pla - ok
13:46:10.0534 5948 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:46:10.0550 5948 PlugPlay - ok
13:46:10.0612 5948 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:46:10.0612 5948 Pml Driver HPZ12 - ok
13:46:10.0628 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
13:46:10.0643 5948 PNRPAutoReg - ok
13:46:10.0675 5948 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
13:46:10.0675 5948 PNRPsvc - ok
13:46:10.0721 5948 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:46:10.0721 5948 PolicyAgent - ok
13:46:10.0753 5948 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:46:10.0753 5948 PptpMiniport - ok
13:46:10.0784 5948 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
13:46:10.0784 5948 Processor - ok
13:46:10.0799 5948 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
13:46:10.0799 5948 ProfSvc - ok
13:46:10.0815 5948 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:10.0815 5948 ProtectedStorage - ok
13:46:10.0846 5948 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
13:46:10.0846 5948 PSched - ok
13:46:10.0862 5948 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
13:46:10.0862 5948 PxHelp20 - ok
13:46:10.0909 5948 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:46:10.0940 5948 ql2300 - ok
13:46:10.0971 5948 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:46:10.0971 5948 ql40xx - ok
13:46:11.0002 5948 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
13:46:11.0018 5948 QWAVE - ok
13:46:11.0080 5948 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:46:11.0080 5948 QWAVEdrv - ok
13:46:11.0189 5948 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:11.0283 5948 R300 - ok
13:46:11.0330 5948 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:46:11.0330 5948 RasAcd - ok
13:46:11.0361 5948 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
13:46:11.0361 5948 RasAuto - ok
13:46:11.0408 5948 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:11.0408 5948 Rasl2tp - ok
13:46:11.0455 5948 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
13:46:11.0470 5948 RasMan - ok
13:46:11.0501 5948 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:11.0501 5948 RasPppoe - ok
13:46:11.0548 5948 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:46:11.0548 5948 RasSstp - ok
13:46:11.0595 5948 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:46:11.0595 5948 rdbss - ok
13:46:11.0626 5948 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:11.0626 5948 RDPCDD - ok
13:46:11.0673 5948 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:46:11.0689 5948 rdpdr - ok
13:46:11.0689 5948 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:46:11.0720 5948 RDPENCDD - ok
13:46:11.0751 5948 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:46:11.0767 5948 RDPWD - ok
13:46:11.0798 5948 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:46:11.0813 5948 RemoteAccess - ok
13:46:11.0845 5948 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:46:11.0860 5948 RemoteRegistry - ok
13:46:11.0907 5948 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
13:46:11.0907 5948 RimUsb - ok
13:46:12.0016 5948 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:46:12.0063 5948 RoxMediaDB9 - ok
13:46:12.0094 5948 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:46:12.0110 5948 RoxWatch9 - ok
13:46:12.0141 5948 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:46:12.0141 5948 RpcLocator - ok
13:46:12.0188 5948 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
13:46:12.0188 5948 RpcSs - ok
13:46:12.0219 5948 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:46:12.0235 5948 rspndr - ok
13:46:12.0235 5948 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
13:46:12.0250 5948 SamSs - ok
13:46:12.0281 5948 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:46:12.0281 5948 sbp2port - ok
13:46:12.0344 5948 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:46:12.0344 5948 SCardSvr - ok
13:46:12.0406 5948 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
13:46:12.0406 5948 Schedule - ok
13:46:12.0469 5948 [ 3B68015683C27CB00C7A6B60A37CBCFD ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
13:46:12.0469 5948 SCMNdisP - ok
13:46:12.0500 5948 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:46:12.0515 5948 SCPolicySvc - ok
13:46:12.0547 5948 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:46:12.0562 5948 SDRSVC - ok
13:46:12.0578 5948 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:46:12.0578 5948 secdrv - ok
13:46:12.0609 5948 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
13:46:12.0609 5948 seclogon - ok
13:46:12.0640 5948 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
13:46:12.0640 5948 SENS - ok
13:46:12.0671 5948 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:46:12.0687 5948 Serenum - ok
13:46:12.0703 5948 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
13:46:12.0703 5948 Serial - ok
13:46:12.0749 5948 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:46:12.0749 5948 sermouse - ok
13:46:12.0827 5948 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
13:46:12.0827 5948 SessionEnv - ok
13:46:12.0874 5948 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:46:12.0874 5948 sffdisk - ok
13:46:12.0890 5948 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:46:12.0905 5948 sffp_mmc - ok
13:46:12.0921 5948 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:46:12.0921 5948 sffp_sd - ok
13:46:12.0937 5948 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:46:12.0937 5948 sfloppy - ok
13:46:12.0999 5948 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:46:13.0015 5948 SharedAccess - ok
13:46:13.0046 5948 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:13.0061 5948 ShellHWDetection - ok
13:46:13.0093 5948 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:46:13.0093 5948 sisagp - ok
13:46:13.0108 5948 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:46:13.0124 5948 SiSRaid2 - ok
13:46:13.0139 5948 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:46:13.0155 5948 SiSRaid4 - ok
13:46:13.0249 5948 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:46:13.0249 5948 SkypeUpdate - ok
13:46:13.0405 5948 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
13:46:13.0467 5948 slsvc - ok
13:46:13.0514 5948 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:46:13.0514 5948 SLUINotify - ok
13:46:13.0545 5948 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:46:13.0561 5948 Smb - ok
13:46:13.0607 5948 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:46:13.0607 5948 SNMPTRAP - ok
13:46:13.0654 5948 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
13:46:13.0654 5948 spldr - ok
13:46:13.0701 5948 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
13:46:13.0701 5948 Spooler - ok
13:46:13.0748 5948 sprtsvc_dellsupportcenter - ok
13:46:13.0795 5948 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:46:13.0810 5948 srv - ok
13:46:13.0841 5948 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:46:13.0841 5948 srv2 - ok
13:46:13.0888 5948 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:46:13.0888 5948 srvnet - ok
13:46:13.0919 5948 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:46:13.0935 5948 SSDPSRV - ok
13:46:13.0982 5948 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:46:13.0997 5948 SstpSvc - ok
13:46:14.0060 5948 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
13:46:14.0060 5948 stisvc - ok
13:46:14.0107 5948 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:46:14.0107 5948 stllssvr - ok
13:46:14.0153 5948 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:46:14.0153 5948 swenum - ok
13:46:14.0200 5948 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
13:46:14.0216 5948 swprv - ok
13:46:14.0247 5948 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:46:14.0247 5948 Symc8xx - ok
13:46:14.0263 5948 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:46:14.0278 5948 Sym_hi - ok
13:46:14.0309 5948 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:46:14.0309 5948 Sym_u3 - ok
13:46:14.0356 5948 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
13:46:14.0387 5948 SysMain - ok
13:46:14.0419 5948 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:14.0434 5948 TabletInputService - ok
13:46:14.0465 5948 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:46:14.0481 5948 TapiSrv - ok
13:46:14.0497 5948 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
13:46:14.0512 5948 TBS - ok
13:46:14.0575 5948 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:46:14.0606 5948 Tcpip - ok
13:46:14.0653 5948 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:46:14.0668 5948 Tcpip6 - ok
13:46:14.0699 5948 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:46:14.0699 5948 tcpipreg - ok
13:46:14.0715 5948 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:46:14.0715 5948 TDPIPE - ok
13:46:14.0746 5948 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:46:14.0746 5948 TDTCP - ok
13:46:14.0777 5948 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:46:14.0777 5948 tdx - ok
13:46:14.0793 5948 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:46:14.0809 5948 TermDD - ok
13:46:14.0840 5948 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
13:46:14.0840 5948 TermService - ok
13:46:14.0855 5948 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
13:46:14.0871 5948 Themes - ok
13:46:14.0887 5948 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
13:46:14.0887 5948 THREADORDER - ok
13:46:14.0918 5948 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
13:46:14.0918 5948 TrkWks - ok
13:46:14.0980 5948 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:14.0980 5948 TrustedInstaller - ok
13:46:14.0996 5948 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:15.0011 5948 tssecsrv - ok
13:46:15.0105 5948 [ 67F888F5379CFFCA30878C8A57ADF156 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
13:46:15.0167 5948 TuneUp.UtilitiesSvc - ok
13:46:15.0199 5948 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
13:46:15.0199 5948 TuneUpUtilitiesDrv - ok
13:46:15.0245 5948 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:46:15.0245 5948 tunmp - ok
13:46:15.0277 5948 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:46:15.0292 5948 tunnel - ok
13:46:15.0323 5948 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:46:15.0323 5948 uagp35 - ok
13:46:15.0370 5948 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:46:15.0370 5948 udfs - ok
13:46:15.0417 5948 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:46:15.0433 5948 UI0Detect - ok
13:46:15.0448 5948 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:46:15.0464 5948 uliagpkx - ok
13:46:15.0495 5948 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:46:15.0495 5948 uliahci - ok
13:46:15.0526 5948 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:46:15.0526 5948 UlSata - ok
13:46:15.0542 5948 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:46:15.0542 5948 ulsata2 - ok
13:46:15.0573 5948 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:46:15.0573 5948 umbus - ok
13:46:15.0651 5948 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:46:15.0667 5948 UMVPFSrv - ok
13:46:15.0698 5948 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
13:46:15.0698 5948 upnphost - ok
13:46:15.0729 5948 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:46:15.0729 5948 USBAAPL - ok
13:46:15.0760 5948 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:46:15.0760 5948 usbaudio - ok
13:46:15.0807 5948 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:15.0807 5948 usbccgp - ok
13:46:15.0838 5948 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:46:15.0838 5948 usbcir - ok
13:46:15.0869 5948 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:46:15.0869 5948 usbehci - ok
13:46:15.0901 5948 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:46:15.0916 5948 usbhub - ok
13:46:15.0932 5948 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:46:15.0932 5948 usbohci - ok
13:46:15.0963 5948 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:46:15.0963 5948 usbprint - ok
13:46:15.0994 5948 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:46:15.0994 5948 usbscan - ok
13:46:16.0025 5948 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:16.0025 5948 USBSTOR - ok
13:46:16.0072 5948 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:46:16.0072 5948 usbuhci - ok
13:46:16.0103 5948 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:46:16.0119 5948 usbvideo - ok
13:46:16.0150 5948 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
13:46:16.0166 5948 UxSms - ok
13:46:16.0213 5948 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
13:46:16.0228 5948 vds - ok
13:46:16.0259 5948 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:16.0259 5948 vga - ok
13:46:16.0291 5948 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:46:16.0291 5948 VgaSave - ok
13:46:16.0337 5948 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:46:16.0337 5948 viaagp - ok
13:46:16.0369 5948 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:46:16.0369 5948 ViaC7 - ok
13:46:16.0400 5948 [ F3B4762EB85A2AFF4999401F14C3262B ] viaide C:\Windows\system32\drivers\viaide.sys
13:46:16.0400 5948 viaide - ok
13:46:16.0415 5948 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:46:16.0415 5948 volmgr - ok
13:46:16.0462 5948 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:46:16.0478 5948 volmgrx - ok
13:46:16.0525 5948 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:46:16.0540 5948 volsnap - ok
13:46:16.0571 5948 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:46:16.0587 5948 vsmraid - ok
13:46:16.0634 5948 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
13:46:16.0696 5948 VSS - ok
13:46:16.0790 5948 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
13:46:16.0821 5948 vToolbarUpdater12.2.6 - ok
13:46:16.0868 5948 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
13:46:16.0868 5948 W32Time - ok
13:46:16.0915 5948 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:46:16.0915 5948 WacomPen - ok
13:46:16.0946 5948 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:46:16.0961 5948 Wanarp - ok
13:46:16.0961 5948 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:46:16.0977 5948 Wanarpv6 - ok
13:46:17.0008 5948 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:46:17.0024 5948 wcncsvc - ok
13:46:17.0055 5948 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:17.0071 5948 WcsPlugInService - ok
13:46:17.0102 5948 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
13:46:17.0117 5948 Wd - ok
13:46:17.0149 5948 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
13:46:17.0149 5948 WDC_SAM - ok
13:46:17.0211 5948 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:46:17.0242 5948 Wdf01000 - ok
13:46:17.0273 5948 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:46:17.0273 5948 WdiServiceHost - ok
13:46:17.0289 5948 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:46:17.0305 5948 WdiSystemHost - ok
13:46:17.0336 5948 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
13:46:17.0351 5948 WebClient - ok
13:46:17.0398 5948 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:46:17.0414 5948 Wecsvc - ok
13:46:17.0476 5948 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:46:17.0492 5948 wercplsupport - ok
13:46:17.0523 5948 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
13:46:17.0539 5948 WerSvc - ok
13:46:17.0585 5948 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:46:17.0617 5948 winachsf - ok
13:46:17.0695 5948 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:46:17.0710 5948 WinDefend - ok
13:46:17.0726 5948 WinHttpAutoProxySvc - ok
13:46:17.0788 5948 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:46:17.0788 5948 Winmgmt - ok
13:46:17.0866 5948 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
13:46:17.0929 5948 WinRM - ok
13:46:17.0991 5948 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:46:18.0022 5948 Wlansvc - ok
13:46:18.0053 5948 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:46:18.0053 5948 WmiAcpi - ok
13:46:18.0100 5948 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:46:18.0116 5948 wmiApSrv - ok
13:46:18.0178 5948 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:46:18.0225 5948 WMPNetworkSvc - ok
13:46:18.0241 5948 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:46:18.0256 5948 WPCSvc - ok
13:46:18.0287 5948 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:46:18.0303 5948 WPDBusEnum - ok
13:46:18.0334 5948 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:46:18.0334 5948 WpdUsb - ok
13:46:18.0412 5948 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:46:18.0428 5948 WPFFontCache_v0400 - ok
13:46:18.0459 5948 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:46:18.0459 5948 ws2ifsl - ok
13:46:18.0490 5948 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
13:46:18.0490 5948 wscsvc - ok
13:46:18.0506 5948 WSearch - ok
13:46:18.0553 5948 [ D161D62AE8D3F3EC1197B012D5E47431 ] WSWNDA3100v2 C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
13:46:18.0568 5948 WSWNDA3100v2 - ok
13:46:18.0646 5948 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:46:18.0724 5948 wuauserv - ok
13:46:18.0771 5948 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:18.0771 5948 WUDFRd - ok
13:46:18.0818 5948 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:46:18.0833 5948 wudfsvc - ok
13:46:18.0865 5948 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
13:46:18.0865 5948 XAudio - ok
13:46:18.0896 5948 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
13:46:18.0896 5948 XAudioService - ok
13:46:18.0989 5948 ================ Scan global ===============================
13:46:19.0021 5948 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:46:19.0067 5948 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:46:19.0099 5948 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:46:19.0130 5948 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:46:19.0130 5948 [Global] - ok
13:46:19.0130 5948 ================ Scan MBR ==================================
13:46:19.0145 5948 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:46:19.0317 5948 \Device\Harddisk0\DR0 - ok
13:46:19.0317 5948 ================ Scan VBR ==================================
13:46:19.0333 5948 [ D3C38EE1DC3DAAC1880C4D5E2C1DEC0C ] \Device\Harddisk0\DR0\Partition1
13:46:19.0333 5948 \Device\Harddisk0\DR0\Partition1 - ok
13:46:19.0348 5948 [ 454A1B110B40E0AD643037A0C78701B2 ] \Device\Harddisk0\DR0\Partition2
13:46:19.0348 5948 \Device\Harddisk0\DR0\Partition2 - ok
13:46:19.0348 5948 ============================================================
13:46:19.0348 5948 Scan finished
13:46:19.0348 5948 ============================================================
13:46:19.0364 6352 Detected object count: 0
13:46:19.0364 6352 Actual detected object count: 0
aswMBR Report
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-03 17:14:38
-----------------------------
17:14:38.382 OS Version: Windows 6.0.6002 Service Pack 2
17:14:38.382 Number of processors: 2 586 0x4B02
17:14:38.397 ComputerName: MARTINICH2 UserName: Bill
17:14:40.082 Initialize success
17:16:01.083 AVAST engine defs: 12110301
17:16:06.886 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
17:16:06.901 Disk 0 Vendor: ST325082 3.AD Size: 238418MB BusType: 6
17:16:06.917 Disk 0 MBR read successfully
17:16:06.933 Disk 0 MBR scan
17:16:06.933 Disk 0 Windows VISTA default MBR code
17:16:06.948 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:16:06.964 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 81920
17:16:06.995 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228137 MB offset 21053440
17:16:07.042 Disk 0 scanning sectors +488278016
17:16:07.354 Disk 0 scanning C:\Windows\system32\drivers
17:16:23.016 Service scanning
17:16:51.798 Modules scanning
17:17:00.643 Disk 0 trace - called modules:
17:17:00.675 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
17:17:00.690 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865b59b8]
17:17:00.690 3 CLASSPNP.SYS[885a28b3] -> nt!IofCallDriver -> [0x84bffcf8]
17:17:00.706 5 acpi.sys[8300e6bc] -> nt!IofCallDriver -> \Device\0000005d[0x85631c90]
17:17:01.798 AVAST engine scan C:\Windows
17:17:04.356 AVAST engine scan C:\Windows\system32
17:19:41.186 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
17:20:51.107 AVAST engine scan C:\Windows\system32\drivers
17:21:06.302 AVAST engine scan C:\Users\Bill
17:23:28.029 Disk 0 MBR has been saved successfully to "C:\Users\Bill\Desktop\MBR.dat"
17:23:28.060 The log file has been saved successfully to "C:\Users\Bill\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-04 13:47:34
-----------------------------
13:47:34.877 OS Version: Windows 6.0.6002 Service Pack 2
13:47:34.877 Number of processors: 2 586 0x4B02
13:47:34.877 ComputerName: MARTINICH2 UserName: Bill
13:47:42.849 Initialize success
13:48:59.398 AVAST engine defs: 12110400
13:49:20.882 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f
13:49:20.889 Disk 0 Vendor: ST325082 3.AD Size: 238418MB BusType: 6
13:49:20.914 Disk 0 MBR read successfully
13:49:20.922 Disk 0 MBR scan
13:49:20.935 Disk 0 Windows VISTA default MBR code
13:49:20.945 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:49:20.979 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 81920
13:49:21.010 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228137 MB offset 21053440
13:49:21.040 Disk 0 scanning sectors +488278016
13:49:21.148 Disk 0 scanning C:\Windows\system32\drivers
13:49:37.242 Service scanning
13:50:12.200 Modules scanning
13:50:37.190 Disk 0 trace - called modules:
13:50:37.211 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys tcpip.sys NETIO.SYS partmgr.sys volmgr.sys ecache.sys volsnap.sys Ntfs.sys 13:50:37.212 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863ebac8]
13:50:37.213 3 CLASSPNP.SYS[885a58b3] -> nt!IofCallDriver -> [0x84c1bf08]
13:50:37.213 5 acpi.sys[830156bc] -> nt!IofCallDriver -> \Device\0000005f[0x85649958]
13:50:38.160 AVAST engine scan C:\Windows
13:50:48.139 AVAST engine scan C:\Windows\system32
13:55:19.875 AVAST engine scan C:\Windows\system32\drivers
13:55:37.958 AVAST engine scan C:\Users\Bill
13:57:57.943 Disk 0 MBR has been saved successfully to "C:\Users\Bill\Desktop\MBR.dat"
13:57:57.989 The log file has been saved successfully to "C:\Users\Bill\Desktop\aswMBR.txt"
Please advise next steps.
Thanks,
Bill
#9
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 05 November 2012 - 02:16 AM
That’s looking good.
Download Malwarebytes-Anti-Malware
Click here.
===================================================
Download and run AdwCleaner
Download AdwCleaner from here and save it to your desktop.
Mbam.txt
AdwCleaner log
Can you tell me how your computer is running and if there are any outstanding problems.
Satchfan
Download Malwarebytes-Anti-Malware
Click here.
- double-click mbam-setup.exe and follow the prompts to install the program.
- at the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware. and Launch Malwarebytes' Anti-Malware, then click Finish..
- if an update is found, it will download and install the latest version.
- once the program has loaded, select Perform quick scan, then click Scan.
- when the scan is complete, click OK, then Show Results to view the results.
- be sure that everything is checked, and click Remove Selected.
- when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
- the log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- copy and paste the contents of that report in your next reply and exit MBAM.
===================================================
Download and run AdwCleaner
Download AdwCleaner from here and save it to your desktop.
- run AdwCleaner and select Delete
- when it has finished it will ask to reboot - allow the reboot
- on reboot a log will be produced; please attach the content of the log to your next reply
Mbam.txt
AdwCleaner log
Can you tell me how your computer is running and if there are any outstanding problems.
Satchfan
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.
#10
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 05 November 2012 - 06:45 PM
Hello Satchfan:
MBAM Results:
Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.05.08
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Bill :: MARTINICH2 [administrator]
Protection: Enabled
11/5/2012 4:49:07 PM
mbam-log-2012-11-05 (16-49-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 303577
Time elapsed: 14 minute(s), 34 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Melissa\Downloads\Retrogamer.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
(end)
ADWClean Results:
# AdwCleaner v2.006 - Logfile created 11/05/2012 at 17:18:36
# Updated 30/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Bill - MARTINICH2
# Boot Mode : Normal
# Running from : C:\Users\Bill\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\user.js
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Bill\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Bill\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Bill\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Bill\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\Family Music\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Family Music\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Family Music\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\MyWebSearch
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [10789 octets] - [05/11/2012 17:18:07]
AdwCleaner[S1].txt - [10617 octets] - [05/11/2012 17:18:36]
########## EOF - C:\AdwCleaner[S1].txt - [10678 octets] ##########
The computer seems to be running fine as the AVG does not pop-up with a threat any longer. Is AVG the best tool from this point forward, or do you recommend other (s).
Thanks again,
Bill
Register to Remove
#11
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 05 November 2012 - 07:04 PM
AVG is good but has become a bit bloated. I use Microsoft Security Essentials, (MSE), as do most of my colleagues. If you want to uninstall AVG and use MSE, let me know and I’ll include instructions when we tidy up.Is AVG the best tool from this point forward, or do you recommend other (s).
Before that, one more scan which should show that all is clear.
Run ESET Online Scan
IMPORTANT Please make sure you uncheck the box next to Remove found threats. Eset will detect anything that looks even slightly suspicious, which could include legitimate program files. If you do not uncheck the box, Eset will automatically remove all suspicious files which could leave some of your software inoperable.
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan 1. Click the Eset online Scanner button.
2. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
• Click on esetinstaller.exe to download the ESET Smart Installer. Save it to your desktop.
• Double click on the Eset installer icon on your desktop.
4. Click the Start button.
5. Accept any security warnings from your browser.
6. Check Scan archives
7. Push the Start button.
8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
9. When the scan completes, push List of found threats
10. Push Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Note - if ESET doesn't find any threats, no report will be created.
11. Push the back button.
12. Push Finish
If a log has been produced post it in your next reply.
It is 1am here so I won’t be replying tonight – need my beauty sleep.
Satchfan
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.
#12
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 06 November 2012 - 05:17 PM
Hello Satchfan:
Here is the scan results:
C:\Program Files\EasyFix Tools\EasyFixTools.exe a variant of Win32/Adware.RegistryEasy application
C:\Program Files\EasyFix Tools\Recoveryer.dll Win32/Adware.RegistryEasy application
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-18\$a2f3eef0ef820791172bab225f7f19a0\n.vir Win32/Sirefef.EV trojan
C:\Qoobox\Quarantine\C\Windows\assembly\GAC\Desktop.ini.vir Win32/Sirefef.EZ trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\2b636d8a-20eac498 a variant of Java/Exploit.CVE-2012-1723.CY trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\2ffcfc8a-17e4947c Java/Exploit.CVE-2012-0507.BN trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\27757e4c-46c69080 a variant of Java/Exploit.Agent.NDH trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\36f1474c-25002eff a variant of Java/Exploit.CVE-2012-1723.CY trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\5cd274d9-7fb9ae06 multiple threats
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\3a11db1c-5df47f27 a variant of Java/Exploit.CVE-2012-1723.CY trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\928a69d-29ab0bec a variant of Java/Exploit.CVE-2012-1723.CY trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\b478de0-65e835b3 multiple threats
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3977e7e1-1232f218 a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\13156522-2c08378b a variant of Java/Exploit.Agent.NDH trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\6963222a-4f679f08 a variant of Java/Exploit.CVE-2012-1723.CY trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\13c9a6b2-1f89adc9 a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\669f434-53069089 multiple threats
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\3a6ab0b6-65dfd9a1 a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\6fa652fb-322cb7ce a variant of Java/Exploit.Agent.NDH trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\482059bd-61da2471 a variant of Java/Exploit.CVE-2012-1723.CY trojan
C:\Users\Bill\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\375f92ff-293a8ddd multiple threats
C:\Users\Bill\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\111223100825691.rsc multiple threats
C:\Users\Bill\Application Data\AVG\Rescue\PC Tuneup 2011\111223100825691.rsc multiple threats
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\7582ed99-6a40c4f0 multiple threats
As always, advise the next steps.
Thanks,
Bill
#13
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 07 November 2012 - 04:05 AM
AVG seems to be present in some very unusual places and as it carries a lot of bloatware with it. I would uninstall AVG and install a different antivirus.
I use Microsoft Security Essentials but Avira and Avast are also very good and ones that we recommend. They are also all free.
Here are links to all three:
Remove AVG
Uninstall either AVG
When you have uninstalled AVG there will still be some remnants of it on your computer even after the uninstall so please download and run AVG Removal Tool from here.
===================================================
Remove Java
Uninstall all versions of Java in the same way as you dyd for AVG.
Install the latest version here
NOTE – when you install Java, before clicking on Install, be sure to Uncheck “[b]Install the Ask Toolbar and make Ask my default search provider”
When you’ve done this, please send a new DDS log.
Thanks
Satchfan
I use Microsoft Security Essentials but Avira and Avast are also very good and ones that we recommend. They are also all free.
Here are links to all three:
Free Avast Home Edition
Avira AntiVir® Personal Edition Classic
Microsoft Security Essentials
Remove AVG
Uninstall either AVG
- click on Start, Control Panel
- click Programs and Features
- scroll down the list and look for any AVG entry
- click on it and then on Remove.
When you have uninstalled AVG there will still be some remnants of it on your computer even after the uninstall so please download and run AVG Removal Tool from here.
===================================================
Remove Java
Uninstall all versions of Java in the same way as you dyd for AVG.
Install the latest version here
NOTE – when you install Java, before clicking on Install, be sure to Uncheck “[b]Install the Ask Toolbar and make Ask my default search provider”
When you’ve done this, please send a new DDS log.
Thanks
Satchfan
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.
#14
krbybng
-
- Authentic Member
-
- 63 posts
Authentic Member
Posted 07 November 2012 - 06:28 PM
Hello Satchfan:
The DDS log as follows:
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2
Run by Bill at 17:15:51 on 2012-11-07
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.680 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\LEXBCES.EXE
C:\Windows\System32\LEXPPS.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\RacAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.excite.com/
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [ROC_ROC_NT] "c:\program files\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda3100v2\WNDA3100v2.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: turbotax.com
DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - hxxp://mediaplayer.walmart.com/installer/install.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{07E1923B-A4B9-4797-9536-5FA50D4970D0} : DHCPNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{0B9986B9-BBAF-4C56-8C3D-B3D4A3D36301} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2026623E-13CD-43C8-9954-37AD494112A2} : DHCPNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{42AE7821-98B0-42A9-BBB9-777268B85E72} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{578DE1EE-8D03-4852-BF8C-3BFF5B257C26} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8B7EDE32-4A42-43EF-AFF4-8F244DD2AAAA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C7A82815-C56B-4D00-8219-35A9E35A09C5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{FE3B39BE-D1B4-4D8B-9E87-9D278AC966D1} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2008-6-29 4608]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-5 27496]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh6.sys [2012-6-3 1074944]
.
=============== Created Last 30 ================
.
2012-11-08 00:13:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-08 00:13:18 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-08 00:12:53 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-08 00:06:03 740784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5fe7cafa-59ca-4497-9eb2-3e2ec44c7f5b}\gapaengine.dll
2012-11-08 00:04:41 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ebea66c0-f473-4a66-adb5-c7fd255389cb}\mpengine.dll
2012-11-07 23:55:30 -------- d-----w- c:\program files\Microsoft Security Client
2012-11-07 23:54:05 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-06 02:02:07 -------- d-----w- c:\program files\ESET
2012-11-05 23:47:29 -------- d-----w- c:\programdata\Malwarebytes
2012-11-05 23:47:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-05 23:47:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-04 15:42:46 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-11-04 15:40:33 -------- d-----w- c:\program files\iPod
2012-11-04 15:40:31 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-11-04 13:38:10 -------- d-----w- c:\users\bill\appdata\local\temp
2012-11-04 13:32:06 -------- d-----w- C:\$RECYCLE.BIN
2012-11-04 13:32:06 -------- d-----w- \$RECYCLE.BIN
2012-11-04 13:04:10 98816 ----a-w- c:\windows\sed.exe
2012-11-04 13:04:10 256000 ----a-w- c:\windows\PEV.exe
2012-11-04 13:04:10 208896 ----a-w- c:\windows\MBR.exe
2012-11-04 13:02:38 -------- d-----w- \Qoobox
2012-10-10 22:53:29 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 22:53:29 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 22:53:29 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 22:53:24 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 22:53:20 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 22:53:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 22:53:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
==================== Find3M ====================
.
2012-10-09 01:49:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 01:49:22 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-06 00:40:45 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-31 05:03:50 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-31 05:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-21 20:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2008-06-28 16:32:45 2788800 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2008-06-28 16:25:15 411248 ----a-w- c:\program files\FLV PlayerRCSetup.exe
.
============= FINISH: 17:19:07.54 ===============
As always, advise the next steps.
Thanks,
Bill
#15
Satchfan
-
- Malware Team
-
- 6,813 posts
SuperHelper
- Interests:LFC, music, more LFC, more music
Posted 08 November 2012 - 01:56 AM
That's looking pretty good.
Please run another Eset scan,
NINA - Proud graduate of the WTT Classroom
Member of UNITE
The help you receive here is free but if you feel I have helped, you may consider making a Donation.0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
