Jump to content

levi

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. levi
    The latest quick scans by MB Anti-Malware seem to be coming up clean after I updated to the latest database. Hopefully my machine is completely clean now. Thank you for your help!
  2. levi
    ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f09667b67387874e96fef035b3e7613b # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-04-12 09:45:20 # local_time=2012-04-12 03:15:20 (+0530, India Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=3073 16777213 80 71 2512390 9916845 0 0 # compatibility_mode=5893 16776573 100 94 0 85849418 0 0 # compatibility_mode=8192 67108863 100 0 51182 51182 0 0 # scanned=250006 # found=13 # cleaned=13 # scan_time=3893 D:\agth\agth.dll probably a variant of Win32/AGTH.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\Motorola Upgrades\CM7 Recommended\SuperOneClickv2.1.1-ShortFuse\Exploits\GingerBreak Android/Exploit.Lotoor.AF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\Motorola Upgrades\CM7 Recommended\SuperOneClickv2.1.1-ShortFuse\Exploits\psneuter Android/Exploit.Lotoor.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\Translation Aggregator 0.4.9.r171\agth.dll probably a variant of Win32/AGTH.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\cnet_windirstat1_1_2_setup_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\DefragSetup.exe a variant of Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\FreemakeVideoConverter_3.0.1.3.exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\notepad-portable.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\SkipScreen-Setup.exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\smart-defrag-setup-beta.exe a variant of Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\Unlocker1.9.1.exe Win32/Adware.ADON application (deleted - quarantined) 00000000000000000000000000000000 C E:\Downloads\Programs\video23gp_install.exe Win32/Adware.MarketScore.A application (deleted - quarantined) 00000000000000000000000000000000 C E:\jdownloads\Nero10Lite MAK\Nero10Lite_MAK\Nero_Lite_Installer.exe Win32/Packed.Autoit.C.Gen application (deleted - quarantined) 00000000000000000000000000000000 C
  3. levi
    Sent you the required PM.
  4. levi
    Deleted the above mentioned folder and emptied recycle bin as well.
  5. levi
    ComboFix 12-04-10.02 - Vikram 4/2012 Wed 13:09:16.2.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.3567.2040 [GMT 5.5:30] Running from: e:\downloads\Programs\ComboFix.exe Command switches used :: e:\downloads\Programs\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . Error: Cfiles.dat . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\html c:\windows\system32\html\calendar.html c:\windows\system32\html\calendarbottom.html c:\windows\system32\html\calendartop.html c:\windows\system32\html\crystalexportdialog.htm c:\windows\system32\html\crystalprinthost.html c:\windows\system32\images c:\windows\system32\images\toolbar\calendar.gif c:\windows\system32\images\toolbar\crlogo.gif c:\windows\system32\images\toolbar\export.gif c:\windows\system32\images\toolbar\export_over.gif c:\windows\system32\images\toolbar\exportd.gif c:\windows\system32\images\toolbar\First.gif c:\windows\system32\images\toolbar\first_over.gif c:\windows\system32\images\toolbar\Firstd.gif c:\windows\system32\images\toolbar\gotopage.gif c:\windows\system32\images\toolbar\gotopage_over.gif c:\windows\system32\images\toolbar\gotopaged.gif c:\windows\system32\images\toolbar\grouptree.gif c:\windows\system32\images\toolbar\grouptree_over.gif c:\windows\system32\images\toolbar\grouptreed.gif c:\windows\system32\images\toolbar\grouptreepressed.gif c:\windows\system32\images\toolbar\Last.gif c:\windows\system32\images\toolbar\last_over.gif c:\windows\system32\images\toolbar\Lastd.gif c:\windows\system32\images\toolbar\Next.gif c:\windows\system32\images\toolbar\next_over.gif c:\windows\system32\images\toolbar\Nextd.gif c:\windows\system32\images\toolbar\Prev.gif c:\windows\system32\images\toolbar\prev_over.gif c:\windows\system32\images\toolbar\Prevd.gif c:\windows\system32\images\toolbar\print.gif c:\windows\system32\images\toolbar\print_over.gif c:\windows\system32\images\toolbar\printd.gif c:\windows\system32\images\toolbar\Refresh.gif c:\windows\system32\images\toolbar\refresh_over.gif c:\windows\system32\images\toolbar\refreshd.gif c:\windows\system32\images\toolbar\Search.gif c:\windows\system32\images\toolbar\search_over.gif c:\windows\system32\images\toolbar\searchd.gif c:\windows\system32\images\toolbar\up.gif c:\windows\system32\images\toolbar\up_over.gif c:\windows\system32\images\toolbar\upd.gif c:\windows\system32\images\tree\begindots.gif c:\windows\system32\images\tree\beginminus.gif c:\windows\system32\images\tree\beginplus.gif c:\windows\system32\images\tree\blank.gif c:\windows\system32\images\tree\blankdots.gif c:\windows\system32\images\tree\dots.gif c:\windows\system32\images\tree\lastdots.gif c:\windows\system32\images\tree\lastminus.gif c:\windows\system32\images\tree\lastplus.gif c:\windows\system32\images\tree\Magnify.gif c:\windows\system32\images\tree\minus.gif c:\windows\system32\images\tree\minusbox.gif c:\windows\system32\images\tree\plus.gif c:\windows\system32\images\tree\plusbox.gif c:\windows\system32\images\tree\singleminus.gif c:\windows\system32\images\tree\singleplus.gif . . --------------- FCopy --------------- . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll --> c:\windows\System32\user32.dll . ((((((((((((((((((((((((( Files Created from 2012-03-11 to 2012-04-11 ))))))))))))))))))))))))))))))) . . 2012-04-11 07:47 . 2012-04-11 07:47 -------- d-----w- c:\users\Vikram\AppData\Local\temp 2012-04-11 07:47 . 2012-04-11 07:47 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-04-11 07:47 . 2012-04-11 07:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-11 07:02 . 2012-04-11 07:02 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49A4CBE7-03CC-4C90-86EA-9B0E79586A92}\offreg.dll 2012-04-10 20:07 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-10 20:07 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-04-10 20:07 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-10 20:07 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-10 20:06 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-10 20:06 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-10 18:33 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49A4CBE7-03CC-4C90-86EA-9B0E79586A92}\mpengine.dll 2012-04-10 02:17 . 2012-04-10 02:17 -------- d-----w- c:\program files\GPU-Z 2012-04-10 01:53 . 2012-04-10 01:53 -------- d-----w- c:\program files\EVGA 2012-04-10 01:41 . 2012-04-11 06:51 -------- d-----w- c:\program files\EVGA Precision X 2012-04-10 01:18 . 2012-04-10 01:18 -------- d-----w- c:\users\UpdatusUser 2012-04-10 01:18 . 2012-02-29 20:58 2515790 ----a-w- c:\windows\system32\nvcoproc.bin 2012-04-10 01:18 . 2012-02-29 20:56 3881792 ----a-w- c:\windows\system32\nvcpl.dll 2012-04-10 01:18 . 2012-02-29 20:55 2719040 ----a-w- c:\windows\system32\nvsvc.dll 2012-04-10 01:18 . 2012-02-29 20:53 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-04-10 01:18 . 2012-02-29 20:53 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-04-10 01:18 . 2012-02-29 20:53 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-04-10 01:17 . 2012-04-10 01:17 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-04-10 01:17 . 2012-01-17 12:46 27968 ----a-w- c:\windows\system32\nvhdap32.dll 2012-04-10 01:17 . 2012-01-17 12:45 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys 2012-04-10 01:17 . 2012-01-17 12:45 876864 ----a-w- c:\windows\system32\nvhdagenco3220103.dll 2012-04-08 18:59 . 2012-04-08 18:59 -------- d-----w- c:\program files\Yukkuri Panic! 2012-04-08 18:58 . 2012-04-08 19:07 -------- d-----w- c:\program files\Yukkuri Panic! ADV 2012-04-08 05:59 . 2012-04-08 05:59 -------- d-----w- c:\program files\Will 2012-04-07 20:00 . 2012-04-07 20:00 -------- d-----w- c:\program files\MediaInfo 2012-04-07 11:32 . 2012-04-07 11:32 -------- d-----w- c:\users\Vikram\AppData\Roaming\savedata 2012-04-07 11:31 . 2012-04-07 11:31 -------- d-----w- c:\program files\あかべぇそふとつぅ 2012-04-06 19:52 . 2012-04-06 19:52 69632 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\NewShortcut11_3DCAB3F8E1464415A95392718B7291A4.exe 2012-04-06 19:52 . 2012-04-06 19:52 69632 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\NewShortcut1_413052402F904D9B89A1F5247527F664.exe 2012-04-06 19:52 . 2012-04-06 19:52 131072 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\NewShortcut3_6FC8A928D9BB4B5F87E47BFA2DFFBFE5.exe 2012-04-06 19:52 . 2012-04-06 19:52 69632 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\ARPPRODUCTICON.exe 2012-04-06 19:50 . 2012-04-06 19:50 -------- d-----w- c:\program files\CROSSNET 2012-04-06 18:54 . 2012-04-06 18:54 -------- d-----w- c:\program files\directx 2012-04-06 18:53 . 2012-04-06 18:53 -------- d-----w- c:\program files\AngelSmile 2012-04-03 09:17 . 2012-04-03 09:17 -------- d-----w- C:\programs 2012-03-31 20:51 . 2012-03-31 20:51 -------- d-----w- c:\program files\Xuse 2012-03-31 06:20 . 2012-03-31 06:20 -------- d-----w- c:\programdata\Pendulo Studios 2012-03-31 06:13 . 2012-03-31 06:13 -------- d-----w- c:\program files\Pendulo Studios 2012-03-31 05:49 . 2008-07-12 02:48 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2012-03-31 05:49 . 2008-07-12 02:48 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2012-03-31 05:49 . 2008-07-12 02:48 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2012-03-30 03:00 . 2012-03-30 03:02 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-29 18:32 . 2012-03-29 19:02 -------- d-----w- c:\program files\DISCIPLINE 2012-03-29 17:40 . 2012-03-29 17:40 -------- d-----w- c:\program files\AutoIt3 2012-03-29 17:10 . 2012-03-29 17:10 -------- d-----w- c:\users\Vikram\AppData\Local\Electronic Arts 2012-03-29 17:09 . 2012-03-29 17:09 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2012-03-29 16:07 . 2012-03-29 16:07 -------- d-----w- c:\program files\Ubisoft 2012-03-28 21:01 . 2012-03-28 21:01 -------- d-----w- C:\folder1 2012-03-28 15:05 . 2012-03-28 15:30 -------- d-----w- c:\program files\Sengoku Rance English 2012-03-28 11:46 . 2012-03-28 11:46 -------- d-----w- c:\users\Vikram\AppData\Roaming\RenPy 2012-03-27 11:09 . 2012-03-28 15:05 -------- d-----w- C:\AliceSoft 2012-03-26 17:08 . 1999-12-17 03:43 86016 ----a-w- c:\windows\unvise32.exe 2012-03-26 17:08 . 2012-03-26 17:08 -------- d-----w- c:\program files\G-Collections 2012-03-25 16:06 . 2012-03-25 16:06 -------- d-----w- C:\Baseson 2012-03-25 12:36 . 2006-03-26 07:46 40960 ----a-w- c:\windows\system32\StartAffinity.exe 2012-03-25 03:30 . 2012-03-25 03:30 -------- d-----w- c:\program files\Leaf 2012-03-24 19:27 . 2012-03-26 18:09 -------- d-----w- c:\users\Vikram\AppData\Roaming\Family Project 2012-03-24 16:30 . 2012-03-24 16:30 -------- d-----w- c:\programdata\ASign 2012-03-24 16:29 . 2012-03-24 16:29 -------- d-----w- C:\Liquid 2012-03-24 15:37 . 2012-03-24 15:37 -------- d-----w- c:\users\Vikram\AppData\Roaming\Waveform 2012-03-24 06:46 . 2012-03-30 03:21 -------- d-----w- c:\program files\Monte Cristo 2012-03-23 16:10 . 2012-03-23 16:10 -------- d-----w- c:\users\Vikram\AppData\Local\ElevatedDiagnostics 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-18 13:12 . 2012-03-18 13:12 -------- d-----w- c:\users\Vikram\AppData\Local\Eushully 2012-03-18 13:09 . 2012-03-18 13:09 -------- d-----w- c:\program files\Eushully 2012-03-16 11:08 . 2012-02-08 01:13 91936 ----a-w- c:\windows\system32\drivers\idmwfp.sys 2012-03-16 06:40 . 2012-03-13 04:39 97208 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2012-03-16 06:40 . 2012-03-13 04:39 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-03-16 06:40 . 2012-03-13 04:39 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-03-15 10:59 . 2012-03-15 10:59 -------- d-----w- c:\users\Vikram\AppData\Roaming\Doublefine 2012-03-15 10:55 . 2012-03-15 10:55 -------- d-----w- c:\program files\Double Fine Productions 2012-03-15 10:29 . 2012-03-15 10:29 -------- d-----w- c:\programdata\Media Center Programs 2012-03-15 10:29 . 2012-03-16 08:57 -------- d-----w- c:\program files\Common Files\BioWare 2012-03-15 08:07 . 2012-03-15 09:25 -------- d-----w- C:\ConverterOutput 2012-03-15 08:06 . 2004-10-12 09:16 1761280 ----a-w- c:\windows\system32\ffdshow.ax 2012-03-15 08:06 . 2004-10-12 09:12 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-03-15 08:06 . 2004-10-12 09:10 2255360 ----a-w- c:\windows\system32\libavcodec.dll 2012-03-15 08:06 . 2004-10-05 10:46 395776 ----a-w- c:\windows\system32\libmplayer.dll 2012-03-15 08:06 . 2004-10-03 20:20 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll 2012-03-15 08:06 . 2003-04-02 18:47 172032 ----a-w- c:\windows\system32\ac3filter.ax 2012-03-15 08:06 . 2003-03-25 01:19 98304 ----a-w- c:\windows\system32\L3CODECX.AX 2012-03-15 08:06 . 2012-03-15 08:06 -------- d-----w- c:\program files\Cucusoft 2012-03-14 15:14 . 2012-03-14 21:31 -------- d-----w- c:\program files\JULIA 2012-03-14 06:22 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 06:22 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 06:04 . 2012-02-17 05:34 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 06:04 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 06:04 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 06:04 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 06:04 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 06:04 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 06:04 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 05:59 . 2012-03-14 06:01 -------- d-----w- c:\programdata\Comodo 2012-03-13 21:35 . 2012-03-13 21:35 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-03-13 10:44 . 2012-03-13 10:44 -------- d-----w- c:\program files\Strange Loop Games 2012-03-13 02:21 . 2012-03-13 02:21 -------- d-----w- c:\program files\CE Remote Tools 2012-03-13 01:58 . 2012-03-13 02:38 -------- d-----w- c:\windows\system32\js 2012-03-13 01:58 . 2012-03-13 02:38 -------- d-----w- c:\windows\system32\css 2012-03-13 01:58 . 2012-03-13 01:58 -------- d-----w- c:\program files\Business Objects 2012-03-13 01:55 . 2012-03-16 15:33 -------- d-----w- c:\program files\Microsoft SQL Server 2012-03-13 01:53 . 2012-03-13 01:53 -------- d-----w- c:\programdata\PreEmptive Solutions 2012-03-13 01:52 . 2012-03-13 01:52 -------- d-----w- c:\windows\symbols 2012-03-13 01:52 . 2012-03-13 01:52 -------- d-----w- c:\windows\system32\1033 2012-03-13 01:51 . 2012-03-13 21:34 -------- d-----w- c:\program files\Common Files\Merge Modules 2012-03-13 01:51 . 2012-03-13 01:52 -------- d-----w- c:\program files\HTML Help Workshop 2012-03-13 01:33 . 2012-03-13 01:58 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2012-03-13 01:33 . 2012-03-13 01:33 -------- d-----w- c:\program files\Microsoft SDKs 2012-03-13 01:32 . 2012-03-13 01:32 -------- d-----w- c:\program files\Microsoft Web Designer Tools 2012-03-13 01:30 . 2012-03-13 01:30 97296 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1036.dll 2012-03-13 01:30 . 2012-03-13 01:30 96272 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.3082.dll 2012-03-13 01:30 . 2012-03-13 01:30 96272 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1031.dll 2012-03-13 01:30 . 2012-03-13 01:30 95248 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1040.dll 2012-03-13 01:30 . 2012-03-13 01:30 91152 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1033.dll 2012-03-13 01:30 . 2012-03-13 01:30 81424 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1041.dll 2012-03-13 01:30 . 2012-03-13 01:30 79888 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1042.dll 2012-03-13 01:30 . 2012-03-13 01:30 76304 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1028.dll 2012-03-13 01:30 . 2012-03-13 01:30 75792 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.2052.dll 2012-03-13 01:30 . 2012-03-13 01:30 562688 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-04 10:26 . 2012-01-24 13:37 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-31 06:17 . 2012-01-15 11:43 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2012-03-31 06:17 . 2012-01-15 11:43 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2012-03-30 03:02 . 2012-01-27 09:11 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-11 15:43 . 2012-03-11 15:43 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2012-03-11 15:43 . 2012-03-11 15:43 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2012-03-11 15:43 . 2012-03-11 15:43 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys 2012-03-11 15:43 . 2012-03-11 15:43 33984 ----a-w- c:\windows\system32\cmdcsr.dll 2012-03-11 15:43 . 2012-03-11 15:43 301224 ----a-w- c:\windows\system32\guard32.dll 2012-03-11 09:39 . 2012-03-11 09:39 48471 ----a-w- c:\windows\system32\ForceBindIP-Uninstaller.exe 2012-03-06 10:11 . 2012-03-06 10:11 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-03-06 09:02 . 2012-01-14 11:22 473656 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-03-06 08:44 . 2012-03-06 08:45 637848 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-03-06 08:44 . 2012-01-16 07:41 567696 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-29 23:59 . 2012-02-21 18:36 812352 ----a-w- c:\windows\system32\nvumdshim.dll 2012-02-29 23:59 . 2012-02-21 18:36 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-02-29 23:59 . 2012-02-21 18:36 5892928 ----a-w- c:\windows\system32\nvcuda.dll 2012-02-29 23:59 . 2012-02-21 18:36 301376 ----a-w- c:\windows\system32\nvdecodemft.dll 2012-02-29 23:59 . 2012-02-21 18:36 2517312 ----a-w- c:\windows\system32\nvcuvid.dll 2012-02-29 23:59 . 2012-02-21 18:36 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-02-29 23:59 . 2012-02-21 18:36 215360 ----a-w- c:\windows\system32\nvinit.dll 2012-02-29 23:59 . 2012-02-21 18:36 19444544 ----a-w- c:\windows\system32\nvoglv32.dll 2012-02-29 23:59 . 2012-02-21 18:36 17543488 ----a-w- c:\windows\system32\nvcompiler.dll 2012-02-29 23:59 . 2012-02-21 18:36 15009600 ----a-w- c:\windows\system32\nvd3dum.dll 2012-02-29 23:59 . 2012-02-21 18:36 10819392 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-02-29 23:59 . 2012-01-15 06:07 881984 ----a-w- c:\windows\system32\nvgenco32.dll 2012-02-29 23:59 . 2012-01-15 06:07 1000256 ----a-w- c:\windows\system32\nvdispco32.dll 2012-02-29 23:59 . 2012-01-15 06:07 2301248 ----a-w- c:\windows\system32\nvapi.dll 2012-02-29 23:59 . 2009-07-13 22:09 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-02-29 07:56 . 2012-02-29 07:56 416064 ----a-w- c:\windows\system32\nvStreaming.exe 2012-02-23 16:23 . 2012-01-14 15:18 41184 ----a-w- c:\windows\avastSS.scr 2012-02-23 16:23 . 2012-01-14 15:18 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-02-23 16:12 . 2012-01-14 15:18 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-02-23 16:12 . 2012-01-14 15:18 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-02-23 16:10 . 2012-03-01 18:28 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-02-23 16:10 . 2012-01-14 15:18 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-02-23 16:10 . 2012-01-14 15:18 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-02-23 16:10 . 2012-01-14 15:18 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-23 03:48 . 2012-01-14 10:41 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-19 08:57 . 2012-01-15 09:17 5187744 ----a-w- c:\windows\PE_Rom.dll 2012-02-14 06:39 . 2012-02-14 06:39 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-02-03 13:57 . 2012-02-03 13:57 82400 ----a-w- c:\windows\system32\drivers\inspect.sys 2012-01-31 18:55 . 2012-01-31 18:55 10804768 ----a-w- c:\program files\Common Files\lpuninstall.exe 2012-01-25 06:29 . 2012-01-25 06:29 5253280 ----a-w- c:\windows\PE_File.dll 2012-01-15 06:24 . 2012-01-15 06:24 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-01-15 06:24 . 2012-01-15 06:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-01-15 06:24 . 2012-01-15 06:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-01-15 06:24 . 2012-01-15 06:24 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-01-15 06:24 . 2012-01-15 06:24 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-01-15 06:24 . 2012-01-15 06:24 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-01-15 06:24 . 2012-01-15 06:24 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-01-15 06:24 . 2012-01-15 06:24 367104 ----a-w- c:\windows\system32\html.iec 2012-01-15 06:24 . 2012-01-15 06:24 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-01-15 06:24 . 2012-01-15 06:24 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-01-15 06:24 . 2012-01-15 06:24 161792 ----a-w- c:\windows\system32\msls31.dll 2012-01-15 06:24 . 2012-01-15 06:24 152064 ----a-w- c:\windows\system32\wextract.exe 2012-01-15 06:24 . 2012-01-15 06:24 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-01-15 06:24 . 2012-01-15 06:24 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-01-15 06:24 . 2012-01-15 06:24 11776 ----a-w- c:\windows\system32\mshta.exe 2012-01-15 06:24 . 2012-01-15 06:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-01-15 06:24 . 2012-01-15 06:24 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-14 15:11 . 2012-01-14 15:11 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-14 15:11 . 2012-01-14 15:11 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2012-01-14 15:11 . 2012-01-14 15:11 1060864 ----a-w- c:\windows\system32\mfc71.dll 2012-01-14 09:37 . 2011-03-13 05:23 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin 2012-01-14 09:30 . 2012-01-14 09:30 16896 ----a-w- c:\windows\AsTaskSched.dll 2012-01-14 08:56 . 2010-11-20 21:29 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-01-14 08:56 . 2010-11-20 21:29 13824 ----a-w- c:\windows\system32\slwga.dll 2012-03-13 04:39 . 2012-03-16 06:40 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-02-23 16:23 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2012-01-12 2789280] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-03-16 3478936] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-05-21 324976] "FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-19 9874024] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368] "NetWorx"="c:\program files\NetWorx\networx.exe" [2012-01-14 3310592] "ASUS AiChargerPlus Execute"="c:\program files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536] "ASUS ShellProcess Execute"="c:\program files\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe" [2010-11-25 252544] "AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-03-13 302240] "AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-03-13 490656] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-09 49208] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632] "OmniPage Preload"="c:\program files\Nuance\OmniPage18\OmniPage18.exe" [2011-05-10 2983200] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 718688] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-05 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\guard32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-04-02 96768] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 253600] R3 ALSysIO;ALSysIO;c:\users\Vikram\AppData\Local\Temp\ALSysIO.sys [x] R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys [2011-09-15 20552] R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys [2011-09-15 117832] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2011-03-13 43680] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [2011-03-25 223088] R3 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [x] R3 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-01 204800] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-14 1343400] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [x] S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [2010-11-08 13696] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 261160] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 491816] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 39640] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240] S2 asHmComSvc;ASUS HM Com Service;c:\program files\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584] S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-02-23 57688] S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-03-13 68768] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 91936] S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-06-29 112800] S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [2011-11-02 196896] S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-11-02 68896] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-29 2348352] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-09-14 102376] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-09-14 311784] S3 ASUSFILTER;ASUSFILTER;c:\windows\system32\drivers\ASUSFILTER.sys [2011-09-20 37448] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 34976] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 259232] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 24736] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 175776] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 49312] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 141088] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 242336] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-06 242240] S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [2011-07-20 268968] S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 22040] S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-01-17 148800] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 rt61x86;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\DRIVERS\WMP54Gv41x86.sys [2010-04-07 376160] . . --- Other Services/Drivers In Memory --- . *Deregistered* - RTCore32 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . Contents of the 'Scheduled Tasks' folder . 2012-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 03:02] . 2012-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 10:33] . 2012-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 10:33] . . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = http=59.93.246.190:808;https=59.93.246.190:808;ftp=59.93.246.190:808;socks=59.93.246.190:1080 uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Download FLV videos with IDM from 10 last requested - c:\program files\Internet Download Manager\IEGetVL2.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: LastPass - file://c:\program files\LastPass\context.html?cmd=lastpass IE: LastPass Fill Forms - file://c:\program files\LastPass\context.html?cmd=fillforms IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 Trusted Zone: ncodesolutions.com TCP: DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 TCP: Interfaces\{A0FCFE2C-0228-4CB7-9712-55CC9708D751}: NameServer = 8.8.4.4,8.8.8.8 TCP: Interfaces\{C4AF92ED-B0DA-49A9-95F1-D99C17206EB1}: NameServer = 8.8.4.4,208.67.220.220 FF - ProfilePath - c:\users\Vikram\AppData\Roaming\Mozilla\Firefox\Profiles\emn1jwc8.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com FF - prefs.js: network.proxy.type - 0 . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4156299321-180426101-3961678622-1000_Classes\CLSID\{06a5488b-9c41-4f8c-a1c9-4a6d99ecf3a1}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000004c "Therad"=dword:00000007 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_USERS\S-1-5-21-4156299321-180426101-3961678622-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):88,c1,49,e8,bf,8d,0e,e8,ed,f0,6e,22,d5,e7,cd,3a,2e,57,29,c4,12, c1,07,37,3a,72,be,5a,c1,68,57,23,66,ce,6d,35,60,4c,fd,c0,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(712) c:\windows\system32\guard32.dll . - - - - - - - > 'lsass.exe'(780) c:\windows\system32\guard32.dll . Completion time: 2012-04-11 13:18:15 ComboFix-quarantined-files.txt 2012-04-11 07:48 ComboFix2.txt 2012-04-11 07:09 . Pre-Run: 402,941,313,024 bytes free Post-Run: 402,645,110,784 bytes free . - - End Of File - - 666E9E1F3E346858127120260D30C41C
  6. levi
    Here is ComboFix.txt ComboFix 12-04-10.02 - Vikram 4/2012 Wed 12:24:38.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.3567.2254 [GMT 5.5:30] Running from: e:\downloads\Programs\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . Error: Cfiles.dat . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Microsoft\corecon\1.0\1033\NonSDKAddonLangVer.dll c:\programdata\Microsoft\corecon\1.0\1033\SDKAddonLangVer.dll c:\programdata\Microsoft\corecon\1.0\addons\NonSDKAddonVer.dll c:\programdata\Microsoft\corecon\1.0\addons\SDKAddonVer.dll c:\programdata\Microsoft\corecon\1.0\SDKFilesVer.dll c:\users\Vikram\AppData\Local\Tempals_inst.exe c:\users\Vikram\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Soundfx .exe c:\windows\apppatch\AppLoc.exe c:\windows\msjava.dll c:\windows\system\VI30AUT.DLL . . ((((((((((((((((((((((((( Files Created from 2012-03-11 to 2012-04-11 ))))))))))))))))))))))))))))))) . . 2012-04-10 20:07 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-10 20:07 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-04-10 20:07 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-10 20:07 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-10 20:06 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-10 20:06 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-10 18:33 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49A4CBE7-03CC-4C90-86EA-9B0E79586A92}\mpengine.dll 2012-04-10 02:17 . 2012-04-10 02:17 -------- d-----w- c:\program files\GPU-Z 2012-04-10 01:53 . 2012-04-10 01:53 -------- d-----w- c:\program files\EVGA 2012-04-10 01:41 . 2012-04-11 06:51 -------- d-----w- c:\program files\EVGA Precision X 2012-04-10 01:18 . 2012-04-10 01:18 -------- d-----w- c:\users\UpdatusUser 2012-04-10 01:18 . 2012-02-29 20:58 2515790 ----a-w- c:\windows\system32\nvcoproc.bin 2012-04-10 01:18 . 2012-02-29 20:56 3881792 ----a-w- c:\windows\system32\nvcpl.dll 2012-04-10 01:18 . 2012-02-29 20:55 2719040 ----a-w- c:\windows\system32\nvsvc.dll 2012-04-10 01:18 . 2012-02-29 20:53 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-04-10 01:18 . 2012-02-29 20:53 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-04-10 01:18 . 2012-02-29 20:53 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-04-10 01:17 . 2012-04-10 01:17 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-04-10 01:17 . 2012-01-17 12:46 27968 ----a-w- c:\windows\system32\nvhdap32.dll 2012-04-10 01:17 . 2012-01-17 12:45 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys 2012-04-10 01:17 . 2012-01-17 12:45 876864 ----a-w- c:\windows\system32\nvhdagenco3220103.dll 2012-04-08 18:59 . 2012-04-08 18:59 -------- d-----w- c:\program files\Yukkuri Panic! 2012-04-08 18:58 . 2012-04-08 19:07 -------- d-----w- c:\program files\Yukkuri Panic! ADV 2012-04-08 05:59 . 2012-04-08 05:59 -------- d-----w- c:\program files\Will 2012-04-07 20:00 . 2012-04-07 20:00 -------- d-----w- c:\program files\MediaInfo 2012-04-07 11:32 . 2012-04-07 11:32 -------- d-----w- c:\users\Vikram\AppData\Roaming\savedata 2012-04-07 11:31 . 2012-04-07 11:31 -------- d-----w- c:\program files\あかべぇそふとつぅ 2012-04-06 19:52 . 2012-04-06 19:52 69632 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\NewShortcut11_3DCAB3F8E1464415A95392718B7291A4.exe 2012-04-06 19:52 . 2012-04-06 19:52 69632 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\NewShortcut1_413052402F904D9B89A1F5247527F664.exe 2012-04-06 19:52 . 2012-04-06 19:52 131072 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\NewShortcut3_6FC8A928D9BB4B5F87E47BFA2DFFBFE5.exe 2012-04-06 19:52 . 2012-04-06 19:52 69632 ----a-r- c:\users\Vikram\AppData\Roaming\Microsoft\Installer\{300D7C4F-086D-4D6F-969F-ED00006DE81C}\ARPPRODUCTICON.exe 2012-04-06 19:50 . 2012-04-06 19:50 -------- d-----w- c:\program files\CROSSNET 2012-04-06 18:54 . 2012-04-06 18:54 -------- d-----w- c:\program files\directx 2012-04-06 18:53 . 2012-04-06 18:53 -------- d-----w- c:\program files\AngelSmile 2012-04-03 09:17 . 2012-04-03 09:17 -------- d-----w- C:\programs 2012-03-31 20:51 . 2012-03-31 20:51 -------- d-----w- c:\program files\Xuse 2012-03-31 06:20 . 2012-03-31 06:20 -------- d-----w- c:\programdata\Pendulo Studios 2012-03-31 06:13 . 2012-03-31 06:13 -------- d-----w- c:\program files\Pendulo Studios 2012-03-31 05:49 . 2008-07-12 02:48 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2012-03-31 05:49 . 2008-07-12 02:48 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2012-03-31 05:49 . 2008-07-12 02:48 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2012-03-30 03:00 . 2012-03-30 03:02 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-29 18:32 . 2012-03-29 19:02 -------- d-----w- c:\program files\DISCIPLINE 2012-03-29 17:40 . 2012-03-29 17:40 -------- d-----w- c:\program files\AutoIt3 2012-03-29 17:10 . 2012-03-29 17:10 -------- d-----w- c:\users\Vikram\AppData\Local\Electronic Arts 2012-03-29 17:09 . 2012-03-29 17:09 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2012-03-29 16:07 . 2012-03-29 16:07 -------- d-----w- c:\program files\Ubisoft 2012-03-28 21:01 . 2012-03-28 21:01 -------- d-----w- C:\folder1 2012-03-28 15:05 . 2012-03-28 15:30 -------- d-----w- c:\program files\Sengoku Rance English 2012-03-28 11:46 . 2012-03-28 11:46 -------- d-----w- c:\users\Vikram\AppData\Roaming\RenPy 2012-03-27 11:09 . 2012-03-28 15:05 -------- d-----w- C:\AliceSoft 2012-03-26 17:08 . 1999-12-17 03:43 86016 ----a-w- c:\windows\unvise32.exe 2012-03-26 17:08 . 2012-03-26 17:08 -------- d-----w- c:\program files\G-Collections 2012-03-25 16:06 . 2012-03-25 16:06 -------- d-----w- C:\Baseson 2012-03-25 12:36 . 2006-03-26 07:46 40960 ----a-w- c:\windows\system32\StartAffinity.exe 2012-03-25 03:30 . 2012-03-25 03:30 -------- d-----w- c:\program files\Leaf 2012-03-24 19:27 . 2012-03-26 18:09 -------- d-----w- c:\users\Vikram\AppData\Roaming\Family Project 2012-03-24 16:30 . 2012-03-24 16:30 -------- d-----w- c:\programdata\ASign 2012-03-24 16:29 . 2012-03-24 16:29 -------- d-----w- C:\Liquid 2012-03-24 15:37 . 2012-03-24 15:37 -------- d-----w- c:\users\Vikram\AppData\Roaming\Waveform 2012-03-24 06:46 . 2012-03-30 03:21 -------- d-----w- c:\program files\Monte Cristo 2012-03-23 16:10 . 2012-03-23 16:10 -------- d-----w- c:\users\Vikram\AppData\Local\ElevatedDiagnostics 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-18 13:12 . 2012-03-18 13:12 -------- d-----w- c:\users\Vikram\AppData\Local\Eushully 2012-03-18 13:09 . 2012-03-18 13:09 -------- d-----w- c:\program files\Eushully 2012-03-16 11:08 . 2012-02-08 01:13 91936 ----a-w- c:\windows\system32\drivers\idmwfp.sys 2012-03-16 06:40 . 2012-03-13 04:39 97208 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2012-03-16 06:40 . 2012-03-13 04:39 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll 2012-03-16 06:40 . 2012-03-13 04:39 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-03-15 10:59 . 2012-03-15 10:59 -------- d-----w- c:\users\Vikram\AppData\Roaming\Doublefine 2012-03-15 10:55 . 2012-03-15 10:55 -------- d-----w- c:\program files\Double Fine Productions 2012-03-15 10:29 . 2012-03-15 10:29 -------- d-----w- c:\programdata\Media Center Programs 2012-03-15 10:29 . 2012-03-16 08:57 -------- d-----w- c:\program files\Common Files\BioWare 2012-03-15 08:07 . 2012-03-15 09:25 -------- d-----w- C:\ConverterOutput 2012-03-15 08:06 . 2004-10-12 09:16 1761280 ----a-w- c:\windows\system32\ffdshow.ax 2012-03-15 08:06 . 2004-10-12 09:12 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-03-15 08:06 . 2004-10-12 09:10 2255360 ----a-w- c:\windows\system32\libavcodec.dll 2012-03-15 08:06 . 2004-10-05 10:46 395776 ----a-w- c:\windows\system32\libmplayer.dll 2012-03-15 08:06 . 2004-10-03 20:20 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll 2012-03-15 08:06 . 2003-04-02 18:47 172032 ----a-w- c:\windows\system32\ac3filter.ax 2012-03-15 08:06 . 2003-03-25 01:19 98304 ----a-w- c:\windows\system32\L3CODECX.AX 2012-03-15 08:06 . 2012-03-15 08:06 -------- d-----w- c:\program files\Cucusoft 2012-03-14 15:14 . 2012-03-14 21:31 -------- d-----w- c:\program files\JULIA 2012-03-14 06:22 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 06:22 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 06:04 . 2012-02-17 05:34 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 06:04 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 06:04 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 06:04 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 06:04 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 06:04 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 06:04 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 05:59 . 2012-03-14 06:01 -------- d-----w- c:\programdata\Comodo 2012-03-13 21:35 . 2012-03-13 21:35 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-03-13 10:44 . 2012-03-13 10:44 -------- d-----w- c:\program files\Strange Loop Games 2012-03-13 02:21 . 2012-03-13 02:21 -------- d-----w- c:\program files\CE Remote Tools 2012-03-13 01:58 . 2012-03-13 02:38 -------- d-----w- c:\windows\system32\js 2012-03-13 01:58 . 2012-03-13 02:38 -------- d-----w- c:\windows\system32\html 2012-03-13 01:58 . 2012-03-13 02:38 -------- d-----w- c:\windows\system32\css 2012-03-13 01:58 . 2012-03-13 01:58 -------- d-----w- c:\windows\system32\images 2012-03-13 01:58 . 2012-03-13 01:58 -------- d-----w- c:\program files\Business Objects 2012-03-13 01:55 . 2012-03-16 15:33 -------- d-----w- c:\program files\Microsoft SQL Server 2012-03-13 01:53 . 2012-03-13 01:53 -------- d-----w- c:\programdata\PreEmptive Solutions 2012-03-13 01:52 . 2012-03-13 01:52 -------- d-----w- c:\windows\symbols 2012-03-13 01:52 . 2012-03-13 01:52 -------- d-----w- c:\windows\system32\1033 2012-03-13 01:51 . 2012-03-13 21:34 -------- d-----w- c:\program files\Common Files\Merge Modules 2012-03-13 01:51 . 2012-03-13 01:52 -------- d-----w- c:\program files\HTML Help Workshop 2012-03-13 01:33 . 2012-03-13 01:58 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2012-03-13 01:33 . 2012-03-13 01:33 -------- d-----w- c:\program files\Microsoft SDKs 2012-03-13 01:32 . 2012-03-13 01:32 -------- d-----w- c:\program files\Microsoft Web Designer Tools 2012-03-13 01:30 . 2012-03-13 01:30 97296 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1036.dll 2012-03-13 01:30 . 2012-03-13 01:30 96272 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.3082.dll 2012-03-13 01:30 . 2012-03-13 01:30 96272 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1031.dll 2012-03-13 01:30 . 2012-03-13 01:30 95248 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1040.dll 2012-03-13 01:30 . 2012-03-13 01:30 91152 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1033.dll 2012-03-13 01:30 . 2012-03-13 01:30 81424 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1041.dll 2012-03-13 01:30 . 2012-03-13 01:30 79888 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1042.dll 2012-03-13 01:30 . 2012-03-13 01:30 76304 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.1028.dll 2012-03-13 01:30 . 2012-03-13 01:30 75792 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.res.2052.dll 2012-03-13 01:30 . 2012-03-13 01:30 562688 ----a-w- c:\program files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-04 10:26 . 2012-01-24 13:37 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-31 06:17 . 2012-01-15 11:43 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2012-03-31 06:17 . 2012-01-15 11:43 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2012-03-30 03:02 . 2012-01-27 09:11 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-11 15:43 . 2012-03-11 15:43 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2012-03-11 15:43 . 2012-03-11 15:43 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2012-03-11 15:43 . 2012-03-11 15:43 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys 2012-03-11 15:43 . 2012-03-11 15:43 33984 ----a-w- c:\windows\system32\cmdcsr.dll 2012-03-11 15:43 . 2012-03-11 15:43 301224 ----a-w- c:\windows\system32\guard32.dll 2012-03-11 09:39 . 2012-03-11 09:39 48471 ----a-w- c:\windows\system32\ForceBindIP-Uninstaller.exe 2012-03-06 10:11 . 2012-03-06 10:11 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-03-06 09:02 . 2012-01-14 11:22 473656 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-03-06 08:44 . 2012-03-06 08:45 637848 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-03-06 08:44 . 2012-01-16 07:41 567696 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-29 23:59 . 2012-02-21 18:36 812352 ----a-w- c:\windows\system32\nvumdshim.dll 2012-02-29 23:59 . 2012-02-21 18:36 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-02-29 23:59 . 2012-02-21 18:36 5892928 ----a-w- c:\windows\system32\nvcuda.dll 2012-02-29 23:59 . 2012-02-21 18:36 301376 ----a-w- c:\windows\system32\nvdecodemft.dll 2012-02-29 23:59 . 2012-02-21 18:36 2517312 ----a-w- c:\windows\system32\nvcuvid.dll 2012-02-29 23:59 . 2012-02-21 18:36 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-02-29 23:59 . 2012-02-21 18:36 215360 ----a-w- c:\windows\system32\nvinit.dll 2012-02-29 23:59 . 2012-02-21 18:36 19444544 ----a-w- c:\windows\system32\nvoglv32.dll 2012-02-29 23:59 . 2012-02-21 18:36 17543488 ----a-w- c:\windows\system32\nvcompiler.dll 2012-02-29 23:59 . 2012-02-21 18:36 15009600 ----a-w- c:\windows\system32\nvd3dum.dll 2012-02-29 23:59 . 2012-02-21 18:36 10819392 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-02-29 23:59 . 2012-01-15 06:07 881984 ----a-w- c:\windows\system32\nvgenco32.dll 2012-02-29 23:59 . 2012-01-15 06:07 1000256 ----a-w- c:\windows\system32\nvdispco32.dll 2012-02-29 23:59 . 2012-01-15 06:07 2301248 ----a-w- c:\windows\system32\nvapi.dll 2012-02-29 23:59 . 2009-07-13 22:09 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-02-29 07:56 . 2012-02-29 07:56 416064 ----a-w- c:\windows\system32\nvStreaming.exe 2012-02-23 16:23 . 2012-01-14 15:18 41184 ----a-w- c:\windows\avastSS.scr 2012-02-23 16:23 . 2012-01-14 15:18 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-02-23 16:12 . 2012-01-14 15:18 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-02-23 16:12 . 2012-01-14 15:18 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-02-23 16:10 . 2012-03-01 18:28 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-02-23 16:10 . 2012-01-14 15:18 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-02-23 16:10 . 2012-01-14 15:18 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-02-23 16:10 . 2012-01-14 15:18 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-23 03:48 . 2012-01-14 10:41 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-19 08:57 . 2012-01-15 09:17 5187744 ----a-w- c:\windows\PE_Rom.dll 2012-02-14 06:39 . 2012-02-14 06:39 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-02-03 13:57 . 2012-02-03 13:57 82400 ----a-w- c:\windows\system32\drivers\inspect.sys 2012-01-31 18:55 . 2012-01-31 18:55 10804768 ----a-w- c:\program files\Common Files\lpuninstall.exe 2012-01-25 06:29 . 2012-01-25 06:29 5253280 ----a-w- c:\windows\PE_File.dll 2012-01-15 06:24 . 2012-01-15 06:24 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-01-15 06:24 . 2012-01-15 06:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-01-15 06:24 . 2012-01-15 06:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-01-15 06:24 . 2012-01-15 06:24 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-01-15 06:24 . 2012-01-15 06:24 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-01-15 06:24 . 2012-01-15 06:24 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-01-15 06:24 . 2012-01-15 06:24 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-01-15 06:24 . 2012-01-15 06:24 367104 ----a-w- c:\windows\system32\html.iec 2012-01-15 06:24 . 2012-01-15 06:24 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-01-15 06:24 . 2012-01-15 06:24 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-01-15 06:24 . 2012-01-15 06:24 161792 ----a-w- c:\windows\system32\msls31.dll 2012-01-15 06:24 . 2012-01-15 06:24 152064 ----a-w- c:\windows\system32\wextract.exe 2012-01-15 06:24 . 2012-01-15 06:24 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-01-15 06:24 . 2012-01-15 06:24 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-01-15 06:24 . 2012-01-15 06:24 11776 ----a-w- c:\windows\system32\mshta.exe 2012-01-15 06:24 . 2012-01-15 06:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-01-15 06:24 . 2012-01-15 06:24 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-14 15:11 . 2012-01-14 15:11 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-14 15:11 . 2012-01-14 15:11 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2012-01-14 15:11 . 2012-01-14 15:11 1060864 ----a-w- c:\windows\system32\mfc71.dll 2012-01-14 09:37 . 2011-03-13 05:23 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin 2012-01-14 09:30 . 2012-01-14 09:30 16896 ----a-w- c:\windows\AsTaskSched.dll 2012-01-14 08:56 . 2010-11-20 21:29 811520 ----a-w- c:\windows\system32\user32.dll 2012-01-14 08:56 . 2010-11-20 21:29 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-01-14 08:56 . 2010-11-20 21:29 13824 ----a-w- c:\windows\system32\slwga.dll 2012-03-13 04:39 . 2012-03-16 06:40 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-01-14 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll [7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-02-23 16:23 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2012-01-12 2789280] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-03-16 3478936] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-05-21 324976] "FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-19 9874024] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368] "NetWorx"="c:\program files\NetWorx\networx.exe" [2012-01-14 3310592] "ASUS AiChargerPlus Execute"="c:\program files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536] "ASUS ShellProcess Execute"="c:\program files\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe" [2010-11-25 252544] "AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-03-13 302240] "AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-03-13 490656] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-09 49208] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632] "OmniPage Preload"="c:\program files\Nuance\OmniPage18\OmniPage18.exe" [2011-05-10 2983200] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 718688] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-05 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\guard32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-04-02 96768] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 253600] R3 ALSysIO;ALSysIO;c:\users\Vikram\AppData\Local\Temp\ALSysIO.sys [x] R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys [2011-09-15 20552] R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys [2011-09-15 117832] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2011-03-13 43680] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [2011-03-25 223088] R3 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [x] R3 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-01 204800] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-14 1343400] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [x] S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [2010-11-08 13696] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-08-27 261160] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 491816] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 39640] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240] S2 asHmComSvc;ASUS HM Com Service;c:\program files\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584] S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-02-23 57688] S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-03-13 68768] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 91936] S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-06-29 112800] S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [2011-11-02 196896] S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-11-02 68896] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-29 2348352] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-09-14 102376] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-09-14 311784] S3 ASUSFILTER;ASUSFILTER;c:\windows\system32\drivers\ASUSFILTER.sys [2011-09-20 37448] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 34976] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 259232] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 24736] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 175776] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 49312] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 141088] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 242336] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-06 242240] S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [2011-07-20 268968] S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 22040] S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-01-17 148800] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 rt61x86;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\DRIVERS\WMP54Gv41x86.sys [2010-04-07 376160] . . --- Other Services/Drivers In Memory --- . *Deregistered* - RTCore32 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . Contents of the 'Scheduled Tasks' folder . 2012-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 03:02] . 2012-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 10:33] . 2012-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-14 10:33] . . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = http=59.93.246.190:808;https=59.93.246.190:808;ftp=59.93.246.190:808;socks=59.93.246.190:1080 uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Download FLV videos with IDM from 10 last requested - c:\program files\Internet Download Manager\IEGetVL2.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: LastPass - file://c:\program files\LastPass\context.html?cmd=lastpass IE: LastPass Fill Forms - file://c:\program files\LastPass\context.html?cmd=fillforms IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 Trusted Zone: ncodesolutions.com TCP: DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 TCP: Interfaces\{A0FCFE2C-0228-4CB7-9712-55CC9708D751}: NameServer = 8.8.4.4,8.8.8.8 TCP: Interfaces\{C4AF92ED-B0DA-49A9-95F1-D99C17206EB1}: NameServer = 8.8.4.4,208.67.220.220 FF - ProfilePath - c:\users\Vikram\AppData\Roaming\Mozilla\Firefox\Profiles\emn1jwc8.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com FF - prefs.js: network.proxy.type - 0 . . ------- File Associations ------- . .txt=Notepad++_file . - - - - ORPHANS REMOVED - - - - . AddRemove-{3FD0C489-0F02-481a-A3E1-9754CD396761} - c:\program files\Intel\IntelR Watchdog Timer Driver (IntelR WDT)\Uninstall\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4156299321-180426101-3961678622-1000_Classes\CLSID\{06a5488b-9c41-4f8c-a1c9-4a6d99ecf3a1}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000004c "Therad"=dword:00000007 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_USERS\S-1-5-21-4156299321-180426101-3961678622-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):88,c1,49,e8,bf,8d,0e,e8,ed,f0,6e,22,d5,e7,cd,3a,2e,57,29,c4,12, c1,07,37,3a,72,be,5a,c1,68,57,23,66,ce,6d,35,60,4c,fd,c0,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(712) c:\windows\system32\guard32.dll . - - - - - - - > 'lsass.exe'(780) c:\windows\system32\guard32.dll . Completion time: 2012-04-11 12:33:57 ComboFix-quarantined-files.txt 2012-04-11 07:03 . Pre-Run: 403,076,919,296 bytes free Post-Run: 402,897,465,344 bytes free . - - End Of File - - B12C90DF8DF743EFD5D58CF6DC641CCD
  7. levi
    MBAM Log Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.04.10.09 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Vikram :: VIKRAM-PC [administrator] 11/4/2012 2:26:37 AM mbam-log-2012-04-11 (02-26-37).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 243012 Time elapsed: 4 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS.TXT . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.0 Run by Vikram at 2:37:05 on 2012-04-11 Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.3567.1287 [GMT 5.5:30] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\explorer.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files\EVGA Precision X\EVGAPrecision.exe C:\Program Files\Bluetooth Suite\adminservice.exe C:\Program Files\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Windows\system32\IProsetMonitor.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr32.exe C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe C:\Windows\system32\NLSSRV32.EXE c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE C:\Program Files\NetWorx\networx.exe C:\Program Files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe C:\Program Files\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe C:\Program Files\Bluetooth Suite\AthBtTray.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Bluetooth Suite\BtvStack.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\DisplayFusion\DisplayFusion.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Internet Download Manager\IDMan.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files\FileHippo.com\UpdateChecker.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Windows\Temp\Volume.exe C:\Windows\system32\mdm.exe C:\Program Files\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe C:\Program Files\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Program Files\EVGA Precision X\Bundle\OSDServer\RTSS.exe C:\Program Files\ASUS\AI Suite II\AI Suite II.exe C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\programs\attributes.exe C:\Windows\system32\conhost.exe c:\programs\phoenix.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe E:\jdownloads\PrincessEris\PrincessEris\akuma_erisu.exe C:\Windows\system32\rundll32.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = http=59.93.246.190:808;https=59.93.246.190:808;ftp=59.93.246.190:808;socks=59.93.246.190:1080 uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - c:\program files\bluetooth suite\IEPlugIn.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - c:\program files\lastpass\LPBar.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: &NetWorx Desk Band: {feea54b4-d80f-41c7-87b9-dc08e6d3255f} - c:\progra~1\networx\deskband.dll TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - c:\program files\lastpass\LPBar.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [DisplayFusion] "c:\program files\displayfusion\DisplayFusion.exe" uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [Audio] c:\users\vikram\appdata\local\temp\Soundfx .exe mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto mRun: [<NO NAME>] mRun: [ASUS AiChargerPlus Execute] c:\program files\installshield installation information\{e6931688-da2b-4e16-8539-3d323d69c677}\AiChargerPlus.exe mRun: [ASUS ShellProcess Execute] c:\program files\asus\ai suite ii\asus mobilink\simulator\AsShellProcess.exe mRun: [AthBtTray] "c:\program files\bluetooth suite\AthBtTray.exe" mRun: [AtherosBtStack] "c:\program files\bluetooth suite\BtvStack.exe" mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe mRun: [OmniPage Preload] c:\program files\nuance\omnipage18\OmniPage18.exe /preload mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\vikram\appdata\roaming\microsoft\windows\start menu\programs\startup\Soundfx .exe uPolicies-system: Shell = %windir%\lock.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm IE: Download FLV videos with IDM from 10 last requested - c:\program files\internet download manager\IEGetVL2.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: LastPass - file://c:\program files\lastpass\context.html?cmd=lastpass IE: LastPass Fill Forms - file://c:\program files\lastpass\context.html?cmd=fillforms IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPBar.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll Trusted Zone: ncodesolutions.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab TCP: DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 TCP: Interfaces\{61EC26C7-594A-4783-B662-78D5543F61F5} : DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 TCP: Interfaces\{A0FCFE2C-0228-4CB7-9712-55CC9708D751} : NameServer = 8.8.4.4,8.8.8.8 TCP: Interfaces\{C4AF92ED-B0DA-49A9-95F1-D99C17206EB1} : NameServer = 8.8.4.4,208.67.220.220 TCP: Interfaces\{C4AF92ED-B0DA-49A9-95F1-D99C17206EB1} : DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL AppInit_DLLs: c:\windows\system32\guard32.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\vikram\appdata\roaming\mozilla\firefox\profiles\emn1jwc8.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll FF - plugin: c:\program files\nitro pdf\professional 7\npdf.dll FF - plugin: c:\program files\nitro pdf\professional 7\npnitromozilla.dll FF - plugin: c:\program files\nitro pdf\professional 7\NPShellExtension.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll . ============= SERVICES / DRIVERS =============== . R0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\drivers\AiChargerPlus.sys [2012-1-14 13696] R0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys [2010-8-27 261160] R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-8-3 11832] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-14 610648] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-14 337112] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 491816] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 39640] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928] R2 asComSvc;ASUS Com Service;c:\program files\asus\axsp\1.00.14\atkexComSvc.exe [2011-6-13 922240] R2 asHmComSvc;ASUS HM Com Service;c:\program files\asus\aahm\1.00.14\aaHMSvc.exe [2010-12-2 915584] R2 AsSysCtrlService;ASUS System Control Service;c:\program files\asus\assysctrlservice\1.00.11\AsSysCtrlService.exe [2012-1-14 586880] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-14 20696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-1-14 57688] R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-3-13 68768] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-1 44768] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 Freemake Improver;Freemake Improver;c:\programdata\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2012-2-9 96768] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-1-14 13592] R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-3-16 91936] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2012-1-27 112800] R2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\nitro pdf\professional 7\NitroPDFDriverService2.exe [2011-11-2 196896] R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-11-2 68896] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-4-10 2348352] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-29 382272] R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-9-14 102376] R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-9-14 311784] R3 ASUSFILTER;ASUSFILTER;c:\windows\system32\drivers\ASUSFILTER.sys [2011-9-20 37448] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-3-13 34976] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-3-13 259232] R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-3-13 24736] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-3-13 175776] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-3-13 49312] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-3-13 141088] R3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-3-13 242336] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-3-6 242240] R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\drivers\e1c6232.sys [2012-1-27 268968] R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\drivers\ICCWDT.sys [2010-8-17 22040] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-4-11 40776] R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-1-14 41088] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-4-10 148800] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 rt61x86;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\drivers\WMP54Gv41x86.sys [2010-4-7 376160] R3 RTCore32;RTCore32;c:\program files\evga precision x\RTCore32.sys [2011-9-7 5632] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-14 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-30 253600] S3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\drivers\ASUSstpt.sys [2012-1-14 20552] S3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\drivers\ASUSumsc.sys [2012-1-14 117832] S3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\drivers\AthDfu.sys [2011-3-13 43680] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2012-2-24 135584] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-14 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-3-26 223088] S3 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\oracle.exe xe --> c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [?] S3 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\bin\TNSLSNR.EXE [2006-2-2 204800] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-1-14 1343400] S4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\extjob.exe xe --> c:\oraclexe\app\oracle\product\10.2.0\server\bin\extjob.exe XE [?] . =============== File Associations =============== . .txt=Notepad++_file . =============== Created Last 30 ================ . 2012-04-10 20:16:23 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{49a4cbe7-03cc-4c90-86ea-9b0e79586a92}\offreg.dll 2012-04-10 18:33:59 6582328 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{49a4cbe7-03cc-4c90-86ea-9b0e79586a92}\mpengine.dll 2012-04-10 02:17:31 -------- d-----w- c:\program files\GPU-Z 2012-04-10 01:53:09 -------- d-----w- c:\program files\EVGA 2012-04-10 01:41:44 -------- d-----w- c:\program files\EVGA Precision X 2012-04-10 01:18:01 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-04-10 01:18:01 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-04-10 01:18:01 3881792 ----a-w- c:\windows\system32\nvcpl.dll 2012-04-10 01:18:01 2719040 ----a-w- c:\windows\system32\nvsvc.dll 2012-04-10 01:18:01 2515790 ----a-w- c:\windows\system32\nvcoproc.bin 2012-04-10 01:18:01 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-04-10 01:17:49 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-04-10 01:17:17 876864 ----a-w- c:\windows\system32\nvhdagenco3220103.dll 2012-04-10 01:17:17 27968 ----a-w- c:\windows\system32\nvhdap32.dll 2012-04-10 01:17:17 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys 2012-04-08 18:59:12 -------- d-----w- c:\program files\Yukkuri Panic! 2012-04-08 18:58:50 -------- d-----w- c:\program files\Yukkuri Panic! ADV 2012-04-08 05:59:49 -------- d-----w- c:\program files\Will 2012-04-07 20:00:24 -------- d-----w- c:\program files\MediaInfo 2012-04-07 11:32:03 -------- d-----w- c:\users\vikram\appdata\roaming\savedata 2012-04-07 11:31:06 -------- d-----w- c:\program files\あかべぇそふとつぅ 2012-04-06 19:52:11 69632 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\NewShortcut11_3DCAB3F8E1464415A95392718B7291A4.exe 2012-04-06 19:52:11 69632 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\NewShortcut1_413052402F904D9B89A1F5247527F664.exe 2012-04-06 19:52:11 131072 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\NewShortcut3_6FC8A928D9BB4B5F87E47BFA2DFFBFE5.exe 2012-04-06 19:52:10 69632 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\ARPPRODUCTICON.exe 2012-04-06 19:50:57 -------- d-----w- c:\program files\CROSSNET 2012-04-06 18:54:06 -------- d-----w- c:\program files\directx 2012-04-06 18:53:59 -------- d-----w- c:\program files\AngelSmile 2012-04-03 09:17:41 -------- d-----w- C:\programs 2012-03-31 20:51:46 -------- d-----w- c:\program files\Xuse 2012-03-31 06:20:28 -------- d-----w- c:\programdata\Pendulo Studios 2012-03-31 06:13:44 -------- d-----w- c:\program files\Pendulo Studios 2012-03-31 05:49:09 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2012-03-31 05:49:09 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2012-03-31 05:49:07 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2012-03-30 03:00:21 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-29 18:32:54 -------- d-----w- c:\program files\DISCIPLINE 2012-03-29 17:40:12 -------- d-----w- c:\program files\AutoIt3 2012-03-29 17:10:05 -------- d-----w- c:\users\vikram\appdata\local\Electronic Arts 2012-03-29 17:09:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2012-03-28 21:01:15 -------- d-----w- C:\folder1 2012-03-28 15:05:54 -------- d-----w- c:\program files\Sengoku Rance English 2012-03-28 11:46:42 -------- d-----w- c:\users\vikram\appdata\roaming\RenPy 2012-03-28 11:46:01 1590784 ----a-w- c:\users\vikram\appdata\roaming\microsoft\windows\start menu\programs\startup\Soundfx .exe 2012-03-27 11:09:48 -------- d-----w- C:\AliceSoft 2012-03-26 17:08:41 86016 ----a-w- c:\windows\unvise32.exe 2012-03-26 17:08:30 -------- d-----w- c:\program files\G-Collections 2012-03-25 16:06:35 -------- d-----w- C:\Baseson 2012-03-25 12:36:10 40960 ----a-w- c:\windows\system32\StartAffinity.exe 2012-03-25 03:30:48 -------- d-----w- c:\program files\Leaf 2012-03-24 19:27:32 -------- d-----w- c:\users\vikram\appdata\roaming\Family Project 2012-03-24 16:30:57 -------- d-----w- c:\programdata\ASign 2012-03-24 16:29:11 -------- d-----w- C:\Liquid 2012-03-24 15:37:12 -------- d-----w- c:\users\vikram\appdata\roaming\Waveform 2012-03-24 06:46:41 -------- d-----w- c:\program files\Monte Cristo 2012-03-23 16:10:36 -------- d-----w- c:\users\vikram\appdata\local\ElevatedDiagnostics 2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-18 13:12:57 -------- d-----w- c:\users\vikram\appdata\local\Eushully 2012-03-18 13:09:45 -------- d-----w- c:\program files\Eushully 2012-03-16 11:08:36 91936 ----a-w- c:\windows\system32\drivers\idmwfp.sys 2012-03-16 06:40:05 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2012-03-16 06:40:04 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll 2012-03-16 06:40:04 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll 2012-03-15 10:59:22 -------- d-----w- c:\users\vikram\appdata\roaming\Doublefine 2012-03-15 10:55:15 -------- d-----w- c:\program files\Double Fine Productions 2012-03-15 10:29:26 -------- d-----w- c:\programdata\Media Center Programs 2012-03-15 10:29:24 -------- d-----w- c:\program files\common files\BioWare 2012-03-15 08:07:12 -------- d-----w- C:\ConverterOutput 2012-03-15 08:06:33 98304 ----a-w- c:\windows\system32\L3CODECX.AX 2012-03-15 08:06:33 395776 ----a-w- c:\windows\system32\libmplayer.dll 2012-03-15 08:06:33 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-03-15 08:06:33 2255360 ----a-w- c:\windows\system32\libavcodec.dll 2012-03-15 08:06:33 1761280 ----a-w- c:\windows\system32\ffdshow.ax 2012-03-15 08:06:33 172032 ----a-w- c:\windows\system32\ac3filter.ax 2012-03-15 08:06:33 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll 2012-03-15 08:06:26 -------- d-----w- c:\program files\Cucusoft 2012-03-14 21:30:51 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-14 21:30:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 15:14:42 -------- d-----w- c:\program files\JULIA 2012-03-14 06:22:36 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 06:22:34 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 06:04:57 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 06:04:57 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 06:04:57 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 06:04:57 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 06:04:54 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 06:04:54 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 06:04:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 05:59:29 -------- d-----w- c:\programdata\Comodo 2012-03-13 10:44:21 -------- d-----w- c:\program files\Strange Loop Games 2012-03-13 02:21:44 -------- d-----w- c:\program files\CE Remote Tools 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\js 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\images 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\html 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\css 2012-03-13 01:58:44 -------- d-----w- c:\program files\Business Objects 2012-03-13 01:55:58 -------- d-----w- c:\program files\Microsoft SQL Server 2012-03-13 01:53:09 -------- d-----w- c:\programdata\PreEmptive Solutions 2012-03-13 01:52:04 -------- d-----w- c:\windows\system32\1033 2012-03-13 01:51:43 -------- d-----w- c:\program files\HTML Help Workshop 2012-03-13 01:51:43 -------- d-----w- c:\program files\common files\Merge Modules 2012-03-13 01:32:15 -------- d-----w- c:\program files\Microsoft Web Designer Tools 2012-03-13 01:30:58 97296 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1036.dll 2012-03-13 01:30:58 96272 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.3082.dll 2012-03-13 01:30:58 96272 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1031.dll 2012-03-13 01:30:58 95248 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1040.dll 2012-03-13 01:30:58 91152 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1033.dll 2012-03-13 01:30:58 81424 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1041.dll 2012-03-13 01:30:58 79888 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1042.dll 2012-03-13 01:30:58 76304 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1028.dll 2012-03-13 01:30:58 75792 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.2052.dll 2012-03-13 01:30:58 562688 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.exe . ==================== Find3M ==================== . 2012-04-04 10:26:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-31 06:17:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2012-03-31 06:17:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2012-03-30 03:02:13 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-11 15:43:38 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2012-03-11 15:43:36 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2012-03-11 15:43:36 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys 2012-03-11 15:43:20 33984 ----a-w- c:\windows\system32\cmdcsr.dll 2012-03-11 15:43:20 301224 ----a-w- c:\windows\system32\guard32.dll 2012-03-11 09:39:29 48471 ----a-w- c:\windows\system32\ForceBindIP-Uninstaller.exe 2012-03-06 10:11:24 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-03-06 09:02:57 473656 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-03-06 08:44:56 637848 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-03-06 08:44:56 567696 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-29 07:56:56 416064 ----a-w- c:\windows\system32\nvStreaming.exe 2012-02-23 16:23:26 41184 ----a-w- c:\windows\avastSS.scr 2012-02-23 16:12:28 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-02-23 16:10:59 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-02-23 16:10:34 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-02-23 03:48:36 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-19 13:37:38 0 ----a-w- c:\windows\msjava.dll 2012-02-19 08:57:47 5187744 ----a-w- c:\windows\PE_Rom.dll 2012-02-14 06:39:44 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-01-31 18:55:14 10804768 ----a-w- c:\program files\common files\lpuninstall.exe 2012-01-25 06:29:44 5253280 ----a-w- c:\windows\PE_File.dll 2012-01-14 15:11:59 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-14 15:11:59 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2012-01-14 15:11:59 1060864 ----a-w- c:\windows\system32\mfc71.dll 2012-01-14 09:37:52 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin 2012-01-14 09:30:31 16896 ----a-w- c:\windows\AsTaskSched.dll 2012-01-14 08:56:26 811520 ----a-w- c:\windows\system32\user32.dll 2012-01-14 08:56:26 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-01-14 08:56:26 13824 ----a-w- c:\windows\system32\slwga.dll 2010-11-20 21:29:11 1169224 --sh--w- c:\windows\temp\Volume.exe . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 6.1.7601 Disk: ST310005 rev.JC45 -> Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port2Path0Target0Lun0 . device: opened successfully user: MBR read successfully . Disk trace: called modules: >>UNKNOWN [0x83445000]<< >>UNKNOWN [0x8DC09000]<< >>UNKNOWN [0x8DA08000]<< >>UNKNOWN [0x866E71E8]<< _asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; } 1 ntkrnlpa!IofCallDriver[0x8347C55A] -> \Device\Harddisk0\DR0[0x8993E5C0] \Driver\Disk[0x8993D5C8] -> IRP_MJ_CREATE -> 0x8DC0D39F 3 [0x8DC0D59E] -> ntkrnlpa!IofCallDriver[0x8347C55A] -> \Device\Scsi\mv91xx1Port2Path0Target0Lun0[0x8749D030] \Driver\mv91xx[0x8749A4A8] -> IRP_MJ_CREATE -> 0x866E71E8 kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; } user & kernel MBR OK Warning: possible TDL3 rootkit infection ! . ============= FINISH: 2:38:38.14 =============== ATTACH.TXT . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 14/1/2012 2:26:30 PM System Uptime: 10/4/2012 10:35:15 PM (4 hours ago) . Motherboard: ASUSTeK Computer INC. | | P8Z68-V PRO GEN3 Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 500 GiB total, 372.1 GiB free. D: is FIXED (NTFS) - 432 GiB total, 382.54 GiB free. E: is FIXED (NTFS) - 466 GiB total, 201.953 GiB free. F: is FIXED (NTFS) - 466 GiB total, 84.751 GiB free. G: is FIXED (NTFS) - 466 GiB total, 175.229 GiB free. H: is CDROM () I: is CDROM (UDF) L: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP190: 3/4/2012 4:50:57 PM - Windows Update RP191: 6/4/2012 12:53:22 PM - Installed Adobe Reader X. RP192: 6/4/2012 7:31:42 PM - Windows Update RP193: 7/4/2012 1:20:40 AM - Installed 星空のメモリア-Wish upon a shooting star-. RP194: 8/4/2012 7:18:58 PM - Windows Backup RP195: 11/4/2012 12:03:40 AM - Windows Update RP196: 11/4/2012 1:35:34 AM - Windows Update . ==== Installed Programs ====================== . . 7-Zip 9.20 Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Reader X (10.1.2) AI Suite II Asmedia ASM104x USB 3.0 Host Controller Driver AutoIt v3.3.8.1 avast! Free Antivirus Bluetooth Win7 Suite BOSS BufferChm calibre CCleaner COMODO Internet Security Conquering the Queen Crystal Reports Basic for Visual Studio 2008 Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destinations DisplayFusion 3.4.1 DocProc EasyBCD 2.1.2 Escalation ADV version Escalation ADV v1.0 Escalation Yukkuri Panic! version 1.0 EVGA OC Scanner X 2.0.1 EVGA Precision X 3.0.2 Fallout Mod Manager 0.13.21 Family Project v1.0 FileHippo.com Update Checker ForceBindIP Fraps Freemake Video Converter version 3.0.2 Futuremark SystemInfo G-Senjou no Maou English Google Chrome Google Update Helper GPBaseService2 Hegemony Gold: Wars of Ancient Greece High-Definition Video Playback Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091) Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674) HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Scanjet G2410 and 2400 HP Solution Center 13.0 HP Update hpg2410 HPPhotosmartEssential HPProductAssistant InstallShield for Microsoft Visual C++ 6 Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Network Connections 16.5.2.0 Intel(R) Rapid Storage Technology IntelR Watchdog Timer Driver (IntelR WDT) Internet Download Manager Java Auto Updater Java(TM) 6 Update 31 Java(TM) 7 Update 3 JMicron JMB36X Driver Koihime_Musou L.A. Noire LastPass (uninstall only) Lightning Warrior Raidy Malwarebytes Anti-Malware version 1.61.0.1400 marvell 91xx driver Mass Effect Media Player Classic - Home Cinema 1.6.0.4014 MediaInfo 0.7.55 Microsoft .NET Compact Framework 2.0 SP2 Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft AppLocale Microsoft Document Explorer 2008 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office Visual Web Developer 2007 Microsoft Office Visual Web Developer MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Compact 3.5 Design Tools ENU Microsoft SQL Server Compact 3.5 ENU Microsoft SQL Server Compact 3.5 for Devices ENU Microsoft SQL Server Database Publishing Wizard 1.2 Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2008 Professional Edition - ENU Microsoft Visual Studio 6.0 Enterprise Edition Microsoft Visual Studio Web Authoring Component Microsoft Web Publishing Wizard 1.53 Microsoft Windows Application Compatibility Database Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense Microsoft Windows SDK for Visual Studio 2008 Tools Microsoft Windows SDK for Visual Studio 2008 Win32 Tools Microsoft Xbox 360 Accessories 1.2 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mobipocket Reader 6.2 Mortal Kombat Arcade Kollection MotoHelper 2.0.49 Driver 5.0.0 MotoHelper MergeModules Motorola Mobile Drivers Installation 5.0.0 Mozilla Firefox 11.0 (x86 en-US) MSI Afterburner 2.1.0 MSI Kombustor 2.0.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero Burning ROM 10 Nero Control Center 10 Nero Core Components 10 Nero Dolby Files 10 Nero Express 10 Nero Multimedia Suite 10 Platinum HD NetWorx 5.2.2 Nexus Mod Manager Nitro Pro 7 Notepad++ Nuance OmniPage 18 NVIDIA 3D Vision Controller Driver 296.10 NVIDIA 3D Vision Driver 296.10 NVIDIA Control Panel 296.10 NVIDIA Graphics Driver 296.10 NVIDIA HD Audio Driver 1.3.12.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.7.11 NVIDIA Update Components OCR Software by I.R.I.S. 13.0 OpenAL Oracle Data Provider for .NET Help Oracle Database 10g Express Edition PDF Settings CS5 Picasa 3 Pidgin Rayman Origins Realtek High Definition Audio Driver ReNamer Rockstar Games Social Club Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Sengoku Rance English v1.01 SolutionCenter Steam System Requirements Lab CYRI Tally 9 TechPowerUp GPU-Z TeraCopy 2.27 Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) Utawarerumono English v1.1 VC Runtimes MSI Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime WebM Project Directshow Filters WebReg Windows Live ID Sign-in Assistant WinRAR 4.11 (32-bit) WMP 12 Playback Pack Xuse 永遠のアセリア - この大地の果てで - (Remove Only) 星空のメモリア-Wish upon a shooting star- 神採りアルケミーマイスター 神採りアルケミーマイスター Append01 神採りアルケミーマイスター Append02 神採りアルケミーマイスター Ver2.00 Update . ==== Event Viewer Messages From Past Week ======== . 7/4/2012 12:44:13 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 7/4/2012 12:05:48 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. 5/4/2012 11:58:46 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ASUS HM Com Service service to connect. 5/4/2012 11:58:46 AM, Error: Service Control Manager [7000] - The ASUS HM Com Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/4/2012 6:43:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect. 10/4/2012 6:43:57 AM, Error: Service Control Manager [7000] - The Freemake Improver service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/4/2012 11:49:48 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding . ==== End Of File ===========================
  8. levi
    Greetings @maniac, Thanks for your prompt reply. I have done each of the steps you have mentioned. However I am not sure whether they were helpful or not. TDSSKiller seemed only to find suspicious and not even a single malicious file while the latest MB Anti-malware quick scan was completely clean Anyways I am pasting all the logs you wanted. I will probably reply later tomorrow since its 2 oclock in the morning here. See you in about 6-8 hours. TDSSKiller Log 02:50:01.0289 7600 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 02:50:02.0170 7600 ============================================================ 02:50:02.0170 7600 Current date / time: 2012/04/11 02:50:02.0170 02:50:02.0170 7600 SystemInfo: 02:50:02.0170 7600 02:50:02.0170 7600 OS Version: 6.1.7601 ServicePack: 1.0 02:50:02.0170 7600 Product type: Workstation 02:50:02.0170 7600 ComputerName: VIKRAM-PC 02:50:02.0170 7600 UserName: Vikram 02:50:02.0170 7600 Windows directory: C:\Windows 02:50:02.0170 7600 System windows directory: C:\Windows 02:50:02.0170 7600 Processor architecture: Intel x86 02:50:02.0170 7600 Number of processors: 4 02:50:02.0170 7600 Page size: 0x1000 02:50:02.0170 7600 Boot type: Normal boot 02:50:02.0170 7600 ============================================================ 02:50:03.0173 7600 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058 02:50:03.0191 7600 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058 02:50:03.0196 7600 \Device\Harddisk0\DR0: 02:50:03.0196 7600 MBR used 02:50:03.0196 7600 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3E800000 02:50:03.0196 7600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3E800800, BlocksNum 0x35F05000 02:50:03.0196 7600 \Device\Harddisk1\DR1: 02:50:03.0196 7600 MBR used 02:50:03.0196 7600 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A382000 02:50:03.0196 7600 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3A382800, BlocksNum 0x3A382000 02:50:03.0196 7600 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x74704800, BlocksNum 0x3A382000 02:50:03.0347 7600 Initialize success 02:50:03.0347 7600 ============================================================ 02:50:07.0654 8144 ============================================================ 02:50:07.0655 8144 Scan started 02:50:07.0655 8144 Mode: Manual; SigCheck; TDLFS; 02:50:07.0655 8144 ============================================================ 02:50:08.0340 8144 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\DRIVERS\1394ohci.sys 02:50:08.0422 8144 1394ohci - ok 02:50:08.0441 8144 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 02:50:08.0451 8144 ACPI - ok 02:50:08.0466 8144 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 02:50:08.0517 8144 AcpiPmi - ok 02:50:08.0600 8144 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 02:50:08.0607 8144 AdobeARMservice - ok 02:50:08.0670 8144 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 02:50:08.0680 8144 AdobeFlashPlayerUpdateSvc - ok 02:50:08.0700 8144 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys 02:50:08.0712 8144 adp94xx - ok 02:50:08.0723 8144 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys 02:50:08.0733 8144 adpahci - ok 02:50:08.0747 8144 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys 02:50:08.0755 8144 adpu320 - ok 02:50:08.0784 8144 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 02:50:08.0861 8144 AeLookupSvc - ok 02:50:08.0893 8144 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 02:50:08.0939 8144 AFD - ok 02:50:08.0950 8144 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 02:50:08.0958 8144 agp440 - ok 02:50:08.0996 8144 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys 02:50:09.0003 8144 aic78xx - ok 02:50:09.0041 8144 AiChargerPlus (2ea975ec6985dd2cf8b895efc1e3d9b3) C:\Windows\system32\DRIVERS\AiChargerPlus.sys 02:50:09.0069 8144 AiChargerPlus - ok 02:50:09.0107 8144 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 02:50:09.0151 8144 ALG - ok 02:50:09.0160 8144 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 02:50:09.0167 8144 aliide - ok 02:50:09.0239 8144 ALSysIO - ok 02:50:09.0268 8144 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 02:50:09.0275 8144 amdagp - ok 02:50:09.0285 8144 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 02:50:09.0292 8144 amdide - ok 02:50:09.0332 8144 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys 02:50:09.0357 8144 AmdK8 - ok 02:50:09.0364 8144 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys 02:50:09.0375 8144 AmdPPM - ok 02:50:09.0424 8144 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 02:50:09.0432 8144 amdsata - ok 02:50:09.0448 8144 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys 02:50:09.0456 8144 amdsbs - ok 02:50:09.0472 8144 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 02:50:09.0479 8144 amdxata - ok 02:50:09.0489 8144 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 02:50:09.0526 8144 AppID - ok 02:50:09.0572 8144 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 02:50:09.0592 8144 AppIDSvc - ok 02:50:09.0609 8144 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 02:50:09.0646 8144 Appinfo - ok 02:50:09.0702 8144 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 02:50:09.0721 8144 AppMgmt - ok 02:50:09.0738 8144 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys 02:50:09.0746 8144 arc - ok 02:50:09.0780 8144 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys 02:50:09.0787 8144 arcsas - ok 02:50:09.0875 8144 asComSvc (6e3f4538b33bc19259e99be1826286a3) C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe 02:50:09.0894 8144 asComSvc - ok 02:50:09.0916 8144 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe 02:50:09.0936 8144 asHmComSvc - ok 02:50:09.0965 8144 AsIO (419f3128e01b5ac038efd500314f62b8) C:\Windows\system32\drivers\AsIO.sys 02:50:09.0971 8144 AsIO - ok 02:50:10.0011 8144 asmthub3 (0a0fea9d64cca930e5aae8e1458330d4) C:\Windows\system32\DRIVERS\asmthub3.sys 02:50:10.0050 8144 asmthub3 - ok 02:50:10.0069 8144 asmtxhci (68064f1baac47dfae494895026ca5776) C:\Windows\system32\DRIVERS\asmtxhci.sys 02:50:10.0084 8144 asmtxhci - ok 02:50:10.0143 8144 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 02:50:10.0150 8144 aspnet_state - ok 02:50:10.0186 8144 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe 02:50:10.0202 8144 AsSysCtrlService - ok 02:50:10.0225 8144 AsUpIO (a9a565c669786c402752f609afdd0dd5) C:\Windows\system32\drivers\AsUpIO.sys 02:50:10.0231 8144 AsUpIO - ok 02:50:10.0253 8144 ASUSFILTER (2b60924733e8847ede0b9dd86be0f793) C:\Windows\system32\drivers\ASUSFILTER.sys 02:50:10.0260 8144 ASUSFILTER - ok 02:50:10.0277 8144 ASUSstpt (6d6816201eaf341bcd66281bb8e3273b) C:\Windows\system32\DRIVERS\ASUSstpt.sys 02:50:10.0283 8144 ASUSstpt - ok 02:50:10.0302 8144 ASUSumsc (5d39bbf8643aa7d04531eef97b54e247) C:\Windows\system32\DRIVERS\ASUSumsc.sys 02:50:10.0310 8144 ASUSumsc - ok 02:50:10.0341 8144 aswFsBlk (581b82df5dbcc1dda6b775fac0d92472) C:\Windows\system32\drivers\aswFsBlk.sys 02:50:10.0348 8144 aswFsBlk - ok 02:50:10.0371 8144 aswMonFlt (0787b434e9098840966c23bb1c77df49) C:\Windows\system32\drivers\aswMonFlt.sys 02:50:10.0378 8144 aswMonFlt - ok 02:50:10.0403 8144 aswRdr (03a901b0ba42aac44d7669c7c71dbbc0) C:\Windows\System32\Drivers\aswrdr2.sys 02:50:10.0410 8144 aswRdr - ok 02:50:10.0428 8144 aswSnx (ca9601cd277a1e510b80422a40240a95) C:\Windows\system32\drivers\aswSnx.sys 02:50:10.0441 8144 aswSnx - ok 02:50:10.0454 8144 aswSP (05ea22dde5ca7ee3a865046aff2f0229) C:\Windows\system32\drivers\aswSP.sys 02:50:10.0464 8144 aswSP - ok 02:50:10.0471 8144 aswTdi (3ac73a9e7378848d1bde174b4bb39212) C:\Windows\system32\drivers\aswTdi.sys 02:50:10.0478 8144 aswTdi - ok 02:50:10.0541 8144 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 02:50:10.0786 8144 AsyncMac - ok 02:50:10.0826 8144 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 02:50:10.0833 8144 atapi - ok 02:50:10.0868 8144 AthBTPort (882edbafcc227852c9dca23ea48d2e78) C:\Windows\system32\DRIVERS\btath_flt.sys 02:50:10.0874 8144 AthBTPort - ok 02:50:10.0898 8144 ATHDFU (99925b8ec4fccdb3992292fbcb31069e) C:\Windows\system32\Drivers\AthDfu.sys 02:50:10.0904 8144 ATHDFU - ok 02:50:10.0948 8144 AtherosSvc (92758ed60f8134e3b844808413f25530) C:\Program Files\Bluetooth Suite\adminservice.exe 02:50:10.0955 8144 AtherosSvc - ok 02:50:10.0997 8144 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 02:50:11.0035 8144 AudioEndpointBuilder - ok 02:50:11.0040 8144 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 02:50:11.0061 8144 Audiosrv - ok 02:50:11.0100 8144 avast! Antivirus (a45aa986d9490a4e5b87563d9cd7b175) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 02:50:11.0107 8144 avast! Antivirus - ok 02:50:11.0117 8144 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 02:50:11.0169 8144 AxInstSV - ok 02:50:11.0186 8144 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys 02:50:11.0226 8144 b06bdrv - ok 02:50:11.0240 8144 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 02:50:11.0251 8144 b57nd60x - ok 02:50:11.0278 8144 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 02:50:11.0296 8144 BDESVC - ok 02:50:11.0312 8144 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 02:50:11.0342 8144 Beep - ok 02:50:11.0363 8144 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 02:50:11.0386 8144 BFE - ok 02:50:11.0415 8144 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 02:50:11.0442 8144 BITS - ok 02:50:11.0454 8144 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 02:50:11.0465 8144 blbdrive - ok 02:50:11.0492 8144 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 02:50:11.0512 8144 bowser - ok 02:50:11.0526 8144 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys 02:50:11.0537 8144 BrFiltLo - ok 02:50:11.0551 8144 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys 02:50:11.0595 8144 BrFiltUp - ok 02:50:11.0626 8144 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 02:50:11.0646 8144 Browser - ok 02:50:11.0658 8144 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 02:50:11.0699 8144 Brserid - ok 02:50:11.0712 8144 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 02:50:11.0750 8144 BrSerWdm - ok 02:50:11.0778 8144 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 02:50:11.0806 8144 BrUsbMdm - ok 02:50:11.0813 8144 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 02:50:11.0823 8144 BrUsbSer - ok 02:50:11.0898 8144 BTATH_A2DP (e5b321f18a1d8b6b8dd397d92ba5946a) C:\Windows\system32\drivers\btath_a2dp.sys 02:50:11.0905 8144 BTATH_A2DP - ok 02:50:11.0933 8144 BTATH_BUS (f60e0c722442ea91f0c253b7814d8192) C:\Windows\system32\DRIVERS\btath_bus.sys 02:50:11.0938 8144 BTATH_BUS - ok 02:50:11.0957 8144 BTATH_HCRP (f31e369db8258b28e3dcf66705aea9e9) C:\Windows\system32\DRIVERS\btath_hcrp.sys 02:50:11.0964 8144 BTATH_HCRP - ok 02:50:11.0976 8144 BTATH_LWFLT (6651798266fde23159d961463a63a77d) C:\Windows\system32\DRIVERS\btath_lwflt.sys 02:50:11.0981 8144 BTATH_LWFLT - ok 02:50:12.0015 8144 BTATH_RCP (08ef5298df80bc136523bcd2ed8b9c37) C:\Windows\system32\DRIVERS\btath_rcp.sys 02:50:12.0021 8144 BTATH_RCP - ok 02:50:12.0043 8144 BtFilter (ef6269eab772989e338ba4c833093bac) C:\Windows\system32\DRIVERS\btfilter.sys 02:50:12.0050 8144 BtFilter - ok 02:50:12.0088 8144 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 02:50:12.0114 8144 BthEnum - ok 02:50:12.0134 8144 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 02:50:12.0146 8144 BTHMODEM - ok 02:50:12.0178 8144 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 02:50:12.0190 8144 BthPan - ok 02:50:12.0222 8144 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 02:50:12.0235 8144 BTHPORT - ok 02:50:12.0276 8144 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 02:50:12.0297 8144 bthserv - ok 02:50:12.0308 8144 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 02:50:12.0330 8144 BTHUSB - ok 02:50:12.0365 8144 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 02:50:12.0418 8144 cdfs - ok 02:50:12.0463 8144 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 02:50:12.0474 8144 cdrom - ok 02:50:12.0513 8144 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 02:50:12.0532 8144 CertPropSvc - ok 02:50:12.0557 8144 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys 02:50:12.0568 8144 circlass - ok 02:50:12.0599 8144 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 02:50:12.0610 8144 CLFS - ok 02:50:12.0676 8144 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 02:50:12.0684 8144 clr_optimization_v2.0.50727_32 - ok 02:50:12.0729 8144 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 02:50:12.0738 8144 clr_optimization_v4.0.30319_32 - ok 02:50:12.0744 8144 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys 02:50:12.0755 8144 CmBatt - ok 02:50:12.0824 8144 cmdAgent (907324001ae25ac5959c91eaa34cabae) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 02:50:12.0851 8144 cmdAgent - ok 02:50:12.0888 8144 cmdGuard (ed042da80d9d6a087e83df395ceefd65) C:\Windows\system32\DRIVERS\cmdguard.sys 02:50:12.0899 8144 cmdGuard - ok 02:50:12.0916 8144 cmdHlp (ed6b6a222cb9adf6751e02ad478a89fb) C:\Windows\system32\DRIVERS\cmdhlp.sys 02:50:12.0923 8144 cmdHlp - ok 02:50:12.0939 8144 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 02:50:12.0946 8144 cmdide - ok 02:50:12.0973 8144 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 02:50:12.0987 8144 CNG - ok 02:50:12.0998 8144 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys 02:50:13.0005 8144 Compbatt - ok 02:50:13.0026 8144 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys 02:50:13.0076 8144 CompositeBus - ok 02:50:13.0100 8144 COMSysApp - ok 02:50:13.0144 8144 cpuz135 - ok 02:50:13.0158 8144 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys 02:50:13.0166 8144 crcdisk - ok 02:50:13.0213 8144 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 02:50:13.0233 8144 CryptSvc - ok 02:50:13.0262 8144 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 02:50:13.0283 8144 CSC - ok 02:50:13.0299 8144 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 02:50:13.0335 8144 CscService - ok 02:50:13.0371 8144 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 02:50:13.0408 8144 DcomLaunch - ok 02:50:13.0442 8144 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 02:50:13.0464 8144 defragsvc - ok 02:50:13.0472 8144 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 02:50:13.0504 8144 DfsC - ok 02:50:13.0551 8144 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 02:50:13.0573 8144 Dhcp - ok 02:50:13.0589 8144 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 02:50:13.0609 8144 discache - ok 02:50:13.0646 8144 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys 02:50:13.0653 8144 Disk - ok 02:50:13.0700 8144 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys 02:50:13.0737 8144 dmvsc - ok 02:50:13.0763 8144 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 02:50:13.0785 8144 Dnscache - ok 02:50:13.0821 8144 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 02:50:13.0842 8144 dot3svc - ok 02:50:13.0877 8144 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 02:50:13.0897 8144 DPS - ok 02:50:13.0948 8144 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 02:50:13.0959 8144 drmkaud - ok 02:50:13.0995 8144 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 02:50:14.0004 8144 dtsoftbus01 - ok 02:50:14.0027 8144 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 02:50:14.0041 8144 DXGKrnl - ok 02:50:14.0087 8144 e1cexpress (27de93085f73b385ac26e6c63441b5dc) C:\Windows\system32\DRIVERS\e1c6232.sys 02:50:14.0097 8144 e1cexpress - ok 02:50:14.0123 8144 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 02:50:14.0157 8144 EapHost - ok 02:50:14.0213 8144 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys 02:50:14.0246 8144 ebdrv - ok 02:50:14.0280 8144 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 02:50:14.0320 8144 EFS - ok 02:50:14.0368 8144 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 02:50:14.0391 8144 ehRecvr - ok 02:50:14.0404 8144 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 02:50:14.0416 8144 ehSched - ok 02:50:14.0431 8144 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys 02:50:14.0443 8144 elxstor - ok 02:50:14.0466 8144 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 02:50:14.0493 8144 ErrDev - ok 02:50:14.0530 8144 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 02:50:14.0552 8144 EventSystem - ok 02:50:14.0579 8144 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 02:50:14.0599 8144 exfat - ok 02:50:14.0618 8144 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 02:50:14.0650 8144 fastfat - ok 02:50:14.0706 8144 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 02:50:14.0746 8144 Fax - ok 02:50:14.0763 8144 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys 02:50:14.0773 8144 fdc - ok 02:50:14.0797 8144 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 02:50:14.0829 8144 fdPHost - ok 02:50:14.0836 8144 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 02:50:14.0862 8144 FDResPub - ok 02:50:14.0888 8144 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 02:50:14.0896 8144 FileInfo - ok 02:50:14.0926 8144 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 02:50:14.0944 8144 Filetrace - ok 02:50:14.0951 8144 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys 02:50:14.0961 8144 flpydisk - ok 02:50:14.0997 8144 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 02:50:15.0006 8144 FltMgr - ok 02:50:15.0045 8144 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 02:50:15.0077 8144 FontCache - ok 02:50:15.0142 8144 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 02:50:15.0149 8144 FontCache3.0.0.0 - ok 02:50:15.0236 8144 Freemake Improver (565619f1b6da86e3c7ba75a1e60ecfcd) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 02:50:15.0257 8144 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning 02:50:15.0257 8144 Freemake Improver - detected UnsignedFile.Multi.Generic (1) 02:50:15.0276 8144 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 02:50:15.0283 8144 FsDepends - ok 02:50:15.0295 8144 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 02:50:15.0302 8144 Fs_Rec - ok 02:50:15.0398 8144 Futuremark SystemInfo Service (0d015d3584704ec814a58276232f143b) C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe 02:50:15.0406 8144 Futuremark SystemInfo Service - ok 02:50:15.0437 8144 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 02:50:15.0448 8144 fvevol - ok 02:50:15.0459 8144 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys 02:50:15.0466 8144 gagp30kx - ok 02:50:15.0523 8144 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 02:50:15.0566 8144 gpsvc - ok 02:50:15.0628 8144 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 02:50:15.0636 8144 gupdate - ok 02:50:15.0640 8144 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 02:50:15.0647 8144 gupdatem - ok 02:50:15.0677 8144 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 02:50:15.0685 8144 gusvc - ok 02:50:15.0704 8144 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 02:50:15.0721 8144 hcw85cir - ok 02:50:15.0766 8144 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 02:50:15.0780 8144 HdAudAddService - ok 02:50:15.0793 8144 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 02:50:15.0833 8144 HDAudBus - ok 02:50:15.0866 8144 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys 02:50:15.0876 8144 HidBatt - ok 02:50:15.0906 8144 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys 02:50:15.0918 8144 HidBth - ok 02:50:15.0940 8144 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys 02:50:15.0967 8144 HidIr - ok 02:50:15.0999 8144 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 02:50:16.0019 8144 hidserv - ok 02:50:16.0047 8144 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 02:50:16.0058 8144 HidUsb - ok 02:50:16.0087 8144 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 02:50:16.0107 8144 hkmsvc - ok 02:50:16.0133 8144 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 02:50:16.0156 8144 HomeGroupListener - ok 02:50:16.0184 8144 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 02:50:16.0215 8144 HomeGroupProvider - ok 02:50:16.0308 8144 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 02:50:16.0316 8144 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 02:50:16.0316 8144 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 02:50:16.0333 8144 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 02:50:16.0341 8144 HpSAMD - ok 02:50:16.0376 8144 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 02:50:16.0397 8144 HTTP - ok 02:50:16.0412 8144 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 02:50:16.0419 8144 hwpolicy - ok 02:50:16.0437 8144 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 02:50:16.0465 8144 i8042prt - ok 02:50:16.0525 8144 iaStor (db81f413fa4e3f328cad7b5d59ef3f21) C:\Windows\system32\DRIVERS\iaStor.sys 02:50:16.0537 8144 iaStor - ok 02:50:16.0600 8144 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 02:50:16.0607 8144 IAStorDataMgrSvc - ok 02:50:16.0634 8144 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 02:50:16.0644 8144 iaStorV - ok 02:50:16.0687 8144 ICCWDT (8661b1d7706889463289a8660352f0f8) C:\Windows\system32\DRIVERS\ICCWDT.sys 02:50:16.0694 8144 ICCWDT - ok 02:50:16.0717 8144 IDMWFP (abdb3c09f68292f0eb9c81855c0e47b5) C:\Windows\system32\DRIVERS\idmwfp.sys 02:50:16.0724 8144 IDMWFP - ok 02:50:16.0783 8144 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 02:50:16.0789 8144 IDriverT ( UnsignedFile.Multi.Generic ) - warning 02:50:16.0789 8144 IDriverT - detected UnsignedFile.Multi.Generic (1) 02:50:16.0854 8144 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 02:50:16.0872 8144 idsvc - ok 02:50:16.0904 8144 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys 02:50:16.0912 8144 iirsp - ok 02:50:16.0948 8144 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 02:50:17.0001 8144 IKEEXT - ok 02:50:17.0049 8144 inspect (2ee3db2c1760171c6f72f2f1792a47b5) C:\Windows\system32\DRIVERS\inspect.sys 02:50:17.0057 8144 inspect - ok 02:50:17.0134 8144 IntcAzAudAddService (5294f1c52a6d8c2a15ffd2945c552736) C:\Windows\system32\drivers\RTKVHDA.sys 02:50:17.0174 8144 IntcAzAudAddService - ok 02:50:17.0208 8144 Intel(R) PROSet Monitoring Service (1a97e12e4037492cbf22f94d3a0cebe9) C:\Windows\system32\IProsetMonitor.exe 02:50:17.0218 8144 Intel(R) PROSet Monitoring Service - ok 02:50:17.0230 8144 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 02:50:17.0237 8144 intelide - ok 02:50:17.0264 8144 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 02:50:17.0274 8144 intelppm - ok 02:50:17.0300 8144 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 02:50:17.0321 8144 IPBusEnum - ok 02:50:17.0347 8144 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 02:50:17.0366 8144 IpFilterDriver - ok 02:50:17.0384 8144 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 02:50:17.0409 8144 iphlpsvc - ok 02:50:17.0421 8144 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 02:50:17.0431 8144 IPMIDRV - ok 02:50:17.0458 8144 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 02:50:17.0477 8144 IPNAT - ok 02:50:17.0492 8144 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 02:50:17.0504 8144 IRENUM - ok 02:50:17.0520 8144 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 02:50:17.0528 8144 isapnp - ok 02:50:17.0551 8144 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 02:50:17.0560 8144 iScsiPrt - ok 02:50:17.0618 8144 JRAID (fe40c1ba67ec92490fce065016806aa6) C:\Windows\system32\DRIVERS\jraid.sys 02:50:17.0626 8144 JRAID - ok 02:50:17.0677 8144 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 02:50:17.0684 8144 kbdclass - ok 02:50:17.0702 8144 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 02:50:17.0713 8144 kbdhid - ok 02:50:17.0759 8144 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 02:50:17.0771 8144 KeyIso - ok 02:50:17.0793 8144 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 02:50:17.0801 8144 KSecDD - ok 02:50:17.0818 8144 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 02:50:17.0826 8144 KSecPkg - ok 02:50:17.0867 8144 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 02:50:17.0891 8144 KtmRm - ok 02:50:17.0941 8144 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 02:50:17.0964 8144 LanmanServer - ok 02:50:17.0998 8144 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 02:50:18.0033 8144 LanmanWorkstation - ok 02:50:18.0063 8144 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 02:50:18.0099 8144 lltdio - ok 02:50:18.0135 8144 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 02:50:18.0158 8144 lltdsvc - ok 02:50:18.0173 8144 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 02:50:18.0193 8144 lmhosts - ok 02:50:18.0211 8144 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys 02:50:18.0219 8144 LSI_FC - ok 02:50:18.0230 8144 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys 02:50:18.0238 8144 LSI_SAS - ok 02:50:18.0265 8144 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys 02:50:18.0272 8144 LSI_SAS2 - ok 02:50:18.0290 8144 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys 02:50:18.0298 8144 LSI_SCSI - ok 02:50:18.0330 8144 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 02:50:18.0350 8144 luafv - ok 02:50:18.0410 8144 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys 02:50:18.0418 8144 MBAMSwissArmy - ok 02:50:18.0442 8144 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 02:50:18.0455 8144 Mcx2Svc - ok 02:50:18.0485 8144 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys 02:50:18.0493 8144 megasas - ok 02:50:18.0512 8144 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys 02:50:18.0521 8144 MegaSR - ok 02:50:18.0556 8144 MEI (d86ac00883b9c98b570e7643aaf8e554) C:\Windows\system32\DRIVERS\HECI.sys 02:50:18.0576 8144 MEI - ok 02:50:18.0620 8144 Microsoft SharePoint Workspace Audit Service - ok 02:50:18.0639 8144 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 02:50:18.0679 8144 MMCSS - ok 02:50:18.0699 8144 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 02:50:18.0718 8144 Modem - ok 02:50:18.0741 8144 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 02:50:18.0752 8144 monitor - ok 02:50:18.0791 8144 MotoHelper (fa073bf55e99f21cfe3afb023cfd81dc) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe 02:50:18.0800 8144 MotoHelper - ok 02:50:18.0822 8144 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 02:50:18.0830 8144 mouclass - ok 02:50:18.0855 8144 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 02:50:18.0866 8144 mouhid - ok 02:50:18.0892 8144 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 02:50:18.0900 8144 mountmgr - ok 02:50:18.0917 8144 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 02:50:18.0926 8144 mpio - ok 02:50:18.0959 8144 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 02:50:18.0977 8144 mpsdrv - ok 02:50:19.0006 8144 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 02:50:19.0033 8144 MpsSvc - ok 02:50:19.0044 8144 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 02:50:19.0056 8144 MRxDAV - ok 02:50:19.0095 8144 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 02:50:19.0114 8144 mrxsmb - ok 02:50:19.0127 8144 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 02:50:19.0139 8144 mrxsmb10 - ok 02:50:19.0156 8144 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 02:50:19.0167 8144 mrxsmb20 - ok 02:50:19.0185 8144 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 02:50:19.0192 8144 msahci - ok 02:50:19.0223 8144 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 02:50:19.0232 8144 msdsm - ok 02:50:19.0248 8144 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 02:50:19.0280 8144 MSDTC - ok 02:50:19.0312 8144 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 02:50:19.0331 8144 Msfs - ok 02:50:19.0347 8144 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 02:50:19.0366 8144 mshidkmdf - ok 02:50:19.0373 8144 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 02:50:19.0380 8144 msisadrv - ok 02:50:19.0423 8144 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 02:50:19.0455 8144 MSiSCSI - ok 02:50:19.0461 8144 msiserver - ok 02:50:19.0480 8144 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 02:50:19.0517 8144 MSKSSRV - ok 02:50:19.0556 8144 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 02:50:19.0575 8144 MSPCLOCK - ok 02:50:19.0582 8144 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 02:50:19.0601 8144 MSPQM - ok 02:50:19.0613 8144 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 02:50:19.0622 8144 MsRPC - ok 02:50:19.0639 8144 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 02:50:19.0647 8144 mssmbios - ok 02:50:19.0726 8144 MSSQL$SQLEXPRESS - ok 02:50:19.0743 8144 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 02:50:19.0751 8144 MSSQLServerADHelper - ok 02:50:19.0771 8144 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 02:50:19.0790 8144 MSTEE - ok 02:50:19.0909 8144 msvsmon90 (e514d0493c272aecbac7c6c1dac635d1) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe 02:50:19.0975 8144 msvsmon90 - ok 02:50:19.0984 8144 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys 02:50:20.0023 8144 MTConfig - ok 02:50:20.0047 8144 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 02:50:20.0054 8144 Mup - ok 02:50:20.0098 8144 mv91xx (19aab6a158bc8a16e756c010776a5546) C:\Windows\system32\DRIVERS\mv91xx.sys 02:50:20.0107 8144 mv91xx - ok 02:50:20.0148 8144 NAL (35b94fb62c96807183841ca4e0fb44d8) C:\Windows\system32\Drivers\iqvw32.sys 02:50:20.0154 8144 NAL - ok 02:50:20.0185 8144 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 02:50:20.0227 8144 napagent - ok 02:50:20.0287 8144 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 02:50:20.0301 8144 NativeWifiP - ok 02:50:20.0327 8144 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 02:50:20.0342 8144 NDIS - ok 02:50:20.0352 8144 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 02:50:20.0371 8144 NdisCap - ok 02:50:20.0399 8144 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 02:50:20.0417 8144 NdisTapi - ok 02:50:20.0442 8144 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 02:50:20.0460 8144 Ndisuio - ok 02:50:20.0479 8144 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 02:50:20.0514 8144 NdisWan - ok 02:50:20.0521 8144 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 02:50:20.0539 8144 NDProxy - ok 02:50:20.0569 8144 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 02:50:20.0606 8144 NetBIOS - ok 02:50:20.0635 8144 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 02:50:20.0654 8144 NetBT - ok 02:50:20.0681 8144 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 02:50:20.0693 8144 Netlogon - ok 02:50:20.0733 8144 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 02:50:20.0757 8144 Netman - ok 02:50:20.0945 8144 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 02:50:20.0991 8144 NetMsmqActivator - ok 02:50:21.0018 8144 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 02:50:21.0026 8144 NetPipeActivator - ok 02:50:21.0040 8144 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 02:50:21.0080 8144 netprofm - ok 02:50:21.0118 8144 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 02:50:21.0125 8144 NetTcpActivator - ok 02:50:21.0129 8144 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 02:50:21.0136 8144 NetTcpPortSharing - ok 02:50:21.0165 8144 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys 02:50:21.0172 8144 nfrd960 - ok 02:50:21.0263 8144 NitroDriverReadSpool2 (6a1134fb484af1aa9e952196b20996fc) C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe 02:50:21.0272 8144 NitroDriverReadSpool2 - ok 02:50:21.0312 8144 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 02:50:21.0349 8144 NlaSvc - ok 02:50:21.0389 8144 nlsX86cc (fac20f9060ff9c74af0c8a002bb04ae7) C:\Windows\system32\NLSSRV32.EXE 02:50:21.0398 8144 nlsX86cc - ok 02:50:21.0405 8144 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 02:50:21.0424 8144 Npfs - ok 02:50:21.0435 8144 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 02:50:21.0456 8144 nsi - ok 02:50:21.0469 8144 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 02:50:21.0506 8144 nsiproxy - ok 02:50:21.0553 8144 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 02:50:21.0573 8144 Ntfs - ok 02:50:21.0580 8144 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 02:50:21.0599 8144 Null - ok 02:50:21.0640 8144 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys 02:50:21.0648 8144 NVHDA - ok 02:50:21.0806 8144 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys 02:50:21.0921 8144 nvlddmkm - ok 02:50:21.0960 8144 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 02:50:21.0968 8144 nvraid - ok 02:50:21.0984 8144 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 02:50:21.0993 8144 nvstor - ok 02:50:22.0037 8144 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe 02:50:22.0053 8144 nvsvc - ok 02:50:22.0174 8144 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 02:50:22.0228 8144 nvUpdatusService - ok 02:50:22.0266 8144 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 02:50:22.0274 8144 nv_agp - ok 02:50:22.0285 8144 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 02:50:22.0310 8144 ohci1394 - ok 02:50:22.0341 8144 OracleJobSchedulerXE - ok 02:50:22.0349 8144 OracleMTSRecoveryService - ok 02:50:22.0353 8144 OracleServiceXE - ok 02:50:22.0360 8144 OracleXEClrAgent - ok 02:50:22.0390 8144 OracleXETNSListener (8af936ce45788974efff7d0f19143583) C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe 02:50:22.0398 8144 OracleXETNSListener ( UnsignedFile.Multi.Generic ) - warning 02:50:22.0398 8144 OracleXETNSListener - detected UnsignedFile.Multi.Generic (1) 02:50:22.0453 8144 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 02:50:22.0462 8144 ose - ok 02:50:22.0565 8144 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 02:50:22.0660 8144 osppsvc - ok 02:50:22.0700 8144 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 02:50:22.0722 8144 p2pimsvc - ok 02:50:22.0738 8144 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 02:50:22.0754 8144 p2psvc - ok 02:50:22.0789 8144 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys 02:50:22.0814 8144 Parport - ok 02:50:22.0854 8144 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 02:50:22.0862 8144 partmgr - ok 02:50:22.0870 8144 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys 02:50:22.0881 8144 Parvdm - ok 02:50:22.0910 8144 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 02:50:22.0926 8144 PcaSvc - ok 02:50:22.0939 8144 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 02:50:22.0948 8144 pci - ok 02:50:22.0985 8144 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 02:50:22.0992 8144 pciide - ok 02:50:23.0014 8144 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys 02:50:23.0022 8144 pcmcia - ok 02:50:23.0035 8144 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 02:50:23.0043 8144 pcw - ok 02:50:23.0080 8144 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 02:50:23.0117 8144 PEAUTH - ok 02:50:23.0169 8144 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 02:50:23.0216 8144 PeerDistSvc - ok 02:50:23.0250 8144 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 02:50:23.0311 8144 pla - ok 02:50:23.0370 8144 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 02:50:23.0410 8144 PlugPlay - ok 02:50:23.0423 8144 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 02:50:23.0440 8144 PNRPAutoReg - ok 02:50:23.0465 8144 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 02:50:23.0479 8144 PNRPsvc - ok 02:50:23.0508 8144 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 02:50:23.0532 8144 PolicyAgent - ok 02:50:23.0563 8144 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 02:50:23.0584 8144 Power - ok 02:50:23.0640 8144 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 02:50:23.0659 8144 PptpMiniport - ok 02:50:23.0675 8144 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys 02:50:23.0685 8144 Processor - ok 02:50:23.0706 8144 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 02:50:23.0794 8144 ProfSvc - ok 02:50:23.0828 8144 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 02:50:23.0839 8144 ProtectedStorage - ok 02:50:23.0858 8144 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 02:50:23.0877 8144 Psched - ok 02:50:23.0925 8144 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys 02:50:23.0946 8144 ql2300 - ok 02:50:23.0959 8144 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys 02:50:23.0967 8144 ql40xx - ok 02:50:23.0995 8144 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 02:50:24.0012 8144 QWAVE - ok 02:50:24.0034 8144 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 02:50:24.0046 8144 QWAVEdrv - ok 02:50:24.0063 8144 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 02:50:24.0081 8144 RasAcd - ok 02:50:24.0119 8144 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 02:50:24.0137 8144 RasAgileVpn - ok 02:50:24.0147 8144 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 02:50:24.0170 8144 RasAuto - ok 02:50:24.0183 8144 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 02:50:24.0202 8144 Rasl2tp - ok 02:50:24.0219 8144 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 02:50:24.0243 8144 RasMan - ok 02:50:24.0261 8144 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 02:50:24.0280 8144 RasPppoe - ok 02:50:24.0301 8144 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 02:50:24.0333 8144 RasSstp - ok 02:50:24.0360 8144 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 02:50:24.0379 8144 rdbss - ok 02:50:24.0395 8144 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 02:50:24.0407 8144 rdpbus - ok 02:50:24.0429 8144 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 02:50:24.0446 8144 RDPCDD - ok 02:50:24.0477 8144 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 02:50:24.0498 8144 RDPDR - ok 02:50:24.0514 8144 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 02:50:24.0545 8144 RDPENCDD - ok 02:50:24.0577 8144 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 02:50:24.0595 8144 RDPREFMP - ok 02:50:24.0625 8144 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 02:50:24.0644 8144 RdpVideoMiniport - ok 02:50:24.0671 8144 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 02:50:24.0713 8144 RDPWD - ok 02:50:24.0726 8144 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 02:50:24.0735 8144 rdyboost - ok 02:50:24.0760 8144 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 02:50:24.0780 8144 RemoteAccess - ok 02:50:24.0812 8144 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 02:50:24.0849 8144 RemoteRegistry - ok 02:50:24.0877 8144 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 02:50:24.0889 8144 RFCOMM - ok 02:50:24.0922 8144 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 02:50:24.0967 8144 RpcEptMapper - ok 02:50:25.0010 8144 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 02:50:25.0040 8144 RpcLocator - ok 02:50:25.0068 8144 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 02:50:25.0091 8144 RpcSs - ok 02:50:25.0119 8144 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 02:50:25.0139 8144 rspndr - ok 02:50:25.0201 8144 rt61x86 (e70dab50dc67d4037a612384d649313f) C:\Windows\system32\DRIVERS\WMP54Gv41x86.sys 02:50:25.0211 8144 rt61x86 - ok 02:50:25.0287 8144 RTCore32 (293a2a421fd8d064803d22a252b2de97) C:\Program Files\EVGA Precision X\RTCore32.sys 02:50:25.0291 8144 RTCore32 ( UnsignedFile.Multi.Generic ) - warning 02:50:25.0291 8144 RTCore32 - detected UnsignedFile.Multi.Generic (1) 02:50:25.0318 8144 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 02:50:25.0339 8144 s3cap - ok 02:50:25.0368 8144 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 02:50:25.0379 8144 SamSs - ok 02:50:25.0404 8144 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 02:50:25.0412 8144 sbp2port - ok 02:50:25.0426 8144 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 02:50:25.0447 8144 SCardSvr - ok 02:50:25.0481 8144 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 02:50:25.0516 8144 scfilter - ok 02:50:25.0551 8144 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 02:50:25.0598 8144 Schedule - ok 02:50:25.0624 8144 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 02:50:25.0642 8144 SCPolicySvc - ok 02:50:25.0653 8144 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 02:50:25.0677 8144 SDRSVC - ok 02:50:25.0703 8144 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 02:50:25.0722 8144 secdrv - ok 02:50:25.0745 8144 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 02:50:25.0778 8144 seclogon - ok 02:50:25.0795 8144 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 02:50:25.0817 8144 SENS - ok 02:50:25.0845 8144 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 02:50:25.0858 8144 SensrSvc - ok 02:50:25.0888 8144 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys 02:50:25.0899 8144 Serenum - ok 02:50:25.0916 8144 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys 02:50:25.0927 8144 Serial - ok 02:50:25.0941 8144 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys 02:50:25.0951 8144 sermouse - ok 02:50:25.0978 8144 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 02:50:26.0000 8144 SessionEnv - ok 02:50:26.0013 8144 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 02:50:26.0024 8144 sffdisk - ok 02:50:26.0040 8144 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 02:50:26.0065 8144 sffp_mmc - ok 02:50:26.0097 8144 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 02:50:26.0108 8144 sffp_sd - ok 02:50:26.0135 8144 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys 02:50:26.0145 8144 sfloppy - ok 02:50:26.0186 8144 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 02:50:26.0209 8144 SharedAccess - ok 02:50:26.0225 8144 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 02:50:26.0264 8144 ShellHWDetection - ok 02:50:26.0282 8144 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 02:50:26.0289 8144 sisagp - ok 02:50:26.0325 8144 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys 02:50:26.0332 8144 SiSRaid2 - ok 02:50:26.0342 8144 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys 02:50:26.0350 8144 SiSRaid4 - ok 02:50:26.0392 8144 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 02:50:26.0411 8144 Smb - ok 02:50:26.0428 8144 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 02:50:26.0441 8144 SNMPTRAP - ok 02:50:26.0467 8144 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 02:50:26.0475 8144 spldr - ok 02:50:26.0493 8144 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 02:50:26.0534 8144 Spooler - ok 02:50:26.0591 8144 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 02:50:26.0662 8144 sppsvc - ok 02:50:26.0677 8144 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 02:50:26.0702 8144 sppuinotify - ok 02:50:26.0742 8144 sptd (ab5c8f6e63674dbad9c1e449e8fd77ce) C:\Windows\System32\Drivers\sptd.sys 02:50:26.0754 8144 sptd - ok 02:50:26.0826 8144 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 02:50:26.0836 8144 SQLBrowser - ok 02:50:26.0877 8144 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 02:50:26.0884 8144 SQLWriter - ok 02:50:26.0920 8144 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 02:50:26.0933 8144 srv - ok 02:50:26.0953 8144 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 02:50:26.0965 8144 srv2 - ok 02:50:26.0979 8144 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 02:50:26.0990 8144 srvnet - ok 02:50:27.0012 8144 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 02:50:27.0034 8144 SSDPSRV - ok 02:50:27.0047 8144 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 02:50:27.0073 8144 SstpSvc - ok 02:50:27.0100 8144 Steam Client Service - ok 02:50:27.0165 8144 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 02:50:27.0178 8144 Stereo Service - ok 02:50:27.0215 8144 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys 02:50:27.0222 8144 stexstor - ok 02:50:27.0272 8144 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 02:50:27.0293 8144 StiSvc - ok 02:50:27.0321 8144 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 02:50:27.0329 8144 storflt - ok 02:50:27.0341 8144 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 02:50:27.0349 8144 storvsc - ok 02:50:27.0363 8144 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 02:50:27.0370 8144 swenum - ok 02:50:27.0449 8144 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 02:50:27.0475 8144 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 02:50:27.0475 8144 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 02:50:27.0511 8144 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 02:50:27.0536 8144 swprv - ok 02:50:27.0551 8144 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys 02:50:27.0559 8144 Synth3dVsc - ok 02:50:27.0585 8144 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 02:50:27.0627 8144 SysMain - ok 02:50:27.0656 8144 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 02:50:27.0686 8144 TabletInputService - ok 02:50:27.0711 8144 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 02:50:27.0734 8144 TapiSrv - ok 02:50:27.0751 8144 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 02:50:27.0773 8144 TBS - ok 02:50:27.0831 8144 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 02:50:27.0852 8144 Tcpip - ok 02:50:27.0881 8144 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 02:50:27.0901 8144 TCPIP6 - ok 02:50:27.0930 8144 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 02:50:27.0959 8144 tcpipreg - ok 02:50:27.0991 8144 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 02:50:28.0000 8144 TDPIPE - ok 02:50:28.0024 8144 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 02:50:28.0035 8144 TDTCP - ok 02:50:28.0046 8144 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 02:50:28.0075 8144 tdx - ok 02:50:28.0098 8144 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys 02:50:28.0105 8144 TermDD - ok 02:50:28.0146 8144 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys 02:50:28.0162 8144 terminpt - ok 02:50:28.0194 8144 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 02:50:28.0218 8144 TermService - ok 02:50:28.0233 8144 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 02:50:28.0263 8144 Themes - ok 02:50:28.0288 8144 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 02:50:28.0308 8144 THREADORDER - ok 02:50:28.0344 8144 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 02:50:28.0386 8144 TrkWks - ok 02:50:28.0437 8144 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 02:50:28.0457 8144 TrustedInstaller - ok 02:50:28.0480 8144 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 02:50:28.0498 8144 tssecsrv - ok 02:50:28.0513 8144 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 02:50:28.0554 8144 TsUsbFlt - ok 02:50:28.0570 8144 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys 02:50:28.0613 8144 TsUsbGD - ok 02:50:28.0657 8144 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys 02:50:28.0668 8144 tsusbhub - ok 02:50:28.0718 8144 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 02:50:28.0736 8144 tunnel - ok 02:50:28.0750 8144 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys 02:50:28.0758 8144 uagp35 - ok 02:50:28.0773 8144 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 02:50:28.0810 8144 udfs - ok 02:50:28.0852 8144 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 02:50:28.0865 8144 UI0Detect - ok 02:50:28.0888 8144 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 02:50:28.0896 8144 uliagpkx - ok 02:50:28.0923 8144 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 02:50:28.0934 8144 umbus - ok 02:50:28.0964 8144 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys 02:50:28.0974 8144 UmPass - ok 02:50:29.0010 8144 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 02:50:29.0042 8144 UmRdpService - ok 02:50:29.0072 8144 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 02:50:29.0097 8144 upnphost - ok 02:50:29.0128 8144 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 02:50:29.0139 8144 usbccgp - ok 02:50:29.0151 8144 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 02:50:29.0163 8144 usbcir - ok 02:50:29.0198 8144 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys 02:50:29.0208 8144 usbehci - ok 02:50:29.0227 8144 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 02:50:29.0239 8144 usbhub - ok 02:50:29.0261 8144 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 02:50:29.0293 8144 usbohci - ok 02:50:29.0337 8144 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 02:50:29.0348 8144 usbprint - ok 02:50:29.0394 8144 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 02:50:29.0406 8144 usbscan - ok 02:50:29.0430 8144 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 02:50:29.0453 8144 USBSTOR - ok 02:50:29.0473 8144 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 02:50:29.0483 8144 usbuhci - ok 02:50:29.0510 8144 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 02:50:29.0531 8144 UxSms - ok 02:50:29.0557 8144 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 02:50:29.0568 8144 VaultSvc - ok 02:50:29.0580 8144 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 02:50:29.0587 8144 vdrvroot - ok 02:50:29.0615 8144 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 02:50:29.0641 8144 vds - ok 02:50:29.0654 8144 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 02:50:29.0701 8144 vga - ok 02:50:29.0738 8144 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 02:50:29.0757 8144 VgaSave - ok 02:50:29.0764 8144 VGPU - ok 02:50:29.0782 8144 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 02:50:29.0790 8144 vhdmp - ok 02:50:29.0803 8144 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 02:50:29.0810 8144 viaagp - ok 02:50:29.0834 8144 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys 02:50:29.0862 8144 ViaC7 - ok 02:50:29.0881 8144 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 02:50:29.0888 8144 viaide - ok 02:50:29.0934 8144 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 02:50:29.0943 8144 vmbus - ok 02:50:29.0959 8144 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 02:50:29.0969 8144 VMBusHID - ok 02:50:29.0977 8144 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 02:50:29.0984 8144 volmgr - ok 02:50:30.0021 8144 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 02:50:30.0031 8144 volmgrx - ok 02:50:30.0049 8144 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 02:50:30.0059 8144 volsnap - ok 02:50:30.0092 8144 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys 02:50:30.0101 8144 vsmraid - ok 02:50:30.0159 8144 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 02:50:30.0199 8144 VSS - ok 02:50:30.0219 8144 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 02:50:30.0247 8144 vwifibus - ok 02:50:30.0274 8144 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 02:50:30.0311 8144 W32Time - ok 02:50:30.0320 8144 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys 02:50:30.0331 8144 WacomPen - ok 02:50:30.0361 8144 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 02:50:30.0380 8144 WANARP - ok 02:50:30.0383 8144 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 02:50:30.0401 8144 Wanarpv6 - ok 02:50:30.0452 8144 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 02:50:30.0492 8144 WatAdminSvc - ok 02:50:30.0525 8144 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 02:50:30.0571 8144 wbengine - ok 02:50:30.0596 8144 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 02:50:30.0613 8144 WbioSrvc - ok 02:50:30.0630 8144 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 02:50:30.0648 8144 wcncsvc - ok 02:50:30.0661 8144 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 02:50:30.0677 8144 WcsPlugInService - ok 02:50:30.0694 8144 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys 02:50:30.0701 8144 Wd - ok 02:50:30.0719 8144 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 02:50:30.0730 8144 Wdf01000 - ok 02:50:30.0745 8144 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 02:50:30.0802 8144 WdiServiceHost - ok 02:50:30.0805 8144 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 02:50:30.0819 8144 WdiSystemHost - ok 02:50:30.0836 8144 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 02:50:30.0869 8144 WebClient - ok 02:50:30.0901 8144 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 02:50:30.0924 8144 Wecsvc - ok 02:50:30.0936 8144 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 02:50:30.0974 8144 wercplsupport - ok 02:50:31.0000 8144 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 02:50:31.0037 8144 WerSvc - ok 02:50:31.0069 8144 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 02:50:31.0088 8144 WfpLwf - ok 02:50:31.0098 8144 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 02:50:31.0105 8144 WIMMount - ok 02:50:31.0170 8144 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 02:50:31.0206 8144 WinDefend - ok 02:50:31.0224 8144 WinHttpAutoProxySvc - ok 02:50:31.0272 8144 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 02:50:31.0291 8144 Winmgmt - ok 02:50:31.0320 8144 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 02:50:31.0367 8144 WinRM - ok 02:50:31.0390 8144 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 02:50:31.0415 8144 Wlansvc - ok 02:50:31.0498 8144 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 02:50:31.0538 8144 wlidsvc - ok 02:50:31.0553 8144 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 02:50:31.0563 8144 WmiAcpi - ok 02:50:31.0596 8144 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 02:50:31.0629 8144 wmiApSrv - ok 02:50:31.0696 8144 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 02:50:31.0731 8144 WMPNetworkSvc - ok 02:50:31.0740 8144 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 02:50:31.0759 8144 WPCSvc - ok 02:50:31.0769 8144 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 02:50:31.0796 8144 WPDBusEnum - ok 02:50:31.0804 8144 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 02:50:31.0835 8144 ws2ifsl - ok 02:50:31.0861 8144 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll 02:50:31.0880 8144 wscsvc - ok 02:50:31.0886 8144 WSearch - ok 02:50:31.0937 8144 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 02:50:31.0996 8144 wuauserv - ok 02:50:32.0025 8144 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 02:50:32.0056 8144 WudfPf - ok 02:50:32.0106 8144 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 02:50:32.0124 8144 WUDFRd - ok 02:50:32.0153 8144 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 02:50:32.0175 8144 wudfsvc - ok 02:50:32.0205 8144 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 02:50:32.0238 8144 WwanSvc - ok 02:50:32.0281 8144 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys 02:50:32.0325 8144 xusb21 - ok 02:50:32.0346 8144 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 02:50:32.0495 8144 \Device\Harddisk0\DR0 - ok 02:50:32.0497 8144 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 02:50:32.0932 8144 \Device\Harddisk1\DR1 - ok 02:50:32.0934 8144 Boot (0x1200) (52ab77de226eb81194e3292d9f0ad086) \Device\Harddisk0\DR0\Partition0 02:50:32.0935 8144 \Device\Harddisk0\DR0\Partition0 - ok 02:50:32.0952 8144 Boot (0x1200) (fe6b540cd15585cea3e82985d7ff97f1) \Device\Harddisk0\DR0\Partition1 02:50:32.0954 8144 \Device\Harddisk0\DR0\Partition1 - ok 02:50:32.0956 8144 Boot (0x1200) (9883314227139c187c56960fbb65ca66) \Device\Harddisk1\DR1\Partition0 02:50:32.0957 8144 \Device\Harddisk1\DR1\Partition0 - ok 02:50:32.0959 8144 Boot (0x1200) (1209be58c579edcc3c5da98ab0f80ca2) \Device\Harddisk1\DR1\Partition1 02:50:32.0960 8144 \Device\Harddisk1\DR1\Partition1 - ok 02:50:32.0962 8144 Boot (0x1200) (07fcf1ed3783cc118fb714fe64edefb2) \Device\Harddisk1\DR1\Partition2 02:50:32.0964 8144 \Device\Harddisk1\DR1\Partition2 - ok 02:50:32.0964 8144 ============================================================ 02:50:32.0964 8144 Scan finished 02:50:32.0964 8144 ============================================================ 02:50:32.0970 9072 Detected object count: 6 02:50:32.0970 9072 Actual detected object count: 6 02:50:36.0371 9072 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user 02:50:36.0371 9072 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 02:50:36.0372 9072 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 02:50:36.0372 9072 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 02:50:36.0372 9072 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 02:50:36.0372 9072 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 02:50:36.0373 9072 OracleXETNSListener ( UnsignedFile.Multi.Generic ) - skipped by user 02:50:36.0373 9072 OracleXETNSListener ( UnsignedFile.Multi.Generic ) - User select action: Skip 02:50:36.0374 9072 RTCore32 ( UnsignedFile.Multi.Generic ) - skipped by user 02:50:36.0374 9072 RTCore32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 02:50:36.0375 9072 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 02:50:36.0375 9072 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 02:50:37.0919 7596 Deinitialize success
  9. levi
    I have been running MB Anti-Malware free for a while now and usually get fully clean results. But 2 days back when I ran a check I found a ton of infections along with Stolen.Data items. I immediately cleaned it up. Today when I again ran MB Anti-Malware it again found new Stolen.Data.. Obviously its not being fully cleaned. Please help me! I have posted the dds.txt and attach.txt logs as mentioned in the http://forums.malwarebytes.org/index.php?showtopic=9573 post. Eagerly waiting for a reply... DDS.txt . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.0 Run by Vikram at 22:50:56 on 2012-04-10 Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.3567.1585 [GMT 5.5:30] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\explorer.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files\EVGA Precision X\EVGAPrecision.exe C:\Program Files\Bluetooth Suite\adminservice.exe C:\Program Files\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Windows\system32\IProsetMonitor.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr32.exe C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe C:\Windows\system32\NLSSRV32.EXE c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE C:\Program Files\NetWorx\networx.exe C:\Program Files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe C:\Program Files\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe C:\Program Files\Bluetooth Suite\AthBtTray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Bluetooth Suite\BtvStack.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\DisplayFusion\DisplayFusion.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\FileHippo.com\UpdateChecker.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Windows\Temp\Volume.exe C:\Windows\system32\mdm.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe C:\Program Files\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\EVGA Precision X\Bundle\OSDServer\RTSS.exe C:\Program Files\ASUS\AI Suite II\AI Suite II.exe C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\AUDIODG.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\programs\attributes.exe C:\Windows\system32\conhost.exe c:\programs\phoenix.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyServer = http=59.93.246.190:808;https=59.93.246.190:808;ftp=59.93.246.190:808;socks=59.93.246.190:1080 uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - c:\program files\bluetooth suite\IEPlugIn.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - c:\program files\lastpass\LPBar.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: &NetWorx Desk Band: {feea54b4-d80f-41c7-87b9-dc08e6d3255f} - c:\progra~1\networx\deskband.dll TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - c:\program files\lastpass\LPBar.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [DisplayFusion] "c:\program files\displayfusion\DisplayFusion.exe" uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [Audio] c:\users\vikram\appdata\local\temp\Soundfx .exe mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto mRun: [<NO NAME>] mRun: [ASUS AiChargerPlus Execute] c:\program files\installshield installation information\{e6931688-da2b-4e16-8539-3d323d69c677}\AiChargerPlus.exe mRun: [ASUS ShellProcess Execute] c:\program files\asus\ai suite ii\asus mobilink\simulator\AsShellProcess.exe mRun: [AthBtTray] "c:\program files\bluetooth suite\AthBtTray.exe" mRun: [AtherosBtStack] "c:\program files\bluetooth suite\BtvStack.exe" mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [IAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe mRun: [OmniPage Preload] c:\program files\nuance\omnipage18\OmniPage18.exe /preload mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\vikram\appdata\roaming\microsoft\windows\start menu\programs\startup\Soundfx .exe uPolicies-system: Shell = %windir%\lock.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm IE: Download FLV videos with IDM from 10 last requested - c:\program files\internet download manager\IEGetVL2.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: LastPass - file://c:\program files\lastpass\context.html?cmd=lastpass IE: LastPass Fill Forms - file://c:\program files\lastpass\context.html?cmd=fillforms IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPBar.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll Trusted Zone: ncodesolutions.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab TCP: DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 TCP: Interfaces\{61EC26C7-594A-4783-B662-78D5543F61F5} : DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 TCP: Interfaces\{A0FCFE2C-0228-4CB7-9712-55CC9708D751} : NameServer = 8.8.4.4,8.8.8.8 TCP: Interfaces\{C4AF92ED-B0DA-49A9-95F1-D99C17206EB1} : NameServer = 8.8.4.4,208.67.220.220 TCP: Interfaces\{C4AF92ED-B0DA-49A9-95F1-D99C17206EB1} : DhcpNameServer = 8.8.4.4 208.67.220.220 8.8.8.8 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL AppInit_DLLs: c:\windows\system32\guard32.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\vikram\appdata\roaming\mozilla\firefox\profiles\emn1jwc8.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll FF - plugin: c:\program files\nitro pdf\professional 7\npdf.dll FF - plugin: c:\program files\nitro pdf\professional 7\npnitromozilla.dll FF - plugin: c:\program files\nitro pdf\professional 7\NPShellExtension.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll . ============= SERVICES / DRIVERS =============== . R0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\drivers\AiChargerPlus.sys [2012-1-14 13696] R0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys [2010-8-27 261160] R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-8-3 11832] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-14 610648] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-14 337112] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 491816] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 39640] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928] R2 asComSvc;ASUS Com Service;c:\program files\asus\axsp\1.00.14\atkexComSvc.exe [2011-6-13 922240] R2 asHmComSvc;ASUS HM Com Service;c:\program files\asus\aahm\1.00.14\aaHMSvc.exe [2010-12-2 915584] R2 AsSysCtrlService;ASUS System Control Service;c:\program files\asus\assysctrlservice\1.00.11\AsSysCtrlService.exe [2012-1-14 586880] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-14 20696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-1-14 57688] R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-3-13 68768] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-1 44768] R2 Freemake Improver;Freemake Improver;c:\programdata\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2012-2-9 96768] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-1-14 13592] R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-3-16 91936] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2012-1-27 112800] R2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\nitro pdf\professional 7\NitroPDFDriverService2.exe [2011-11-2 196896] R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-11-2 68896] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-4-10 2348352] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-29 382272] R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-9-14 102376] R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-9-14 311784] R3 ASUSFILTER;ASUSFILTER;c:\windows\system32\drivers\ASUSFILTER.sys [2011-9-20 37448] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-3-13 34976] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-3-13 259232] R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-3-13 24736] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-3-13 175776] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-3-13 49312] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-3-13 141088] R3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-3-13 242336] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-3-6 242240] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\drivers\e1c6232.sys [2012-1-27 268968] R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);c:\windows\system32\drivers\ICCWDT.sys [2010-8-17 22040] R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-1-14 41088] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-4-10 148800] R3 rt61x86;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\drivers\WMP54Gv41x86.sys [2010-4-7 376160] R3 RTCore32;RTCore32;c:\program files\evga precision x\RTCore32.sys [2011-9-7 5632] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-14 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-30 253600] S3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\drivers\ASUSstpt.sys [2012-1-14 20552] S3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\drivers\ASUSumsc.sys [2012-1-14 117832] S3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\drivers\AthDfu.sys [2011-3-13 43680] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2012-2-24 135584] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-14 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-3-26 223088] S3 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\oracle.exe xe --> c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [?] S3 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\bin\TNSLSNR.EXE [2006-2-2 204800] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-1-14 1343400] S4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\extjob.exe xe --> c:\oraclexe\app\oracle\product\10.2.0\server\bin\extjob.exe XE [?] . =============== File Associations =============== . .txt=Notepad++_file . =============== Created Last 30 ================ . 2012-04-10 02:17:31 -------- d-----w- c:\program files\GPU-Z 2012-04-10 01:53:09 -------- d-----w- c:\program files\EVGA 2012-04-10 01:41:44 -------- d-----w- c:\program files\EVGA Precision X 2012-04-10 01:18:01 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-04-10 01:18:01 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-04-10 01:18:01 3881792 ----a-w- c:\windows\system32\nvcpl.dll 2012-04-10 01:18:01 2719040 ----a-w- c:\windows\system32\nvsvc.dll 2012-04-10 01:18:01 2515790 ----a-w- c:\windows\system32\nvcoproc.bin 2012-04-10 01:18:01 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-04-10 01:17:49 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-04-10 01:17:17 876864 ----a-w- c:\windows\system32\nvhdagenco3220103.dll 2012-04-10 01:17:17 27968 ----a-w- c:\windows\system32\nvhdap32.dll 2012-04-10 01:17:17 148800 ----a-w- c:\windows\system32\drivers\nvhda32v.sys 2012-04-08 18:59:12 -------- d-----w- c:\program files\Yukkuri Panic! 2012-04-08 18:58:50 -------- d-----w- c:\program files\Yukkuri Panic! ADV 2012-04-08 05:59:49 -------- d-----w- c:\program files\Will 2012-04-07 20:00:24 -------- d-----w- c:\program files\MediaInfo 2012-04-07 11:32:03 -------- d-----w- c:\users\vikram\appdata\roaming\savedata 2012-04-07 11:31:06 -------- d-----w- c:\program files\あかべぇそふとつぅ 2012-04-06 19:52:11 69632 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\NewShortcut11_3DCAB3F8E1464415A95392718B7291A4.exe 2012-04-06 19:52:11 69632 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\NewShortcut1_413052402F904D9B89A1F5247527F664.exe 2012-04-06 19:52:11 131072 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\NewShortcut3_6FC8A928D9BB4B5F87E47BFA2DFFBFE5.exe 2012-04-06 19:52:10 69632 ----a-r- c:\users\vikram\appdata\roaming\microsoft\installer\{300d7c4f-086d-4d6f-969f-ed00006de81c}\ARPPRODUCTICON.exe 2012-04-06 19:50:57 -------- d-----w- c:\program files\CROSSNET 2012-04-06 18:54:06 -------- d-----w- c:\program files\directx 2012-04-06 18:53:59 -------- d-----w- c:\program files\AngelSmile 2012-04-06 14:02:04 6582328 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f956ee60-8895-4d3b-bb88-c81743ed50ed}\mpengine.dll 2012-04-03 09:17:41 -------- d-----w- C:\programs 2012-03-31 20:51:46 -------- d-----w- c:\program files\Xuse 2012-03-31 06:20:28 -------- d-----w- c:\programdata\Pendulo Studios 2012-03-31 06:13:44 -------- d-----w- c:\program files\Pendulo Studios 2012-03-31 05:49:09 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2012-03-31 05:49:09 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2012-03-31 05:49:07 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2012-03-30 03:00:21 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-29 18:32:54 -------- d-----w- c:\program files\DISCIPLINE 2012-03-29 17:40:12 -------- d-----w- c:\program files\AutoIt3 2012-03-29 17:10:05 -------- d-----w- c:\users\vikram\appdata\local\Electronic Arts 2012-03-29 17:09:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2012-03-28 21:01:15 -------- d-----w- C:\folder1 2012-03-28 15:05:54 -------- d-----w- c:\program files\Sengoku Rance English 2012-03-28 11:46:42 -------- d-----w- c:\users\vikram\appdata\roaming\RenPy 2012-03-28 11:46:01 1590784 ----a-w- c:\users\vikram\appdata\roaming\microsoft\windows\start menu\programs\startup\Soundfx .exe 2012-03-27 11:09:48 -------- d-----w- C:\AliceSoft 2012-03-26 17:08:41 86016 ----a-w- c:\windows\unvise32.exe 2012-03-26 17:08:30 -------- d-----w- c:\program files\G-Collections 2012-03-25 16:06:35 -------- d-----w- C:\Baseson 2012-03-25 12:36:10 40960 ----a-w- c:\windows\system32\StartAffinity.exe 2012-03-25 03:30:48 -------- d-----w- c:\program files\Leaf 2012-03-24 19:27:32 -------- d-----w- c:\users\vikram\appdata\roaming\Family Project 2012-03-24 16:30:57 -------- d-----w- c:\programdata\ASign 2012-03-24 16:29:11 -------- d-----w- C:\Liquid 2012-03-24 15:37:12 -------- d-----w- c:\users\vikram\appdata\roaming\Waveform 2012-03-24 06:46:41 -------- d-----w- c:\program files\Monte Cristo 2012-03-23 16:10:36 -------- d-----w- c:\users\vikram\appdata\local\ElevatedDiagnostics 2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-18 13:12:57 -------- d-----w- c:\users\vikram\appdata\local\Eushully 2012-03-18 13:09:45 -------- d-----w- c:\program files\Eushully 2012-03-16 11:08:36 91936 ----a-w- c:\windows\system32\drivers\idmwfp.sys 2012-03-16 06:40:05 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2012-03-16 06:40:04 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll 2012-03-16 06:40:04 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll 2012-03-15 10:59:22 -------- d-----w- c:\users\vikram\appdata\roaming\Doublefine 2012-03-15 10:55:15 -------- d-----w- c:\program files\Double Fine Productions 2012-03-15 10:29:26 -------- d-----w- c:\programdata\Media Center Programs 2012-03-15 10:29:24 -------- d-----w- c:\program files\common files\BioWare 2012-03-15 08:07:12 -------- d-----w- C:\ConverterOutput 2012-03-15 08:06:33 98304 ----a-w- c:\windows\system32\L3CODECX.AX 2012-03-15 08:06:33 395776 ----a-w- c:\windows\system32\libmplayer.dll 2012-03-15 08:06:33 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-03-15 08:06:33 2255360 ----a-w- c:\windows\system32\libavcodec.dll 2012-03-15 08:06:33 1761280 ----a-w- c:\windows\system32\ffdshow.ax 2012-03-15 08:06:33 172032 ----a-w- c:\windows\system32\ac3filter.ax 2012-03-15 08:06:33 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll 2012-03-15 08:06:26 -------- d-----w- c:\program files\Cucusoft 2012-03-14 21:30:51 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-14 21:30:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 15:14:42 -------- d-----w- c:\program files\JULIA 2012-03-14 06:22:36 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 06:22:34 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 06:04:57 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 06:04:57 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 06:04:57 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 06:04:57 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 06:04:54 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 06:04:54 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 06:04:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 05:59:29 -------- d-----w- c:\programdata\Comodo 2012-03-13 10:44:21 -------- d-----w- c:\program files\Strange Loop Games 2012-03-13 02:21:44 -------- d-----w- c:\program files\CE Remote Tools 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\js 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\images 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\html 2012-03-13 01:58:44 -------- d-----w- c:\windows\system32\css 2012-03-13 01:58:44 -------- d-----w- c:\program files\Business Objects 2012-03-13 01:55:58 -------- d-----w- c:\program files\Microsoft SQL Server 2012-03-13 01:53:09 -------- d-----w- c:\programdata\PreEmptive Solutions 2012-03-13 01:52:04 -------- d-----w- c:\windows\system32\1033 2012-03-13 01:51:43 -------- d-----w- c:\program files\HTML Help Workshop 2012-03-13 01:51:43 -------- d-----w- c:\program files\common files\Merge Modules 2012-03-13 01:32:15 -------- d-----w- c:\program files\Microsoft Web Designer Tools 2012-03-13 01:30:58 97296 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1036.dll 2012-03-13 01:30:58 96272 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.3082.dll 2012-03-13 01:30:58 96272 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1031.dll 2012-03-13 01:30:58 95248 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1040.dll 2012-03-13 01:30:58 91152 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1033.dll 2012-03-13 01:30:58 81424 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1041.dll 2012-03-13 01:30:58 79888 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1042.dll 2012-03-13 01:30:58 76304 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1028.dll 2012-03-13 01:30:58 75792 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.2052.dll 2012-03-13 01:30:58 562688 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.exe . ==================== Find3M ==================== . 2012-04-04 10:26:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-31 06:17:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2012-03-31 06:17:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2012-03-30 03:02:13 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-11 15:43:38 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2012-03-11 15:43:36 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2012-03-11 15:43:36 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys 2012-03-11 15:43:20 33984 ----a-w- c:\windows\system32\cmdcsr.dll 2012-03-11 15:43:20 301224 ----a-w- c:\windows\system32\guard32.dll 2012-03-11 09:39:29 48471 ----a-w- c:\windows\system32\ForceBindIP-Uninstaller.exe 2012-03-06 10:11:24 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-03-06 09:02:57 473656 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-03-06 08:44:56 637848 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-03-06 08:44:56 567696 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-29 07:56:56 416064 ----a-w- c:\windows\system32\nvStreaming.exe 2012-02-23 16:23:26 41184 ----a-w- c:\windows\avastSS.scr 2012-02-23 16:12:28 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-02-23 16:10:59 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-02-23 16:10:34 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-02-23 03:48:36 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-19 13:37:38 0 ----a-w- c:\windows\msjava.dll 2012-02-19 08:57:47 5187744 ----a-w- c:\windows\PE_Rom.dll 2012-01-31 18:55:14 10804768 ----a-w- c:\program files\common files\lpuninstall.exe 2012-01-25 06:29:44 5253280 ----a-w- c:\windows\PE_File.dll 2012-01-14 15:11:59 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-14 15:11:59 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2012-01-14 15:11:59 1060864 ----a-w- c:\windows\system32\mfc71.dll 2012-01-14 09:37:52 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin 2012-01-14 09:30:31 16896 ----a-w- c:\windows\AsTaskSched.dll 2012-01-14 08:56:26 811520 ----a-w- c:\windows\system32\user32.dll 2012-01-14 08:56:26 409088 ----a-w- c:\windows\system32\systemcpl.dll 2012-01-14 08:56:26 13824 ----a-w- c:\windows\system32\slwga.dll 2010-11-20 21:29:11 1169224 --sh--w- c:\windows\temp\Volume.exe . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] Windows 6.1.7601 Disk: ST310005 rev.JC45 -> Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port2Path0Target0Lun0 . device: opened successfully user: MBR read successfully . Disk trace: called modules: >>UNKNOWN [0x83445000]<< >>UNKNOWN [0x8DC09000]<< >>UNKNOWN [0x8DA08000]<< >>UNKNOWN [0x866E71E8]<< _asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; } 1 ntkrnlpa!IofCallDriver[0x8347C55A] -> \Device\Harddisk0\DR0[0x8993E5C0] \Driver\Disk[0x8993D5C8] -> IRP_MJ_CREATE -> 0x8DC0D39F 3 [0x8DC0D59E] -> ntkrnlpa!IofCallDriver[0x8347C55A] -> \Device\Scsi\mv91xx1Port2Path0Target0Lun0[0x8749D030] \Driver\mv91xx[0x8749A4A8] -> IRP_MJ_CREATE -> 0x866E71E8 kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; } user & kernel MBR OK Warning: possible TDL3 rootkit infection ! . ============= FINISH: 22:52:27.41 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 14/1/2012 2:26:30 PM System Uptime: 10/4/2012 10:35:15 PM (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P8Z68-V PRO GEN3 Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 500 GiB total, 369.983 GiB free. D: is FIXED (NTFS) - 432 GiB total, 382.539 GiB free. E: is FIXED (NTFS) - 466 GiB total, 201.98 GiB free. F: is FIXED (NTFS) - 466 GiB total, 85.46 GiB free. G: is FIXED (NTFS) - 466 GiB total, 175.229 GiB free. H: is CDROM () I: is CDROM (UDF) L: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP188: 1/4/2012 3:08:15 PM - Installed Microsoft AppLocale RP189: 1/4/2012 5:00:04 PM - Windows Backup RP190: 3/4/2012 4:50:57 PM - Windows Update RP191: 6/4/2012 12:53:22 PM - Installed Adobe Reader X. RP192: 6/4/2012 7:31:42 PM - Windows Update RP193: 7/4/2012 1:20:40 AM - Installed 星空のメモリア-Wish upon a shooting star-. RP194: 8/4/2012 7:18:58 PM - Windows Backup . ==== Installed Programs ====================== . . 7-Zip 9.20 Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Reader X (10.1.2) AI Suite II Asmedia ASM104x USB 3.0 Host Controller Driver AutoIt v3.3.8.1 avast! Free Antivirus Bluetooth Win7 Suite BOSS BufferChm calibre CCleaner COMODO Internet Security Conquering the Queen Crystal Reports Basic for Visual Studio 2008 Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destinations DisplayFusion 3.4.1 DocProc EasyBCD 2.1.2 Escalation ADV version Escalation ADV v1.0 Escalation Yukkuri Panic! version 1.0 EVGA OC Scanner X 2.0.1 EVGA Precision X 3.0.2 Fallout Mod Manager 0.13.21 Family Project v1.0 FileHippo.com Update Checker ForceBindIP Fraps Freemake Video Converter version 3.0.2 Futuremark SystemInfo G-Senjou no Maou English Google Chrome Google Update Helper GPBaseService2 Hegemony Gold: Wars of Ancient Greece High-Definition Video Playback Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091) Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674) HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Scanjet G2410 and 2400 HP Solution Center 13.0 HP Update hpg2410 HPPhotosmartEssential HPProductAssistant InstallShield for Microsoft Visual C++ 6 Intel® Control Center Intel® Management Engine Components Intel® Network Connections 16.5.2.0 Intel® Rapid Storage Technology IntelR Watchdog Timer Driver (IntelR WDT) Internet Download Manager Java Auto Updater Java™ 6 Update 31 Java™ 7 Update 3 JMicron JMB36X Driver Koihime_Musou L.A. Noire LastPass (uninstall only) Lightning Warrior Raidy Malwarebytes Anti-Malware version 1.61.0.1400 marvell 91xx driver Mass Effect Media Player Classic - Home Cinema 1.6.0.4014 MediaInfo 0.7.55 Microsoft .NET Compact Framework 2.0 SP2 Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft AppLocale Microsoft Document Explorer 2008 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office Visual Web Developer 2007 Microsoft Office Visual Web Developer MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Compact 3.5 Design Tools ENU Microsoft SQL Server Compact 3.5 ENU Microsoft SQL Server Compact 3.5 for Devices ENU Microsoft SQL Server Database Publishing Wizard 1.2 Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2008 Professional Edition - ENU Microsoft Visual Studio 6.0 Enterprise Edition Microsoft Visual Studio Web Authoring Component Microsoft Web Publishing Wizard 1.53 Microsoft Windows Application Compatibility Database Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense Microsoft Windows SDK for Visual Studio 2008 Tools Microsoft Windows SDK for Visual Studio 2008 Win32 Tools Microsoft Xbox 360 Accessories 1.2 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mobipocket Reader 6.2 Mortal Kombat Arcade Kollection MotoHelper 2.0.49 Driver 5.0.0 MotoHelper MergeModules Motorola Mobile Drivers Installation 5.0.0 Mozilla Firefox 11.0 (x86 en-US) MSI Afterburner 2.1.0 MSI Kombustor 2.0.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero Burning ROM 10 Nero Control Center 10 Nero Core Components 10 Nero Dolby Files 10 Nero Express 10 Nero Multimedia Suite 10 Platinum HD NetWorx 5.2.2 Nexus Mod Manager Nitro Pro 7 Notepad++ Nuance OmniPage 18 NVIDIA 3D Vision Controller Driver 296.10 NVIDIA 3D Vision Driver 296.10 NVIDIA Control Panel 296.10 NVIDIA Graphics Driver 296.10 NVIDIA HD Audio Driver 1.3.12.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.7.11 NVIDIA Update Components OCR Software by I.R.I.S. 13.0 OpenAL Oracle Data Provider for .NET Help Oracle Database 10g Express Edition PDF Settings CS5 Picasa 3 Pidgin Rayman Origins Realtek High Definition Audio Driver ReNamer Rockstar Games Social Club Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Sengoku Rance English v1.01 SolutionCenter Steam System Requirements Lab CYRI Tally 9 TechPowerUp GPU-Z TeraCopy 2.27 Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) Utawarerumono English v1.1 VC Runtimes MSI Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime WebM Project Directshow Filters WebReg Windows Live ID Sign-in Assistant WinRAR 4.11 (32-bit) WMP 12 Playback Pack Xuse 永遠のアセリア - この大地の果てで - (Remove Only) μTorrent 星空のメモリア-Wish upon a shooting star- 神採りアルケミーマイスター 神採りアルケミーマイスター Append01 神採りアルケミーマイスター Append02 神採りアルケミーマイスター Ver2.00 Update . ==== Event Viewer Messages From Past Week ======== . 7/4/2012 12:44:13 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 7/4/2012 12:05:48 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. 5/4/2012 11:58:46 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ASUS HM Com Service service to connect. 5/4/2012 11:58:46 AM, Error: Service Control Manager [7000] - The ASUS HM Com Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/4/2012 6:43:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect. 10/4/2012 6:43:57 AM, Error: Service Control Manager [7000] - The Freemake Improver service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/4/2012 5:25:45 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.