Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 19:33:40.0535 0x2644 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
- 19:33:41.0055 0x2644 ============================================================
- 19:33:41.0055 0x2644 Current date / time: 2013/09/14 19:33:41.0055
- 19:33:41.0055 0x2644 SystemInfo:
- 19:33:41.0055 0x2644
- 19:33:41.0055 0x2644 OS Version: 6.1.7601 ServicePack: 1.0
- 19:33:41.0055 0x2644 Product type: Workstation
- 19:33:41.0055 0x2644 ComputerName: HPI5-PC
- 19:33:41.0056 0x2644 UserName: Max
- 19:33:41.0056 0x2644 Windows directory: C:\Windows
- 19:33:41.0056 0x2644 System windows directory: C:\Windows
- 19:33:41.0056 0x2644 Running under WOW64
- 19:33:41.0056 0x2644 Processor architecture: Intel x64
- 19:33:41.0056 0x2644 Number of processors: 4
- 19:33:41.0056 0x2644 Page size: 0x1000
- 19:33:41.0056 0x2644 Boot type: Normal boot
- 19:33:41.0056 0x2644 ============================================================
- 19:33:41.0663 0x2644 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
- 19:33:41.0669 0x2644 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
- 19:33:41.0671 0x2644 ============================================================
- 19:33:41.0671 0x2644 \Device\Harddisk0\DR0:
- 19:33:41.0671 0x2644 MBR partitions:
- 19:33:41.0671 0x2644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
- 19:33:41.0671 0x2644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
- 19:33:41.0671 0x2644 \Device\Harddisk1\DR1:
- 19:33:41.0671 0x2644 GPT partitions:
- 19:33:41.0673 0x2644 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A892B4DD-509A-458D-8ADD-E69C928B5157}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
- 19:33:41.0673 0x2644 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {23ED9B72-CBB3-4F88-86A7-2F9098756F5B}, Name: Basic data partition, StartLBA 0x64800, BlocksNum 0x746A2000
- 19:33:41.0673 0x2644 MBR partitions:
- 19:33:41.0673 0x2644 ============================================================
- 19:33:41.0727 0x2644 C: <-> \Device\Harddisk0\DR0\Partition2
- 19:33:42.0135 0x2644 F: <-> \Device\Harddisk1\DR1\Partition2
- 19:33:42.0136 0x2644 ============================================================
- 19:33:42.0136 0x2644 Initialize success
- 19:33:42.0136 0x2644 ============================================================
- 19:33:43.0437 0x2248 ============================================================
- 19:33:43.0437 0x2248 Scan started
- 19:33:43.0437 0x2248 Mode: Manual;
- 19:33:43.0437 0x2248 ============================================================
- 19:33:43.0722 0x2248 ================ Scan system memory ========================
- 19:33:43.0722 0x2248 System memory - ok
- 19:33:43.0723 0x2248 ================ Scan services =============================
- 19:33:44.0029 0x2248 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
- 19:33:44.0032 0x2248 1394ohci - ok
- 19:33:44.0089 0x2248 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
- 19:33:44.0091 0x2248 Accelerometer - ok
- 19:33:44.0130 0x2248 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
- 19:33:44.0134 0x2248 ACPI - ok
- 19:33:44.0169 0x2248 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
- 19:33:44.0171 0x2248 AcpiPmi - ok
- 19:33:44.0404 0x2248 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
- 19:33:44.0406 0x2248 AdobeARMservice - ok
- 19:33:45.0204 0x2248 [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 19:33:45.0208 0x2248 AdobeFlashPlayerUpdateSvc - ok
- 19:33:45.0253 0x2248 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
- 19:33:45.0259 0x2248 adp94xx - ok
- 19:33:45.0328 0x2248 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
- 19:33:45.0332 0x2248 adpahci - ok
- 19:33:45.0351 0x2248 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
- 19:33:45.0354 0x2248 adpu320 - ok
- 19:33:45.0386 0x2248 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
- 19:33:45.0387 0x2248 AeLookupSvc - ok
- 19:33:45.0503 0x2248 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
- 19:33:45.0505 0x2248 AESTFilters - ok
- 19:33:45.0585 0x2248 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
- 19:33:45.0590 0x2248 AFD - ok
- 19:33:45.0632 0x2248 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
- 19:33:45.0633 0x2248 agp440 - ok
- 19:33:45.0669 0x2248 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
- 19:33:45.0671 0x2248 ALG - ok
- 19:33:45.0729 0x2248 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
- 19:33:45.0730 0x2248 aliide - ok
- 19:33:45.0781 0x2248 [ 48619A29F9C9C3CFEB66718DD03D8057 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
- 19:33:45.0784 0x2248 AMD External Events Utility - ok
- 19:33:45.0835 0x2248 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
- 19:33:45.0837 0x2248 amdide - ok
- 19:33:45.0873 0x2248 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
- 19:33:45.0875 0x2248 AmdK8 - ok
- 19:33:46.0266 0x2248 [ 06BF0785DE714637EBA9BB1084B28626 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
- 19:33:46.0435 0x2248 amdkmdag - ok
- 19:33:46.0556 0x2248 [ 2DEC3274589FF6889AB05ADCEEB0F642 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
- 19:33:46.0560 0x2248 amdkmdap - ok
- 19:33:46.0589 0x2248 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
- 19:33:46.0591 0x2248 AmdPPM - ok
- 19:33:46.0645 0x2248 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
- 19:33:46.0647 0x2248 amdsata - ok
- 19:33:46.0677 0x2248 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
- 19:33:46.0680 0x2248 amdsbs - ok
- 19:33:46.0710 0x2248 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
- 19:33:46.0712 0x2248 amdxata - ok
- 19:33:46.0753 0x2248 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
- 19:33:46.0755 0x2248 AppID - ok
- 19:33:46.0784 0x2248 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
- 19:33:46.0785 0x2248 AppIDSvc - ok
- 19:33:46.0824 0x2248 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
- 19:33:46.0825 0x2248 Appinfo - ok
- 19:33:46.0895 0x2248 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- 19:33:46.0897 0x2248 Apple Mobile Device - ok
- 19:33:47.0009 0x2248 [ 905C7BDE252C191CCB28615FD26BFD99 ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe
- 19:33:47.0010 0x2248 Application Sendori - ok
- 19:33:47.0089 0x2248 [ 72116413CF0092A6DFB4BF7775EF7E0F ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
- 19:33:47.0097 0x2248 Application Updater - ok
- 19:33:47.0149 0x2248 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
- 19:33:47.0150 0x2248 arc - ok
- 19:33:47.0169 0x2248 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
- 19:33:47.0171 0x2248 arcsas - ok
- 19:33:47.0285 0x2248 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
- 19:33:47.0312 0x2248 aspnet_state - ok
- 19:33:47.0363 0x2248 [ A83C9C15680BB9E270ACF7172068E287 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
- 19:33:47.0364 0x2248 aswFsBlk - ok
- 19:33:47.0454 0x2248 [ 5C40B8D77EBEE1DE0E7A8CDD0CD75773 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
- 19:33:47.0456 0x2248 aswMonFlt - ok
- 19:33:47.0538 0x2248 [ 997F6977294B9ACB7F400431DF8E3A4A ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
- 19:33:47.0539 0x2248 aswRdr - ok
- 19:33:47.0613 0x2248 [ 286193DC28CFB4CEB8D378E20A0850A9 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
- 19:33:47.0615 0x2248 aswRvrt - ok
- 19:33:47.0662 0x2248 [ 58B93BA20D4693D0800D2B0A62B8059D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
- 19:33:47.0673 0x2248 aswSnx - ok
- 19:33:47.0732 0x2248 [ EC7148DB4D126C81426A67602822E62C ] aswSP C:\Windows\system32\drivers\aswSP.sys
- 19:33:47.0737 0x2248 aswSP - ok
- 19:33:47.0770 0x2248 [ 0E422E9CB7CD9C0AA6D4DFEAFA086EAA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
- 19:33:47.0772 0x2248 aswTdi - ok
- 19:33:47.0815 0x2248 [ 9FE455C916C656144B004E3EB48507CE ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
- 19:33:47.0818 0x2248 aswVmm - ok
- 19:33:47.0861 0x2248 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
- 19:33:47.0862 0x2248 AsyncMac - ok
- 19:33:47.0917 0x2248 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
- 19:33:47.0919 0x2248 atapi - ok
- 19:33:48.0012 0x2248 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
- 19:33:48.0014 0x2248 AtiHdmiService - ok
- 19:33:48.0064 0x2248 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
- 19:33:48.0071 0x2248 AudioEndpointBuilder - ok
- 19:33:48.0082 0x2248 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
- 19:33:48.0087 0x2248 AudioSrv - ok
- 19:33:48.0160 0x2248 [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- 19:33:48.0160 0x2248 avast! Antivirus - ok
- 19:33:48.0191 0x2248 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
- 19:33:48.0194 0x2248 AxInstSV - ok
- 19:33:48.0231 0x2248 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
- 19:33:48.0236 0x2248 b06bdrv - ok
- 19:33:48.0272 0x2248 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
- 19:33:48.0276 0x2248 b57nd60a - ok
- 19:33:48.0316 0x2248 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
- 19:33:48.0318 0x2248 BDESVC - ok
- 19:33:48.0357 0x2248 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
- 19:33:48.0358 0x2248 Beep - ok
- 19:33:48.0411 0x2248 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
- 19:33:48.0418 0x2248 BFE - ok
- 19:33:48.0466 0x2248 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
- 19:33:48.0477 0x2248 BITS - ok
- 19:33:48.0514 0x2248 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
- 19:33:48.0516 0x2248 blbdrive - ok
- 19:33:48.0580 0x2248 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
- 19:33:48.0585 0x2248 Bonjour Service - ok
- 19:33:48.0624 0x2248 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
- 19:33:48.0626 0x2248 bowser - ok
- 19:33:48.0662 0x2248 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
- 19:33:48.0663 0x2248 BrFiltLo - ok
- 19:33:48.0707 0x2248 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
- 19:33:48.0708 0x2248 BrFiltUp - ok
- 19:33:48.0758 0x2248 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
- 19:33:48.0760 0x2248 BridgeMP - ok
- 19:33:48.0802 0x2248 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
- 19:33:48.0805 0x2248 Browser - ok
- 19:33:48.0847 0x2248 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
- 19:33:48.0851 0x2248 Brserid - ok
- 19:33:48.0876 0x2248 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
- 19:33:48.0877 0x2248 BrSerWdm - ok
- 19:33:48.0905 0x2248 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
- 19:33:48.0906 0x2248 BrUsbMdm - ok
- 19:33:48.0913 0x2248 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
- 19:33:48.0914 0x2248 BrUsbSer - ok
- 19:33:48.0942 0x2248 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
- 19:33:48.0944 0x2248 BTHMODEM - ok
- 19:33:49.0001 0x2248 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
- 19:33:49.0003 0x2248 bthserv - ok
- 19:33:49.0042 0x2248 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
- 19:33:49.0044 0x2248 cdfs - ok
- 19:33:49.0099 0x2248 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
- 19:33:49.0102 0x2248 cdrom - ok
- 19:33:49.0140 0x2248 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
- 19:33:49.0143 0x2248 CertPropSvc - ok
- 19:33:49.0179 0x2248 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
- 19:33:49.0180 0x2248 circlass - ok
- 19:33:49.0213 0x2248 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
- 19:33:49.0217 0x2248 CLFS - ok
- 19:33:49.0291 0x2248 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 19:33:49.0293 0x2248 clr_optimization_v2.0.50727_32 - ok
- 19:33:49.0358 0x2248 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
- 19:33:49.0360 0x2248 clr_optimization_v2.0.50727_64 - ok
- 19:33:49.0461 0x2248 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
- 19:33:49.0546 0x2248 clr_optimization_v4.0.30319_32 - ok
- 19:33:49.0573 0x2248 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
- 19:33:49.0608 0x2248 clr_optimization_v4.0.30319_64 - ok
- 19:33:49.0650 0x2248 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
- 19:33:49.0651 0x2248 CmBatt - ok
- 19:33:49.0683 0x2248 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
- 19:33:49.0684 0x2248 cmdide - ok
- 19:33:49.0750 0x2248 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
- 19:33:49.0756 0x2248 CNG - ok
- 19:33:49.0807 0x2248 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
- 19:33:49.0808 0x2248 Compbatt - ok
- 19:33:49.0840 0x2248 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
- 19:33:49.0841 0x2248 CompositeBus - ok
- 19:33:49.0862 0x2248 COMSysApp - ok
- 19:33:49.0943 0x2248 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
- 19:33:49.0944 0x2248 crcdisk - ok
- 19:33:49.0989 0x2248 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
- 19:33:49.0992 0x2248 CryptSvc - ok
- 19:33:50.0066 0x2248 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
- 19:33:50.0075 0x2248 DcomLaunch - ok
- 19:33:50.0119 0x2248 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
- 19:33:50.0124 0x2248 defragsvc - ok
- 19:33:50.0193 0x2248 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
- 19:33:50.0196 0x2248 Desura Install Service - ok
- 19:33:50.0229 0x2248 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
- 19:33:50.0231 0x2248 DfsC - ok
- 19:33:50.0280 0x2248 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
- 19:33:50.0286 0x2248 Dhcp - ok
- 19:33:50.0305 0x2248 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
- 19:33:50.0307 0x2248 discache - ok
- 19:33:50.0340 0x2248 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
- 19:33:50.0343 0x2248 Disk - ok
- 19:33:50.0411 0x2248 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
- 19:33:50.0415 0x2248 Dnscache - ok
- 19:33:50.0468 0x2248 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
- 19:33:50.0472 0x2248 dot3svc - ok
- 19:33:50.0511 0x2248 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
- 19:33:50.0514 0x2248 Dot4 - ok
- 19:33:50.0563 0x2248 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
- 19:33:50.0567 0x2248 Dot4Print - ok
- 19:33:50.0625 0x2248 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
- 19:33:50.0627 0x2248 dot4usb - ok
- 19:33:50.0652 0x2248 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
- 19:33:50.0655 0x2248 DPS - ok
- 19:33:50.0703 0x2248 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
- 19:33:50.0704 0x2248 drmkaud - ok
- 19:33:50.0749 0x2248 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
- 19:33:50.0752 0x2248 dtsoftbus01 - ok
- 19:33:50.0824 0x2248 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
- 19:33:50.0835 0x2248 DXGKrnl - ok
- 19:33:50.0876 0x2248 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
- 19:33:50.0878 0x2248 EapHost - ok
- 19:33:51.0000 0x2248 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
- 19:33:51.0052 0x2248 ebdrv - ok
- 19:33:51.0089 0x2248 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
- 19:33:51.0093 0x2248 EFS - ok
- 19:33:51.0163 0x2248 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
- 19:33:51.0172 0x2248 ehRecvr - ok
- 19:33:51.0210 0x2248 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
- 19:33:51.0212 0x2248 ehSched - ok
- 19:33:51.0257 0x2248 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
- 19:33:51.0263 0x2248 elxstor - ok
- 19:33:51.0280 0x2248 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
- 19:33:51.0282 0x2248 ErrDev - ok
- 19:33:51.0335 0x2248 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
- 19:33:51.0341 0x2248 EventSystem - ok
- 19:33:51.0358 0x2248 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
- 19:33:51.0361 0x2248 exfat - ok
- 19:33:51.0380 0x2248 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
- 19:33:51.0383 0x2248 fastfat - ok
- 19:33:51.0442 0x2248 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
- 19:33:51.0451 0x2248 Fax - ok
- 19:33:51.0475 0x2248 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
- 19:33:51.0476 0x2248 fdc - ok
- 19:33:51.0515 0x2248 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
- 19:33:51.0517 0x2248 fdPHost - ok
- 19:33:51.0540 0x2248 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
- 19:33:51.0543 0x2248 FDResPub - ok
- 19:33:51.0570 0x2248 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
- 19:33:51.0572 0x2248 FileInfo - ok
- 19:33:51.0600 0x2248 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
- 19:33:51.0601 0x2248 Filetrace - ok
- 19:33:51.0698 0x2248 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
- 19:33:51.0707 0x2248 FLEXnet Licensing Service - ok
- 19:33:51.0742 0x2248 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
- 19:33:51.0743 0x2248 flpydisk - ok
- 19:33:51.0786 0x2248 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
- 19:33:51.0789 0x2248 FltMgr - ok
- 19:33:51.0859 0x2248 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
- 19:33:51.0872 0x2248 FontCache - ok
- 19:33:51.0928 0x2248 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
- 19:33:51.0931 0x2248 FontCache3.0.0.0 - ok
- 19:33:51.0947 0x2248 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
- 19:33:51.0949 0x2248 FsDepends - ok
- 19:33:52.0029 0x2248 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
- 19:33:52.0031 0x2248 Fs_Rec - ok
- 19:33:52.0079 0x2248 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
- 19:33:52.0083 0x2248 fvevol - ok
- 19:33:52.0145 0x2248 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
- 19:33:52.0147 0x2248 gagp30kx - ok
- 19:33:52.0196 0x2248 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
- 19:33:52.0198 0x2248 GEARAspiWDM - ok
- 19:33:52.0251 0x2248 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
- 19:33:52.0261 0x2248 gpsvc - ok
- 19:33:52.0314 0x2248 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
- 19:33:52.0316 0x2248 hamachi - ok
- 19:33:52.0422 0x2248 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
- 19:33:52.0445 0x2248 Hamachi2Svc - ok
- 19:33:52.0471 0x2248 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
- 19:33:52.0472 0x2248 hcw85cir - ok
- 19:33:52.0513 0x2248 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
- 19:33:52.0517 0x2248 HdAudAddService - ok
- 19:33:52.0557 0x2248 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
- 19:33:52.0559 0x2248 HDAudBus - ok
- 19:33:52.0614 0x2248 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
- 19:33:52.0616 0x2248 HECIx64 - ok
- 19:33:52.0651 0x2248 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
- 19:33:52.0652 0x2248 HidBatt - ok
- 19:33:52.0664 0x2248 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
- 19:33:52.0666 0x2248 HidBth - ok
- 19:33:52.0681 0x2248 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
- 19:33:52.0683 0x2248 HidIr - ok
- 19:33:52.0750 0x2248 [ 46BBE8EA221461A65F18A078528F4B2C ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
- 19:33:52.0751 0x2248 hidkmdf - ok
- 19:33:52.0778 0x2248 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
- 19:33:52.0781 0x2248 hidserv - ok
- 19:33:52.0842 0x2248 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
- 19:33:52.0843 0x2248 HidUsb - ok
- 19:33:52.0856 0x2248 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
- 19:33:52.0859 0x2248 hkmsvc - ok
- 19:33:52.0895 0x2248 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
- 19:33:52.0900 0x2248 HomeGroupListener - ok
- 19:33:52.0935 0x2248 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
- 19:33:52.0940 0x2248 HomeGroupProvider - ok
- 19:33:52.0985 0x2248 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
- 19:33:52.0987 0x2248 hpdskflt - ok
- 19:33:53.0134 0x2248 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
- 19:33:53.0137 0x2248 hpqcxs08 - ok
- 19:33:53.0180 0x2248 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
- 19:33:53.0182 0x2248 hpqddsvc - ok
- 19:33:53.0218 0x2248 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
- 19:33:53.0220 0x2248 HpSAMD - ok
- 19:33:53.0238 0x2248 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
- 19:33:53.0240 0x2248 hpsrv - ok
- 19:33:53.0305 0x2248 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
- 19:33:53.0307 0x2248 HPWMISVC - ok
- 19:33:53.0372 0x2248 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
- 19:33:53.0374 0x2248 HTCAND64 - ok
- 19:33:53.0441 0x2248 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
- 19:33:53.0442 0x2248 htcnprot - ok
- 19:33:53.0477 0x2248 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
- 19:33:53.0486 0x2248 HTTP - ok
- 19:33:53.0507 0x2248 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
- 19:33:53.0509 0x2248 hwpolicy - ok
- 19:33:53.0547 0x2248 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
- 19:33:53.0549 0x2248 i8042prt - ok
- 19:33:53.0610 0x2248 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
- 19:33:53.0614 0x2248 iaStor - ok
- 19:33:53.0690 0x2248 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
- 19:33:53.0691 0x2248 IAStorDataMgrSvc - ok
- 19:33:53.0751 0x2248 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
- 19:33:53.0756 0x2248 iaStorV - ok
- 19:33:53.0830 0x2248 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
- 19:33:53.0840 0x2248 idsvc - ok
- 19:33:54.0689 0x2248 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
- 19:33:54.0923 0x2248 igfx - ok
- 19:33:54.0976 0x2248 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
- 19:33:54.0978 0x2248 iirsp - ok
- 19:33:55.0067 0x2248 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
- 19:33:55.0079 0x2248 IKEEXT - ok
- 19:33:55.0146 0x2248 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
- 19:33:55.0149 0x2248 Impcd - ok
- 19:33:55.0186 0x2248 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
- 19:33:55.0188 0x2248 intelide - ok
- 19:33:55.0657 0x2248 [ 1BE8D9CA4F2363B8E8015621878E0043 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
- 19:33:55.0883 0x2248 intelkmd - ok
- 19:33:55.0917 0x2248 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
- 19:33:55.0919 0x2248 intelppm - ok
- 19:33:55.0944 0x2248 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
- 19:33:55.0947 0x2248 IPBusEnum - ok
- 19:33:55.0966 0x2248 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
- 19:33:55.0968 0x2248 IpFilterDriver - ok
- 19:33:56.0014 0x2248 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
- 19:33:56.0022 0x2248 iphlpsvc - ok
- 19:33:56.0054 0x2248 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
- 19:33:56.0056 0x2248 IPMIDRV - ok
- 19:33:56.0071 0x2248 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
- 19:33:56.0073 0x2248 IPNAT - ok
- 19:33:56.0142 0x2248 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
- 19:33:56.0152 0x2248 iPod Service - ok
- 19:33:56.0190 0x2248 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
- 19:33:56.0191 0x2248 IRENUM - ok
- 19:33:56.0209 0x2248 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
- 19:33:56.0211 0x2248 isapnp - ok
- 19:33:56.0229 0x2248 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
- 19:33:56.0233 0x2248 iScsiPrt - ok
- 19:33:56.0251 0x2248 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
- 19:33:56.0252 0x2248 kbdclass - ok
- 19:33:56.0282 0x2248 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
- 19:33:56.0284 0x2248 kbdhid - ok
- 19:33:56.0301 0x2248 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
- 19:33:56.0304 0x2248 KeyIso - ok
- 19:33:56.0344 0x2248 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
- 19:33:56.0346 0x2248 KSecDD - ok
- 19:33:56.0367 0x2248 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
- 19:33:56.0370 0x2248 KSecPkg - ok
- 19:33:56.0393 0x2248 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
- 19:33:56.0394 0x2248 ksthunk - ok
- 19:33:56.0437 0x2248 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
- 19:33:56.0443 0x2248 KtmRm - ok
- 19:33:56.0484 0x2248 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
- 19:33:56.0491 0x2248 LanmanServer - ok
- 19:33:56.0520 0x2248 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
- 19:33:56.0526 0x2248 LanmanWorkstation - ok
- 19:33:56.0552 0x2248 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
- 19:33:56.0555 0x2248 lltdio - ok
- 19:33:56.0589 0x2248 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
- 19:33:56.0595 0x2248 lltdsvc - ok
- 19:33:56.0614 0x2248 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
- 19:33:56.0618 0x2248 lmhosts - ok
- 19:33:56.0715 0x2248 [ 6D515466AB8BFE61184092B635AE6EB4 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- 19:33:56.0719 0x2248 LMS - ok
- 19:33:56.0759 0x2248 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
- 19:33:56.0761 0x2248 LSI_FC - ok
- 19:33:56.0776 0x2248 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
- 19:33:56.0778 0x2248 LSI_SAS - ok
- 19:33:56.0806 0x2248 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
- 19:33:56.0808 0x2248 LSI_SAS2 - ok
- 19:33:56.0820 0x2248 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
- 19:33:56.0823 0x2248 LSI_SCSI - ok
- 19:33:56.0844 0x2248 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
- 19:33:56.0846 0x2248 luafv - ok
- 19:33:56.0879 0x2248 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
- 19:33:56.0882 0x2248 Mcx2Svc - ok
- 19:33:56.0903 0x2248 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
- 19:33:56.0905 0x2248 megasas - ok
- 19:33:56.0952 0x2248 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
- 19:33:56.0957 0x2248 MegaSR - ok
- 19:33:57.0035 0x2248 Microsoft SharePoint Workspace Audit Service - ok
- 19:33:57.0082 0x2248 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
- 19:33:57.0085 0x2248 MMCSS - ok
- 19:33:57.0104 0x2248 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
- 19:33:57.0171 0x2248 Modem - ok
- 19:33:57.0204 0x2248 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
- 19:33:57.0205 0x2248 monitor - ok
- 19:33:57.0241 0x2248 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
- 19:33:57.0243 0x2248 mouclass - ok
- 19:33:57.0269 0x2248 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
- 19:33:57.0270 0x2248 mouhid - ok
- 19:33:57.0289 0x2248 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
- 19:33:57.0291 0x2248 mountmgr - ok
- 19:33:57.0389 0x2248 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
- 19:33:57.0392 0x2248 MozillaMaintenance - ok
- 19:33:57.0470 0x2248 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
- 19:33:57.0473 0x2248 MpFilter - ok
- 19:33:57.0509 0x2248 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
- 19:33:57.0511 0x2248 mpio - ok
- 19:33:57.0535 0x2248 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
- 19:33:57.0536 0x2248 mpsdrv - ok
- 19:33:57.0593 0x2248 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
- 19:33:57.0604 0x2248 MpsSvc - ok
- 19:33:57.0665 0x2248 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
- 19:33:57.0668 0x2248 MRxDAV - ok
- 19:33:57.0706 0x2248 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
- 19:33:57.0709 0x2248 mrxsmb - ok
- 19:33:57.0750 0x2248 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
- 19:33:57.0754 0x2248 mrxsmb10 - ok
- 19:33:57.0771 0x2248 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
- 19:33:57.0774 0x2248 mrxsmb20 - ok
- 19:33:57.0806 0x2248 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
- 19:33:57.0807 0x2248 msahci - ok
- 19:33:57.0833 0x2248 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
- 19:33:57.0836 0x2248 msdsm - ok
- 19:33:57.0857 0x2248 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
- 19:33:57.0862 0x2248 MSDTC - ok
- 19:33:57.0884 0x2248 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
- 19:33:57.0885 0x2248 Msfs - ok
- 19:33:57.0897 0x2248 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
- 19:33:57.0898 0x2248 mshidkmdf - ok
- 19:33:57.0915 0x2248 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
- 19:33:57.0917 0x2248 msisadrv - ok
- 19:33:57.0959 0x2248 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
- 19:33:57.0964 0x2248 MSiSCSI - ok
- 19:33:57.0969 0x2248 msiserver - ok
- 19:33:58.0001 0x2248 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
- 19:33:58.0003 0x2248 MSKSSRV - ok
- 19:33:58.0080 0x2248 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
- 19:33:58.0081 0x2248 MsMpSvc - ok
- 19:33:58.0127 0x2248 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
- 19:33:58.0129 0x2248 MSPCLOCK - ok
- 19:33:58.0156 0x2248 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
- 19:33:58.0158 0x2248 MSPQM - ok
- 19:33:58.0181 0x2248 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
- 19:33:58.0185 0x2248 MsRPC - ok
- 19:33:58.0206 0x2248 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
- 19:33:58.0207 0x2248 mssmbios - ok
- 19:33:58.0221 0x2248 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
- 19:33:58.0222 0x2248 MSTEE - ok
- 19:33:58.0242 0x2248 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
- 19:33:58.0243 0x2248 MTConfig - ok
- 19:33:58.0265 0x2248 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
- 19:33:58.0266 0x2248 Mup - ok
- 19:33:58.0305 0x2248 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
- 19:33:58.0313 0x2248 napagent - ok
- 19:33:58.0357 0x2248 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
- 19:33:58.0361 0x2248 NativeWifiP - ok
- 19:33:58.0411 0x2248 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
- 19:33:58.0421 0x2248 NDIS - ok
- 19:33:58.0439 0x2248 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
- 19:33:58.0440 0x2248 NdisCap - ok
- 19:33:58.0473 0x2248 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
- 19:33:58.0474 0x2248 NdisTapi - ok
- 19:33:58.0502 0x2248 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
- 19:33:58.0504 0x2248 Ndisuio - ok
- 19:33:58.0526 0x2248 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
- 19:33:58.0529 0x2248 NdisWan - ok
- 19:33:58.0543 0x2248 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
- 19:33:58.0544 0x2248 NDProxy - ok
- 19:33:58.0621 0x2248 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
- 19:33:58.0624 0x2248 Net Driver HPZ12 - ok
- 19:33:58.0663 0x2248 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
- 19:33:58.0664 0x2248 NetBIOS - ok
- 19:33:58.0696 0x2248 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
- 19:33:58.0699 0x2248 NetBT - ok
- 19:33:58.0723 0x2248 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
- 19:33:58.0727 0x2248 Netlogon - ok
- 19:33:58.0790 0x2248 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
- 19:33:58.0797 0x2248 Netman - ok
- 19:33:58.0859 0x2248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
- 19:33:58.0905 0x2248 NetMsmqActivator - ok
- 19:33:58.0912 0x2248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
- 19:33:58.0913 0x2248 NetPipeActivator - ok
- 19:33:58.0958 0x2248 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
- 19:33:58.0966 0x2248 netprofm - ok
- 19:33:58.0982 0x2248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
- 19:33:58.0984 0x2248 NetTcpActivator - ok
- 19:33:58.0990 0x2248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
- 19:33:58.0991 0x2248 NetTcpPortSharing - ok
- 19:33:59.0424 0x2248 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
- 19:33:59.0594 0x2248 NETw5s64 - ok
- 19:33:59.0648 0x2248 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
- 19:33:59.0651 0x2248 nfrd960 - ok
- 19:33:59.0717 0x2248 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
- 19:33:59.0720 0x2248 NisDrv - ok
- 19:33:59.0757 0x2248 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
- 19:33:59.0762 0x2248 NisSrv - ok
- 19:33:59.0821 0x2248 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
- 19:33:59.0829 0x2248 NlaSvc - ok
- 19:33:59.0848 0x2248 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
- 19:33:59.0850 0x2248 Npfs - ok
- 19:33:59.0870 0x2248 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
- 19:33:59.0875 0x2248 nsi - ok
- 19:33:59.0890 0x2248 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
- 19:33:59.0892 0x2248 nsiproxy - ok
- 19:33:59.0969 0x2248 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
- 19:33:59.0986 0x2248 Ntfs - ok
- 19:34:00.0005 0x2248 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
- 19:34:00.0006 0x2248 Null - ok
- 19:34:00.0039 0x2248 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
- 19:34:00.0041 0x2248 nvraid - ok
- 19:34:00.0061 0x2248 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
- 19:34:00.0064 0x2248 nvstor - ok
- 19:34:00.0079 0x2248 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
- 19:34:00.0082 0x2248 nv_agp - ok
- 19:34:00.0097 0x2248 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
- 19:34:00.0099 0x2248 ohci1394 - ok
- 19:34:00.0149 0x2248 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
- 19:34:00.0152 0x2248 ose64 - ok
- 19:34:00.0507 0x2248 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
- 19:34:00.0674 0x2248 osppsvc - ok
- 19:34:00.0724 0x2248 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
- 19:34:00.0731 0x2248 p2pimsvc - ok
- 19:34:00.0755 0x2248 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
- 19:34:00.0762 0x2248 p2psvc - ok
- 19:34:00.0803 0x2248 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
- 19:34:00.0805 0x2248 Parport - ok
- 19:34:00.0851 0x2248 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
- 19:34:00.0853 0x2248 partmgr - ok
- 19:34:00.0901 0x2248 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
- 19:34:00.0903 0x2248 PassThru Service - ok
- 19:34:00.0936 0x2248 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
- 19:34:00.0941 0x2248 PcaSvc - ok
- 19:34:00.0981 0x2248 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
- 19:34:00.0984 0x2248 pci - ok
- 19:34:01.0026 0x2248 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
- 19:34:01.0028 0x2248 pciide - ok
- 19:34:01.0047 0x2248 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
- 19:34:01.0051 0x2248 pcmcia - ok
- 19:34:01.0071 0x2248 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
- 19:34:01.0073 0x2248 pcw - ok
- 19:34:01.0101 0x2248 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
- 19:34:01.0109 0x2248 PEAUTH - ok
- 19:34:01.0225 0x2248 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
- 19:34:01.0228 0x2248 PerfHost - ok
- 19:34:01.0290 0x2248 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
- 19:34:01.0307 0x2248 pla - ok
- 19:34:01.0357 0x2248 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
- 19:34:01.0365 0x2248 PlugPlay - ok
- 19:34:01.0421 0x2248 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
- 19:34:01.0424 0x2248 Pml Driver HPZ12 - ok
- 19:34:01.0451 0x2248 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
- 19:34:01.0456 0x2248 PNRPAutoReg - ok
- 19:34:01.0479 0x2248 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
- 19:34:01.0485 0x2248 PNRPsvc - ok
- 19:34:01.0574 0x2248 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
- 19:34:01.0581 0x2248 PolicyAgent - ok
- 19:34:01.0608 0x2248 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
- 19:34:01.0614 0x2248 Power - ok
- 19:34:01.0645 0x2248 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
- 19:34:01.0648 0x2248 PptpMiniport - ok
- 19:34:01.0732 0x2248 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
- 19:34:01.0734 0x2248 Processor - ok
- 19:34:01.0779 0x2248 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
- 19:34:01.0784 0x2248 ProfSvc - ok
- 19:34:01.0801 0x2248 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
- 19:34:01.0804 0x2248 ProtectedStorage - ok
- 19:34:01.0829 0x2248 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
- 19:34:01.0832 0x2248 Psched - ok
- 19:34:01.0920 0x2248 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
- 19:34:01.0936 0x2248 ql2300 - ok
- 19:34:01.0958 0x2248 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
- 19:34:01.0960 0x2248 ql40xx - ok
- 19:34:01.0988 0x2248 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
- 19:34:01.0993 0x2248 QWAVE - ok
- 19:34:02.0006 0x2248 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
- 19:34:02.0009 0x2248 QWAVEdrv - ok
- 19:34:02.0029 0x2248 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
- 19:34:02.0030 0x2248 RasAcd - ok
- 19:34:02.0063 0x2248 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
- 19:34:02.0065 0x2248 RasAgileVpn - ok
- 19:34:02.0093 0x2248 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
- 19:34:02.0097 0x2248 RasAuto - ok
- 19:34:02.0115 0x2248 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
- 19:34:02.0117 0x2248 Rasl2tp - ok
- 19:34:02.0132 0x2248 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
- 19:34:02.0139 0x2248 RasMan - ok
- 19:34:02.0162 0x2248 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
- 19:34:02.0164 0x2248 RasPppoe - ok
- 19:34:02.0183 0x2248 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
- 19:34:02.0185 0x2248 RasSstp - ok
- 19:34:02.0199 0x2248 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
- 19:34:02.0204 0x2248 rdbss - ok
- 19:34:02.0227 0x2248 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
- 19:34:02.0230 0x2248 rdpbus - ok
- 19:34:02.0247 0x2248 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
- 19:34:02.0248 0x2248 RDPCDD - ok
- 19:34:02.0282 0x2248 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
- 19:34:02.0283 0x2248 RDPENCDD - ok
- 19:34:02.0301 0x2248 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
- 19:34:02.0303 0x2248 RDPREFMP - ok
- 19:34:02.0341 0x2248 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
- 19:34:02.0344 0x2248 RDPWD - ok
- 19:34:02.0394 0x2248 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
- 19:34:02.0397 0x2248 rdyboost - ok
- 19:34:02.0423 0x2248 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
- 19:34:02.0428 0x2248 RemoteAccess - ok
- 19:34:02.0457 0x2248 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
- 19:34:02.0462 0x2248 RemoteRegistry - ok
- 19:34:02.0526 0x2248 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
- 19:34:02.0532 0x2248 RoxioNow Service - ok
- 19:34:02.0554 0x2248 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
- 19:34:02.0559 0x2248 RpcEptMapper - ok
- 19:34:02.0630 0x2248 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
- 19:34:02.0633 0x2248 RpcLocator - ok
- 19:34:02.0678 0x2248 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
- 19:34:02.0685 0x2248 RpcSs - ok
- 19:34:02.0721 0x2248 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
- 19:34:02.0723 0x2248 rspndr - ok
- 19:34:02.0770 0x2248 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
- 19:34:02.0774 0x2248 RSUSBSTOR - ok
- 19:34:02.0821 0x2248 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
- 19:34:02.0827 0x2248 RTL8167 - ok
- 19:34:02.0846 0x2248 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
- 19:34:02.0849 0x2248 SamSs - ok
- 19:34:02.0886 0x2248 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
- 19:34:02.0889 0x2248 sbp2port - ok
- 19:34:02.0915 0x2248 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
- 19:34:02.0922 0x2248 SCardSvr - ok
- 19:34:02.0941 0x2248 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
- 19:34:02.0943 0x2248 scfilter - ok
- 19:34:03.0002 0x2248 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
- 19:34:03.0018 0x2248 Schedule - ok
- 19:34:03.0052 0x2248 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
- 19:34:03.0054 0x2248 SCPolicySvc - ok
- 19:34:03.0113 0x2248 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
- 19:34:03.0115 0x2248 ScreamBAudioSvc - ok
- 19:34:03.0139 0x2248 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
- 19:34:03.0144 0x2248 SDRSVC - ok
- 19:34:03.0188 0x2248 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
- 19:34:03.0189 0x2248 secdrv - ok
- 19:34:03.0200 0x2248 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
- 19:34:03.0204 0x2248 seclogon - ok
- 19:34:03.0226 0x2248 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
- 19:34:03.0231 0x2248 SENS - ok
- 19:34:03.0251 0x2248 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
- 19:34:03.0257 0x2248 SensrSvc - ok
- 19:34:03.0278 0x2248 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
- 19:34:03.0280 0x2248 Serenum - ok
- 19:34:03.0310 0x2248 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
- 19:34:03.0312 0x2248 Serial - ok
- 19:34:03.0340 0x2248 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
- 19:34:03.0341 0x2248 sermouse - ok
- 19:34:03.0464 0x2248 [ A63DCCA0BD6FDE24064D96607A936B28 ] Service Sendori C:\Program Files (x86)\Sendori\Sendori.Service.exe
- 19:34:03.0465 0x2248 Service Sendori - ok
- 19:34:03.0523 0x2248 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
- 19:34:03.0528 0x2248 SessionEnv - ok
- 19:34:03.0568 0x2248 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
- 19:34:03.0571 0x2248 sffdisk - ok
- 19:34:03.0600 0x2248 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
- 19:34:03.0601 0x2248 sffp_mmc - ok
- 19:34:03.0617 0x2248 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
- 19:34:03.0619 0x2248 sffp_sd - ok
- 19:34:03.0637 0x2248 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
- 19:34:03.0639 0x2248 sfloppy - ok
- 19:34:03.0719 0x2248 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
- 19:34:03.0726 0x2248 SharedAccess - ok
- 19:34:03.0780 0x2248 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
- 19:34:03.0787 0x2248 ShellHWDetection - ok
- 19:34:03.0805 0x2248 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
- 19:34:03.0806 0x2248 SiSRaid2 - ok
- 19:34:03.0836 0x2248 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
- 19:34:03.0838 0x2248 SiSRaid4 - ok
- 19:34:03.0928 0x2248 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
- 19:34:03.0930 0x2248 SkypeUpdate - ok
- 19:34:03.0948 0x2248 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
- 19:34:03.0951 0x2248 Smb - ok
- 19:34:04.0105 0x2248 [ EFFEA9EEADB79243F9D876F67BFFE253 ] sndappv2 C:\Program Files (x86)\Sendori\sndappv2.exe
- 19:34:04.0149 0x2248 sndappv2 - ok
- 19:34:04.0187 0x2248 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
- 19:34:04.0191 0x2248 SNMPTRAP - ok
- 19:34:04.0210 0x2248 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
- 19:34:04.0212 0x2248 spldr - ok
- 19:34:04.0283 0x2248 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
- 19:34:04.0292 0x2248 Spooler - ok
- 19:34:04.0373 0x2248 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
- 19:34:04.0408 0x2248 sppsvc - ok
- 19:34:04.0434 0x2248 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
- 19:34:04.0439 0x2248 sppuinotify - ok
- 19:34:04.0480 0x2248 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
- 19:34:04.0485 0x2248 srv - ok
- 19:34:04.0506 0x2248 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
- 19:34:04.0511 0x2248 srv2 - ok
- 19:34:04.0535 0x2248 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
- 19:34:04.0538 0x2248 srvnet - ok
- 19:34:04.0578 0x2248 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
- 19:34:04.0584 0x2248 SSDPSRV - ok
- 19:34:04.0597 0x2248 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
- 19:34:04.0604 0x2248 SstpSvc - ok
- 19:34:04.0716 0x2248 [ B00068BA94F5F306911B14B425AAEB56 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
- 19:34:04.0720 0x2248 STacSV - ok
- 19:34:04.0803 0x2248 [ EAA63F7E11945B50DE4CAA2949E17B2F ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
- 19:34:04.0811 0x2248 Steam Client Service - ok
- 19:34:04.0828 0x2248 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
- 19:34:04.0830 0x2248 stexstor - ok
- 19:34:04.0891 0x2248 [ DA40D9C9CCB9836D6ABD1706935A2277 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
- 19:34:04.0898 0x2248 STHDA - ok
- 19:34:04.0938 0x2248 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
- 19:34:04.0947 0x2248 stisvc - ok
- 19:34:04.0977 0x2248 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
- 19:34:04.0979 0x2248 swenum - ok
- 19:34:05.0129 0x2248 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
- 19:34:05.0133 0x2248 SwitchBoard - ok
- 19:34:05.0191 0x2248 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
- 19:34:05.0200 0x2248 swprv - ok
- 19:34:05.0253 0x2248 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
- 19:34:05.0258 0x2248 SynTP - ok
- 19:34:05.0381 0x2248 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
- 19:34:05.0443 0x2248 SysMain - ok
- 19:34:05.0470 0x2248 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
- 19:34:05.0477 0x2248 TabletInputService - ok
- 19:34:05.0512 0x2248 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
- 19:34:05.0519 0x2248 TapiSrv - ok
- 19:34:05.0539 0x2248 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
- 19:34:05.0545 0x2248 TBS - ok
- 19:34:05.0650 0x2248 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
- 19:34:05.0671 0x2248 Tcpip - ok
- 19:34:05.0713 0x2248 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
- 19:34:05.0724 0x2248 TCPIP6 - ok
- 19:34:05.0790 0x2248 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
- 19:34:05.0791 0x2248 tcpipreg - ok
- 19:34:05.0829 0x2248 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
- 19:34:05.0830 0x2248 TDPIPE - ok
- 19:34:05.0851 0x2248 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
- 19:34:05.0853 0x2248 TDTCP - ok
- 19:34:05.0881 0x2248 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
- 19:34:05.0883 0x2248 tdx - ok
- 19:34:05.0914 0x2248 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
- 19:34:05.0916 0x2248 TermDD - ok
- 19:34:05.0984 0x2248 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
- 19:34:05.0994 0x2248 TermService - ok
- 19:34:06.0024 0x2248 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
- 19:34:06.0028 0x2248 Themes - ok
- 19:34:06.0071 0x2248 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
- 19:34:06.0074 0x2248 THREADORDER - ok
- 19:34:06.0111 0x2248 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
- 19:34:06.0116 0x2248 TrkWks - ok
- 19:34:06.0216 0x2248 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
- 19:34:06.0220 0x2248 TrustedInstaller - ok
- 19:34:06.0258 0x2248 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
- 19:34:06.0259 0x2248 tssecsrv - ok
- 19:34:06.0303 0x2248 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
- 19:34:06.0305 0x2248 TsUsbFlt - ok
- 19:34:06.0320 0x2248 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
- 19:34:06.0322 0x2248 TsUsbGD - ok
- 19:34:06.0352 0x2248 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
- 19:34:06.0355 0x2248 tunnel - ok
- 19:34:06.0373 0x2248 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
- 19:34:06.0375 0x2248 uagp35 - ok
- 19:34:06.0395 0x2248 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
- 19:34:06.0400 0x2248 udfs - ok
- 19:34:06.0433 0x2248 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
- 19:34:06.0438 0x2248 UI0Detect - ok
- 19:34:06.0459 0x2248 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
- 19:34:06.0462 0x2248 uliagpkx - ok
- 19:34:06.0495 0x2248 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
- 19:34:06.0497 0x2248 umbus - ok
- 19:34:06.0513 0x2248 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
- 19:34:06.0515 0x2248 UmPass - ok
- 19:34:06.0666 0x2248 [ 0FADD949576A164B4E51E716F46B6C33 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- 19:34:06.0690 0x2248 UNS - ok
- 19:34:06.0720 0x2248 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
- 19:34:06.0728 0x2248 upnphost - ok
- 19:34:06.0770 0x2248 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
- 19:34:06.0772 0x2248 USBAAPL64 - ok
- 19:34:06.0820 0x2248 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
- 19:34:06.0822 0x2248 usbccgp - ok
- 19:34:06.0881 0x2248 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
- 19:34:06.0883 0x2248 usbcir - ok
- 19:34:06.0917 0x2248 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
- 19:34:06.0919 0x2248 usbehci - ok
- 19:34:06.0975 0x2248 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
- 19:34:06.0981 0x2248 usbhub - ok
- 19:34:07.0025 0x2248 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
- 19:34:07.0027 0x2248 usbohci - ok
- 19:34:07.0062 0x2248 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
- 19:34:07.0064 0x2248 usbprint - ok
- 19:34:07.0144 0x2248 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
- 19:34:07.0145 0x2248 usbscan - ok
- 19:34:07.0176 0x2248 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
- 19:34:07.0178 0x2248 USBSTOR - ok
- 19:34:07.0194 0x2248 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
- 19:34:07.0195 0x2248 usbuhci - ok
- 19:34:07.0234 0x2248 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
- 19:34:07.0237 0x2248 usbvideo - ok
- 19:34:07.0268 0x2248 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
- 19:34:07.0273 0x2248 UxSms - ok
- 19:34:07.0290 0x2248 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
- 19:34:07.0293 0x2248 VaultSvc - ok
- 19:34:07.0389 0x2248 [ 2662F24C7AEE2A32CEBDEC907A5366F1 ] vcsFPService C:\Windows\system32\vcsFPService.exe
- 19:34:07.0414 0x2248 vcsFPService - ok
- 19:34:07.0451 0x2248 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
- 19:34:07.0453 0x2248 vdrvroot - ok
- 19:34:07.0501 0x2248 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
- 19:34:07.0518 0x2248 vds - ok
- 19:34:07.0538 0x2248 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
- 19:34:07.0539 0x2248 vga - ok
- 19:34:07.0555 0x2248 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
- 19:34:07.0557 0x2248 VgaSave - ok
- 19:34:07.0573 0x2248 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
- 19:34:07.0576 0x2248 vhdmp - ok
- 19:34:07.0651 0x2248 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
- 19:34:07.0652 0x2248 viaide - ok
- 19:34:07.0683 0x2248 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
- 19:34:07.0685 0x2248 volmgr - ok
- 19:34:07.0704 0x2248 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
- 19:34:07.0709 0x2248 volmgrx - ok
- 19:34:07.0724 0x2248 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
- 19:34:07.0728 0x2248 volsnap - ok
- 19:34:07.0751 0x2248 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
- 19:34:07.0754 0x2248 vsmraid - ok
- 19:34:07.0819 0x2248 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
- 19:34:07.0840 0x2248 VSS - ok
- 19:34:07.0853 0x2248 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
- 19:34:07.0855 0x2248 vwifibus - ok
- 19:34:07.0885 0x2248 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
- 19:34:07.0887 0x2248 vwififlt - ok
- 19:34:07.0922 0x2248 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
- 19:34:07.0930 0x2248 W32Time - ok
- 19:34:07.0995 0x2248 [ FDA15A0510F84FA46452B74529147A15 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
- 19:34:07.0997 0x2248 WacHidRouter - ok
- 19:34:08.0054 0x2248 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
- 19:34:08.0055 0x2248 wacmoumonitor - ok
- 19:34:08.0061 0x2248 wacommousefilter - ok
- 19:34:08.0078 0x2248 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
- 19:34:08.0080 0x2248 WacomPen - ok
- 19:34:08.0095 0x2248 [ EABFDBDC9BEDD325F260A3A9FEE5B3F9 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
- 19:34:08.0096 0x2248 wacomrouterfilter - ok
- 19:34:08.0118 0x2248 wacomvhid - ok
- 19:34:08.0152 0x2248 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
- 19:34:08.0154 0x2248 WANARP - ok
- 19:34:08.0159 0x2248 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
- 19:34:08.0161 0x2248 Wanarpv6 - ok
- 19:34:08.0230 0x2248 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
- 19:34:08.0244 0x2248 WatAdminSvc - ok
- 19:34:08.0290 0x2248 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
- 19:34:08.0311 0x2248 wbengine - ok
- 19:34:08.0331 0x2248 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
- 19:34:08.0338 0x2248 WbioSrvc - ok
- 19:34:08.0367 0x2248 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
- 19:34:08.0375 0x2248 wcncsvc - ok
- 19:34:08.0393 0x2248 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
- 19:34:08.0398 0x2248 WcsPlugInService - ok
- 19:34:08.0427 0x2248 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
- 19:34:08.0429 0x2248 Wd - ok
- 19:34:08.0479 0x2248 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
- 19:34:08.0487 0x2248 Wdf01000 - ok
- 19:34:08.0500 0x2248 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
- 19:34:08.0505 0x2248 WdiServiceHost - ok
- 19:34:08.0510 0x2248 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
- 19:34:08.0514 0x2248 WdiSystemHost - ok
- 19:34:08.0540 0x2248 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
- 19:34:08.0546 0x2248 WebClient - ok
- 19:34:08.0561 0x2248 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
- 19:34:08.0573 0x2248 Wecsvc - ok
- 19:34:08.0622 0x2248 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
- 19:34:08.0627 0x2248 wercplsupport - ok
- 19:34:08.0662 0x2248 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
- 19:34:08.0667 0x2248 WerSvc - ok
- 19:34:08.0706 0x2248 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
- 19:34:08.0707 0x2248 WfpLwf - ok
- 19:34:08.0729 0x2248 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
- 19:34:08.0730 0x2248 WIMMount - ok
- 19:34:08.0753 0x2248 WinDefend - ok
- 19:34:08.0778 0x2248 WinHttpAutoProxySvc - ok
- 19:34:08.0849 0x2248 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
- 19:34:08.0852 0x2248 Winmgmt - ok
- 19:34:08.0927 0x2248 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
- 19:34:08.0954 0x2248 WinRM - ok
- 19:34:09.0024 0x2248 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
- 19:34:09.0026 0x2248 WinUSB - ok
- 19:34:09.0067 0x2248 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
- 19:34:09.0081 0x2248 Wlansvc - ok
- 19:34:09.0274 0x2248 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- 19:34:09.0309 0x2248 wlidsvc - ok
- 19:34:09.0337 0x2248 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
- 19:34:09.0338 0x2248 WmiAcpi - ok
- 19:34:09.0376 0x2248 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
- 19:34:09.0380 0x2248 wmiApSrv - ok
- 19:34:09.0420 0x2248 WMPNetworkSvc - ok
- 19:34:09.0443 0x2248 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
- 19:34:09.0447 0x2248 WPCSvc - ok
- 19:34:09.0459 0x2248 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
- 19:34:09.0464 0x2248 WPDBusEnum - ok
- 19:34:09.0486 0x2248 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
- 19:34:09.0488 0x2248 ws2ifsl - ok
- 19:34:09.0500 0x2248 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
- 19:34:09.0505 0x2248 wscsvc - ok
- 19:34:09.0509 0x2248 WSearch - ok
- 19:34:09.0645 0x2248 [ FF3F745A22B0C9C2EF1600762E8858A1 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
- 19:34:09.0652 0x2248 WTabletServiceCon - ok
- 19:34:09.0860 0x2248 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
- 19:34:09.0898 0x2248 wuauserv - ok
- 19:34:09.0937 0x2248 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
- 19:34:09.0939 0x2248 WudfPf - ok
- 19:34:09.0973 0x2248 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
- 19:34:09.0976 0x2248 WUDFRd - ok
- 19:34:09.0998 0x2248 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
- 19:34:10.0004 0x2248 wudfsvc - ok
- 19:34:10.0035 0x2248 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
- 19:34:10.0043 0x2248 WwanSvc - ok
- 19:34:10.0056 0x2248 ================ Scan global ===============================
- 19:34:10.0088 0x2248 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
- 19:34:10.0138 0x2248 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
- 19:34:10.0149 0x2248 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
- 19:34:10.0171 0x2248 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
- 19:34:10.0206 0x2248 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
- 19:34:10.0213 0x2248 [Global] - ok
- 19:34:10.0214 0x2248 ================ Scan MBR ==================================
- 19:34:10.0231 0x2248 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
- 19:34:10.0469 0x2248 \Device\Harddisk0\DR0 - ok
- 19:34:10.0476 0x2248 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
- 19:34:10.0484 0x2248 \Device\Harddisk1\DR1 - ok
- 19:34:10.0485 0x2248 ================ Scan VBR ==================================
- 19:34:10.0499 0x2248 [ 0B2B88C68A4366C5D747B1A8A1B5B9DC ] \Device\Harddisk0\DR0\Partition1
- 19:34:10.0500 0x2248 \Device\Harddisk0\DR0\Partition1 - ok
- 19:34:10.0541 0x2248 [ CFA31ED5EE3B87BBE5398D074DB18AD5 ] \Device\Harddisk0\DR0\Partition2
- 19:34:10.0542 0x2248 \Device\Harddisk0\DR0\Partition2 - ok
- 19:34:10.0547 0x2248 [ 2A90819FD9F51ACF6AAD10E734A5C4B7 ] \Device\Harddisk1\DR1\Partition1
- 19:34:10.0548 0x2248 \Device\Harddisk1\DR1\Partition1 - ok
- 19:34:10.0553 0x2248 [ C4EBB0B38EBE1C1115AF250BB0785554 ] \Device\Harddisk1\DR1\Partition2
- 19:34:10.0557 0x2248 \Device\Harddisk1\DR1\Partition2 - ok
- 19:34:10.0557 0x2248 ============================================================
- 19:34:10.0557 0x2248 Scan finished
- 19:34:10.0557 0x2248 ============================================================
- 19:34:10.0577 0x18ac Detected object count: 0
- 19:34:10.0577 0x18ac Actual detected object count: 0
- DDS (Ver_2012-11-20.01) - NTFS_AMD64
- Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.9.2
- Run by Max at 19:34:42 on 2013-09-14
- Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1648 [GMT -4:00]
- .
- AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
- AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
- SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
- SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
- .
- ============== Running Processes ===============
- .
- C:\Windows\system32\lsm.exe
- C:\Windows\system32\svchost.exe -k DcomLaunch
- C:\Windows\system32\svchost.exe -k RPCSS
- c:\Program Files\Microsoft Security Client\MsMpEng.exe
- C:\Windows\system32\atiesrxx.exe
- C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
- C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
- C:\Windows\system32\svchost.exe -k LocalService
- C:\Windows\system32\svchost.exe -k netsvcs
- C:\Program Files\IDT\WDM\STacSV64.exe
- C:\Windows\system32\Hpservice.exe
- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
- C:\Windows\system32\vcsFPService.exe
- C:\Windows\system32\svchost.exe -k NetworkService
- C:\Windows\system32\atieclxx.exe
- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- C:\Windows\System32\spoolsv.exe
- C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
- C:\Program Files\IDT\WDM\AESTSr64.exe
- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
- C:\Program Files\Bonjour\mDNSResponder.exe
- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
- C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
- C:\Windows\System32\svchost.exe -k HPZ12
- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
- C:\Windows\System32\svchost.exe -k HPZ12
- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
- C:\Program Files (x86)\Sendori\sndappv2.exe
- C:\Windows\system32\svchost.exe -k imgsvc
- c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- C:\Program Files (x86)\Sendori\SendoriSvc.exe
- C:\Program Files (x86)\Sendori\Sendori.Service.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\system32\wbem\unsecapp.exe
- c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
- C:\Program Files (x86)\Sendori\SendoriUp.exe
- C:\Windows\system32\SearchIndexer.exe
- C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
- C:\Windows\system32\taskhost.exe
- C:\Windows\system32\Dwm.exe
- C:\Windows\Explorer.EXE
- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
- C:\Program Files\Tablet\Pen\WacomHost.exe
- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
- C:\Program Files\IDT\WDM\sttray64.exe
- C:\Windows\System32\igfxpers.exe
- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- C:\Program Files\Microsoft Security Client\msseces.exe
- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
- C:\Users\Max\Local Settings\Apps\F.lux\flux.exe
- C:\Program Files\Windows Media Player\wmpnetwk.exe
- C:\Windows\System32\svchost.exe -k LocalServicePeerNet
- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
- C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- C:\Program Files (x86)\iTunes\iTunesHelper.exe
- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
- C:\Program Files (x86)\Sendori\SendoriTray.exe
- C:\Program Files\iPod\bin\iPodService.exe
- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
- C:\Program Files\AVAST Software\Avast\AvastUI.exe
- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- C:\Windows\system32\wuauclt.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
- C:\Windows\system32\svchost.exe -k SDRSVC
- C:\Windows\system32\notepad.exe
- C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
- C:\Windows\System32\cscript.exe
- .
- ============== Pseudo HJT Report ===============
- .
- uStart Page = hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ie
- uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
- BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
- BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
- BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
- BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
- BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
- BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
- BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
- BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
- BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
- BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
- TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
- TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
- EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
- EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
- uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
- uRun: [Google Update] "C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe" /c
- uRun: [GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E] "C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
- uRun: [Facebook Update] "C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
- uRun: [F.lux] "C:\Users\Max\Local Settings\Apps\F.lux\flux.exe" /noshow
- uRun: [AdobeBridge] <no file>
- mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
- mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
- mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
- mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
- mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
- mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
- mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
- mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
- mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
- mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
- mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
- mRun: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
- mRun: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
- mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
- mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
- mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
- mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
- mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
- mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
- mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
- StartupFolder: C:\Users\Max\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
- mPolicies-Explorer: NoActiveDesktop = dword:1
- mPolicies-Explorer: NoActiveDesktopChanges = dword:1
- mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
- mPolicies-System: ConsentPromptBehaviorUser = dword:3
- mPolicies-System: EnableUIADesktopToggle = dword:0
- IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
- IE: Free YouTube to MP3 Converter - C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
- IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
- IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
- IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
- IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
- LSP: C:\Windows\System32\Sendori.dll
- Trusted Zone: cinemanow.com
- Trusted Zone: cinemanow.com
- DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
- DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
- DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
- TCP: NameServer = 192.168.1.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807} : DHCPNameServer = 192.168.1.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\05E636023547574696F637 : DHCPNameServer = 192.168.2.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\3416D607573735175716275643 : NameServer = 192.168.1.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\3416D607573735175716275643 : DHCPNameServer = 192.168.1.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\3416D607573735175716275663 : NameServer = 192.168.1.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\3416D607573735175716275663 : DHCPNameServer = 192.168.1.1
- Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
- SSODL: WebCheck - <orphaned>
- SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
- x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
- x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
- x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
- x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
- x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
- x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
- x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
- x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
- x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
- x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
- x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
- x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
- x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
- x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
- x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
- x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
- x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
- x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
- x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
- x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
- x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
- x64-Notify: igfxcui - igfxdev.dll
- x64-SSODL: WebCheck - <orphaned>
- x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
- .
- ================= FIREFOX ===================
- .
- FF - ProfilePath - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\apmzeti2.default\
- FF - prefs.js: browser.search.selectedEngine - Yahoo
- FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ff
- FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
- FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
- FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
- FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
- FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
- FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
- FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
- FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
- FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
- FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
- FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
- FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
- FF - plugin: C:\Users\Max\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
- FF - plugin: C:\Users\Max\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
- FF - plugin: C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
- FF - plugin: C:\Users\Max\AppData\Roaming\raidcall\plugins\nprcplugin.dll
- FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
- FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
- FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
- FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
- FF - ExtSQL: 2013-08-29 14:45; savingsslider@mybrowserbar.com; C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\apmzeti2.default\extensions\savingsslider@mybrowserbar.com
- FF - ExtSQL: 2013-09-04 12:18; ytd@mybrowserbar.com; C:\Program Files (x86)\YTD Toolbar\FF
- FF - ExtSQL: !HIDDEN! 2012-06-18 21:15; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
- .
- ============= SERVICES / DRIVERS ===============
- .
- R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-6 65336]
- R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-6 204880]
- R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
- R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-6 1030952]
- R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-6 378944]
- R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-19 283200]
- R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-6 33400]
- R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-6 80816]
- R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-1 56344]
- R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
- R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-27 10610400]
- R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392]
- R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
- R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
- S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-6-15 13728]
- S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
- S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
- S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]
- S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-4-30 232992]
- S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
- S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
- S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
- S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-6-15 81824]
- S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2012-11-12 13312]
- S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-6-15 15776]
- .
- =============== Created Last 30 ================
- .
- 2013-09-14 03:07:35 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9C24B184-7E0A-4894-8293-037EB3C0BB0B}\mpengine.dll
- 2013-09-12 16:54:59 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
- 2013-09-11 06:12:18 4751752 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
- 2013-09-07 00:55:14 965008 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FDBCB029-60FD-4DDE-9DBD-920301D62E6A}\gapaengine.dll
- 2013-09-07 00:26:38 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
- 2013-09-07 00:26:36 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
- 2013-09-07 00:26:36 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
- 2013-09-07 00:26:33 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
- 2013-09-07 00:26:28 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
- 2013-09-07 00:25:43 41664 ----a-w- C:\Windows\avastSS.scr
- 2013-09-07 00:25:11 -------- d-----w- C:\Program Files\AVAST Software
- 2013-09-07 00:24:13 -------- d-----w- C:\ProgramData\AVAST Software
- 2013-09-04 16:18:17 -------- d-----w- C:\Program Files (x86)\Application Updater
- 2013-09-04 16:18:15 -------- d-----w- C:\Program Files (x86)\YTD Toolbar
- 2013-08-29 18:45:56 -------- d-----w- C:\Users\Max\AppData\Local\Slick Savings
- 2013-08-29 18:45:54 -------- d-----w- C:\Users\Max\AppData\Roaming\Slick Savings
- 2013-08-29 18:45:42 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
- 2013-08-29 18:45:25 -------- d-----w- C:\ProgramData\YTD Video Downloader
- 2013-08-29 18:45:18 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
- 2013-08-28 22:55:37 -------- d-----w- C:\ProgramData\cop
- 2013-08-28 22:55:36 -------- d-----w- C:\ProgramData\nhmaj
- 2013-08-21 04:48:24 -------- d-----w- C:\Windows\SysWow64\AGEIA
- 2013-08-21 04:47:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
- 2013-08-17 04:51:26 -------- d-----w- C:\Program Files (x86)\AMD
- 2013-08-17 04:51:24 -------- d-----w- C:\Users\Max\AppData\Local\Downloaded Installations
- 2013-08-17 04:47:32 -------- d-----w- C:\Windows\SysWow64\xlive
- 2013-08-17 04:47:20 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
- .
- ==================== Find3M ====================
- .
- 2013-09-13 19:12:50 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
- 2013-09-13 19:12:49 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
- 2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
- 2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
- 2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
- 2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
- 2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
- 2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
- 2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
- 2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
- 2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
- 2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
- 2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
- 2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
- 2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
- 2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
- 2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
- 2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
- 2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
- 2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
- 2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
- 2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
- 2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
- 2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
- 2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
- 2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
- 2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
- 2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
- 2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
- 2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
- 2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
- 2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
- 2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
- 2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
- 2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
- 2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
- 2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
- 2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
- 2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
- 2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
- 2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
- 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
- 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
- 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
- 2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
- 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
- 2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
- 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
- 2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
- 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
- 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
- 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
- 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
- 2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
- 2013-07-02 03:58:41 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
- 2013-07-01 19:28:10 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll
- .
- ============= FINISH: 19:36:16.99 ===============
- .
- UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
- IF REQUESTED, ZIP IT UP & ATTACH IT
- .
- DDS (Ver_2012-11-20.01)
- .
- Microsoft Windows 7 Home Premium
- Boot Device: \Device\HarddiskVolume1
- Install Date: 4/27/2012 5:33:03 PM
- System Uptime: 9/14/2013 7:24:21 PM (0 hours ago)
- .
- Motherboard: Hewlett-Packard | | 144A
- Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz | CPU | 2256/1066mhz
- .
- ==== Disk Partitions =========================
- .
- C: is FIXED (NTFS) - 466 GiB total, 201.626 GiB free.
- D: is CDROM (CDFS)
- E: is CDROM ()
- F: is FIXED (NTFS) - 931 GiB total, 557.611 GiB free.
- .
- ==== Disabled Device Manager Items =============
- .
- Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
- Description: Lexmark X422
- Device ID: ROOT\IMAGE\0000
- Manufacturer: Lexmark
- Name: Lexmark X422
- PNP Device ID: ROOT\IMAGE\0000
- Service: usbscan
- .
- ==== System Restore Points ===================
- .
- RP237: 9/12/2013 2:26:57 PM - Scheduled Checkpoint
- .
- ==== Installed Programs ======================
- .
- Leawo Video Converter version 5.2.0.1
- µTorrent
- 64 Bit HP CIO Components Installer
- 7-Zip 9.20 (x64 edition)
- Adobe AIR
- Adobe Anchor Service CS3
- Adobe Asset Services CS3
- Adobe Bridge CS3
- Adobe Bridge Start Meeting
- Adobe Camera Raw 4.0
- Adobe CMaps
- Adobe Color - Photoshop Specific
- Adobe Color Common Settings
- Adobe Color EU Extra Settings
- Adobe Color JA Extra Settings
- Adobe Color NA Recommended Settings
- Adobe Default Language CS3
- Adobe Device Central CS3
- Adobe ExtendScript Toolkit 2
- Adobe Flash Player 11 ActiveX
- Adobe Flash Player 11 Plugin
- Adobe Fonts All
- Adobe Help Viewer CS3
- Adobe Linguistics CS3
- Adobe PDF Library Files
- Adobe Photoshop CS3
- Adobe Photoshop CS6
- Adobe Reader X (10.1.3)
- Adobe Setup
- Adobe Shockwave Player 11.6
- Adobe Stock Photos CS3
- Adobe Type Support
- Adobe Update Manager CS3
- Adobe Version Cue CS3 Client
- Adobe WinSoft Linguistics Plugin
- Adobe XMP Panels CS3
- AIM 7
- AIO_Scan
- Amazon MP3 Downloader 1.0.17
- Amnesia - The Dark Descent
- Apple Application Support
- Apple Mobile Device Support
- Apple Software Update
- ASPCA Reminder by We-Care.com v4.1.22.1
- ATI Catalyst Install Manager
- Audacity 2.0
- avast! Free Antivirus
- AVIcodec (remove only)
- Avidemux 2.6 (32-bit)
- Awesomenauts
- Bamboo Dock
- Bastion
- Batman: Arkham City GOTY
- Bonjour
- BufferChm
- calibre
- Catalyst Control Center - Branding
- Catalyst Control Center Graphics Previews Common
- Catalyst Control Center Graphics Previews Vista
- Catalyst Control Center InstallProxy
- Catalyst Control Center Localization All
- ccc-core-static
- ccc-utility64
- CCC Help Chinese Standard
- CCC Help Chinese Traditional
- CCC Help Czech
- CCC Help Danish
- CCC Help Dutch
- CCC Help English
- CCC Help Finnish
- CCC Help French
- CCC Help German
- CCC Help Greek
- CCC Help Hungarian
- CCC Help Italian
- CCC Help Japanese
- CCC Help Korean
- CCC Help Norwegian
- CCC Help Polish
- CCC Help Portuguese
- CCC Help Russian
- CCC Help Spanish
- CCC Help Swedish
- CCC Help Thai
- CCC Help Turkish
- CCleaner
- Celtx (2.9.7)
- Cheat Engine 6.2
- Combined Community Codec Pack 2013-05-30
- Comic Sound Pack
- Copy
- Costume Quest
- DAEMON Tools Lite
- Dead Island
- Dear Esther
- Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
- Destinations
- Desura
- DeviceDiscovery
- DivX H.264 decoder 8.2.0.26
- DivX Setup
- DJ_AIO_ProductContext
- DJ_AIO_Software
- DJ_AIO_Software_min
- Dota 2
- Dropbox
- Dual-Core Optimizer
- F.lux
- F4100
- F4100_Help
- Facebook Video Calling 1.2.0.287
- Fantasy Voice Pack
- Female Voice Pack
- Free YouTube to MP3 Converter version 3.12.3.610
- Google Chrome
- GPBaseService2
- HandBrake 0.9.9.1
- HP Customer Participation Program 13.0
- HP Deskjet All-In-One Driver Software 13.0 Rel. 1
- HP DVB-T TV Tuner 8.0.64.43
- HP Imaging Device Functions 13.0
- HP MediaSmart SmartMenu
- HP Photosmart Essential 3.5
- HP Quick Launch
- HP Smart Web Printing 4.51
- HP Solution Center 13.0
- HP Update
- HPPhotoGadget
- HPPhotoSmartDiscLabelContent1
- HPPhotosmartEssential
- HPProductAssistant
- HPSSupply
- HTC Driver Installer
- IDT Audio
- Intel(R) Graphics Media Accelerator Driver
- Intel(R) Management Engine Components
- Intel(R) Rapid Storage Technology
- iTunes
- Java 7 Update 9
- Java Auto Updater
- Java(TM) 6 Update 31
- Java(TM) 6 Update 31 (64-bit)
- Left 4 Dead 2
- LogMeIn Hamachi
- Male Voice Pack
- Malwarebytes Anti-Malware version 1.75.0.1300
- MarketResearch
- Microsoft .NET Framework 4 Client Profile
- Microsoft .NET Framework 4 Extended
- Microsoft Games for Windows - LIVE Redistributable
- Microsoft Games for Windows Marketplace
- Microsoft Office 2010 Service Pack 1 (SP1)
- Microsoft Office Access MUI (English) 2010
- Microsoft Office Access Setup Metadata MUI (English) 2010
- Microsoft Office Excel MUI (English) 2010
- Microsoft Office Groove MUI (English) 2010
- Microsoft Office InfoPath MUI (English) 2010
- Microsoft Office Office 32-bit Components 2010
- Microsoft Office OneNote MUI (English) 2010
- Microsoft Office Outlook MUI (English) 2010
- Microsoft Office PowerPoint MUI (English) 2010
- Microsoft Office Professional Plus 2010
- Microsoft Office Proof (English) 2010
- Microsoft Office Proof (French) 2010
- Microsoft Office Proof (Spanish) 2010
- Microsoft Office Proofing (English) 2010
- Microsoft Office Publisher MUI (English) 2010
- Microsoft Office Shared 32-bit MUI (English) 2010
- Microsoft Office Shared MUI (English) 2010
- Microsoft Office Shared Setup Metadata MUI (English) 2010
- Microsoft Office Word MUI (English) 2010
- Microsoft Security Client
- Microsoft Security Essentials
- Microsoft Silverlight
- Microsoft Visual C++ 2005 Redistributable
- Microsoft Visual C++ 2005 Redistributable (x64)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
- Microsoft WSE 3.0 Runtime
- Microsoft XNA Framework Redistributable 3.1
- Microsoft_VC80_CRT_x86
- Microsoft_VC90_CRT_x86
- Mirror's Edge
- MorphVOX Pro
- Mozilla Firefox 15.0.1 (x86 en-US)
- Mozilla Firefox 18.0.1 (x86 en-US)
- Mozilla Maintenance Service
- MSVCRT Redists
- MSXML 4.0 SP2 (KB954430)
- MSXML 4.0 SP2 (KB973688)
- NVIDIA PhysX v8.10.17
- Open Broadcaster Software
- Pando Media Booster
- PcCloneEX
- PDF Settings
- PDF Settings CS6
- Personality Voices
- Perspective 1.0
- PX Profile Update
- QuickTime
- Rainmeter
- Realtek USB 2.0 Card Reader
- Red Orchestra 2: Heroes of Stalingrad
- Rinse (uninstall)
- RocketDock 1.3.5
- RoxioNow Player
- Scan
- Scrivener
- SecondLifeViewer (remove only)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
- Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
- Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
- Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
- Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
- Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
- Security Update for Microsoft Excel 2010 (KB2760597) 64-Bit Edition
- Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition
- Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition
- Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
- Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
- Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
- Security Update for Microsoft Office 2010 (KB2687276) 64-Bit Edition
- Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
- Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
- Security Update for Microsoft Outlook 2010 (KB2794707) 64-Bit Edition
- Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition
- Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition
- Security Update for Microsoft Word 2010 (KB2760769) 64-Bit Edition
- Sendori
- Shop for HP Supplies
- Skypeâ„¢ 5.10
- Slick Savings
- SmartWebPrinting
- SolutionCenter
- Sonic & All-Stars Racing Transformed
- Speccy
- Stacking
- Status
- Steam
- swMSM
- Synaptics Pointing Device Driver
- Team Fortress 2
- TeamSpeak 3 Client
- The Ship
- Thomas Was Alone
- Toolbox
- TrayApp
- Unity Web Player
- UnloadSupport
- Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
- Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
- Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
- Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
- Update for Microsoft .NET Framework 4 Extended (KB2468871)
- Update for Microsoft .NET Framework 4 Extended (KB2533523)
- Update for Microsoft .NET Framework 4 Extended (KB2600217)
- Update for Microsoft .NET Framework 4 Extended (KB2836939)
- Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
- Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2553065)
- Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2566458)
- Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
- Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
- Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
- Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
- Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
- Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
- Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
- Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
- Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
- Validity Sensors DDK
- VC80CRTRedist - 8.0.50727.6195
- Vegas Pro 12.0 (64-bit)
- VLC media player 2.0.1
- Wacom
- WebReg
- WebTablet FB Plugin 32 bit
- WebTablet FB Plugin 64 bit
- WebTablet IE Plugin
- WebTablet Netscape Plugin
- Windows Live ID Sign-in Assistant
- WinX Free AVI to FLV Converter 4.1.11
- WinZip 16.5
- WModem Driver Installer
- x264vfw - H.264/MPEG-4 AVC codec (remove only)
- Xvid Video Codec
- YTD Toolbar v7.6
- YTD Video Downloader 4.5
- .
- ==== Event Viewer Messages From Past Week ========
- .
- 9/8/2013 10:35:32 AM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
- 9/7/2013 7:14:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
- 9/7/2013 7:14:30 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
- 9/7/2013 7:10:02 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
- 9/7/2013 7:08:01 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
- 9/7/2013 7:08:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
- 9/7/2013 7:08:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
- 9/7/2013 7:07:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
- 9/7/2013 7:07:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
- 9/7/2013 7:07:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache MpFilter spldr Wanarpv6
- 9/7/2013 11:26:44 PM, Error: Service Control Manager [7034] - The sndappv2 service terminated unexpectedly. It has done this 3 time(s).
- 9/14/2013 7:35:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service.
- 9/14/2013 6:50:50 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
- 9/14/2013 6:50:50 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
- 9/14/2013 6:20:30 PM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
- 9/14/2013 10:18:58 AM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting.
- 9/13/2013 9:07:30 PM, Error: Service Control Manager [7034] - The sndappv2 service terminated unexpectedly. It has done this 1 time(s).
- 9/13/2013 11:10:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
- 9/13/2013 11:10:48 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
- 9/12/2013 4:30:07 PM, Error: Service Control Manager [7034] - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).
- 9/12/2013 12:43:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Service Sendori service to connect.
- 9/12/2013 12:43:14 PM, Error: Service Control Manager [7000] - The Service Sendori service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
- 9/11/2013 2:37:59 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
- 9/11/2013 12:13:41 AM, Error: Service Control Manager [7034] - The sndappv2 service terminated unexpectedly. It has done this 2 time(s).
- 9/10/2013 6:20:54 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OHHSOOOOSEXI that believes that it is the master browser for the domain on transport NetBT_Tcpip_{44399836-259D-446E-BE5B-755F08652AA7}. The master browser is stopping or an election is being forced.
- .
- ==== End Of File ===========================
- ComboFix 13-09-14.01 - Max 09/14/2013 19:39:46.1.4 - x64
- Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2353 [GMT -4:00]
- Running from: c:\users\Max\Downloads\ComboFix.exe
- AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
- AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
- SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
- SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
- SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- * Created a new restore point
- .
- .
- ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
- .
- .
- C:\END
- C:\install.exe
- c:\programdata\uninstaller.exe
- c:\users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences
- c:\users\Max\Documents\~WRL0003.tmp
- c:\users\Max\Documents\~WRL2043.tmp
- .
- Infected copy of c:\windows\system32\Services.exe was found and disinfected
- Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
- .
- .
- ((((((((((((((((((((((((( Files Created from 2013-08-14 to 2013-09-14 )))))))))))))))))))))))))))))))
- .
- .
- 2013-09-14 23:51 . 2013-09-14 23:51 -------- d-----w- c:\users\Default\AppData\Local\temp
- 2013-09-14 03:07 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C24B184-7E0A-4894-8293-037EB3C0BB0B}\mpengine.dll
- 2013-09-12 16:54 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
- 2013-09-11 06:12 . 2013-09-13 19:12 4751752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
- 2013-09-07 00:55 . 2013-09-07 00:25 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FDBCB029-60FD-4DDE-9DBD-920301D62E6A}\gapaengine.dll
- 2013-09-07 00:26 . 2013-08-30 07:48 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
- 2013-09-07 00:26 . 2013-08-30 07:48 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
- 2013-09-07 00:26 . 2013-08-30 07:47 287840 ----a-w- c:\windows\system32\aswBoot.exe
- 2013-09-07 00:25 . 2013-08-30 07:47 41664 ----a-w- c:\windows\avastSS.scr
- 2013-09-07 00:25 . 2013-09-07 00:25 -------- d-----w- c:\program files\AVAST Software
- 2013-09-07 00:24 . 2013-09-07 00:25 -------- d-----w- c:\programdata\AVAST Software
- 2013-09-04 16:18 . 2013-09-04 16:18 -------- d-----w- c:\program files (x86)\Application Updater
- 2013-09-04 16:18 . 2013-09-04 16:18 -------- d-----w- c:\program files (x86)\YTD Toolbar
- 2013-08-29 18:45 . 2013-08-29 18:45 -------- d-----w- c:\users\Max\AppData\Local\Slick Savings
- 2013-08-29 18:45 . 2013-09-08 03:27 -------- d-----w- c:\users\Max\AppData\Roaming\Slick Savings
- 2013-08-29 18:45 . 2013-09-04 16:18 -------- d-----w- c:\program files (x86)\Common Files\Spigot
- 2013-08-29 18:45 . 2013-09-02 19:38 -------- d-----w- c:\programdata\YTD Video Downloader
- 2013-08-29 18:45 . 2013-08-29 18:45 -------- d-----w- c:\program files (x86)\GreenTree Applications
- 2013-08-28 22:55 . 2013-08-28 22:55 -------- d-----w- c:\programdata\cop
- 2013-08-28 22:55 . 2013-08-28 22:56 -------- d-----w- c:\programdata\nhmaj
- 2013-08-21 04:48 . 2013-08-21 04:48 -------- d-----w- c:\windows\SysWow64\AGEIA
- 2013-08-21 04:48 . 2013-08-21 04:48 -------- d-----w- c:\program files (x86)\AGEIA Technologies
- 2013-08-21 04:47 . 2013-08-21 04:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
- 2013-08-17 04:51 . 2013-08-17 04:51 -------- d-----w- c:\program files (x86)\AMD
- 2013-08-17 04:51 . 2013-08-17 04:51 -------- d-----w- c:\users\Max\AppData\Local\Downloaded Installations
- 2013-08-17 04:47 . 2013-08-17 04:47 -------- d-----w- c:\windows\SysWow64\xlive
- 2013-08-17 04:47 . 2013-08-17 04:47 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
- .
- .
- .
- (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
- .
- 2013-09-13 19:12 . 2012-04-30 19:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
- 2013-09-13 19:12 . 2012-04-30 19:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
- 2013-09-11 07:09 . 2012-04-30 18:32 79143768 ----a-w- c:\windows\system32\MRT.exe
- 2013-08-23 20:00 . 2012-06-12 14:12 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
- 2013-08-17 05:18 . 2009-08-18 16:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
- 2013-08-17 05:18 . 2009-08-18 15:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
- 2013-08-02 01:48 . 2013-09-11 06:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll
- 2013-07-25 09:25 . 2013-08-13 22:52 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
- 2013-07-25 08:57 . 2013-08-13 22:52 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
- 2013-07-19 01:58 . 2013-08-13 22:53 2048 ----a-w- c:\windows\system32\tzres.dll
- 2013-07-19 01:41 . 2013-08-13 22:53 2048 ----a-w- c:\windows\SysWow64\tzres.dll
- 2013-07-09 05:52 . 2013-08-13 22:53 224256 ----a-w- c:\windows\system32\wintrust.dll
- 2013-07-09 05:51 . 2013-08-13 22:52 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
- 2013-07-09 05:46 . 2013-08-13 22:53 1472512 ----a-w- c:\windows\system32\crypt32.dll
- 2013-07-09 05:46 . 2013-08-13 22:53 184320 ----a-w- c:\windows\system32\cryptsvc.dll
- 2013-07-09 05:46 . 2013-08-13 22:53 139776 ----a-w- c:\windows\system32\cryptnet.dll
- 2013-07-09 04:52 . 2013-08-13 22:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
- 2013-07-09 04:52 . 2013-08-13 22:53 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
- 2013-07-09 04:46 . 2013-08-13 22:53 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
- 2013-07-09 04:46 . 2013-08-13 22:53 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
- 2013-07-09 04:46 . 2013-08-13 22:53 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
- 2013-07-06 06:03 . 2013-08-13 22:52 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
- 2013-07-02 04:00 . 2013-07-02 04:00 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 226304 ----a-w- c:\windows\system32\elshyph.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 158720 ----a-w- c:\windows\SysWow64\msls31.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 138752 ----a-w- c:\windows\SysWow64\wextract.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
- 2013-07-02 04:00 . 2013-07-02 04:00 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 361984 ----a-w- c:\windows\SysWow64\html.iec
- 2013-07-02 04:00 . 2013-07-02 04:00 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 12800 ----a-w- c:\windows\SysWow64\mshta.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
- 2013-07-02 04:00 . 2013-07-02 04:00 97280 ----a-w- c:\windows\system32\mshtmled.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 81408 ----a-w- c:\windows\system32\icardie.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 762368 ----a-w- c:\windows\system32\ieapfltr.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 599552 ----a-w- c:\windows\system32\vbscript.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 452096 ----a-w- c:\windows\system32\dxtmsft.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 441856 ----a-w- c:\windows\system32\html.iec
- 2013-07-02 04:00 . 2013-07-02 04:00 281600 ----a-w- c:\windows\system32\dxtrans.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 27648 ----a-w- c:\windows\system32\licmgr10.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 270848 ----a-w- c:\windows\system32\iedkcs32.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 247296 ----a-w- c:\windows\system32\webcheck.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 235008 ----a-w- c:\windows\system32\url.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 216064 ----a-w- c:\windows\system32\msls31.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 197120 ----a-w- c:\windows\system32\msrating.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 167424 ----a-w- c:\windows\system32\iexpress.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
- 2013-07-02 04:00 . 2013-07-02 04:00 144896 ----a-w- c:\windows\system32\wextract.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
- 2013-07-02 04:00 . 2013-07-02 04:00 102912 ----a-w- c:\windows\system32\inseng.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 77312 ----a-w- c:\windows\system32\tdc.ocx
- 2013-07-02 04:00 . 2013-07-02 04:00 62976 ----a-w- c:\windows\system32\pngfilt.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 51200 ----a-w- c:\windows\system32\imgutil.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 173568 ----a-w- c:\windows\system32\ieUnatt.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 149504 ----a-w- c:\windows\system32\occache.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 13824 ----a-w- c:\windows\system32\mshta.exe
- 2013-07-02 04:00 . 2013-07-02 04:00 136192 ----a-w- c:\windows\system32\iepeers.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
- 2013-07-02 04:00 . 2013-07-02 04:00 12800 ----a-w- c:\windows\system32\msfeedssync.exe
- 2013-07-02 03:58 . 2013-07-02 03:58 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 465920 ----a-w- c:\windows\system32\WMPhoto.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3928064 ----a-w- c:\windows\system32\d2d1.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 363008 ----a-w- c:\windows\system32\dxgi.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
- 2013-07-02 03:58 . 2013-07-02 03:58 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
- .
- .
- ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
- .
- .
- *Note* empty entries & legit default entries are not shown
- REGEDIT4
- .
- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
- 2013-09-02 17:03 1357120 ----a-w- c:\program files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
- .
- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
- "{F3FEE66E-E034-436a-86E4-9690573BEE8A}"= "c:\program files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll" [2013-09-02 1357120]
- .
- [HKEY_CLASSES_ROOT\clsid\{f3fee66e-e034-436a-86e4-9690573bee8a}]
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
- @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
- @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
- @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
- @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 130736 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
- .
- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- "GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E"="c:\users\Max\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-09-02 829392]
- "Facebook Update"="c:\users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-10-23 138096]
- "F.lux"="c:\users\Max\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
- "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
- "Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
- .
- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
- "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-09 98304]
- "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
- "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
- "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
- "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
- "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
- "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
- "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
- "VMM Mode Selection"="c:\program files\HTC\ModeSelection\VMMModeSelection.exe" [2011-02-14 43520]
- "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
- "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
- "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-12-27 646744]
- "Sendori Tray"="c:\program files (x86)\Sendori\SendoriTray.exe" [2013-07-01 83232]
- "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
- "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
- "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
- "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
- "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
- "SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-09-02 1360192]
- "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
- .
- c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
- Dropbox.lnk - c:\users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
- "ConsentPromptBehaviorAdmin"= 5 (0x5)
- "ConsentPromptBehaviorUser"= 3 (0x3)
- "EnableUIADesktopToggle"= 0 (0x0)
- .
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
- @="Service"
- .
- R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
- R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
- R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
- R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
- R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
- R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
- R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
- R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
- R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
- R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
- R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
- R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
- R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
- R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
- R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
- R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
- R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
- R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
- S0 aswRvrt;aswRvrt; [x]
- S0 aswVmm;aswVmm; [x]
- S1 aswSnx;aswSnx; [x]
- S1 aswSP;aswSP; [x]
- S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
- S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
- S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
- S2 Application Sendori;Application Sendori;c:\program files (x86)\Sendori\SendoriSvc.exe;c:\program files (x86)\Sendori\SendoriSvc.exe [x]
- S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
- S2 aswFsBlk;aswFsBlk; [x]
- S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
- S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
- S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
- S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
- S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
- S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
- S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [x]
- S2 Service Sendori;Service Sendori;c:\program files (x86)\Sendori\Sendori.Service.exe;c:\program files (x86)\Sendori\Sendori.Service.exe [x]
- S2 sndappv2;sndappv2;c:\program files (x86)\Sendori\sndappv2.exe;c:\program files (x86)\Sendori\sndappv2.exe [x]
- S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
- S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
- S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
- S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
- S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
- S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
- S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
- S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
- S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
- .
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
- hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
- .
- Contents of the 'Scheduled Tasks' folder
- .
- 2013-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 19:12]
- .
- 2013-09-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3788014583-70045170-2691678204-1000Core.job
- - c:\users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-23 23:10]
- .
- 2013-09-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3788014583-70045170-2691678204-1000UA.job
- - c:\users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-23 23:10]
- .
- 2013-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3788014583-70045170-2691678204-1000Core.job
- - c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-01 16:53]
- .
- 2013-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3788014583-70045170-2691678204-1000UA.job
- - c:\users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-01 16:53]
- .
- .
- --------- X64 Entries -----------
- .
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
- @="{472083B0-C522-11CF-8763-00608CC02F24}"
- [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
- 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
- @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
- @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
- @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
- @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
- [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
- 2013-05-25 00:36 164016 ----a-w- c:\users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
- .
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-07-22 487424]
- "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
- "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
- "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
- "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
- "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
- "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
- .
- ------- Supplementary Scan -------
- .
- uLocal Page = c:\windows\system32\blank.htm
- uStart Page = hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ie
- mLocal Page = c:\windows\SysWOW64\blank.htm
- uInternet Settings,ProxyOverride = *.local
- IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
- IE: Free YouTube to MP3 Converter - c:\users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
- IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
- Trusted Zone: cinemanow.com
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\3416D607573735175716275643: NameServer = 192.168.1.1
- TCP: Interfaces\{DFB3FD25-330D-4B50-805C-E57A9015A807}\3416D607573735175716275663: NameServer = 192.168.1.1
- FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\apmzeti2.default\
- FF - prefs.js: browser.search.selectedEngine - Yahoo
- FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ff
- FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
- FF - ExtSQL: 2013-08-29 14:45; savingsslider@mybrowserbar.com; c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\apmzeti2.default\extensions\savingsslider@mybrowserbar.com
- FF - ExtSQL: 2013-09-04 12:18; ytd@mybrowserbar.com; c:\program files (x86)\YTD Toolbar\FF
- FF - ExtSQL: !HIDDEN! 2012-06-18 21:15; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
- .
- - - - - ORPHANS REMOVED - - - -
- .
- Wow6432Node-HKCU-Run-LightScribe Control Panel - c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
- Wow6432Node-HKCU-Run-AdobeBridge - (no file)
- Wow6432Node-HKLM-Run-<NO NAME> - (no file)
- HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
- HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
- .
- .
- .
- --------------------- LOCKED REGISTRY KEYS ---------------------
- .
- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
- @Denied: (2) (LocalSystem)
- "{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
- 07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
- "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
- 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
- "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
- 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
- "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
- 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
- "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
- b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
- "{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}"=hex:51,66,7a,6c,4c,1d,38,12,b0,f3,37,
- dc,52,73,39,0a,e1,a7,25,43,3b,93,ce,af
- "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
- df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
- "{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
- fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
- "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
- 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
- "{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
- 51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
- .
- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
- @Denied: (2) (LocalSystem)
- "Timestamp"=hex:47,0f,f6,1b,3b,92,ce,01
- .
- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
- @Denied: (2) (LocalSystem)
- "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
- d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c6,e1,0c,a4,b3,90,50,40,89,fa,d8,\
- "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
- d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c6,e1,0c,a4,b3,90,50,40,89,fa,d8,\
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
- @Denied: (A 2) (Everyone)
- @="FlashBroker"
- "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
- "Enabled"=dword:00000001
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
- @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
- @Denied: (A 2) (Everyone)
- @="IFlashBroker5"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
- @="{00020424-0000-0000-C000-000000000046}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- "Version"="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
- @Denied: (A 2) (Everyone)
- @="FlashBroker"
- "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
- "Enabled"=dword:00000001
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
- @Denied: (A 2) (Everyone)
- @="Shockwave Flash Object"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
- "ThreadingModel"="Apartment"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
- @="0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
- @="ShockwaveFlash.ShockwaveFlash.11"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
- @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
- @="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
- @="ShockwaveFlash.ShockwaveFlash"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
- @Denied: (A 2) (Everyone)
- @="Macromedia Flash Factory Object"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
- "ThreadingModel"="Apartment"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
- @="FlashFactory.FlashFactory.1"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
- @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
- @="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
- @="FlashFactory.FlashFactory"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
- @Denied: (A 2) (Everyone)
- @="IFlashBroker5"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
- @="{00020424-0000-0000-C000-000000000046}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- "Version"="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
- "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
- 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
- .
- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
- @Denied: (Full) (Everyone)
- .
- ------------------------ Other Running Processes ------------------------
- .
- c:\program files\AVAST Software\Avast\AvastSvc.exe
- c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
- c:\program files (x86)\Sendori\SendoriUp.exe
- c:\program files\Tablet\Pen\WacomHost.exe
- c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- .
- **************************************************************************
- .
- Completion time: 2013-09-14 20:03:44 - machine was rebooted
- ComboFix-quarantined-files.txt 2013-09-15 00:03
- .
- Pre-Run: 216,419,618,816 bytes free
- Post-Run: 216,826,159,104 bytes free
- .
- - - End Of File - - 6E2E9DABC4B2F0DC8BDD3072AE450FA1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement