Jump to content

mrssa

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Dear Maurice, I have performed all the steps you mentioned. Thanks a lot for your help and your patience!! The computer runs smoothly now. Regards, Soumitro.
  2. I'll definitely keep you abreast in the future Maurice. Here is the DDS.txt log file. DDS.txt: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Soumitro Auddy at 15:14:50 on 2012-06-29 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3990.2153 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\SysWOW64\lkads.exe C:\Program Files (x86)\National Instruments\MAX\nimxs.exe C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\lkcitdl.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\lktsrv.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\msiexec.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = hxxp://www.yahoo.com/?ilc=8 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: BetterLinks: {6921710f-6ac6-4113-8ae6-82a1660ebb09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [spotify Web Helper] "C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{4CC1758F-D365-413E-B1A8-70778E1C6369} : DhcpNameServer = 192.168.1.254 Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: BetterLinks: {6921710F-6AC6-4113-8AE6-82A1660EBB09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll BHO-X64: BetterLinks BHO - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 nvkflt;nvkflt;C:\Windows\system32\DRIVERS\nvkflt.sys --> C:\Windows\system32\DRIVERS\nvkflt.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-19 98208] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-6-28 44808] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336] R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224] R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-6-10 121032] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-6-29 1262400] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-8-19 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-19 2656280] R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-8-3 645048] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-5-3 158856] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 MCHPUSB;MCHPUSB;C:\Windows\system32\DRIVERS\mchpusb64.sys --> C:\Windows\system32\DRIVERS\mchpusb64.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-21 654408] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-06-29 20:07:02 -------- d-----w- C:\Program Files (x86)\Oracle 2012-06-29 20:00:38 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-06-29 17:07:16 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA2F0D51-8306-4334-B573-8F13622DD02B}\mpengine.dll 2012-06-29 07:53:16 -------- d-----w- C:\NVIDIA 2012-06-24 09:23:01 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-06-24 09:23:00 958912 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-06-24 09:23:00 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-06-24 09:22:39 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-24 09:03:19 -------- d-sh--w- C:\$RECYCLE.BIN 2012-06-24 08:48:30 98816 ----a-w- C:\Windows\sed.exe 2012-06-24 08:48:30 518144 ----a-w- C:\Windows\SWREG.exe 2012-06-24 08:48:30 256000 ----a-w- C:\Windows\PEV.exe 2012-06-24 08:48:30 208896 ----a-w- C:\Windows\MBR.exe 2012-06-23 15:51:11 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-23 15:50:51 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-23 15:50:35 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-23 15:50:35 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-23 04:28:05 -------- d-----w- C:\ARK 2012-06-23 04:26:04 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-22 02:50:37 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Unity 2012-06-19 08:44:12 -------- d-----w- C:\Windows\Application Data 2012-06-19 08:44:09 -------- d-----w- C:\QIMacros 2012-06-19 08:43:56 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-19 08:43:43 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\blekkotb_031 2012-06-17 22:10:28 -------- d-----w- C:\ProgramData\Cisco 2012-06-14 08:00:59 754808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2012-06-14 03:04:00 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-14 03:04:00 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-14 03:04:00 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-13 20:44:00 -------- d--h--w- C:\Windows\msdownld.tmp 2012-06-13 20:42:07 -------- d-sh--w- C:\Windows\ftpcache 2012-06-13 20:39:54 -------- d-----w- C:\Program Files (x86)\id Software 2012-06-03 00:28:31 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Ares . ==================== Find3M ==================== . 2012-06-29 20:00:20 839096 ----a-w- C:\Windows\System32\deployJava1.dll 2012-05-25 03:19:20 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-05-25 03:19:20 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-15 09:29:47 858944 ----a-w- C:\Windows\System32\nv3dappshext.dll 2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-15 09:29:46 55616 ----a-w- C:\Windows\System32\nv3dappshextr.dll 2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll 2012-05-15 07:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-06 04:30:40 348160 ----a-w- C:\Windows\SysWow64\SDL_ttf.dll 2012-05-06 04:30:38 56565 ----a-w- C:\Windows\SysWow64\SDL_image.dll 2012-05-06 04:30:29 266436 ----a-w- C:\Windows\SysWow64\tiff.dll 2012-05-06 04:30:16 565248 ----a-w- C:\Windows\SysWow64\alleg42.dll 2012-05-05 20:29:11 249856 ------w- C:\Windows\Setup1.exe 2012-05-05 20:29:08 73216 ----a-w- C:\Windows\ST6UNST.EXE 2012-05-05 00:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 20:00:46 1198 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg 2012-04-28 06:23:01 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-12 08:28:16 0 ----a-w- C:\Windows\SysWow64\sho5A69.tmp 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-04-04 23:47:08 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 15:16:29.82 ===============
  3. hey Maurice sorry for the delay in replying but I had some exams this week. Yes the Nginx and domainadvisor messages are gone. But I am pretty sure I did not install the Panda anti-phishing software on my computer. Also I still have to perform the steps you mentioned in your last reply. I will post the results of that step by today evening.
  4. After I ran ComboFix, the computer restarted. The log file was generated and I tried to access my web browsers. But on clicking the browser icons, I got a message saying, "This has been marked for deletion. Do you want to delete it now?" or something like that, I can't recall the exact words. I restarted the computer and this problem went away. Is this also a one-off or was it part of the scan? The log for the ComboFix is as follows. ComboFix: ComboFix 12-06-23.06 - Soumitro Auddy 06/24/2012 3:50.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3990.2448 [GMT -5:00] Running from: c:\users\Soumitro Auddy\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\programdata\SDL.dll c:\programdata\SDL_net.dll c:\programdata\SimEngine.dll.backup c:\programdata\SimEngine.exe . . ((((((((((((((((((((((((( Files Created from 2012-05-24 to 2012-06-24 ))))))))))))))))))))))))))))))) . . 2012-06-24 09:00 . 2012-06-24 09:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-24 09:00 . 2012-06-24 09:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-23 15:51 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-23 15:51 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-23 15:51 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-23 15:51 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-23 15:50 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-23 15:50 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-23 15:50 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-23 15:50 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-23 15:50 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-23 04:28 . 2012-06-23 04:28 -------- d-----w- C:\ARK 2012-06-23 04:26 . 2012-06-23 04:26 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-23 03:26 . 2012-06-23 03:26 -------- d-----w- c:\program files (x86)\ERUNT 2012-06-22 18:52 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C5EF48EA-BBF3-4C7E-A92A-06641C9D29C8}\mpengine.dll 2012-06-22 02:50 . 2012-06-23 01:50 -------- d-----w- c:\users\Soumitro Auddy\AppData\Local\Unity 2012-06-19 08:44 . 2012-06-19 08:44 -------- d-----w- c:\windows\Application Data 2012-06-19 08:44 . 2012-06-19 08:44 -------- d-----w- C:\QIMacros 2012-06-19 08:43 . 2012-06-20 20:27 -------- d-----w- c:\programdata\blekko toolbars 2012-06-19 08:43 . 2012-06-19 08:43 -------- d-----w- c:\users\Soumitro Auddy\AppData\Local\blekkotb_031 2012-06-17 22:10 . 2012-06-17 22:10 -------- d-----w- c:\programdata\Cisco 2012-06-14 08:00 . 2012-05-18 02:51 754808 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2012-06-14 03:04 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-14 03:04 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-14 03:04 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 20:44 . 2012-06-13 20:44 -------- d--h--w- c:\windows\msdownld.tmp 2012-06-13 20:42 . 2012-06-13 20:42 -------- d-sh--w- c:\windows\ftpcache 2012-06-13 20:39 . 2012-06-13 20:39 -------- d-----w- c:\program files (x86)\id Software 2012-06-03 00:28 . 2012-06-03 00:34 -------- d-----w- c:\users\Soumitro Auddy\AppData\Local\Ares 2012-05-27 06:07 . 2012-05-27 06:07 -------- d-----w- c:\program files (x86)\Oracle 2012-05-27 06:07 . 2012-04-04 23:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-25 03:19 . 2006-07-11 23:35 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-05-25 03:19 . 2006-07-11 23:35 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-05-06 04:30 . 2012-05-06 04:30 348160 ----a-w- c:\windows\SysWow64\SDL_ttf.dll 2012-05-06 04:30 . 2012-05-06 04:30 56565 ----a-w- c:\windows\SysWow64\SDL_image.dll 2012-05-06 04:30 . 2012-05-06 04:30 266436 ----a-w- c:\windows\SysWow64\tiff.dll 2012-05-06 04:30 . 2012-05-06 04:30 565248 ----a-w- c:\windows\SysWow64\alleg42.dll 2012-05-05 20:29 . 2012-05-05 20:29 249856 ------w- c:\windows\Setup1.exe 2012-05-05 20:29 . 2012-05-05 20:29 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-04-28 20:00 . 2012-04-28 06:06 1198 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg 2012-04-28 06:23 . 2012-04-28 06:23 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll 2012-04-12 08:28 . 2012-04-12 08:28 0 ----a-w- c:\windows\SysWow64\sho5A69.tmp 2012-04-04 23:47 . 2011-08-19 11:12 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-04-04 20:56 . 2011-10-09 18:45 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-30 11:35 . 2012-05-10 23:34 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Soumitro Auddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-04 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-07-07 75064] "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330] "NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2011-06-07 3002976] "AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-05-25 296056] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2011-6-19 619672] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] R3 MCHPUSB;MCHPUSB;c:\windows\system32\DRIVERS\mchpusb64.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336] S2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224] S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-06-10 121032] S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-22 378472] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-08-03 645048] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-06-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job - c:\users\Soumitro Auddy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-12 18:08] . 2012-06-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job - c:\users\Soumitro Auddy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-12 18:08] . 2012-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job - c:\users\Soumitro Auddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 17:14] . 2012-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job - c:\users\Soumitro Auddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 17:14] . 2012-05-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . 2012-05-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . 2012-06-24 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = hxxp://www.yahoo.com/?ilc=8 mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube to MP3 Converter - c:\users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe Toolbar-Locked - (no file) WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-{0EDC9BA0-016E-406a-86DA-04FC1BE00C21} - c:\program files\Common Files\EAInstaller\Need for Speed The Run\Cleanup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\lkads.exe c:\program files (x86)\National Instruments\MAX\nimxs.exe c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\SysWOW64\lkcitdl.exe c:\windows\SysWOW64\lktsrv.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2012-06-24 04:07:45 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-24 09:07 . Pre-Run: 216,997,560,320 bytes free Post-Run: 226,515,599,360 bytes free . - - End Of File - - 0F26BBAD24E5AEAF877E57337818327B
  5. Yes Maurice, I have uninstalled both uTorrent applications. Windows performed some sort of update when I restarted the computer. The first time I restarted it, my desktop was not prepared correctly and no icons were displayed. The themes and all graphics were missing and it displayed the following message: "C:\Windows\system32\config\systemprofile\Desktop refers to a location that is unavailable.It could be on a hard drive on this computer, or on a network. Check to make sure the disk is properly inserted, or that you are connected to the Internet or your network, and then try again. If it still cannot be located, the information may have been moved to a different location." Upon restarting the computer again, the desktop loaded properly and this message was not displayed. Is this part of the process I performed earlier?
  6. EXTRAS.txt OTL Extras logfile created on: 6/23/2012 12:13:55 AM - Run 1 OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Soumitro Auddy\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.90 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 22.48% Memory free 7.79 Gb Paging File | 3.81 Gb Available in Paging File | 48.90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 446.13 Gb Total Space | 204.17 Gb Free Space | 45.76% Space Free | Partition Type: NTFS Computer Name: SOUMITROAUDDY | User Name: Soumitro Auddy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{021A57C6-304D-4397-8A24-C94F8C45E9AF}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\_cdnshelp.exe | "{04EA4EC6-622D-4E9C-8383-468B61214A31}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\linguist.exe | "{05241B40-B1FD-494A-9C01-1F3793323E4C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\genfeedformat.exe | "{0599D5FD-E154-467B-9873-B142265F0716}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\newgenasym.exe | "{0847A25D-C889-480E-9F50-61852D960AB0}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\tnameserv.exe | "{09DD2E84-1749-4701-998D-9F862735E709}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\cdnshelp.exe | "{0ADB3A7B-47D4-4AD2-B0BB-F53C03B99EDF}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\wmpiconfig.exe | "{0BA2F329-FA49-4C96-AB27-42BEE65E4D2D}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\purge.exe | "{0BE300E6-F2FF-4856-9C3B-B93DD1148BB3}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\netin.exe | "{0C20E988-CB49-4969-88B2-0B5C3D256130}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2def.exe | "{0C47DD3C-8D02-4428-8EFE-21251B7C83C9}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\tcl\bin\tclsh80.exe | "{0DF31E2D-0627-4973-B2BF-1E56A897A92F}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\dumpcpp.exe | "{0FBC40EB-79D7-4AA5-832C-6AF93854110D}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\mpsinfo.exe | "{101409D3-3609-406E-9630-30EEC319FA23}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pdf_out.exe | "{1177F414-CBE7-4FA8-86AE-A8FBB5DD2628}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\pspiceexplorersrvr.exe | "{11B295CE-E5AE-414B-96DC-379B78251932}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\xcon2project.exe | "{17F02BD9-9242-4A69-8063-032328B371AB}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\report.exe | "{1913F896-770D-4EB5-9E62-8FB69009D455}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\idf_out.exe | "{19507799-7915-40CB-9256-E3424798F849}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dump_libraries.exe | "{1ABEF9AA-0020-4628-8D0D-3879802E87B8}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\switchversion.exe | "{1D196AF2-CEDE-47EE-B8CB-0521528DAB1D}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\keytool.exe | "{1DD29CF0-841D-4D30-866B-57849E13B3E1}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\refresh_padstack.exe | "{1FAD54F9-0363-4DEB-B5A5-9784737E9504}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mbs2brd.exe | "{217AD653-557F-4D38-91D9-D717D60380CE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\spif.exe | "{221AAD69-E70A-40F4-B07A-DBD99BD07594}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsservipc.exe | "{27542366-3EAD-499E-961F-7E45CC521ACD}" = dir=in | app=c:\program files (x86)\cadence\tools\perl5\ntt\cmd32.exe | "{287C238A-9148-4EB1-BCFF-CD1CD34DBE5C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pads_in.exe | "{294F74B9-0E8E-4A97-A041-9C0D458F190E}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qmake.exe | "{295237D3-9D84-43C6-B767-FA9549FD1AD7}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\pack200.exe | "{2A4B3A17-749B-49C4-84AD-165AB98C4742}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\strip_ger.exe | "{2AB5B9DF-95B9-43D2-B0F7-CBD67C163D47}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\moc.exe | "{3047CF3A-192E-4F7F-AB35-278932E3E837}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\lconvert.exe | "{30B33861-5D5F-4540-92FB-811B875A6EF9}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\explot.exe | "{31991F95-EA75-4F82-BA60-BCEA5B89A9F3}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\strm2oa.exe | "{327DD1A5-A7FD-4BE1-BCFC-B6388B5DB063}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\servertool.exe | "{32802E72-1C1B-43F3-B1BD-187ED0589734}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qt3to4.exe | "{32F098D3-5D64-453A-AB37-B958FB37ACB5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\wmpiregister.exe | "{350BA5FC-792D-4798-ADDC-87BCB8E449DF}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\pspiceenc.exe | "{355071B7-1EB2-4291-9100-7293FB2C9249}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\simsrvr.exe | "{35D0E574-22A8-4D82-AE5D-399B711D6494}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pe_wordpad.exe | "{36BF474C-EAE5-4C09-AFCA-C31C82357829}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mbs2lib.exe | "{37C79B45-D85D-48C3-A9AC-CB2F3D0128AA}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dfa_dlg.exe | "{3826C325-4FB7-4667-B8A1-DDC7842B3BEE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile13.exe | "{38C7831A-ECB5-4D12-9BD7-DDE68BA47439}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsrunhidden.exe | "{39B140CF-4A3A-4F10-ACA0-F524F83043FE}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\consmgr.exe | "{3AC6A8CE-A411-4497-ADA6-EEB23BF49C2C}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\libaccess.exe | "{3B48EC74-0429-4AAB-9676-AFCE68D329C9}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\pseteditor.exe | "{3B5B8A24-A8CC-429D-9558-E07B61FBB409}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\l2a.exe | "{3C1B1FEE-AF7A-42EC-A509-39EDD6A4BCC4}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbfix13.exe | "{3E200ED7-E6D9-4E6D-9589-4D1CC007C62C}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\cpmaccess.exe | "{3E63B4DE-0756-4329-BC5C-ADAFEE51EC0B}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsunzip.exe | "{3E89A087-049F-4B4F-8198-C0C570725A98}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\tutorial\captutor.exe | "{3F823074-363A-4A5B-9FF0-1DB23D9EA97B}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\idc.exe | "{3F973A79-F649-4706-B2EA-0F67E98BFEB9}" = dir=in | app=c:\program files (x86)\cadence\tools\specctra\bin\specctra.exe | "{41180520-D709-4D8A-A432-201A029E9805}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\javaw.exe | "{434DA93A-2E00-457A-AAA8-0E6FDE5F5FE2}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\iges_out.exe | "{44ABE590-8593-451C-96CF-21E60AD3A7EC}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\swap.exe | "{45A7399F-6900-40A2-9AC7-0FD193361258}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\mkdefcfg.exe | "{45F22A26-BBF1-47AF-A957-8B7DB34C85FE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\uprev.exe | "{461381F4-89E1-4A38-ADDE-F4DC81459921}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{471BF145-7D87-46B4-B4FA-52AF52CCCC3C}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\pspice.exe | "{472E3AA1-8A8C-43E7-AEB3-91CEDD299C48}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\convert_ger.exe | "{47BEB322-53AB-41B5-8AE7-5A60AC60B84D}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsmsgserver.exe | "{4914943F-C39F-4702-9DBD-3257E093C397}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\designer.exe | "{49CF6BDF-4887-4C70-8575-CC462DB0DA46}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\genrad.exe | "{4AE745F6-C2F3-4A36-859F-1037D4929227}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\parallel.exe | "{4B988331-7C91-4A6F-B126-2B605A66D84C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\convert_gerber.exe | "{4BF62981-352D-4F60-B0EF-A60780D38B3D}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\uic.exe | "{4D0F2E6F-6984-4163-81AE-152ED2DCE5E9}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\a2dxf.exe | "{4DF87F9A-8494-4039-8DFF-0824745DB4E1}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\ncroute.exe | "{4E597009-AC6B-4789-BE1A-FF9AED1E961A}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\van.exe | "{4F08CF52-B016-4A68-944C-1304C9C0BE35}" = protocol=6 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe | "{4F2D7B11-3F4E-4309-ACEB-0F6312EB67CB}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\emschecker.exe | "{4FB1BEE8-8B56-456E-B2B4-4743FEC33930}" = dir=in | app=c:\users\soumitro auddy\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{4FDB7330-A6BB-4A53-8D5D-BD901B3A523F}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2strm.exe | "{509075CA-0B3A-4A71-AC66-882FF62E07AB}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\indexer.exe | "{53036AD6-1698-4EDC-A89A-B7542A9B8C19}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile.exe | "{538A7D5D-FDAB-4166-992B-AF49AF85B7F6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fpbrowse.exe | "{53A3F0C0-A1A3-4FCD-8EB2-E6ED1777D0C4}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdszip.exe | "{54246C98-9C49-4ADB-9CC9-845E1E55B645}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\reftxt.exe | "{5445376B-A87D-42D0-B902-122456128778}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2spef.exe | "{54D15802-36A7-4E17-BDF3-DE4AE39C7631}" = dir=in | app=c:\program files (x86)\cadence\tools\perl5\bin\perlglob.exe | "{5583A9E9-A832-4AD8-A6C7-9EF0F50B8C54}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdswhich.exe | "{55AD93AE-B6E4-44D5-B247-21671EB745F5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\create_devices.exe | "{55C674AE-DDBD-469F-B42D-0D01FD2C12BA}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\gate_assign.exe | "{5665118F-A64E-461B-A6EF-09057E472C13}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\nmppath.exe | "{57194165-823E-4A7E-AD96-934F6343CBB5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dfa_update.exe | "{572C72BD-A130-4F87-9862-A387A319A17A}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\conceptnmplistcheck.exe | "{5733347F-6816-4823-A8E1-98FB20364D1E}" = dir=in | app=c:\program files (x86)\cadence\tools\specctra\bin\mbs2sp.exe | "{5ABEE5B6-9F76-4CE1-B287-4149F9543485}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fsvia.exe | "{5B4BF33C-917C-46CF-B789-0437D01D786E}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\publishpdf.exe | "{5C07714B-DD68-4C5D-B119-EF66F8F27C78}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\assistant.exe | "{5D46E52E-7B63-4574-9A34-9333817FD2BD}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\zrouter.exe | "{605CD507-6D43-4AAC-8FD3-026E74C4C282}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\downrev_library.exe | "{62226254-AEAF-4431-BB1C-0744ECFAA2CC}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\sipdiffviewer.exe | "{6304A333-8DF3-4F30-ACA8-A18B8F71D1B3}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\tcl\bin\wish80.exe | "{64CBBB27-1BA8-4B84-A474-D6C12B19A16F}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsinfo.exe | "{66CBD697-96A9-4688-AA3E-8DB1E0A66A9E}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\javaws.exe | "{6774E2AF-7C0B-4099-ADD7-F219A437104F}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\verilogannotate.exe | "{691A16B1-D86D-4A4F-9E92-5F2B1DACD60C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pad_designer.exe | "{6A5B6001-842D-4EA0-9C71-443B43301CB1}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\lef2oa.exe | "{6E47CEA9-1A02-4AF2-933A-144FD4189DB7}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oadmturboserver.exe | "{7021B101-331A-4CA4-8CEE-D130497E0AD1}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\wish.exe | "{70B26F2D-F6B9-4318-AA30-FD11F3BF62A5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\gloss.exe | "{71A45C75-8C7A-4BBB-A90E-E80024836698}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\nctape.exe | "{739E527C-E0AC-43C8-83CA-0DC146519D16}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\modeled.exe | "{73DC6EA1-BBD9-41A5-BE5A-872235A19BB6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\baf.exe | "{77000B2A-CFCD-49FB-89E6-0E7358298156}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\allegro_batch.exe | "{773B93E3-3C10-45EE-A12A-CBCA5FE7A79D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\downrev14.exe | "{777475E4-D032-4D91-8DA3-2234A7C9437B}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\lrelease.exe | "{77E1BE8C-C4B8-4B56-B738-F22C9DBF0E5D}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\bodygen.exe | "{787B0FB9-5A6D-4AF0-A825-DF60CD6096D5}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\xmlpatterns.exe | "{791D65F2-9C51-47C2-BEDD-32F907A6F24B}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\spif_batch.exe | "{79ACA08A-4F5F-417A-9320-D70BBD7507A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7B1D924A-FA4E-4997-A489-38D6501FA3B6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\artwork.exe | "{7B6AB4E2-DEFC-4435-BE5E-2CDB6C87AC01}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\downrev15.exe | "{7BBC6C2B-A0E2-4555-9461-36E18F846012}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\bbvia.exe | "{7E51D7F2-95FA-4FF3-AF60-FB0FA4639697}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\javacpl.exe | "{81E2A06A-E0E7-4471-9001-C5D8613F0770}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\rcc.exe | "{826F9D53-5789-40DD-A9AC-F910B96A1AE0}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qhelpgenerator.exe | "{83D3CDA1-6CF2-4524-AD89-DEEEBA2FEBD3}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\dregprint.exe | "{87F1091C-A7C0-4103-8CDA-7342872495C8}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\tagtest.exe | "{880E8546-8AF7-4806-BEAF-684D8CD6FEB9}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\cdnshelpindexer.exe | "{893B8DB8-9DE0-426F-AC1E-0419CAEA1FDE}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qhelpconverter.exe | "{89B63739-CF70-4489-816B-371BBF16D91D}" = dir=in | app=c:\program files (x86)\cadence\tools\dfii\bin\skill.exe | "{8AD43CA2-B2D2-4C95-BAF7-D9E76CD5AA70}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbdoctor15.exe | "{8B7DFFB1-8D6A-47B3-967C-FE6D9F6B047A}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile14.exe | "{8BB01137-E49D-48C6-AE14-07D12912B8C5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\flash_convert.exe | "{8D867629-0036-4848-94DF-A8CDB4BD9861}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\ipc356_out.exe | "{8DF62793-799F-4FC9-A2F0-F91C67EA6713}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\tclsh.exe | "{8DFBD46B-DD5F-41E0-A1A0-7D5563961FAD}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dbdoctor.exe | "{8F1B13B0-21F8-4F39-A76D-1CB4379752D7}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\idx_out.exe | "{91AD0BF5-9B51-4849-A163-749245BC1A09}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cds_root.exe | "{9216768B-BD95-443B-B925-44AE3B0A0106}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\j2script.exe | "{923BBF09-83F6-43A3-95F7-AE2099CACAA6}" = dir=in | app=c:\program files (x86)\cadence\tools\perl5\bin\perl.exe | "{93D03B78-FFA4-4932-B573-8893AA9CBC1D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\iges_in.exe | "{94848E9F-C261-4A18-B5AA-F1426182C5DF}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsnameserver.exe | "{94BFCD50-74A2-450E-89F3-CC63EC26BC52}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\smpd.exe | "{963281EE-FAF1-4863-A36A-80FA79D7BFED}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\java-rmi.exe | "{9678EAC8-B424-49CB-B6FF-E629C3AE3EA6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\extracta.exe | "{97046E79-A757-4A7C-A82F-96EBEA0D94F8}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\clsbd.exe | "{9865E421-2278-4047-A263-B39C319CA3F9}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\productserver.exe | "{990D765F-543C-49E7-A114-77905D0CEF9A}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\msghelp.exe | "{99E4BFF6-AF96-4335-A2E2-E6D34CEAF0F4}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\mrksrvr.exe | "{9BFF0C67-4B1C-4CF7-89CE-286307F20D9C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\batch_drc.exe | "{9D20F08D-5074-4AFA-B048-34913648D8A4}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\tclsh84.exe | "{9D332A97-4DBE-4B69-99EC-C22761AA0728}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile15.exe | "{9EACEA7E-DA82-4DB6-9052-EB4F08C0308D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\enved.exe | "{9F878666-5C3D-4E10-AE2F-0E16F709A138}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\pcbcache.exe | "{A17EEDBC-6C65-4C0E-B3B8-BE35AD6DDA80}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\uic3.exe | "{A1BD5B76-DD6C-4B0E-A47B-C496B747C369}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\magneticdesigner.exe | "{A221CDDA-CCE2-4D73-A529-81259EDAB766}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbfix12.exe | "{A241DB75-8D24-4E47-BABF-D6251B65240D}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\capture.exe | "{A3CFD01A-BDB6-4869-B90D-2C3BA8A5701A}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\universalbrowser.exe | "{A60614B5-D7B3-40FA-8B16-C9E8F8AA1680}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fsviasolver.exe | "{ACAA1DAC-27D4-4376-8A52-8564813A267A}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\projmgr.exe | "{ADF5CA39-9F21-4BB9-9777-40AB6D195D0B}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\netrev.exe | "{AE233D4C-9A3B-4F12-9EDB-C60AC3169A43}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\qvupdate.exe | "{AE41E51C-FEF1-4BD2-B73B-AB169BF616A4}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fatten.exe | "{AEE908FE-8AA7-4215-8603-7286A6EBE0C5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\create_sym.exe | "{AFC5F4A4-9FE8-48B9-AE13-727BED040A15}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\verilog2oa.exe | "{B0A367C9-D157-4E27-AF5E-7A0A9288D71A}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\indicefilegeneration.exe | "{B2066E28-7B89-486C-B0A0-0899C8D569CF}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\jusched.exe | "{B2F71E8B-D5B3-4D89-B209-9025D4399F03}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\spef2oa.exe | "{B334F33F-191A-4C41-9F5B-9DEAA73F2CF4}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\pixeltool.exe | "{B5555641-02F6-4B62-B173-102FC9FB0D37}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\unpack200.exe | "{B598194F-6A65-4769-A0AE-9F0C1E52AFEE}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\jureg.exe | "{B5A99843-AC06-4C93-B0F7-61FDC333BEB7}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsmps.exe | "{B8074937-E23F-4BB8-A0E6-22973163D4EC}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\draw_check.exe | "{BA40CEC0-9A10-4779-BC14-A8DB9299C704}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\wmpiexec.exe | "{BB769A40-FEBA-40C9-8292-994FE965F546}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oafslockd.exe | "{BC762760-E243-4A36-A0BD-CFC9000DE606}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\systemdump.exe | "{BDE7FBA1-B990-43CB-B844-00E63E032C00}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\placement.exe | "{BEC13C8C-E6F4-4A24-A570-8AAC2F0E7431}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\klist.exe | "{BF0A886B-1CF9-40F2-9634-2B5F5AD3E4D1}" = dir=in | app=c:\program files (x86)\cadence\tools\msbase\vcredist_x86.exe | "{BF4C0147-A360-40EE-9E0F-806A2DA8D510}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\def2oa.exe | "{BFA5F239-8442-4203-9258-DE2D7322E2F3}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\kinit.exe | "{BFB37277-C4C4-4999-90F6-71525CE6C8E4}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\ktab.exe | "{C1287505-37D3-48D2-A3A3-BA0BA32BE7A1}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsremshclient.exe | "{C229CA86-D1D2-4089-A45B-2E31E803BAF1}" = protocol=17 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe | "{C2A65B6A-31DC-4DA0-BA9E-0BB64A1889F7}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oagetversion.exe | "{C3C4EB5A-05FB-4A44-B2F8-D9814EAF3713}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\refresh_symbol.exe | "{C3CB5BAA-D902-4424-9861-AF73584008C8}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\clsadmintool.exe | "{C564F82E-43F8-41B3-8A98-29692F9E8B04}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dbstat.exe | "{C5F23898-A8C7-417F-8133-B681F150FD7F}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\db_change_type.exe | "{C7DAAA87-C91D-4C78-9C97-1760F2DE53BD}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\ssvagent.exe | "{C89979A1-8D6A-44A6-9419-5C584724AD0B}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\rmid.exe | "{C953113D-4174-419C-B5A7-ED582E76556C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\allegro.exe | "{CAD74B79-8C7D-437C-B5C9-3099BE613982}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\clu.exe | "{CBDB9979-BC78-4A94-ABF5-76874A20DE88}" = dir=in | app=c:\program files (x86)\cadence\tools\dfii\bin\skill_g.exe | "{CBF36914-E33D-482A-8008-B5756355AAFD}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2lef.exe | "{CCE56B93-D573-4964-BB95-8C025DEA3E55}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\wish84.exe | "{CCFFCC0D-D184-47AA-84E9-705FA71F4B94}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dbdoctor_ui.exe | "{CD4A55A3-AC69-4910-B11D-11764353D2A1}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe | "{CE8C07B3-841D-4120-AC4C-C433ADEFA683}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\psp_cmd.exe | "{CF43A175-A85B-4C5E-82AF-A33F1248CB37}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\rmiregistry.exe | "{D012940E-9C74-49B1-B2A9-556F560DA9C5}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qtdemo.exe | "{D1528D9D-28F4-43BB-86F2-199B69599DF6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pcad_in.exe | "{D1C95002-A00E-4E3A-8945-E6F6D385ED53}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\lupdate.exe | "{D48F24F6-C2F7-4719-91E1-9596574DC3DD}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\java.exe | "{D4AC5223-4F12-490B-8EFD-A4C665FEFD02}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\topicgen.exe | "{D5506AC1-3CFC-4601-BF64-9D0C24C08E7D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\refresh_vs.exe | "{D63C0D3A-B4BE-46D7-A262-2B3072C4DB49}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\jucheck.exe | "{D6E259B5-2BED-40D8-964A-2D4D7D384B84}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\pspiceaa.exe | "{D7C6FA66-9EA6-4BC6-8179-DDA207D90077}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\emsmkerror.exe | "{D9284F89-5B85-4959-88CB-3D080BDFF510}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\policytool.exe | "{D92D19F9-6FD2-4034-BAB9-83B4995070D6}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qcollectiongenerator.exe | "{DAE3B7DD-D61A-4F41-9E8B-7B8C6903EA4B}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\rollback.exe | "{DC117A93-7895-4ABF-A024-0AA09707879B}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mpiexec.exe | "{DD40E7DA-0354-41EE-8154-27C165DDD999}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\pstswp.exe | "{DD70BA27-78D1-458C-91C0-9DFA07136680}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\orbd.exe | "{DDFA5240-368E-434B-8AD3-8DA9CB52E4BA}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\idf_in.exe | "{DEF6B518-36FA-48E1-B4ED-4702A1D81797}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbdoctor14.exe | "{DF01EB41-419E-4AA1-BE50-9E3E9AD247AE}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\assistant_adp.exe | "{E17C56E5-E132-4F6D-A782-9BA0BD57E9F9}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\sch2cap.exe | "{E211C0A3-D3E2-4C91-9A4F-7C55DDA7DBAD}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\simmgr.exe | "{E27C28B0-A4B8-4A9C-B552-DF1C0D77CA1A}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\stmed.exe | "{E358AB30-4AE5-4B91-85A7-0802DD743369}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\allegro_free_viewer.exe | "{E3D22210-DECF-4DDA-AE73-AE4098F93409}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsremote.exe | "{E43F23C0-38EB-4CF7-890B-F65ED9D5EBDE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\bem2d.exe | "{E461FECA-EF24-49CE-8931-FFD13388E78E}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\plctxt.exe | "{E4F30C08-3411-4533-9F38-89CDFDA1C5B0}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2verilog.exe | "{E5E43144-5AE5-4A1D-B6AD-0E3FE7E0E99C}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\versiontool.exe | "{E6214E0B-4625-41EF-A835-FA04089FB4C4}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\nmp.exe | "{E6483CC8-2579-4858-BE4D-ED3AF5C459BA}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cmfeedback.exe | "{E7CD071E-3DCD-46C7-A30E-19227C3B7F00}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pre_check.exe | "{E89B0425-3091-4169-9F71-0A528B1B234C}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdnshelp.exe | "{E8BF2612-786F-4209-8098-21E69B60266A}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\qpseteditor.exe | "{E941B778-B0AE-4914-9B20-3BCBC2CD7849}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\lrm.exe | "{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe | "{EBC6BD7E-87B0-4983-AA86-26C6B186872E}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\regsvr32.exe | "{EBFB0E13-0308-4DCB-965F-442EA50F961C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\il_allegro.exe | "{EDD9D124-640D-4C2F-919D-8343B646C160}" = dir=in | app=c:\program files (x86)\cadence\tools\specctra\bin\sp2mbs.exe | "{EDF09591-0AB9-48AD-8CBD-5C6360362293}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\layer_compare.exe | "{EE59066C-58CA-4F98-A6FC-9F494A495774}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsoapathutil.exe | "{F0F6382D-6975-4B5D-A353-E1FAD01B9F64}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbfix11.exe | "{F355153F-41A8-4E51-99C3-4DCACAC4A6D8}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\comp16.exe | "{F37D96F0-8D57-4D30-B0FE-68CE346669A6}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{F5B97C8F-0340-432C-8F9C-CDFFEFF7F944}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fill_ipf.exe | "{F8498A57-D1B8-473F-ACB4-A262ADE0032C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\ems2d.exe | "{F8850C54-C46F-49F5-9A9F-166D8584B0EF}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mcm_escapes.exe | "{F8CFF746-1301-406D-AB7A-8EC21FE8D87D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\gbplot.exe | "{FC21C46B-DB77-4A71-876B-951F1A33E693}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\versionviewer.exe | "{FC5F6E7C-05CD-46B3-8FF7-B074BBE6E5D8}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\pcadi.exe | "{FEBC3327-0CA3-4594-8DC1-D6E913F76476}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\sys_root.exe | "{FFDF61D0-E2D8-4093-BF0A-1E4FE4DF853C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dxf2a.exe | "TCP Query User{1146D7AD-7FEC-41E4-AA41-F7BABD7EC04F}C:\program files (x86)\black_box\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=c:\program files (x86)\black_box\need for speed the run\need for speed the run.exe | "TCP Query User{1F7339D0-889D-4F94-A920-11437234B02A}C:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{719D5AC1-09E9-48E6-AD50-1765D05701FE}C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | "TCP Query User{7B590C0F-9D76-44D8-86BC-319EDBCDD82F}C:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe | "TCP Query User{934CF8F3-0484-4EA8-8E76-191DD239240F}C:\program files (x86)\veetle\player\veetlenet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe | "TCP Query User{A0EF6287-9727-444A-AD73-81426B07B8B5}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "TCP Query User{A452E34D-6CD9-480D-A37D-DA2A9EBD0130}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "TCP Query User{AE1FCF1D-9029-423C-8A63-0B877A80698C}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{B32506F2-E31A-4942-8C79-03D6DE5E8133}C:\program files (x86)\matlab\bin\win64\matlab.exe" = protocol=6 | dir=in | app=c:\program files (x86)\matlab\bin\win64\matlab.exe | "TCP Query User{D391171D-36E8-4A00-BDAB-45985587EBB1}C:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe | "TCP Query User{D40F5532-BD98-413A-82F5-EAE6E1BB0123}C:\counter strike\half-life\czero.exe" = protocol=6 | dir=in | app=c:\counter strike\half-life\czero.exe | "TCP Query User{E1FFA68E-1593-4FCD-B655-6C6531C59A1C}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "UDP Query User{0AE9BB8C-045B-49BB-ACB2-3EFA1D4861F0}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{1994D5AB-3A1D-48CC-AD86-10D0CA0A5921}C:\program files (x86)\matlab\bin\win64\matlab.exe" = protocol=17 | dir=in | app=c:\program files (x86)\matlab\bin\win64\matlab.exe | "UDP Query User{25031FCC-D710-4FA3-B6DD-2C4A1A6330DD}C:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe | "UDP Query User{2C37310D-BF96-47C4-AB66-DE2FCDA88B11}C:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{2F0A4966-5926-43C9-B49F-D896C8EBFBC4}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "UDP Query User{38B952D3-9183-45A9-A739-CDFF17D58F19}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "UDP Query User{6ADD0D84-1CCE-4601-8F9F-271051F7348F}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "UDP Query User{83BD53B4-0C5A-4A3D-ADEC-7011A9D03F35}C:\program files (x86)\black_box\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=c:\program files (x86)\black_box\need for speed the run\need for speed the run.exe | "UDP Query User{AEA241DE-4A4E-47C8-B036-A01F8CC2DDDF}C:\program files (x86)\veetle\player\veetlenet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe | "UDP Query User{C0B47C48-1B83-4E57-9B4F-74D11DA4C75B}C:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe | "UDP Query User{C448C770-5F66-40A1-9C0B-9BB86E3BFBB9}C:\counter strike\half-life\czero.exe" = protocol=17 | dir=in | app=c:\counter strike\half-life\czero.exe | "UDP Query User{F5610E01-EF35-4A00-BF87-EAF712CB2C79}C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0B7AFE8D-1265-4025-AD23-3624CEAD4F3C}" = NI Xalan Delay Load 1.10.1 64-bit "{0D5534F6-AF96-489F-A69F-082199EE027F}" = NI Authentication 2.0 (64-bit) "{1778742E-59D3-4090-AB8A-DAA281D66772}" = NI Assistant Framework 64-bit "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C174277-CE5D-44A2-888F-2522A8B4739D}" = NI DataSocket 4.9 (64-bit) "{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java 6 Update 24 (64-bit) "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display "{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software "{2C304E7A-A1E0-4E56-8679-7B7FC80BE6BE}" = NI-RPC 4.2.2f0 for 64 Bit Windows "{36399014-1508-46F3-A31B-379C3B1FC451}" = NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5 "{3AFD5259-24B6-4332-8EEF-9947200DF693}" = NI GMP Windows 64-bit Installer 11.0.0 "{4168FF33-8D45-40B3-B2A8-FD91BB2A1BA0}" = NI mDNS Responder 1.6 for Windows 64-bit "{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit) "{50B2D9D8-87B6-49EE-BC5C-874119FD6B7B}" = NI Xerces Delay Load 2.7.3 64-bit "{53794485-921A-4C71-8E82-6F5A15E9ECBA}" = NI Network Discovery 5.0 for Windows 64-bit "{5780B596-E0C0-4E78-8671-6C80D2913366}" = NI TDMS (64-bit) "{5E3886A4-EAFC-40F6-A03E-14E594B1037D}" = NI Curl 1.1 (64-bit) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{678EB05F-D317-48C9-9C67-E33AE7C0F900}" = NI MXS 5.0.0 for 64 Bit Windows "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{803E7FD0-02FE-440E-990A-77B0E50EC30B}" = NI Web Application Server 2.0 (64-bit) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{82DA2AE0-AC4B-4D34-BE7D-B4C720A1E7D2}" = NI VC2008MSMs x64 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01 "{899576E7-3569-417F-8EFE-EB881BE22EDE}" = NI MAX Remote Configuration 64-bit Installer 5.0 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{922317D8-F321-4F43-9D50-03399CECD597}" = NI MAX Support for 64 Bit Windows "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{974391A4-9358-4122-951C-CE73EF490A40}" = NI System Configuration Runtime 5.0.0 for Windows 64-bit "{9852ECEE-C1A0-4D3B-9702-00097BD8BE80}" = NI System State Publisher (64-bit) "{99ACA06A-648E-4045-BF5C-A79EC35DBEE9}" = NI Trace Engine (64-bit) "{9CE96256-FAF1-4E48-9CA1-02F7ED80A2E6}" = NI Logos64 5.3.0 "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{A2B07F9D-69FA-4BE8-A6B0-C0F13B5EDE62}" = NI USI 1.9.0 64-Bit "{AC4088C0-E5F7-45F1-ACAB-0FB1C78AFA3F}" = NI Variable Engine (64-bit) "{ACDE2A50-97CF-47FE-B92C-ED8147F85A9D}" = NI VC2005MSMs x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.30 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.30 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.30 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B3ACDAEB-08E0-41F8-8789-D0A333AE4964}" = NI System Web Server Base 2.0 (64-bit) "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0 "{B9254715-D10D-4B4B-B002-54CBA61E6F64}" = NI LabVIEW Broker (64 bit) "{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support "{CFCC7864-15DB-46AB-96A2-69F716E7D963}" = NI Logos64 XT Support "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D198B514-B24E-43FC-AE19-E634F48B928C}" = NI System API Windows 64-bit 5.0.0 "{D5D8BFCD-C9F4-488A-B660-8876D02AA572}" = NI Portable Configuration for 64 Bit Windows 5.0.0 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E3867DF9-81D4-40BC-880C-1F134FECF995}" = NI Help Assistant (64bit) "{E45B7F5F-A814-4C15-A0D6-14CEE02AD72D}" = NI SSL Support (64-bit) "{EDC7187A-CA7C-472E-81CD-84806FDB1B6F}" = NI Math Kernel Libraries (64-bit) "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F63D3568-80A4-47AB-B97D-8988DF18BD0C}" = NI TDM Excel Add-In 3.3 64-bit "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Dell Support Center" = Dell Support Center "MatlabR2010b" = MATLAB R2010b "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.01 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{010A2C18-0830-45A0-BE2B-DD37A2D8A2FE}" = NI LabVIEW Run-Time Engine Interop 2011 "{01415FEA-D7D9-40CF-9370-AF74ABC1AE39}" = NI System API Web-Servce 32-bit 5.0.0 "{01AC4D6A-05F0-4158-95E7-FC299961B50A}" = NI Math Kernel Libraries "{033F0FD6-07E0-414A-8367-51EB862EFE12}" = NI System Configuration Runtime 5.0.0 "{043955AD-7E11-4B6D-A317-B72F7BB87736}" = NI Assistant Framework LabVIEW 2011 Support "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable "{05617B99-0727-4FFB-AC8E-8F6427799C8F}" = NI-DAQmx/LabVIEW shared documentation 1.9.5 "{05C030B8-DC4F-489D-B86B-FC6B7DB3F607}" = NI SSL LabVIEW 2011 Support "{066F687E-1CA0-4D94-A2C9-F8E6E817F4CB}" = NI LabVIEW Run-Time Engine 2011 "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}" = 極速快感:亡命天涯 "{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1 "{110ACDD7-71B0-4A09-B45C-4A4C5CFA3103}" = MPLAB Tools v8.76 "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{112DFF69-BD66-43B4-9F6A-FE2FFB60A075}" = NI LabVIEW 2011 "{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4 "{1968D913-702C-4418-9DC8-A095B15CE8A5}" = NI LabVIEW 2011 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A609A84-71AF-4D96-962B-E060D34FD4AB}" = NI MetaSuite Installer "{1B5ABB51-8AAB-4FBA-8987-9A8820756E2B}" = NI USI 1.9.0 "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{22923F17-B592-4A7F-84A8-18F3BFC13B94}" = NI Microsoft Silverlight Wrapper "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{268B0789-E2BF-4836-BF05-A6140B4983CA}" = NI MAX Remote Configuration Installer 5.0 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4 "{27111B7A-97FE-46BD-81F9-4E87737DF803}" = NI LabVIEW 2011 MeasAppChm File "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{292382C0-61F7-458A-9008-55F272A4DD9C}" = NI Logos 5.3.0 "{2ADC660A-77C9-4A6C-9D4B-5E48A27BCA10}" = NI Help Assistant "{31A184AC-4ACA-463B-BE84-F4ABA7FC4655}" = NI Logos LabVIEW 2011 Support "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{32A3A4F4-B792-11D6-A78A-00B0D0160000}" = Java SE Development Kit 6 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33AAA123-A24A-46A7-8CD6-F03C5B375033}" = NI TDM Excel Add-In 3.3 "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3AC01660-F640-4AFB-A25E-082B260C025C}" = WIF Core Dependencies Windows 5.0.0 "{3AE9153C-1E52-4B6B-9405-FE403342A3C8}" = NI Update Service 2.0 "{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage "{3D1F6E51-C98C-4C01-8170-D2DBF2837F13}" = NI LabVIEW Merge Utility 11.0.0 "{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP "{415780C0-4A19-4567-AAAE-10CCB9832B13}" = NI-RPC 4.2.2f0 for Phar Lap ETS "{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor "{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML "{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client "{445D1CC7-9C3C-4823-9597-B7DDD8698FE6}" = NI LabVIEW 2011 Manuals "{451F962A-92A1-407C-AFA0-A29C0349A76F}" = NI MDF Support "{45C5DE6E-85AB-466E-9A6F-8BAB11EE0EDD}" = NI Web Interface Framework 2.0 "{46BF7707-A511-47E7-B118-0E53DCA1A0EA}" = NI Remote PXI Provider for MAX 5.0.0 "{482A01F8-A9C9-4DB6-84DE-265A2B763F20}_is1" = LogMeTT 2.9.9 "{49F05354-04F7-4AE4-8434-9E7B5462C727}" = NI DN 2.0 SP1 installer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A3975BD-F85A-4CCB-9520-EB5604775A0F}" = NI LabVIEW 2011 "{4B7IL77L-LKS1-75B1-NFSRUN-18CD6E6334R1}_is1" = Need for Speed The Run version 1.0 "{4BDAF6F8-8C28-49FD-8FA7-CEE3E9E9BAD4}" = NI LabVIEW 2011 Simulation "{4BEFB7C6-F103-42FB-9482-861C6D9690A0}" = NI LabVIEW Compare Utility 11.0.0 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{50F728C0-9A37-4868-B9E1-42565C228B12}" = Reset NI Config 5.0.0 "{52252F5C-58CD-48ED-8C88-9AAD6FE887B4}" = NI Trace Engine "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{523B5D39-C209-41C8-9075-F6C14C2394D2}" = NI LabVIEW 2011 Search "{555B2ADE-B3CB-4C95-A789-8A7C03A004B7}" = NI LabVIEW 2011 Deployment Framework "{578A6214-6CC6-4043-A9A8-C045DDAE2B39}" = NI Remote Provider for MAX 5.0.0 "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo "{5F123C21-A5E2-4CFB-A6A7-034C9087099F}" = NI Logos XT Support "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68DE7BF6-AFA9-4609-9C96-8C15E46E2093}" = NI Example Finder 11.0 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{6F1B061C-AB4B-4FB4-8715-269FFCC2FD07}" = NI LabVIEW 2011 "{70BA7761-629A-4118-BFE0-02753B9019C8}" = NI MXS 5.0.0 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{712723FB-BF99-4406-8F91-A2DB766AB2C9}" = NI VC2008MSMs x86 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD® "{73854BF9-E78E-4D6F-B8C2-A7A3CD855124}" = NI LabVIEW 2011 Help File "{74543E90-425B-46D2-BB83-D91C7974834D}" = NI LabVIEW 2011 "{7571F0A3-AC23-4F7B-A64E-442C5C82CE01}" = NI LabVIEW 2011 "{75C812EE-06B8-4A47-B37D-9777BE9A644C}" = NI SSL Support "{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7A29AA0C-202A-467E-9257-DE2E8DBC60B3}" = NI LabVIEW 2011 License "{7C62B54A-E524-4F3D-83E7-0F2ABAFC978A}" = NI Xalan Delay Load 1.10.1 "{7C6869BF-6CBE-4CB0-8869-2743B419343C}" = NI LabVIEW 2011 Real-Time NBFifo "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{7D64A463-C3C9-40B6-BC46-4DD7D0DE2BFD}" = NI LabVIEW 2011 Run-Time Engine Non-English Support. "{7D89ECEB-7E27-4898-812E-80862E91AB94}" = NI Portable Configuration 5.0.0 "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online "{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4 "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80C792E1-78BC-4F4A-839E-BCD107770938}" = NI System API Windows 32-bit 5.0.0 "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11 "{886C3E95-4032-45C8-92F6-57861871635A}" = NI Software Provider for MAX 5.0.0 "{89089F33-94D7-4E9C-918F-75CC933FC88F}" = NI DataSocket 4.9 "{8923D179-24D1-475D-A381-0B8C1AF1A206}" = NI LabVIEW 2011 Web Server "{896849EE-EEE6-4E45-B20B-9F4DDCF805DA}" = NI Assistant Framework "{89CE9AA7-0615-4DB5-83DB-B0AA2FDAD454}" = NI LabVIEW 2011 "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8D9F6EFD-6EAF-4327-AD59-92DEA050BDAF}" = NI Instrument IO Assistant for LabVIEW 2011 32-bit "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F1B9FE1-5777-4118-B982-B50B030101FF}" = NI LabVIEW 2011 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback "{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{98F4DC3F-958E-4DE5-BE1D-DBD72B05A204}" = NI Search Shared "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A87DA58-1C1C-4305-BD69-231886F03191}" = NI Uninstaller "{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009 SP1 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2113B6-30DC-4827-9166-E6F4889D7594}" = NI LabVIEW 2011 Deployable License "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A11A542A-37BF-4943-9810-3F1DC0AD4A1C}" = NI LabWindows/CVI 2010 Code Generator "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A1BFEB7F-3126-4F60-9CFD-8D4FC1B87BEB}_is1" = TTLEditor 1.2.1 "{A363C314-2242-4BBE-9ADE-B427AF646EFF}" = NI mDNS Responder 1.6.0 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7B1ABA8-E2A2-4565-A8AF-F01657FF5CEA}" = NI LabVIEW Web Services Runtime "{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB9BBC2E-83F6-47A9-9FA3-08D3774F8E45}" = NI-RPC 4.2.2f0 "{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI "{AE593237-3C8E-44F2-A9AA-2DDE0A472CDE}" = NI LabVIEW Web Server for Run-Time Engine "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009 "{B1DCBBC7-8ECE-497F-926F-02FE4E42216B}" = NI Distributed System Manager 2011 "{B1EE55C1-F98B-40AB-AF0C-422ECCC88454}" = NI Measurement & Automation Explorer 5.0.0 "{B2BDA3BC-29BE-49C1-A30E-15DA8D041601}" = NI License Manager "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BB3EBB9E-1CA1-4B7F-9E67-09540CCE9F45}" = NI Assistant Framework LabVIEW Code Generator 2011 "{BEBCBC05-4B39-4935-8B7C-B06E9FF1EA2A}" = NI EulaDepot "{C0DE25AE-B0E5-4D4B-96CE-EE757066D0BA}" = NI Network Discovery 5.0 "{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID "{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CC17CE69-4AB6-4434-ADB4-27DB49D36080}" = NI Curl 1.1 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF30E2B5-A7A7-47AD-8B03-22A27D4E9971}" = NI LabVIEW 2011 Real-Time Error Dialog "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4877334-6730-4C84-B9C9-218EA466CA74}" = NI LabVIEW 2011 "{D5BB7AAE-62F4-4C4F-B272-F27AEE16BA7F}" = NI TDMS "{D70CCDE0-44B0-460D-94AD-7BE162E49126}" = NI LabVIEW 2011 "{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP "{DB0D5AFF-0B60-4287-9BC2-F4AE797B02F4}" = NI Authentication 2.0 "{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries "{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0D8CD4E-4771-4848-A09D-60A31D883883}" = NI VC2005MSMs x86 "{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI "{E3739FE9-3BAF-4250-82FA-230C7CC0EAD8}" = NI LabVIEW 2011 Help "{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage "{E5BCF967-F2DF-40F4-A1DE-25DB6AB6B278}" = Blio "{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3 "{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard "{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi "{EA37AB72-EC8C-432C-A1C6-186850FB0559}" = NI System State Publisher "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EB708DAB-CD04-46E4-88C9-E3BC80595982}" = NI System Web Server Base 2.0 "{EB8D0A82-E02A-437C-A7C4-90516F1CFB39}" = NI Web Application Server 2.0 "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer "{EF1B1A68-988E-4A68-8504-774373A4651C}" = NI OPC Support "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F04A89CB-A185-4263-85ED-4BAD766F7DAE}" = NI Error Reporting 2011 "{F055B0A4-8F75-4F85-B6FF-1C5BE10A72DC}" = NI LabWindows/CVI 9.0 Run-Time Engine "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2E01659-A397-4F84-9B5E-484A431CE1C5}" = NI System Web Server 2.0 "{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker "{F45CE5E8-4A60-4292-8FD5-1807DFEBE221}" = NI LabWindows/CVI 2010 LabVIEW DLL Builder "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6C682B6-7714-41CC-80B6-3288364910AF}" = NI GMP Windows 32-bit Installer 11.0.0 "{F7CCA6E5-1D14-4907-83BB-6B6BF36F1D90}" = NI Variable Engine LabVIEW 2011 Support "{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel® Wireless Display "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F9A74F70-7597-47B8-B04C-044824C23B15}" = NI LabVIEW 2011 VIPM Helper "{F9E0880D-B263-48F9-B8E5-BAFCAE9BE150}" = NI System API Client for WIF 5.0.0 "{FDED748C-432B-4B44-BB33-3BB8550A2AD2}" = NI Variable Engine 2.5.0 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine "Adobe AIR" = Adobe AIR "Advanced Audio FX Engine" = Advanced Audio FX Engine "avast" = avast! Free Antivirus "BetterLinks" = BetterLinks v1.7.5.24 (remove only) "BlueJ_is1" = BlueJ 3.0.4 "CreativeIDE" = Michael's Creative C++ "Crysis WARHEAD®" = Crysis WARHEAD® "DAEMON Tools Lite" = DAEMON Tools Lite "Dell Webcam Central" = Dell Webcam Central "ENTERPRISE" = Microsoft Office Enterprise 2007 "ERUNT_is1" = ERUNT 1.1j "FormatFactory" = FormatFactory 2.90 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221 "InstallShield_{110ACDD7-71B0-4A09-B45C-4A4C5CFA3103}" = MPLAB Tools v8.76 "InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4 "InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "MPLAB C for PIC24 MCUs and-or dsPIC DSCs v3.30c" = MPLAB C for PIC24 MCUs and-or dsPIC DSCs "NI Uninstaller" = National Instruments Software "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "OpenAL" = OpenAL "PICC 9.82" = HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 "PremiumSoft Navicat Premium_is1" = PremiumSoft Navicat Premium 9.1 "PremiumSoft NaviCoder IDE for Java_is1" = PremiumSoft NaviCoder IDE for Java "RealPlayer 15.0" = RealPlayer "ST6UNST #1" = NuMap7.1 - Nonlinear Networks for Approximation "Tera Term_is1" = Tera Term 4.71 "uTorrent" = µTorrent "uTorrentBar Toolbar" = uTorrentBar Toolbar "Veetle TV" = Veetle TV "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials "ZinioReader4" = Zinio Reader 4 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{09AB0B35-9138-4765-900C-28FC4011058E}" = OrCAD 16.5 Lite "Dropbox" = Dropbox "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 4/27/2012 12:04:55 PM | Computer Name = SoumitroAuddy | Source = VSS | ID = 12289 Description = Error - 4/28/2012 3:47:20 PM | Computer Name = SoumitroAuddy | Source = WinMgmt | ID = 10 Description = Error - 4/28/2012 3:51:36 PM | Computer Name = SoumitroAuddy | Source = WinMgmt | ID = 10 Description = Error - 4/28/2012 5:35:49 PM | Computer Name = SoumitroAuddy | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 4/29/2012 5:30:39 PM | Computer Name = SoumitroAuddy | Source = Application Error | ID = 1000 Description = Faulting application name: WebcamDell2.exe, version: 1.0.60.0, time stamp: 0x4e41f4a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc000041d Fault offset: 0x73394f0d Faulting process id: 0x1628 Faulting application start time: 0x01cd2578a685db42 Faulting application path: C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe Faulting module path: unknown Report Id: 90293f4c-9242-11e1-ae32-14feb5bf0fbf Error - 5/2/2012 5:47:09 PM | Computer Name = SoumitroAuddy | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 5/3/2012 5:09:56 AM | Computer Name = SoumitroAuddy | Source = Application Error | ID = 1000 Description = Faulting application name: realplay.exe, version: 15.0.0.198, time stamp: 0x4eb9c708 Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x0004ba3d Faulting process id: 0x27b0 Faulting application start time: 0x01cd290c801a1fb6 Faulting application path: c:\program files (x86)\real\realplayer\realplay.exe Faulting module path: C:\Windows\syswow64\ole32.dll Report Id: c01f0ae9-94ff-11e1-ae32-14feb5bf0fbf Error - 5/4/2012 1:49:42 PM | Computer Name = SoumitroAuddy | Source = CVHSVC | ID = 100 Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: HTTP status 304: The server's response was not valid. The server was not following the defined protocol. Resume the job, and then Background Intelligent Transfer Service (BITS) will try again. Error - 5/4/2012 5:49:12 PM | Computer Name = SoumitroAuddy | Source = WinMgmt | ID = 10 Description = Error - 5/4/2012 7:26:35 PM | Computer Name = SoumitroAuddy | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. [ Cisco AnyConnect VPN Client Events ] Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp Line: 7639 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33161196 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: CMainThread::OnTimerExpired File: .\MainThread.cpp Line: 4287 Invoked Function: CMainThread::applyHostConfigForNoVpn Return Code: -33161196 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp Line: 2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED Error - 6/21/2012 10:29:03 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: CDNSRequest::OnSocketReadComplete File: .\IP\DNSRequest.cpp Line: 1069 Invoked Function: CDNSRequest::processResponse Return Code: -29229042 (0xFE42000E) Description: DNSREQUEST_ERROR_REFUSED Failed to resolve 17.1.107.129.in-addr.arpa via DNS server 192.168.1.254 Error - 6/22/2012 8:14:21 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp Line: 31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed. Error - 6/22/2012 8:14:29 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: The system cannot find the file specified. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 6/22/2012 10:08:50 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp Line: 31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description: WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed. Error - 6/22/2012 10:08:50 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: The system cannot find the file specified. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory [ Media Center Events ] Error - 1/29/2012 7:03:55 PM | Computer Name = SoumitroAuddy | Source = MCUpdate | ID = 0 Description = 5:03:48 PM - Error connecting to the internet. 5:03:48 PM - Unable to contact server.. Error - 2/11/2012 7:50:55 PM | Computer Name = SoumitroAuddy | Source = MCUpdate | ID = 0 Description = 5:26:01 PM - Failed to retrieve Directory (Error: The operation has timed out) [ System Events ] Error - 6/23/2012 1:20:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874 Description = An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Error - 6/23/2012 1:20:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 40. The internal error state is 107. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874 Description = An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 40. The internal error state is 107. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874 Description = An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 40. The internal error state is 107. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874 Description = An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 40. The internal error state is 107. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874 Description = An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 40. The internal error state is 107. < End of report > checkup.txt: Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 PremiumSoft NaviCoder IDE for Java JavaFX 2.1.0 Java 6 Update 29 Java 7 Update 4 Java SE Runtime Environment 6 Java SE Development Kit 6 Java version out of Date! Adobe Reader X (10.1.3) Google Chrome 19.0.1084.56 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  7. OTL.txt: OTL logfile created on: 6/23/2012 12:13:55 AM - Run 1 OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Soumitro Auddy\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.90 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 22.48% Memory free 7.79 Gb Paging File | 3.81 Gb Available in Paging File | 48.90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 446.13 Gb Total Space | 204.17 Gb Free Space | 45.76% Space Free | Partition Type: NTFS Computer Name: SOUMITROAUDDY | User Name: Soumitro Auddy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/23 00:08:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Soumitro Auddy\Downloads\OTL.exe PRC - [2012/05/24 22:19:22 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012/05/04 16:51:00 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\spotify.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/02/26 12:24:45 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe PRC - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe PRC - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe PRC - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe PRC - [2012/01/13 19:25:14 | 000,624,744 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\VeetleNet.exe PRC - [2012/01/13 19:25:12 | 000,025,704 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\player.exe PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2011/08/12 10:46:02 | 000,520,330 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2011/08/03 15:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe PRC - [2011/06/19 09:29:04 | 000,619,672 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe PRC - [2011/06/14 18:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe PRC - [2011/06/14 12:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe PRC - [2011/06/14 10:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe PRC - [2011/06/14 10:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe PRC - [2011/06/14 10:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe PRC - [2011/06/10 15:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe PRC - [2011/06/01 17:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe PRC - [2011/05/27 14:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe PRC - [2011/05/27 14:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe PRC - [2011/04/22 11:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/04/21 21:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2010/12/17 10:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe PRC - [2010/10/27 10:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe ========== Modules (No Company Name) ========== MOD - [2012/06/14 03:37:11 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll MOD - [2012/06/14 03:36:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/14 03:36:51 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/06/14 03:36:41 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll MOD - [2012/05/13 19:27:59 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll MOD - [2012/05/13 16:24:47 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll MOD - [2012/05/13 16:23:44 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012/05/13 16:23:38 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/13 16:23:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/13 16:23:33 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/13 16:23:26 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/05/04 16:50:53 | 020,101,120 | ---- | M] () -- C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\Data\libcef.dll MOD - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe MOD - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe MOD - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll MOD - [2012/01/13 19:25:38 | 000,062,056 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libvrc_plugin.dll MOD - [2012/01/13 19:25:38 | 000,047,720 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libvout_directx_plugin.dll MOD - [2012/01/13 19:25:38 | 000,023,656 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libwingdi_plugin.dll MOD - [2012/01/13 19:25:38 | 000,022,632 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libwaveout_plugin.dll MOD - [2012/01/13 19:25:38 | 000,019,048 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libwav_plugin.dll MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libugly_resampler_plugin.dll MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libu8tofloat32_plugin.dll MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libu8tofixed32_plugin.dll MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libtrivial_resampler_plugin.dll MOD - [2012/01/13 19:25:36 | 000,023,656 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libsubsdec_plugin.dll MOD - [2012/01/13 19:25:36 | 000,020,072 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libspudec_plugin.dll MOD - [2012/01/13 19:25:36 | 000,017,000 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libsgimb_plugin.dll MOD - [2012/01/13 19:25:36 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libtrivial_channel_mixer_plugin.dll MOD - [2012/01/13 19:25:36 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libsimple_channel_mixer_plugin.dll MOD - [2012/01/13 19:25:36 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs16tofloat32_plugin.dll MOD - [2012/01/13 19:25:36 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libtrivial_mixer_plugin.dll MOD - [2012/01/13 19:25:36 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libscale_plugin.dll MOD - [2012/01/13 19:25:36 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs8tofloat32_plugin.dll MOD - [2012/01/13 19:25:36 | 000,012,904 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libspdif_mixer_plugin.dll MOD - [2012/01/13 19:25:34 | 000,052,328 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\librc_plugin.dll MOD - [2012/01/13 19:25:34 | 000,051,816 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libplaylist_plugin.dll MOD - [2012/01/13 19:25:34 | 000,018,024 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libparam_eq_plugin.dll MOD - [2012/01/13 19:25:34 | 000,016,488 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libnsc_plugin.dll MOD - [2012/01/13 19:25:34 | 000,015,976 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libnormvol_plugin.dll MOD - [2012/01/13 19:25:34 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\librawvideo_plugin.dll MOD - [2012/01/13 19:25:34 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs16tofloat32swab_plugin.dll MOD - [2012/01/13 19:25:34 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs16tofixed32_plugin.dll MOD - [2012/01/13 19:25:34 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\librv32_plugin.dll MOD - [2012/01/13 19:25:32 | 000,098,408 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmpgatofixed32_plugin.dll MOD - [2012/01/13 19:25:32 | 000,018,536 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmpga_plugin.dll MOD - [2012/01/13 19:25:32 | 000,018,024 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libipv4_plugin.dll MOD - [2012/01/13 19:25:32 | 000,017,000 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libimage_plugin.dll MOD - [2012/01/13 19:25:32 | 000,016,488 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\liblinear_resampler_plugin.dll MOD - [2012/01/13 19:25:32 | 000,016,488 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libipv6_plugin.dll MOD - [2012/01/13 19:25:32 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\liblpcm_plugin.dll MOD - [2012/01/13 19:25:32 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmpgv_plugin.dll MOD - [2012/01/13 19:25:32 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libm4a_plugin.dll MOD - [2012/01/13 19:25:32 | 000,012,904 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmemcpy_plugin.dll MOD - [2012/01/13 19:25:30 | 000,487,016 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfreetype_plugin.dll MOD - [2012/01/13 19:25:30 | 000,034,920 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi420_rgb_plugin.dll MOD - [2012/01/13 19:25:30 | 000,029,288 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libglwin32_plugin.dll MOD - [2012/01/13 19:25:30 | 000,026,728 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libhotkeys_plugin.dll MOD - [2012/01/13 19:25:30 | 000,017,512 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libheadphone_channel_mixer_plugin.dll MOD - [2012/01/13 19:25:30 | 000,015,464 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi420_yuy2_plugin.dll MOD - [2012/01/13 19:25:30 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libh264_plugin.dll MOD - [2012/01/13 19:25:30 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi422_yuy2_plugin.dll MOD - [2012/01/13 19:25:30 | 000,012,392 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi420_ymga_plugin.dll MOD - [2012/01/13 19:25:28 | 004,298,344 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libffmpeg_plugin.dll MOD - [2012/01/13 19:25:28 | 000,298,088 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfaad_plugin.dll MOD - [2012/01/13 19:25:28 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tou8_plugin.dll MOD - [2012/01/13 19:25:28 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tou16_plugin.dll MOD - [2012/01/13 19:25:28 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tos8_plugin.dll MOD - [2012/01/13 19:25:28 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32_mixer_plugin.dll MOD - [2012/01/13 19:25:28 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tos16_plugin.dll MOD - [2012/01/13 19:25:28 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfixed32tofloat32_plugin.dll MOD - [2012/01/13 19:25:28 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfixed32tos16_plugin.dll MOD - [2012/01/13 19:25:26 | 000,042,600 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaudio_format_plugin.dll MOD - [2012/01/13 19:25:26 | 000,041,576 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libequalizer_plugin.dll MOD - [2012/01/13 19:25:26 | 000,040,552 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libdeinterlace_plugin.dll MOD - [2012/01/13 19:25:26 | 000,039,528 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libdirect3d_plugin.dll MOD - [2012/01/13 19:25:26 | 000,029,288 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libbandlimited_resampler_plugin.dll MOD - [2012/01/13 19:25:26 | 000,025,192 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libblend_plugin.dll MOD - [2012/01/13 19:25:26 | 000,019,560 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libcrop_plugin.dll MOD - [2012/01/13 19:25:26 | 000,018,024 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libclone_plugin.dll MOD - [2012/01/13 19:25:26 | 000,017,512 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libexport_plugin.dll MOD - [2012/01/13 19:25:24 | 000,056,936 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libasf_plugin.dll MOD - [2012/01/13 19:25:24 | 000,033,896 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaccess_http_plugin.dll MOD - [2012/01/13 19:25:24 | 000,024,680 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaout_directx_plugin.dll MOD - [2012/01/13 19:25:24 | 000,023,144 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libadpcm_plugin.dll MOD - [2012/01/13 19:25:24 | 000,015,976 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaraw_plugin.dll MOD - [2012/01/13 19:25:24 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaccess_tcp_plugin.dll MOD - [2012/01/13 19:25:14 | 000,624,744 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\VeetleNet.exe MOD - [2012/01/13 19:25:12 | 000,025,704 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\player.exe MOD - [2012/01/13 19:25:10 | 001,761,384 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\libvlc.dll MOD - [2012/01/13 19:25:10 | 000,212,584 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\axvlc.dll MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe MOD - [2011/06/19 09:29:06 | 001,967,104 | ---- | M] () -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll MOD - [2011/04/22 11:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll MOD - [2010/12/17 10:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2011/05/27 14:43:58 | 000,068,256 | ---- | M] (National Instruments Corporation) [Disabled | Stopped] -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer64) NI Application Web Server (64-bit) SRV:64bit: - [2010/12/17 14:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel® SRV:64bit: - [2010/12/17 14:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2010/12/17 14:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel® SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel® SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService) SRV - [2011/08/03 15:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent) SRV - [2011/06/14 18:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe -- (mxssvr) SRV - [2011/06/14 12:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService) SRV - [2011/06/14 10:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService) SRV - [2011/06/14 10:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync) SRV - [2011/06/14 10:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds) SRV - [2011/06/10 15:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe -- (NINetworkDiscovery) SRV - [2011/06/01 17:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder) SRV - [2011/05/27 14:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc) SRV - [2011/05/27 14:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer) SRV - [2011/04/22 11:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/04/21 21:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel® SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel® SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010/10/27 10:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer) SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU) SRV - [2010/08/02 11:00:00 | 001,427,688 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager) SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/03 11:26:34 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Opcenum.exe -- (OpcEnum) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/06 18:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012/03/06 18:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012/03/06 18:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/03/06 18:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012/03/06 18:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/03/06 18:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/14 02:23:51 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012/01/04 16:06:52 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/08/19 07:23:29 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/08/19 07:23:29 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/08/03 15:27:28 | 000,022,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva) DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011/07/28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB) DRV:64bit: - [2011/06/16 15:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2011/05/13 04:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011/05/13 04:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV:64bit: - [2011/05/13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV:64bit: - [2011/05/13 04:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV:64bit: - [2011/04/22 11:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2011/03/26 04:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2011/02/16 20:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/02/10 17:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011/02/10 17:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/12/22 04:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel® DRV:64bit: - [2010/12/17 12:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/12/15 12:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010/12/13 12:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010/12/12 09:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB) DRV:64bit: - [2010/12/01 05:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 22:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc) DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010/11/20 22:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid) DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel® DRV:64bit: - [2010/10/15 11:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel® DRV:64bit: - [2010/08/20 13:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2010/07/12 21:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt) DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010/02/27 02:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/05/12 08:09:06 | 000,064,512 | ---- | M] (Microchip Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mchpusb64.sys -- (MCHPUSB) DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:64bit: - [2007/02/12 18:56:08 | 000,089,600 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl) DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{461ECB06-0E73-474D-BB3D-70B32ECE64F5}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8 IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{461ECB06-0E73-474D-BB3D-70B32ECE64F5}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=86E0887E02AA9FAAE066AB4FE03BC340&tbp=homepage IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=86E0887E02AA9FAAE066AB4FE03BC340&q={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co.in/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNTG_en IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Soumitro Auddy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/08/19 07:04:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/08/19 07:04:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/08/19 07:05:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/24 22:19:55 | 000,000,000 | ---D | M] [2012/01/09 00:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Soumitro Auddy\AppData\Roaming\Mozilla\Firefox\extensions [2012/01/09 00:18:34 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Soumitro Auddy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (BetterLinks) - {6921710F-6AC6-4113-8AE6-82A1660EBB09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll (MashLogic Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll (Yontoo LLC) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation) O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe () O4 - HKLM..\Run: [NI Update Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe (National Instruments) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC1758F-D365-413E-B1A8-70778E1C6369}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\cozi - No CLSID value found O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{21e7cc73-54fc-11e1-97bd-14feb5bf0fbf}\Shell - "" = AutoRun O33 - MountPoints2\{21e7cc73-54fc-11e1-97bd-14feb5bf0fbf}\Shell\AutoRun\command - "" = F:\Setup\rsrc\Autorun.exe O33 - MountPoints2\{21e7cc73-54fc-11e1-97bd-14feb5bf0fbf}\Shell\dinstall\command - "" = F:\Directx\dxsetup.exe O33 - MountPoints2\{2e6c1f7d-0f21-11e1-9ca8-14feb5bf0fbf}\Shell - "" = AutoRun O33 - MountPoints2\{2e6c1f7d-0f21-11e1-9ca8-14feb5bf0fbf}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{4304c140-ee59-11e0-a6c6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4304c140-ee59-11e0-a6c6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{ef6e5702-1613-11e1-a567-14feb5bf0fbf}\Shell - "" = AutoRun O33 - MountPoints2\{ef6e5702-1613-11e1-a567-14feb5bf0fbf}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/06/22 23:28:05 | 000,000,000 | ---D | C] -- C:\ARK [2012/06/22 23:26:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/06/22 22:27:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/06/22 22:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2012/06/22 22:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2012/06/22 15:49:58 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\Desktop\MBAM [2012/06/21 21:50:37 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\AppData\Local\Unity [2012/06/19 03:44:12 | 000,000,000 | ---D | C] -- C:\Windows\Application Data [2012/06/19 03:44:10 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\Documents\QI Macros Test Data [2012/06/19 03:44:09 | 000,000,000 | ---D | C] -- C:\QIMacros [2012/06/19 03:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars [2012/06/19 03:43:43 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\AppData\Local\blekkotb_031 [2012/06/17 17:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco [2012/06/17 17:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco [2012/06/14 03:01:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/06/14 03:01:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/06/14 03:01:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/06/14 03:01:02 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/06/14 03:01:00 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/06/14 03:01:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/06/14 03:01:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/06/14 03:01:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/06/14 03:00:58 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/06/14 03:00:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/06/14 03:00:57 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/06/14 03:00:57 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/06/14 03:00:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/06/13 22:04:00 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/06/13 22:04:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/06/13 22:04:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/06/13 22:03:52 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/06/13 22:03:51 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/06/13 22:03:51 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/06/13 22:03:45 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/06/13 22:03:36 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/06/13 22:03:35 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/06/13 15:42:07 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache [2012/06/13 15:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake 4 [2012/06/13 15:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\id Software [2012/06/07 19:18:49 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\Desktop\index.php_files [2012/06/02 19:28:31 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\AppData\Local\Ares [2012/05/27 01:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012/05/27 01:07:22 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/05/27 01:07:22 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/05/24 22:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2012/05/24 22:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2012/05/05 15:19:27 | 000,005,632 | ---- | C] (Seyyed HosseiN Hasan Pour Matikolae) -- C:\ProgramData\Set-up Enviroment.exe [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Soumitro Auddy\Desktop\*.tmp files -> C:\Users\Soumitro Auddy\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/23 00:13:06 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job [2012/06/22 23:21:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/22 22:33:42 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/22 22:33:42 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/22 22:26:46 | 000,000,930 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\NTREGOPT.lnk [2012/06/22 22:26:46 | 000,000,911 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\ERUNT.lnk [2012/06/22 21:14:18 | 000,780,220 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/06/22 21:14:18 | 000,660,982 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/06/22 21:14:18 | 000,121,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/06/22 21:08:26 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys [2012/06/22 19:14:28 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2012/06/22 19:13:11 | 000,006,640 | ---- | M] () -- C:\bootsqm.dat [2012/06/22 13:50:38 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job [2012/06/22 03:49:30 | 000,059,121 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\Cover Letter(Soumitro S. Auddy).pdf [2012/06/14 20:36:37 | 000,001,067 | ---- | M] () -- C:\Users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012/06/14 03:33:25 | 000,465,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/06/07 19:18:49 | 000,030,382 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\index.php.htm [2012/05/29 22:32:13 | 000,000,973 | ---- | M] () -- C:\Users\Soumitro Auddy\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2012/05/29 22:21:55 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012/05/27 01:06:49 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/05/27 01:06:49 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/05/26 19:36:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job [2012/05/24 22:20:19 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2012/05/24 22:19:48 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2012/05/24 22:19:30 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2012/05/24 22:19:30 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2012/05/24 22:19:25 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Soumitro Auddy\Desktop\*.tmp files -> C:\Users\Soumitro Auddy\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/22 22:26:46 | 000,000,930 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\NTREGOPT.lnk [2012/06/22 22:26:46 | 000,000,911 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\ERUNT.lnk [2012/06/22 19:13:11 | 000,006,640 | ---- | C] () -- C:\bootsqm.dat [2012/06/20 17:30:55 | 000,059,121 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\Cover Letter(Soumitro S. Auddy).pdf [2012/06/07 19:18:47 | 000,030,382 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\index.php.htm [2012/05/26 18:06:10 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job [2012/05/24 22:20:19 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2012/05/05 23:30:41 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\SDL_ttf.dll [2012/05/05 23:30:38 | 000,056,565 | ---- | C] () -- C:\Windows\SysWow64\SDL_image.dll [2012/05/05 23:30:29 | 000,266,436 | ---- | C] () -- C:\Windows\SysWow64\tiff.dll [2012/05/05 23:30:16 | 000,565,248 | ---- | C] () -- C:\Windows\SysWow64\alleg42.dll [2012/05/05 15:19:28 | 002,107,904 | ---- | C] () -- C:\ProgramData\SimEngine.dll.backup [2012/05/05 15:19:27 | 002,108,416 | ---- | C] () -- C:\ProgramData\SimEngine.exe [2012/05/05 15:19:27 | 000,324,096 | ---- | C] () -- C:\ProgramData\SDL.dll [2012/05/05 15:19:27 | 000,013,312 | -H-- | C] () -- C:\ProgramData\SDL_net.dll [2012/03/30 08:23:10 | 000,007,641 | ---- | C] () -- C:\Users\Soumitro Auddy\AppData\Local\Resmon.ResmonCfg [2012/02/04 16:21:42 | 000,004,096 | -H-- | C] () -- C:\Users\Soumitro Auddy\AppData\Local\keyfile3.drm [2012/01/06 17:46:55 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2012/01/05 00:35:14 | 000,004,608 | ---- | C] () -- C:\Users\Soumitro Auddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/13 22:04:19 | 000,000,138 | ---- | C] () -- C:\Users\Soumitro Auddy\AppData\Roaming\wpstate.ini [2011/11/09 01:23:25 | 000,002,671 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy2.asv [2011/11/09 01:09:43 | 000,002,664 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy2.m [2011/11/08 06:36:17 | 000,002,269 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy1.asv [2011/11/08 06:32:29 | 000,002,227 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy1.m [2011/11/08 06:06:17 | 000,002,565 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy.asv [2011/11/08 05:57:47 | 000,002,729 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy.m [2011/11/08 05:24:44 | 000,000,673 | ---- | C] () -- C:\Users\Soumitro Auddy\Untitled.asv [2011/11/08 05:11:01 | 000,000,657 | ---- | C] () -- C:\Users\Soumitro Auddy\Untitled.m [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/08/25 14:33:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/08/19 07:03:51 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011/08/19 07:02:56 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/08/19 07:02:53 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/08/19 07:02:48 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/08/01 08:17:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\MPMapTrace.dll [2011/08/01 07:37:24 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\mpPathan.dll [2011/06/10 14:52:52 | 000,000,244 | ---- | C] () -- C:\Windows\SysWow64\nirpc.ini [2011/02/10 09:33:46 | 000,774,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== LOP Check ========== [2011/09/06 01:47:26 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Blio [2011/11/18 21:13:53 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\com.AccuWeather.air.stratus.6AF67E59E785A9A644FCA43BED05A7731922EF40.1 [2012/06/04 18:01:58 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\DAEMON Tools Lite [2012/06/22 21:09:42 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox [2012/02/25 22:02:13 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoft [2012/02/25 21:55:45 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers [2012/01/23 14:54:48 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Fingertapps [2012/02/15 23:58:15 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Microchip [2012/01/06 17:49:32 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\NaviCoder IDE for Java [2012/01/04 16:07:06 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\OpenCandy [2011/08/25 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\PCDr [2012/05/13 16:14:37 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\SoftGrid Client [2012/06/22 23:21:27 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Spotify [2011/08/31 11:53:49 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\TP [2012/06/22 21:09:42 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\uTorrent [2011/09/21 02:28:57 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\ZinioReader4 [2012/06/22 13:50:38 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job [2012/06/23 00:13:06 | 000,000,964 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job [2012/05/26 19:36:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job [2012/05/29 22:21:55 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [2012/04/22 00:45:07 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/06/22 19:14:28 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job ========== Purity Check ========== < End of report >
  8. aswMBR Report: aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-06-22 22:34:32 ----------------------------- 22:34:32.956 OS Version: Windows x64 6.1.7601 Service Pack 1 22:34:32.956 Number of processors: 4 586 0x2A07 22:34:32.956 ComputerName: SOUMITROAUDDY UserName: 22:34:39.030 Initialize success 22:34:40.395 AVAST engine defs: 12062201 22:35:18.165 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 22:35:18.175 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3 22:35:18.245 Disk 0 MBR read successfully 22:35:18.245 Disk 0 MBR scan 22:35:18.255 Disk 0 Windows VISTA default MBR code 22:35:18.265 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63 22:35:18.295 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992 22:35:18.555 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 456835 MB offset 41172992 22:35:18.583 Disk 0 scanning C:\Windows\system32\drivers 22:35:38.887 Service scanning 22:35:54.082 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32 22:35:58.882 Modules scanning 22:35:58.889 Scan finished successfully 23:22:45.861 Disk 0 MBR has been saved successfully to "C:\Users\Soumitro Auddy\Desktop\MBAM\MBR.dat" 23:22:45.861 The log file has been saved successfully to "C:\Users\Soumitro Auddy\Desktop\MBAM\aswMBR.txt" TDSSKILLER log: 23:24:19.0765 7744 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 23:24:20.0307 7744 ============================================================ 23:24:20.0307 7744 Current date / time: 2012/06/22 23:24:20.0307 23:24:20.0307 7744 SystemInfo: 23:24:20.0307 7744 23:24:20.0307 7744 OS Version: 6.1.7601 ServicePack: 1.0 23:24:20.0307 7744 Product type: Workstation 23:24:20.0307 7744 ComputerName: SOUMITROAUDDY 23:24:20.0307 7744 UserName: Soumitro Auddy 23:24:20.0307 7744 Windows directory: C:\Windows 23:24:20.0307 7744 System windows directory: C:\Windows 23:24:20.0307 7744 Running under WOW64 23:24:20.0307 7744 Processor architecture: Intel x64 23:24:20.0307 7744 Number of processors: 4 23:24:20.0307 7744 Page size: 0x1000 23:24:20.0307 7744 Boot type: Normal boot 23:24:20.0307 7744 ============================================================ 23:24:20.0777 7744 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:24:20.0777 7744 ============================================================ 23:24:20.0777 7744 \Device\Harddisk0\DR0: 23:24:20.0777 7744 MBR partitions: 23:24:20.0777 7744 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000 23:24:20.0777 7744 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830 23:24:20.0777 7744 ============================================================ 23:24:20.0797 7744 C: <-> \Device\Harddisk0\DR0\Partition1 23:24:20.0797 7744 ============================================================ 23:24:20.0797 7744 Initialize success 23:24:20.0797 7744 ============================================================ 23:24:55.0367 5320 ============================================================ 23:24:55.0367 5320 Scan started 23:24:55.0367 5320 Mode: Manual; SigCheck; TDLFS; 23:24:55.0367 5320 ============================================================ 23:24:56.0705 5320 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:24:56.0885 5320 1394ohci - ok 23:24:56.0935 5320 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys 23:24:56.0975 5320 Acceler - ok 23:24:57.0005 5320 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:24:57.0035 5320 ACPI - ok 23:24:57.0064 5320 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:24:57.0121 5320 AcpiPmi - ok 23:24:57.0238 5320 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 23:24:57.0247 5320 AdobeARMservice - ok 23:24:57.0299 5320 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 23:24:57.0327 5320 adp94xx - ok 23:24:57.0339 5320 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 23:24:57.0369 5320 adpahci - ok 23:24:57.0379 5320 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 23:24:57.0399 5320 adpu320 - ok 23:24:57.0439 5320 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 23:24:57.0549 5320 AeLookupSvc - ok 23:24:57.0589 5320 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 23:24:57.0599 5320 AERTFilters - ok 23:24:57.0659 5320 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 23:24:57.0719 5320 AFD - ok 23:24:57.0789 5320 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:24:57.0809 5320 agp440 - ok 23:24:57.0829 5320 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 23:24:57.0879 5320 ALG - ok 23:24:57.0899 5320 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:24:57.0909 5320 aliide - ok 23:24:57.0929 5320 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:24:57.0939 5320 amdide - ok 23:24:57.0959 5320 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 23:24:57.0989 5320 AmdK8 - ok 23:24:57.0999 5320 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 23:24:58.0044 5320 AmdPPM - ok 23:24:58.0079 5320 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:24:58.0094 5320 amdsata - ok 23:24:58.0128 5320 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 23:24:58.0145 5320 amdsbs - ok 23:24:58.0189 5320 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:24:58.0200 5320 amdxata - ok 23:24:58.0231 5320 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:24:58.0373 5320 AppID - ok 23:24:58.0393 5320 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 23:24:58.0443 5320 AppIDSvc - ok 23:24:58.0493 5320 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 23:24:58.0543 5320 Appinfo - ok 23:24:58.0603 5320 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 23:24:58.0653 5320 AppMgmt - ok 23:24:58.0673 5320 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 23:24:58.0683 5320 arc - ok 23:24:58.0713 5320 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 23:24:58.0723 5320 arcsas - ok 23:24:58.0813 5320 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 23:24:58.0823 5320 aspnet_state - ok 23:24:58.0893 5320 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys 23:24:58.0903 5320 aswFsBlk - ok 23:24:58.0943 5320 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys 23:24:58.0953 5320 aswMonFlt - ok 23:24:58.0993 5320 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys 23:24:59.0013 5320 aswRdr - ok 23:24:59.0053 5320 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys 23:24:59.0083 5320 aswSnx - ok 23:24:59.0123 5320 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys 23:24:59.0153 5320 aswSP - ok 23:24:59.0183 5320 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys 23:24:59.0193 5320 aswTdi - ok 23:24:59.0223 5320 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:24:59.0273 5320 AsyncMac - ok 23:24:59.0323 5320 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:24:59.0343 5320 atapi - ok 23:24:59.0383 5320 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 23:24:59.0443 5320 AudioEndpointBuilder - ok 23:24:59.0453 5320 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 23:24:59.0493 5320 AudioSrv - ok 23:24:59.0593 5320 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 23:24:59.0603 5320 avast! Antivirus - ok 23:24:59.0623 5320 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 23:24:59.0713 5320 AxInstSV - ok 23:24:59.0773 5320 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 23:24:59.0823 5320 b06bdrv - ok 23:24:59.0873 5320 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:24:59.0923 5320 b57nd60a - ok 23:24:59.0963 5320 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 23:25:00.0013 5320 BDESVC - ok 23:25:00.0033 5320 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:25:00.0081 5320 Beep - ok 23:25:00.0164 5320 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 23:25:00.0243 5320 BFE - ok 23:25:00.0314 5320 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 23:25:00.0389 5320 BITS - ok 23:25:00.0449 5320 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:25:00.0469 5320 blbdrive - ok 23:25:00.0499 5320 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:25:00.0539 5320 bowser - ok 23:25:00.0569 5320 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 23:25:00.0589 5320 BrFiltLo - ok 23:25:00.0609 5320 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 23:25:00.0629 5320 BrFiltUp - ok 23:25:00.0649 5320 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 23:25:00.0709 5320 Browser - ok 23:25:00.0739 5320 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 23:25:00.0779 5320 Brserid - ok 23:25:00.0789 5320 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:25:00.0819 5320 BrSerWdm - ok 23:25:00.0829 5320 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:25:00.0869 5320 BrUsbMdm - ok 23:25:00.0869 5320 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 23:25:00.0889 5320 BrUsbSer - ok 23:25:00.0909 5320 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 23:25:00.0939 5320 BTHMODEM - ok 23:25:00.0969 5320 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 23:25:01.0019 5320 bthserv - ok 23:25:01.0059 5320 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:25:01.0099 5320 cdfs - ok 23:25:01.0109 5320 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 23:25:01.0139 5320 cdrom - ok 23:25:01.0169 5320 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 23:25:01.0229 5320 CertPropSvc - ok 23:25:01.0259 5320 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 23:25:01.0269 5320 circlass - ok 23:25:01.0299 5320 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:25:01.0319 5320 CLFS - ok 23:25:01.0389 5320 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:25:01.0399 5320 clr_optimization_v2.0.50727_32 - ok 23:25:01.0449 5320 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:25:01.0459 5320 clr_optimization_v2.0.50727_64 - ok 23:25:01.0519 5320 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:25:01.0529 5320 clr_optimization_v4.0.30319_32 - ok 23:25:01.0569 5320 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:25:01.0579 5320 clr_optimization_v4.0.30319_64 - ok 23:25:01.0609 5320 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:25:01.0639 5320 CmBatt - ok 23:25:01.0679 5320 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:25:01.0689 5320 cmdide - ok 23:25:01.0759 5320 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:25:01.0799 5320 CNG - ok 23:25:01.0829 5320 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:25:01.0839 5320 Compbatt - ok 23:25:01.0849 5320 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 23:25:01.0869 5320 CompositeBus - ok 23:25:01.0889 5320 COMSysApp - ok 23:25:01.0899 5320 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 23:25:01.0909 5320 crcdisk - ok 23:25:01.0969 5320 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 23:25:01.0999 5320 CryptSvc - ok 23:25:02.0039 5320 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 23:25:02.0108 5320 CSC - ok 23:25:02.0146 5320 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 23:25:02.0202 5320 CscService - ok 23:25:02.0237 5320 CtClsFlt (df214bff646880d0eb31bdc86136b29b) C:\Windows\system32\DRIVERS\CtClsFlt.sys 23:25:02.0275 5320 CtClsFlt - ok 23:25:02.0419 5320 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 23:25:02.0479 5320 cvhsvc - ok 23:25:02.0519 5320 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 23:25:02.0529 5320 dc3d - ok 23:25:02.0589 5320 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 23:25:02.0649 5320 DcomLaunch - ok 23:25:02.0699 5320 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 23:25:02.0759 5320 defragsvc - ok 23:25:02.0829 5320 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:25:02.0879 5320 DfsC - ok 23:25:02.0939 5320 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 23:25:02.0999 5320 Dhcp - ok 23:25:03.0049 5320 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:25:03.0094 5320 discache - ok 23:25:03.0162 5320 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 23:25:03.0174 5320 Disk - ok 23:25:03.0199 5320 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys 23:25:03.0232 5320 dmvsc - ok 23:25:03.0264 5320 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 23:25:03.0311 5320 Dnscache - ok 23:25:03.0333 5320 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 23:25:03.0393 5320 dot3svc - ok 23:25:03.0413 5320 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 23:25:03.0473 5320 DPS - ok 23:25:03.0513 5320 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:25:03.0523 5320 drmkaud - ok 23:25:03.0583 5320 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 23:25:03.0613 5320 dtsoftbus01 - ok 23:25:03.0663 5320 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:25:03.0703 5320 DXGKrnl - ok 23:25:03.0723 5320 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 23:25:03.0773 5320 EapHost - ok 23:25:03.0903 5320 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 23:25:04.0013 5320 ebdrv - ok 23:25:04.0113 5320 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 23:25:04.0153 5320 EFS - ok 23:25:04.0213 5320 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 23:25:04.0283 5320 ehRecvr - ok 23:25:04.0303 5320 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 23:25:04.0323 5320 ehSched - ok 23:25:04.0393 5320 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 23:25:04.0423 5320 elxstor - ok 23:25:04.0423 5320 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:25:04.0453 5320 ErrDev - ok 23:25:04.0493 5320 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 23:25:04.0563 5320 EventSystem - ok 23:25:04.0703 5320 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 23:25:04.0733 5320 EvtEng - ok 23:25:04.0863 5320 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:25:04.0893 5320 exfat - ok 23:25:04.0913 5320 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:25:04.0963 5320 fastfat - ok 23:25:05.0013 5320 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 23:25:05.0073 5320 Fax - ok 23:25:05.0083 5320 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 23:25:05.0113 5320 fdc - ok 23:25:05.0123 5320 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 23:25:05.0163 5320 fdPHost - ok 23:25:05.0183 5320 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 23:25:05.0243 5320 FDResPub - ok 23:25:05.0273 5320 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:25:05.0293 5320 FileInfo - ok 23:25:05.0303 5320 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:25:05.0333 5320 Filetrace - ok 23:25:05.0333 5320 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 23:25:05.0353 5320 flpydisk - ok 23:25:05.0373 5320 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:25:05.0393 5320 FltMgr - ok 23:25:05.0463 5320 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 23:25:05.0523 5320 FontCache - ok 23:25:05.0583 5320 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:25:05.0593 5320 FontCache3.0.0.0 - ok 23:25:05.0633 5320 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:25:05.0643 5320 FsDepends - ok 23:25:05.0663 5320 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 23:25:05.0673 5320 Fs_Rec - ok 23:25:05.0723 5320 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys 23:25:05.0733 5320 FTDIBUS - ok 23:25:05.0773 5320 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys 23:25:05.0783 5320 FTSER2K - ok 23:25:05.0823 5320 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:25:05.0843 5320 fvevol - ok 23:25:05.0873 5320 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 23:25:05.0893 5320 gagp30kx - ok 23:25:05.0943 5320 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 23:25:06.0003 5320 gpsvc - ok 23:25:06.0033 5320 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:25:06.0063 5320 hcw85cir - ok 23:25:06.0093 5320 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 23:25:06.0123 5320 HDAudBus - ok 23:25:06.0163 5320 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 23:25:06.0183 5320 HidBatt - ok 23:25:06.0203 5320 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 23:25:06.0223 5320 HidBth - ok 23:25:06.0253 5320 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 23:25:06.0283 5320 HidIr - ok 23:25:06.0303 5320 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 23:25:06.0343 5320 hidserv - ok 23:25:06.0363 5320 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 23:25:06.0373 5320 HidUsb - ok 23:25:06.0393 5320 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 23:25:06.0453 5320 hkmsvc - ok 23:25:06.0473 5320 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 23:25:06.0513 5320 HomeGroupListener - ok 23:25:06.0533 5320 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 23:25:06.0573 5320 HomeGroupProvider - ok 23:25:06.0603 5320 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:25:06.0613 5320 HpSAMD - ok 23:25:06.0663 5320 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:25:06.0723 5320 HTTP - ok 23:25:06.0753 5320 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:25:06.0763 5320 hwpolicy - ok 23:25:06.0803 5320 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 23:25:06.0813 5320 i8042prt - ok 23:25:06.0853 5320 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys 23:25:06.0873 5320 iaStor - ok 23:25:06.0913 5320 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:25:06.0943 5320 iaStorV - ok 23:25:07.0083 5320 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 23:25:07.0083 5320 IDriverT ( UnsignedFile.Multi.Generic ) - warning 23:25:07.0083 5320 IDriverT - detected UnsignedFile.Multi.Generic (1) 23:25:07.0183 5320 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:25:07.0223 5320 idsvc - ok 23:25:07.0723 5320 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys 23:25:08.0023 5320 igfx - ok 23:25:08.0123 5320 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 23:25:08.0133 5320 iirsp - ok 23:25:08.0193 5320 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 23:25:08.0253 5320 IKEEXT - ok 23:25:08.0313 5320 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys 23:25:08.0353 5320 Impcd - ok 23:25:08.0473 5320 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys 23:25:08.0553 5320 IntcAzAudAddService - ok 23:25:08.0663 5320 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 23:25:08.0693 5320 IntcDAud - ok 23:25:08.0733 5320 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:25:08.0743 5320 intelide - ok 23:25:08.0773 5320 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:25:08.0793 5320 intelppm - ok 23:25:08.0823 5320 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 23:25:08.0873 5320 IPBusEnum - ok 23:25:08.0893 5320 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:25:08.0923 5320 IpFilterDriver - ok 23:25:08.0963 5320 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 23:25:09.0033 5320 iphlpsvc - ok 23:25:09.0053 5320 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:25:09.0063 5320 IPMIDRV - ok 23:25:09.0083 5320 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:25:09.0113 5320 IPNAT - ok 23:25:09.0133 5320 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:25:09.0153 5320 IRENUM - ok 23:25:09.0153 5320 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:25:09.0163 5320 isapnp - ok 23:25:09.0193 5320 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:25:09.0223 5320 iScsiPrt - ok 23:25:09.0273 5320 JMCR (e56417c56b6a7316b6f527c890a1860d) C:\Windows\system32\DRIVERS\jmcr.sys 23:25:09.0283 5320 JMCR - ok 23:25:09.0313 5320 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 23:25:09.0323 5320 kbdclass - ok 23:25:09.0343 5320 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 23:25:09.0363 5320 kbdhid - ok 23:25:09.0403 5320 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:25:09.0413 5320 KeyIso - ok 23:25:09.0433 5320 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:25:09.0443 5320 KSecDD - ok 23:25:09.0483 5320 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:25:09.0503 5320 KSecPkg - ok 23:25:09.0513 5320 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:25:09.0563 5320 ksthunk - ok 23:25:09.0603 5320 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 23:25:09.0663 5320 KtmRm - ok 23:25:09.0713 5320 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 23:25:09.0763 5320 LanmanServer - ok 23:25:09.0803 5320 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 23:25:09.0853 5320 LanmanWorkstation - ok 23:25:09.0973 5320 LkCitadelServer (20cdb07017497c94a0bad253c4bafcbc) C:\Windows\SysWOW64\lkcitdl.exe 23:25:10.0003 5320 LkCitadelServer - ok 23:25:10.0033 5320 lkClassAds (b07d786736e7b1719a90365911bc2d0a) C:\Windows\SysWOW64\lkads.exe 23:25:10.0043 5320 lkClassAds - ok 23:25:10.0053 5320 lkTimeSync (ab1faa47332ec2ee43bbfed7a6f0ea09) C:\Windows\SysWOW64\lktsrv.exe 23:25:10.0063 5320 lkTimeSync - ok 23:25:10.0168 5320 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:25:10.0219 5320 lltdio - ok 23:25:10.0264 5320 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 23:25:10.0322 5320 lltdsvc - ok 23:25:10.0340 5320 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 23:25:10.0370 5320 lmhosts - ok 23:25:10.0480 5320 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 23:25:10.0500 5320 LMS - ok 23:25:10.0530 5320 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 23:25:10.0540 5320 LSI_FC - ok 23:25:10.0560 5320 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 23:25:10.0570 5320 LSI_SAS - ok 23:25:10.0580 5320 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 23:25:10.0590 5320 LSI_SAS2 - ok 23:25:10.0610 5320 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 23:25:10.0620 5320 LSI_SCSI - ok 23:25:10.0640 5320 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:25:10.0680 5320 luafv - ok 23:25:10.0760 5320 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 23:25:10.0770 5320 MBAMProtector - ok 23:25:10.0860 5320 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 23:25:10.0890 5320 MBAMService - ok 23:25:10.0910 5320 MCHPUSB (ba3963a603f0504eb2a1475b335eab53) C:\Windows\system32\DRIVERS\mchpusb64.sys 23:25:10.0920 5320 MCHPUSB - ok 23:25:10.0950 5320 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 23:25:10.0970 5320 Mcx2Svc - ok 23:25:10.0980 5320 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 23:25:10.0990 5320 megasas - ok 23:25:11.0020 5320 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 23:25:11.0030 5320 MegaSR - ok 23:25:11.0070 5320 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 23:25:11.0080 5320 MEIx64 - ok 23:25:11.0180 5320 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 23:25:11.0190 5320 Microsoft Office Groove Audit Service - ok 23:25:11.0220 5320 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 23:25:11.0270 5320 MMCSS - ok 23:25:11.0270 5320 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:25:11.0310 5320 Modem - ok 23:25:11.0330 5320 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:25:11.0360 5320 monitor - ok 23:25:11.0380 5320 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 23:25:11.0390 5320 mouclass - ok 23:25:11.0410 5320 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:25:11.0440 5320 mouhid - ok 23:25:11.0470 5320 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:25:11.0480 5320 mountmgr - ok 23:25:11.0500 5320 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:25:11.0510 5320 mpio - ok 23:25:11.0550 5320 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:25:11.0580 5320 mpsdrv - ok 23:25:11.0630 5320 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 23:25:11.0690 5320 MpsSvc - ok 23:25:11.0710 5320 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:25:11.0750 5320 MRxDAV - ok 23:25:11.0770 5320 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:25:11.0810 5320 mrxsmb - ok 23:25:11.0840 5320 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:25:11.0880 5320 mrxsmb10 - ok 23:25:11.0890 5320 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:25:11.0910 5320 mrxsmb20 - ok 23:25:11.0940 5320 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:25:11.0950 5320 msahci - ok 23:25:12.0000 5320 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:25:12.0020 5320 msdsm - ok 23:25:12.0050 5320 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 23:25:12.0087 5320 MSDTC - ok 23:25:12.0104 5320 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:25:12.0136 5320 Msfs - ok 23:25:12.0145 5320 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:25:12.0195 5320 mshidkmdf - ok 23:25:12.0213 5320 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:25:12.0227 5320 msisadrv - ok 23:25:12.0269 5320 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 23:25:12.0310 5320 MSiSCSI - ok 23:25:12.0312 5320 msiserver - ok 23:25:12.0327 5320 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:25:12.0360 5320 MSKSSRV - ok 23:25:12.0370 5320 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:25:12.0410 5320 MSPCLOCK - ok 23:25:12.0430 5320 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:25:12.0480 5320 MSPQM - ok 23:25:12.0510 5320 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:25:12.0540 5320 MsRPC - ok 23:25:12.0550 5320 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 23:25:12.0570 5320 mssmbios - ok 23:25:12.0590 5320 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:25:12.0640 5320 MSTEE - ok 23:25:12.0640 5320 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 23:25:12.0650 5320 MTConfig - ok 23:25:12.0670 5320 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:25:12.0680 5320 Mup - ok 23:25:12.0830 5320 mxssvr (a3ba8a14490fdbf106939c37a125e82c) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe 23:25:12.0840 5320 mxssvr - ok 23:25:12.0930 5320 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 23:25:12.0950 5320 MyWiFiDHCPDNS - ok 23:25:12.0990 5320 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 23:25:13.0060 5320 napagent - ok 23:25:13.0114 5320 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:25:13.0162 5320 NativeWifiP - ok 23:25:13.0266 5320 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe 23:25:13.0294 5320 NAUpdate - ok 23:25:13.0350 5320 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 23:25:13.0387 5320 NDIS - ok 23:25:13.0397 5320 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:25:13.0427 5320 NdisCap - ok 23:25:13.0447 5320 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:25:13.0477 5320 NdisTapi - ok 23:25:13.0487 5320 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:25:13.0537 5320 Ndisuio - ok 23:25:13.0567 5320 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:25:13.0627 5320 NdisWan - ok 23:25:13.0637 5320 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:25:13.0667 5320 NDProxy - ok 23:25:13.0677 5320 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:25:13.0727 5320 NetBIOS - ok 23:25:13.0757 5320 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:25:13.0797 5320 NetBT - ok 23:25:13.0837 5320 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:25:13.0847 5320 Netlogon - ok 23:25:13.0887 5320 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 23:25:13.0947 5320 Netman - ok 23:25:14.0037 5320 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:25:14.0047 5320 NetMsmqActivator - ok 23:25:14.0057 5320 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:25:14.0067 5320 NetPipeActivator - ok 23:25:14.0108 5320 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 23:25:14.0176 5320 netprofm - ok 23:25:14.0179 5320 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:25:14.0189 5320 NetTcpActivator - ok 23:25:14.0191 5320 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:25:14.0202 5320 NetTcpPortSharing - ok 23:25:14.0259 5320 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys 23:25:14.0285 5320 netvsc - ok 23:25:14.0609 5320 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys 23:25:14.0809 5320 NETwNs64 - ok 23:25:14.0909 5320 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 23:25:14.0919 5320 nfrd960 - ok 23:25:15.0049 5320 NIApplicationWebServer (f0e38750822eecc47b9913c55990f86a) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe 23:25:15.0049 5320 NIApplicationWebServer - ok 23:25:15.0129 5320 NIApplicationWebServer64 (633cdf3ef922dd438f82468de1c10700) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe 23:25:15.0139 5320 NIApplicationWebServer64 - ok 23:25:15.0219 5320 NIDomainService (908b9667f2fd7453cbcf3a2a0444dcc1) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe 23:25:15.0239 5320 NIDomainService - ok 23:25:15.0359 5320 NILM License Manager (aa8896bcd689851665efc02dc41181ac) C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe 23:25:15.0399 5320 NILM License Manager - ok 23:25:15.0449 5320 nimDNSResponder (8fed4893cb017f81cd1769448ad567e5) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe 23:25:15.0459 5320 nimDNSResponder - ok 23:25:15.0489 5320 NINetworkDiscovery (5ff602d7890da09f45811c3263f81264) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe 23:25:15.0499 5320 NINetworkDiscovery - ok 23:25:15.0559 5320 niSvcLoc (fc87856060bd0b667d2086b7050240a3) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe 23:25:15.0569 5320 niSvcLoc - ok 23:25:15.0619 5320 NITaggerService (4dc8c4ec1f9637110142c7d65ffb40e5) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe 23:25:15.0629 5320 NITaggerService - ok 23:25:15.0729 5320 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 23:25:15.0789 5320 NlaSvc - ok 23:25:15.0959 5320 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe 23:25:16.0039 5320 NOBU - ok 23:25:16.0139 5320 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:25:16.0179 5320 Npfs - ok 23:25:16.0189 5320 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 23:25:16.0249 5320 nsi - ok 23:25:16.0259 5320 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:25:16.0309 5320 nsiproxy - ok 23:25:16.0379 5320 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:25:16.0439 5320 Ntfs - ok 23:25:16.0499 5320 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:25:16.0529 5320 Null - ok 23:25:16.0559 5320 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 23:25:16.0599 5320 nusb3hub - ok 23:25:16.0619 5320 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 23:25:16.0649 5320 nusb3xhc - ok 23:25:17.0119 5320 nvlddmkm (573b0941a37aebee96085d56a103f57b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:25:17.0429 5320 nvlddmkm - ok 23:25:17.0489 5320 nvpciflt (43af7ebeac2ab623468e32caddcb61a4) C:\Windows\system32\DRIVERS\nvpciflt.sys 23:25:17.0499 5320 nvpciflt - ok 23:25:17.0529 5320 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:25:17.0539 5320 nvraid - ok 23:25:17.0569 5320 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:25:17.0579 5320 nvstor - ok 23:25:17.0599 5320 NvStUSB (9e01b716c8085f7adb1cdc10103ceef8) C:\Windows\system32\drivers\nvstusb.sys 23:25:17.0609 5320 NvStUSB - ok 23:25:17.0659 5320 NVSvc (c500760572c6059918fb0c960967695b) C:\Windows\system32\nvvsvc.exe 23:25:17.0709 5320 NVSvc - ok 23:25:17.0809 5320 nvUpdatusService (f28169a7adf7b41809cf92d369e744f0) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 23:25:17.0879 5320 nvUpdatusService - ok 23:25:17.0989 5320 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:25:17.0999 5320 nv_agp - ok 23:25:18.0089 5320 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 23:25:18.0119 5320 odserv - ok 23:25:18.0129 5320 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:25:18.0149 5320 ohci1394 - ok 23:25:18.0279 5320 OpcEnum (eae6208900e2986f66f68b30aef86e4d) C:\Windows\SysWOW64\OpcEnum.exe 23:25:18.0289 5320 OpcEnum ( UnsignedFile.Multi.Generic ) - warning 23:25:18.0289 5320 OpcEnum - detected UnsignedFile.Multi.Generic (1) 23:25:18.0349 5320 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:25:18.0359 5320 ose - ok 23:25:18.0579 5320 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 23:25:18.0709 5320 osppsvc - ok 23:25:18.0799 5320 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 23:25:18.0859 5320 p2pimsvc - ok 23:25:18.0889 5320 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 23:25:18.0919 5320 p2psvc - ok 23:25:18.0969 5320 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 23:25:18.0989 5320 Parport - ok 23:25:19.0029 5320 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 23:25:19.0039 5320 partmgr - ok 23:25:19.0059 5320 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 23:25:19.0099 5320 PcaSvc - ok 23:25:19.0119 5320 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:25:19.0139 5320 pci - ok 23:25:19.0149 5320 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:25:19.0159 5320 pciide - ok 23:25:19.0179 5320 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 23:25:19.0199 5320 pcmcia - ok 23:25:19.0219 5320 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:25:19.0229 5320 pcw - ok 23:25:19.0269 5320 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:25:19.0319 5320 PEAUTH - ok 23:25:19.0399 5320 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 23:25:19.0479 5320 PeerDistSvc - ok 23:25:19.0539 5320 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 23:25:19.0589 5320 PerfHost - ok 23:25:19.0709 5320 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 23:25:19.0789 5320 pla - ok 23:25:19.0839 5320 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 23:25:19.0889 5320 PlugPlay - ok 23:25:19.0899 5320 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 23:25:19.0919 5320 PNRPAutoReg - ok 23:25:19.0959 5320 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 23:25:19.0969 5320 PNRPsvc - ok 23:25:20.0029 5320 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 23:25:20.0039 5320 Point64 - ok 23:25:20.0079 5320 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 23:25:20.0146 5320 PolicyAgent - ok 23:25:20.0175 5320 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 23:25:20.0219 5320 Power - ok 23:25:20.0242 5320 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:25:20.0290 5320 PptpMiniport - ok 23:25:20.0306 5320 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 23:25:20.0327 5320 Processor - ok 23:25:20.0371 5320 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 23:25:20.0431 5320 ProfSvc - ok 23:25:20.0441 5320 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:25:20.0461 5320 ProtectedStorage - ok 23:25:20.0491 5320 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:25:20.0541 5320 Psched - ok 23:25:20.0581 5320 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 23:25:20.0591 5320 PxHlpa64 - ok 23:25:20.0621 5320 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys 23:25:20.0631 5320 qicflt - ok 23:25:20.0701 5320 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 23:25:20.0751 5320 ql2300 - ok 23:25:20.0851 5320 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 23:25:20.0861 5320 ql40xx - ok 23:25:20.0901 5320 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 23:25:20.0941 5320 QWAVE - ok 23:25:20.0961 5320 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:25:20.0991 5320 QWAVEdrv - ok 23:25:20.0991 5320 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:25:21.0041 5320 RasAcd - ok 23:25:21.0061 5320 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:25:21.0091 5320 RasAgileVpn - ok 23:25:21.0112 5320 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 23:25:21.0156 5320 RasAuto - ok 23:25:21.0182 5320 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:25:21.0229 5320 Rasl2tp - ok 23:25:21.0258 5320 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 23:25:21.0309 5320 RasMan - ok 23:25:21.0330 5320 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:25:21.0374 5320 RasPppoe - ok 23:25:21.0394 5320 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:25:21.0434 5320 RasSstp - ok 23:25:21.0464 5320 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:25:21.0514 5320 rdbss - ok 23:25:21.0524 5320 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:25:21.0544 5320 rdpbus - ok 23:25:21.0564 5320 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:25:21.0604 5320 RDPCDD - ok 23:25:21.0644 5320 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 23:25:21.0664 5320 RDPDR - ok 23:25:21.0674 5320 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:25:21.0724 5320 RDPENCDD - ok 23:25:21.0744 5320 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:25:21.0774 5320 RDPREFMP - ok 23:25:21.0814 5320 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 23:25:21.0844 5320 RDPWD - ok 23:25:21.0874 5320 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:25:21.0904 5320 rdyboost - ok 23:25:22.0014 5320 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 23:25:22.0054 5320 RegSrvc - ok 23:25:22.0084 5320 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 23:25:22.0133 5320 RemoteAccess - ok 23:25:22.0156 5320 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 23:25:22.0198 5320 RemoteRegistry - ok 23:25:22.0254 5320 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 23:25:22.0277 5320 RimUsb - ok 23:25:22.0394 5320 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 23:25:22.0444 5320 RoxMediaDB12OEM - ok 23:25:22.0484 5320 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 23:25:22.0504 5320 RoxWatch12 - ok 23:25:22.0584 5320 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 23:25:22.0634 5320 RpcEptMapper - ok 23:25:22.0654 5320 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 23:25:22.0674 5320 RpcLocator - ok 23:25:22.0704 5320 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 23:25:22.0734 5320 RpcSs - ok 23:25:22.0784 5320 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:25:22.0834 5320 rspndr - ok 23:25:22.0884 5320 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys 23:25:22.0914 5320 RTL8167 - ok 23:25:22.0934 5320 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 23:25:22.0964 5320 s3cap - ok 23:25:22.0994 5320 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:25:23.0004 5320 SamSs - ok 23:25:23.0024 5320 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:25:23.0044 5320 sbp2port - ok 23:25:23.0064 5320 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 23:25:23.0118 5320 SCardSvr - ok 23:25:23.0131 5320 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:25:23.0173 5320 scfilter - ok 23:25:23.0232 5320 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 23:25:23.0306 5320 Schedule - ok 23:25:23.0331 5320 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 23:25:23.0365 5320 SCPolicySvc - ok 23:25:23.0434 5320 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 23:25:23.0464 5320 sdbus - ok 23:25:23.0494 5320 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 23:25:23.0514 5320 SDRSVC - ok 23:25:23.0584 5320 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 23:25:23.0614 5320 SeaPort - ok 23:25:23.0644 5320 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:25:23.0684 5320 secdrv - ok 23:25:23.0704 5320 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 23:25:23.0744 5320 seclogon - ok 23:25:23.0754 5320 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 23:25:23.0804 5320 SENS - ok 23:25:23.0814 5320 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 23:25:23.0844 5320 SensrSvc - ok 23:25:23.0894 5320 Ser2pl (2cd118925f9cdf665f7c08aecd8177ef) C:\Windows\system32\DRIVERS\ser2pl64.sys 23:25:23.0934 5320 Ser2pl - ok 23:25:23.0964 5320 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:25:23.0984 5320 Serenum - ok 23:25:23.0994 5320 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 23:25:24.0024 5320 Serial - ok 23:25:24.0064 5320 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 23:25:24.0084 5320 sermouse - ok 23:25:24.0114 5320 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 23:25:24.0174 5320 SessionEnv - ok 23:25:24.0174 5320 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 23:25:24.0204 5320 sffdisk - ok 23:25:24.0204 5320 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:25:24.0224 5320 sffp_mmc - ok 23:25:24.0224 5320 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys 23:25:24.0254 5320 sffp_sd - ok 23:25:24.0254 5320 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 23:25:24.0274 5320 sfloppy - ok 23:25:24.0354 5320 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 23:25:24.0384 5320 Sftfs - ok 23:25:24.0494 5320 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 23:25:24.0524 5320 sftlist - ok 23:25:24.0574 5320 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 23:25:24.0604 5320 Sftplay - ok 23:25:24.0624 5320 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 23:25:24.0624 5320 Sftredir - ok 23:25:24.0724 5320 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 23:25:24.0754 5320 SftService - ok 23:25:24.0844 5320 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 23:25:24.0854 5320 Sftvol - ok 23:25:24.0964 5320 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 23:25:24.0984 5320 sftvsa - ok 23:25:25.0024 5320 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 23:25:25.0064 5320 SharedAccess - ok 23:25:25.0104 5320 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 23:25:25.0164 5320 ShellHWDetection - ok 23:25:25.0204 5320 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 23:25:25.0214 5320 SiSRaid2 - ok 23:25:25.0224 5320 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 23:25:25.0244 5320 SiSRaid4 - ok 23:25:25.0314 5320 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe 23:25:25.0324 5320 SkypeUpdate - ok 23:25:25.0354 5320 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:25:25.0414 5320 Smb - ok 23:25:25.0434 5320 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 23:25:25.0464 5320 SNMPTRAP - ok 23:25:25.0474 5320 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:25:25.0494 5320 spldr - ok 23:25:25.0524 5320 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 23:25:25.0574 5320 Spooler - ok 23:25:25.0704 5320 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 23:25:25.0824 5320 sppsvc - ok 23:25:25.0904 5320 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 23:25:25.0944 5320 sppuinotify - ok 23:25:26.0044 5320 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys 23:25:26.0044 5320 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2 23:25:26.0044 5320 sptd ( LockedFile.Multi.Generic ) - warning 23:25:26.0044 5320 sptd - detected LockedFile.Multi.Generic (1) 23:25:26.0084 5320 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:25:26.0144 5320 srv - ok 23:25:26.0174 5320 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:25:26.0204 5320 srv2 - ok 23:25:26.0224 5320 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:25:26.0244 5320 srvnet - ok 23:25:26.0294 5320 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys 23:25:26.0354 5320 ssadbus - ok 23:25:26.0394 5320 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys 23:25:26.0414 5320 ssadmdfl - ok 23:25:26.0434 5320 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys 23:25:26.0464 5320 ssadmdm - ok 23:25:26.0494 5320 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys 23:25:26.0524 5320 ssadserd - ok 23:25:26.0564 5320 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 23:25:26.0624 5320 SSDPSRV - ok 23:25:26.0644 5320 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 23:25:26.0684 5320 SstpSvc - ok 23:25:26.0714 5320 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys 23:25:26.0724 5320 stdcfltn - ok 23:25:26.0814 5320 Stereo Service (0683504bbb3ffc0a73d9d217b63dd0e0) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:25:26.0824 5320 Stereo Service - ok 23:25:26.0844 5320 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 23:25:26.0854 5320 stexstor - ok 23:25:26.0904 5320 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 23:25:26.0944 5320 stisvc - ok 23:25:26.0974 5320 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 23:25:26.0984 5320 stllssvr - ok 23:25:27.0004 5320 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 23:25:27.0044 5320 StorSvc - ok 23:25:27.0074 5320 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 23:25:27.0084 5320 storvsc - ok 23:25:27.0104 5320 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 23:25:27.0114 5320 swenum - ok 23:25:27.0154 5320 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 23:25:27.0224 5320 swprv - ok 23:25:27.0244 5320 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys 23:25:27.0254 5320 SynthVid - ok 23:25:27.0334 5320 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys 23:25:27.0384 5320 SynTP - ok 23:25:27.0514 5320 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 23:25:27.0594 5320 SysMain - ok 23:25:27.0644 5320 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 23:25:27.0674 5320 TabletInputService - ok 23:25:27.0694 5320 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 23:25:27.0774 5320 TapiSrv - ok 23:25:27.0784 5320 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 23:25:27.0824 5320 TBS - ok 23:25:28.0044 5320 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 23:25:28.0104 5320 Tcpip - ok 23:25:28.0234 5320 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 23:25:28.0274 5320 TCPIP6 - ok 23:25:28.0334 5320 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:25:28.0374 5320 tcpipreg - ok 23:25:28.0394 5320 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:25:28.0414 5320 TDPIPE - ok 23:25:28.0454 5320 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 23:25:28.0474 5320 TDTCP - ok 23:25:28.0494 5320 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:25:28.0524 5320 tdx - ok 23:25:28.0534 5320 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 23:25:28.0554 5320 TermDD - ok 23:25:28.0594 5320 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 23:25:28.0664 5320 TermService - ok 23:25:28.0684 5320 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 23:25:28.0714 5320 Themes - ok 23:25:28.0744 5320 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 23:25:28.0784 5320 THREADORDER - ok 23:25:28.0804 5320 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 23:25:28.0864 5320 TrkWks - ok 23:25:28.0904 5320 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 23:25:28.0954 5320 TrustedInstaller - ok 23:25:28.0984 5320 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:25:29.0034 5320 tssecsrv - ok 23:25:29.0054 5320 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:25:29.0074 5320 TsUsbFlt - ok 23:25:29.0084 5320 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 23:25:29.0094 5320 TsUsbGD - ok 23:25:29.0124 5320 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:25:29.0174 5320 tunnel - ok 23:25:29.0214 5320 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys 23:25:29.0224 5320 TurboB - ok 23:25:29.0264 5320 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 23:25:29.0274 5320 TurboBoost - ok 23:25:29.0304 5320 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 23:25:29.0324 5320 uagp35 - ok 23:25:29.0354 5320 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:25:29.0404 5320 udfs - ok 23:25:29.0444 5320 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 23:25:29.0454 5320 UI0Detect - ok 23:25:29.0464 5320 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:25:29.0474 5320 uliagpkx - ok 23:25:29.0494 5320 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 23:25:29.0524 5320 umbus - ok 23:25:29.0524 5320 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 23:25:29.0554 5320 UmPass - ok 23:25:29.0584 5320 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 23:25:29.0624 5320 UmRdpService - ok 23:25:29.0794 5320 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 23:25:29.0874 5320 UNS - ok 23:25:29.0974 5320 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 23:25:30.0044 5320 upnphost - ok 23:25:30.0124 5320 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 23:25:30.0154 5320 usbccgp - ok 23:25:30.0174 5320 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:25:30.0194 5320 usbcir - ok 23:25:30.0224 5320 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 23:25:30.0244 5320 usbehci - ok 23:25:30.0274 5320 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:25:30.0314 5320 usbhub - ok 23:25:30.0344 5320 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:25:30.0364 5320 usbohci - ok 23:25:30.0374 5320 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 23:25:30.0394 5320 usbprint - ok 23:25:30.0414 5320 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:25:30.0454 5320 USBSTOR - ok 23:25:30.0484 5320 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 23:25:30.0504 5320 usbuhci - ok 23:25:30.0544 5320 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 23:25:30.0564 5320 usbvideo - ok 23:25:30.0584 5320 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 23:25:30.0634 5320 UxSms - ok 23:25:30.0674 5320 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 23:25:30.0704 5320 VaultSvc - ok 23:25:30.0734 5320 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:25:30.0744 5320 vdrvroot - ok 23:25:30.0774 5320 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 23:25:30.0854 5320 vds - ok 23:25:30.0894 5320 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:25:30.0904 5320 vga - ok 23:25:30.0924 5320 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:25:30.0974 5320 VgaSave - ok 23:25:30.0994 5320 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:25:31.0024 5320 vhdmp - ok 23:25:31.0024 5320 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:25:31.0044 5320 viaide - ok 23:25:31.0064 5320 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 23:25:31.0084 5320 VMBusHID - ok 23:25:31.0104 5320 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:25:31.0121 5320 volmgr - ok 23:25:31.0142 5320 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:25:31.0168 5320 volmgrx - ok 23:25:31.0195 5320 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:25:31.0220 5320 volsnap - ok 23:25:31.0344 5320 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe 23:25:31.0359 5320 vpnagent - ok 23:25:31.0406 5320 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys 23:25:31.0416 5320 vpnva - ok 23:25:31.0456 5320 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 23:25:31.0466 5320 vsmraid - ok 23:25:31.0546 5320 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 23:25:31.0636 5320 VSS - ok 23:25:31.0756 5320 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 23:25:31.0786 5320 vwifibus - ok 23:25:31.0796 5320 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 23:25:31.0836 5320 vwififlt - ok 23:25:31.0856 5320 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 23:25:31.0876 5320 vwifimp - ok 23:25:31.0916 5320 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 23:25:31.0956 5320 W32Time - ok 23:25:31.0986 5320 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 23:25:32.0006 5320 WacomPen - ok 23:25:32.0036 5320 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:25:32.0076 5320 WANARP - ok 23:25:32.0076 5320 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:25:32.0106 5320 Wanarpv6 - ok 23:25:32.0228 5320 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 23:25:32.0273 5320 WatAdminSvc - ok 23:25:32.0343 5320 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 23:25:32.0417 5320 wbengine - ok 23:25:32.0497 5320 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 23:25:32.0527 5320 WbioSrvc - ok 23:25:32.0547 5320 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 23:25:32.0597 5320 wcncsvc - ok 23:25:32.0607 5320 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 23:25:32.0627 5320 WcsPlugInService - ok 23:25:32.0677 5320 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 23:25:32.0687 5320 Wd - ok 23:25:32.0747 5320 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 23:25:32.0767 5320 WDC_SAM - ok 23:25:32.0807 5320 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:25:32.0837 5320 Wdf01000 - ok 23:25:32.0857 5320 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 23:25:32.0947 5320 WdiServiceHost - ok 23:25:32.0947 5320 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 23:25:32.0967 5320 WdiSystemHost - ok 23:25:32.0987 5320 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys 23:25:32.0997 5320 wdkmd - ok 23:25:33.0017 5320 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 23:25:33.0067 5320 WebClient - ok 23:25:33.0097 5320 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 23:25:33.0157 5320 Wecsvc - ok 23:25:33.0177 5320 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 23:25:33.0217 5320 wercplsupport - ok 23:25:33.0237 5320 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 23:25:33.0287 5320 WerSvc - ok 23:25:33.0317 5320 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:25:33.0347 5320 WfpLwf - ok 23:25:33.0397 5320 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 23:25:33.0417 5320 WimFltr - ok 23:25:33.0427 5320 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 23:25:33.0437 5320 WIMMount - ok 23:25:33.0467 5320 WinDefend - ok 23:25:33.0477 5320 WinHttpAutoProxySvc - ok 23:25:33.0527 5320 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 23:25:33.0567 5320 Winmgmt - ok 23:25:33.0657 5320 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 23:25:33.0727 5320 WinRM - ok 23:25:33.0857 5320 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 23:25:33.0877 5320 WinUsb - ok 23:25:33.0927 5320 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 23:25:33.0977 5320 Wlansvc - ok 23:25:34.0047 5320 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 23:25:34.0057 5320 wlcrasvc - ok 23:25:34.0187 5320 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:25:34.0217 5320 wlidsvc - ok 23:25:34.0277 5320 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 23:25:34.0307 5320 WmiAcpi - ok 23:25:34.0367 5320 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 23:25:34.0407 5320 wmiApSrv - ok 23:25:34.0447 5320 WMPNetworkSvc - ok 23:25:34.0467 5320 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 23:25:34.0487 5320 WPCSvc - ok 23:25:34.0507 5320 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 23:25:34.0517 5320 WPDBusEnum - ok 23:25:34.0537 5320 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:25:34.0567 5320 ws2ifsl - ok 23:25:34.0577 5320 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 23:25:34.0617 5320 wscsvc - ok 23:25:34.0617 5320 WSearch - ok 23:25:34.0737 5320 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 23:25:34.0827 5320 wuauserv - ok 23:25:34.0927 5320 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:25:34.0977 5320 WudfPf - ok 23:25:35.0007 5320 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:25:35.0057 5320 WUDFRd - ok 23:25:35.0077 5320 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 23:25:35.0117 5320 wudfsvc - ok 23:25:35.0127 5320 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 23:25:35.0177 5320 WwanSvc - ok 23:25:35.0217 5320 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 23:25:35.0517 5320 \Device\Harddisk0\DR0 - ok 23:25:35.0527 5320 Boot (0x1200) (3c6c1e474d4604f6427319a693787869) \Device\Harddisk0\DR0\Partition0 23:25:35.0527 5320 \Device\Harddisk0\DR0\Partition0 - ok 23:25:35.0557 5320 Boot (0x1200) (935d9df834fa10b64d14e1f5bc549fdb) \Device\Harddisk0\DR0\Partition1 23:25:35.0567 5320 \Device\Harddisk0\DR0\Partition1 - ok 23:25:35.0567 5320 ============================================================ 23:25:35.0567 5320 Scan finished 23:25:35.0567 5320 ============================================================ 23:25:35.0577 2764 Detected object count: 3 23:25:35.0577 2764 Actual detected object count: 3 23:26:04.0573 2764 C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine 23:26:04.0573 2764 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 23:26:04.0733 2764 C:\Windows\SysWOW64\OpcEnum.exe - copied to quarantine 23:26:04.0733 2764 OpcEnum ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 23:26:04.0853 2764 C:\Windows\System32\Drivers\sptd.sys - copied to quarantine 23:26:04.0853 2764 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine GMER log: GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-06-23 00:07:30 Windows 6.1.7601 Service Pack 1 Running: lnk5y2uv.exe ---- Files - GMER 1.0.15 ---- File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LIH2TQCY\errorPageStrings[2] 0 bytes File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZ1L7ELR\12[1].htm 0 bytes File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZ1L7ELR\down[1] 0 bytes File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZ1L7ELR\httpErrorPagesScripts[1] 0 bytes ---- EOF - GMER 1.0.15 ----
  9. Yes the CHKDSK noted no further errors. It ended after the 3 steps of the scan. Yes the Internet Explorer is working but there is one noticable change in it. The default search engine changed to "Blekko" by itself. A similar thing happened on the Chrome browser, where "Blekko" became an additional page which opened up on starting the browser. This too happened by itself, without any change in the settings on my side.
  10. Hi Maurice, I ran the CHKDSK /F as you instructed. It ran normally, but the problem is still not fixed. Now, when I try to access the Google homepage with the Chrome browser, it does not open the page. Instead this message comes on a screen with a white background: Welcome to nginx! What should I do now?
  11. Hi my computer seems to be infected with the partner37.mydomainadvsior virus and I am also seeing an error : 404 Error NGINX/0.6.32. I am using the Google Chrome web browser. As per the instructions, I am posting the "MBAM log file" along with the "Attach" and "DDS" files. It would be really helpful if you could instruct me on what to do next as soon as possible. Regards, mrssa . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1 Run by Soumitro Auddy at 15:49:34 on 2012-06-22 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3990.900 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\SysWOW64\lkads.exe C:\Program Files (x86)\National Instruments\MAX\nimxs.exe C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\SysWOW64\lkcitdl.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Windows\SysWOW64\lktsrv.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\explorer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\spotify.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\notepad.exe C:\Program Files (x86)\Veetle\Player\player.exe C:\Program Files (x86)\Veetle\Player\VeetleNet.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=86E0887E02AA9FAAE066AB4FE03BC340&tbp=homepage uDefault_Page_URL = hxxp://www.dell.com mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8 mStart Page = hxxp://www.yahoo.com/?ilc=8 uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: BetterLinks: {6921710f-6ac6-4113-8ae6-82a1660ebb09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe -update activex uRunOnce: [blekkotb] reg.exe delete "HKCU\Software\AppDataLow\Software\blekkotb" /f uRunOnce: [blekkotb_XP] reg.exe delete "HKCU\Software\blekkotb" /f uRunOnce: [blekkotb_DATA_FOLDER] cmd.exe /c rmdir "C:\ProgramData\Anti-phishing Domain Advisor" /s /q uRunOnce: [blekkotb_INSTALL_FOLDER] cmd.exe /c rmdir "C:\Users\Soumitro Auddy\AppData\Local\blekkotb" /s /q mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{4CC1758F-D365-413E-B1A8-70778E1C6369} : DhcpNameServer = 192.168.1.254 Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: BetterLinks: {6921710F-6AC6-4113-8AE6-82A1660EBB09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll BHO-X64: BetterLinks BHO - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll BHO-X64: uTorrentBar - No File BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll BHO-X64: Yontoo Layers - No File TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-19 98208] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-16 44768] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-21 654408] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336] R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224] R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-6-10 121032] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-19 2009704] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-8-19 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-19 2656280] R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-8-3 645048] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-8 136176] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-5-3 158856] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-8 136176] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 MCHPUSB;MCHPUSB;C:\Windows\system32\DRIVERS\mchpusb64.sys --> C:\Windows\system32\DRIVERS\mchpusb64.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-06-22 18:52:16 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5EF48EA-BBF3-4C7E-A92A-06641C9D29C8}\mpengine.dll 2012-06-22 02:50:37 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Unity 2012-06-19 08:44:12 -------- d-----w- C:\Windows\Application Data 2012-06-19 08:44:09 -------- d-----w- C:\QIMacros 2012-06-19 08:43:56 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-19 08:43:43 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\blekkotb_031 2012-06-19 08:43:42 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor 2012-06-17 22:10:28 -------- d-----w- C:\ProgramData\Cisco 2012-06-14 08:00:59 754808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2012-06-14 03:04:00 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-14 03:04:00 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-14 03:04:00 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-13 20:44:00 -------- d--h--w- C:\Windows\msdownld.tmp 2012-06-13 20:42:07 -------- d-sh--w- C:\Windows\ftpcache 2012-06-13 20:39:54 -------- d-----w- C:\Program Files (x86)\id Software 2012-06-03 00:28:31 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Ares 2012-05-27 06:07:57 -------- d-----w- C:\Program Files (x86)\Oracle 2012-05-27 06:07:22 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-05-25 03:20:00 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared . ==================== Find3M ==================== . 2012-05-25 03:19:20 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-05-25 03:19:20 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-06 04:30:40 348160 ----a-w- C:\Windows\SysWow64\SDL_ttf.dll 2012-05-06 04:30:38 56565 ----a-w- C:\Windows\SysWow64\SDL_image.dll 2012-05-06 04:30:29 266436 ----a-w- C:\Windows\SysWow64\tiff.dll 2012-05-06 04:30:16 565248 ----a-w- C:\Windows\SysWow64\alleg42.dll 2012-05-05 20:29:11 249856 ------w- C:\Windows\Setup1.exe 2012-05-05 20:29:08 73216 ----a-w- C:\Windows\ST6UNST.EXE 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 20:00:46 1198 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg 2012-04-28 06:23:01 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-12 08:28:16 0 ----a-w- C:\Windows\SysWow64\sho5A69.tmp 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-04-04 23:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 15:52:11.37 =============== Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.20.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Soumitro Auddy :: SOUMITROAUDDY [administrator] Protection: Enabled 6/22/2012 1:40:34 PM mbam-log-2012-06-22 (13-40-34).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 649519 Time elapsed: 1 hour(s), 46 minute(s), 59 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 8/24/2011 10:39:58 PM System Uptime: 6/21/2012 2:36:02 PM (25 hours ago) . Motherboard: Dell Inc. | | 0YR8NN Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU | 782/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 446 GiB total, 203.655 GiB free. D: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP152: 6/17/2012 5:08:55 PM - Installed Cisco AnyConnect VPN Client RP153: 6/19/2012 1:04:02 PM - Windows Update RP154: 6/20/2012 3:29:27 PM - Removed Google Talk Plugin RP155: 6/22/2012 1:50:54 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) ????:???? µTorrent AccelerometerP11 Adobe AIR Adobe Reader X (10.1.3) MUI Advanced Audio FX Engine avast! Free Antivirus Batman: Arkham Asylum BetterLinks v1.7.5.24 (remove only) Bing Bar Bing Bar Platform Bing Rewards Client Installer Blio BlueJ 3.0.4 Cisco AnyConnect VPN Client Cozi Crysis WARHEAD® Crystal Reports 2008 Runtime D3DX10 DAEMON Tools Lite Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Getting Started Guide Dell MusicStage Dell PhotoStage Dell Stage Dell VideoStage Dell Webcam Central DirectX 9 Runtime Dropbox eBay Facebook Video Calling 1.2.0.159 FormatFactory 2.90 Free YouTube to MP3 Converter version 3.10.17.221 Google Chrome Google Toolbar for Internet Explorer Google Update Helper HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 High-Definition Video Playback Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Wireless Display Internet Explorer Java Auto Updater Java™ 6 Update 29 Java™ 7 Update 4 Java™ SE Development Kit 6 Java™ SE Runtime Environment 6 JavaFX 2.1.0 Junk Mail filter update LogMeTT 2.9.9 Malwarebytes Anti-Malware version 1.61.0.1400 Mesh Runtime Messenger Companion Michael's Creative C++ Microsoft Default Manager Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Click-to-Run 2010 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Starter 2010 - English Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MPLAB C for PIC24 MCUs and-or dsPIC DSCs MPLAB Tools v8.76 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) National Instruments Software Need for Speed The Run version 1.0 Nero 10 Movie ThemePack Basic Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Update NI-DAQmx/LabVIEW shared documentation 1.9.5 NI-RPC 4.2.2f0 NI-RPC 4.2.2f0 for Phar Lap ETS NI Assistant Framework NI Assistant Framework LabVIEW 2011 Support NI Assistant Framework LabVIEW Code Generator 2011 NI Authentication 2.0 NI CodeSignAPI NI Curl 1.1 NI DataSocket 4.9 NI Distributed System Manager 2011 NI DN 2.0 SP1 installer NI Error Reporting 2011 NI EulaDepot NI Example Finder 11.0 NI GMP Windows 32-bit Installer 11.0.0 NI Help Assistant NI Instrument IO Assistant for LabVIEW 2011 32-bit NI LabVIEW 2009 SP1 Run-Time Engine Web Services NI LabVIEW 2011 NI LabVIEW 2011 Deployable License NI LabVIEW 2011 Deployment Framework NI LabVIEW 2011 Help NI LabVIEW 2011 Help File NI LabVIEW 2011 License NI LabVIEW 2011 Manuals NI LabVIEW 2011 MeasAppChm File NI LabVIEW 2011 Real-Time Error Dialog NI LabVIEW 2011 Real-Time NBFifo NI LabVIEW 2011 Run-Time Engine Non-English Support. NI LabVIEW 2011 Search NI LabVIEW 2011 Simulation NI LabVIEW 2011 VIPM Helper NI LabVIEW 2011 Web Server NI LabVIEW Broker NI LabVIEW C Interface NI LabVIEW Compare Utility 11.0.0 NI LabVIEW MAX XML NI LabVIEW Merge Utility 11.0.0 NI LabVIEW Real-Time NBFifo NI LabVIEW Run-Time Engine 2009 SP1 NI LabVIEW Run-Time Engine 2011 NI LabVIEW Run-Time Engine Interop 2009 NI LabVIEW Run-Time Engine Interop 2011 NI LabVIEW Web Server for Run-Time Engine NI LabVIEW Web Services Runtime NI LabWindows/CVI 2010 Code Generator NI LabWindows/CVI 2010 LabVIEW DLL Builder NI LabWindows/CVI 9.0 Run-Time Engine NI License Manager NI Logos 5.3.0 NI Logos LabVIEW 2011 Support NI Logos XT Support NI Math Kernel Libraries NI MAX Remote Configuration Installer 5.0 NI MDF Support NI mDNS Responder 1.6.0 NI Measurement & Automation Explorer 5.0.0 NI Measurement Studio Recipe Processor NI MetaSuite Installer NI Microsoft Silverlight Wrapper NI MXS 5.0.0 NI Network Discovery 5.0 NI OPC Support NI Portable Configuration 5.0.0 NI Registration Wizard NI Remote Provider for MAX 5.0.0 NI Remote PXI Provider for MAX 5.0.0 NI Search Shared NI Software Provider for MAX 5.0.0 NI SSL LabVIEW 2011 Support NI SSL Support NI System API Client for WIF 5.0.0 NI System API Web-Servce 32-bit 5.0.0 NI System API Windows 32-bit 5.0.0 NI System Configuration Runtime 5.0.0 NI System State Publisher NI System Web Server 2.0 NI System Web Server Base 2.0 NI TDM Excel Add-In 3.3 NI TDMS NI Trace Engine NI Uninstaller NI Update Service 2.0 NI USI 1.9.0 NI Variable Engine 2.5.0 NI Variable Engine LabVIEW 2011 Support NI VC2005MSMs x86 NI VC2008MSMs x86 NI Web Application Server 2.0 NI Web Interface Framework 2.0 NI Web Pipeline 2.0.1 NI Xalan Delay Load 1.10.1 NI Xerces Delay Load 2.7.3 NuMap7.1 - Nonlinear Networks for Approximation NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OpenAL OrCAD 16.5 Lite PhotoShowExpress PL-2303 USB-to-Serial PL-2303 Vista Driver Installer PlayReady PC Runtime x86 PremiumSoft Navicat Premium 9.1 PremiumSoft NaviCoder IDE for Java Quake 4™ RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Reset NI Config 5.0.0 Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skype Click to Call Skype™ 5.9 Sonic CinePlayer Decoder Pack Spotify SyncUP Tera Term 4.71 The QI Macros for Excel TrustedID TTLEditor 1.2.1 Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) uTorrentBar Toolbar Veetle TV VLC media player 1.1.11 WIF Core Dependencies Windows 5.0.0 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zinio Reader 4 . ==== Event Viewer Messages From Past Week ======== . 6/20/2012 2:17:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service. 6/20/2012 2:16:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. 6/15/2012 12:40:01 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.