manickr
-
Posts
35 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by manickr
-
Sorry, I was away for few days. I had an error as folows when i typed in the command: It says: Windows cannot find "combofix" make sure you typed the name correctly and then try again.
-
Thank you very much for all your help. I gretly appreciate your time and patience to go thorugh my problem. Thanks again.
-
Here is the report from Kaspersky. HtmlReport.zip
-
log from Advcleaner # AdwCleaner v1.801 - Logfile created 08/29/2012 at 13:02:45 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (64 bits) # User : rmanickam - ENG-RAJ # Boot Mode : Normal # Running from : C:\Users\rmanickam.HERSEYMETERS\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v13.0.1 (en-US) -\\ Google Chrome v21.0.1180.83 ************************* AdwCleaner[s1].txt - [730 octets] - [29/08/2012 13:02:45] ########## EOF - C:\AdwCleaner[s1].txt - [857 octets] ##########
-
Here is the log from OLT OTL.Txt
-
Hello Sorry, I dont have the laptop with me today. I will follow your steps and respond to you tomorrow night. Thanks
-
I belive this is happening regardless of site i visit. Either i am on Yahoo site or seraching on google most of the time when this happened.
-
Attached is the log file from OTL scan with the command you provided earlier. OTL-aug272012.Txt
-
I am not sure if the picture above shows clearly for what you may look for. The location of the quarantine is c:users\rmanic.herseymeter\appdata\local\temp
-
As usual, I was browing the web and symantec autoprotect popped up with the list of trojans as shown below. I dont have any more redirect since yesterday, but this trojan list keeps popping up. Is there a reason why this one still fins the trojan?
-
OK, I did the full scan after rebooting my machine and this time no trojan was detected in Symantec. I will continue to watch for another 24 hours and will let you know. Hopefully, everything is clean now and we dont have to do anything further. I really appreciate your help and patience in working with me.
-
Sorry, i have to scan it again to get the location correctly. I will add it again shortly.
-
here is the full scan from symantec:
-
I just started the full scan with symantec. I will let you know the results soon.
-
here is the scan log from OTL OTL logfile created on: 8/25/2012 2:48:09 PM - Run 1 OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\rmanickam.HERSEYMETERS\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 15.88 Gb Total Physical Memory | 13.06 Gb Available Physical Memory | 82.24% Memory free 45.18 Gb Paging File | 41.98 Gb Available in Paging File | 92.92% Paging File free Paging file location(s): c:\pagefile.sys 30000 40000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 464.98 Gb Total Space | 111.14 Gb Free Space | 23.90% Space Free | Partition Type: NTFS Computer Name: ENG-RAJ | User Name: rmanickam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2012/08/25 14:35:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\rmanickam.HERSEYMETERS\Downloads\OTL.exe PRC - [2012/07/27 16:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2012/07/27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE PRC - [2012/01/31 19:35:30 | 000,892,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe PRC - [2011/11/02 15:41:18 | 000,755,712 | ---- | M] (CoreTech System CO.,LTD) -- C:\Moldex3D\Moldex3DLMSR\MDX3DLMService.exe PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/06/02 16:10:10 | 000,712,704 | ---- | M] (Core Tech System CO ,LTD) -- C:\Moldex3D\R10.0\Bin\BatchJobManager\MDXComManagerR1000.exe PRC - [2011/05/03 05:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe PRC - [2011/03/24 11:11:18 | 000,107,800 | ---- | M] (Octoshape ApS) -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe PRC - [2011/02/07 14:52:50 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/02/03 00:57:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010/12/17 11:24:06 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe PRC - [2010/12/03 19:20:18 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2010/12/03 19:20:16 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2010/11/29 13:10:32 | 000,210,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe PRC - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe PRC - [2010/11/06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/11/06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010/04/23 00:46:02 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe PRC - [2010/04/23 00:42:44 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe PRC - [2010/03/12 11:42:02 | 000,462,993 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2010/01/25 15:35:56 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe PRC - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2009/09/17 07:06:00 | 001,246,496 | ---- | M] (SafeNet, Inc) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe PRC - [2009/09/17 01:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe PRC - [2009/09/17 01:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe PRC - [2009/07/06 15:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe PRC - [2008/06/10 06:18:54 | 000,241,664 | ---- | M] (Robert McNeel & Associates) -- C:\Program Files (x86)\Zoo 4.0\ZooService.exe ========== Modules (No Company Name) ========== MOD - [2012/06/13 09:46:37 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2e16482769fcdf856919e292a968f16c\IAStorUtil.ni.dll MOD - [2012/06/13 09:37:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/13 09:37:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2012/05/14 21:28:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3b2b9f4ec1819e4b95792d92f56d26f9\IAStorCommon.ni.dll MOD - [2012/05/14 21:18:38 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/14 21:18:06 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012/05/14 21:18:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/14 21:18:00 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/14 21:18:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/14 21:17:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/01/31 19:36:28 | 000,884,736 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll MOD - [2012/01/31 19:35:32 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll MOD - [2012/01/31 19:34:34 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll MOD - [2012/01/31 19:33:22 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll MOD - [2012/01/31 19:33:18 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll MOD - [2012/01/31 19:33:16 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll MOD - [2012/01/31 19:33:16 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll MOD - [2012/01/31 19:33:14 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll MOD - [2012/01/31 19:33:12 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll MOD - [2012/01/31 19:31:42 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll MOD - [2012/01/31 19:31:36 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll MOD - [2012/01/31 19:31:36 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll MOD - [2012/01/31 19:31:04 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll MOD - [2011/11/17 22:06:54 | 000,798,720 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll MOD - [2011/11/17 20:47:08 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010/12/17 11:24:06 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe MOD - [2010/11/24 23:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll MOD - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/12/07 07:12:26 | 000,262,144 | ---- | M] (CoreTech System Co., Ltd.) [Auto | Running] -- C:\Program Files\IntelMPI\x64\MDXParallelServiceR11.exe -- (MDXParallelServiceR11) SRV:64bit: - [2011/10/11 18:48:32 | 001,611,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\IntelMPI\x64\smpd-intel-4.0.3.009-x64.exe -- (impi_smpd) SRV:64bit: - [2011/06/29 10:59:46 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2011/05/19 20:15:54 | 000,336,384 | ---- | M] (CoreTech System Co., Ltd.) [Auto | Running] -- C:\Program Files\MPICH2\R10SP2\x64\MDXParallelServiceR10SP2.exe -- (MDXParallelServiceR10SP2) SRV:64bit: - [2011/02/08 02:41:16 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2011/01/06 23:32:52 | 000,283,648 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV) SRV:64bit: - [2010/12/23 15:23:48 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2010/12/23 15:07:12 | 000,845,584 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2010/11/03 17:48:42 | 002,117,120 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService) SRV:64bit: - [2010/10/28 15:05:50 | 000,036,768 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage) SRV:64bit: - [2010/10/28 15:05:48 | 001,035,680 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service) SRV:64bit: - [2010/10/16 17:17:30 | 003,427,176 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe -- (TdmService) SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/09/22 01:05:24 | 000,165,032 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® SRV:64bit: - [2010/08/24 18:07:24 | 000,517,488 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc) SRV:64bit: - [2010/05/13 14:36:56 | 000,573,440 | ---- | M] (Argonne National Lab, Moldex3D CoreTech Co. Ltd.) [Auto | Running] -- C:\Program Files\MPICH2\R10SP2\x64\smpd-1.2.1-x64.exe -- (mpich2_smpd_MdxR10) SRV:64bit: - [2010/02/10 21:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH) SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009/03/03 06:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters) SRV - [2012/08/14 22:40:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/08/03 12:07:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2011/12/19 21:18:52 | 001,046,528 | ---- | M] (Core Tech System CO ,LTD) [Auto | Running] -- C:\Moldex3D\R11.0\Bin\MDXComManagerR11.exe -- (MDXComManagerR11) SRV - [2011/11/17 22:12:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service) SRV - [2011/11/02 15:41:18 | 000,755,712 | ---- | M] (CoreTech System CO.,LTD) [Auto | Running] -- C:\Moldex3D\Moldex3DLMSR\MDX3DLMService.exe -- (Moldex3D-LM Service) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/06/29 11:11:08 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/06/02 16:10:10 | 000,712,704 | ---- | M] (Core Tech System CO ,LTD) [Auto | Running] -- C:\Moldex3D\R10.0\Bin\BatchJobManager\MDXComManagerR1000.exe -- (MDXComManagerR1000) SRV - [2011/02/07 14:52:50 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/02/03 00:57:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010/12/03 19:20:18 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/12/03 19:20:16 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/11/29 13:10:32 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010/11/06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/07/13 15:02:32 | 001,629,696 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe) SRV - [2010/04/23 00:46:02 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2010/04/16 21:06:36 | 003,218,880 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService) SRV - [2010/04/01 20:47:34 | 000,419,656 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2009/09/17 07:06:00 | 001,246,496 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer) SRV - [2009/09/17 01:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer) SRV - [2009/09/17 01:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/08/01 11:31:11 | 000,238,968 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/08/01 11:31:01 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/06/10 06:18:54 | 000,241,664 | ---- | M] (Robert McNeel & Associates) [Auto | Running] -- C:\Program Files (x86)\Zoo 4.0\ZooService.exe -- (ZooService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/06/27 15:52:50 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2011/06/16 16:02:16 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:64bit: - [2011/06/16 16:02:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2011/06/16 16:02:16 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2011/06/16 16:02:16 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2011/06/16 16:02:16 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/07 14:52:52 | 000,173,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011/02/04 18:13:12 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2011/01/22 04:43:26 | 000,013,776 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NtrigDigitizerUSBLowerFilter.sys -- (NtrigDigitizerUSBLowerFilter) DRV:64bit: - [2011/01/06 23:32:52 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2011/01/06 00:47:12 | 000,343,160 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2011/01/04 17:31:16 | 000,075,240 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR) DRV:64bit: - [2011/01/03 18:19:56 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR) DRV:64bit: - [2011/01/03 16:04:44 | 000,072,808 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys -- (O2MDFRDR) DRV:64bit: - [2010/12/21 15:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2010/12/16 21:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/12/13 10:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010/11/20 09:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2010/11/20 09:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 07:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2010/11/20 07:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/19 08:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/11/19 08:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/10/28 11:42:32 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) DRV:64bit: - [2010/10/19 20:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/08/24 18:46:02 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv) DRV:64bit: - [2010/08/20 12:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2010/03/30 15:27:30 | 000,069,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010/03/08 12:59:16 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL) DRV:64bit: - [2010/03/08 12:59:16 | 000,447,536 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP) DRV:64bit: - [2010/03/08 12:59:16 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2009/09/17 07:05:02 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64) DRV:64bit: - [2009/09/16 17:08:48 | 000,172,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/06/04 14:14:00 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV) DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV - [2012/08/20 04:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120824.003\ex64.sys -- (NAVEX15) DRV - [2012/08/20 04:00:00 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120824.003\eng64.sys -- (NAVENG) DRV - [2012/08/08 04:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012/08/08 04:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/03/08 12:59:16 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL) DRV - [2010/03/08 12:59:16 | 000,447,536 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP) DRV - [2010/03/08 12:59:16 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKCU\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=mkg030&p=" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mkg030&p=" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/17 09:26:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/03 12:07:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{76409225-D456-11E1-8270-B8AC6F996F26}: C:\Users\rmanickam.HERSEYMETERS\AppData\Local\{76409225-D456-11E1-8270-B8AC6F996F26}\ [2012/07/22 19:39:21 | 000,000,000 | ---D | M] [2011/12/29 18:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\mozilla\Extensions [2012/05/29 12:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\mozilla\Firefox\Profiles\e9vx3ueb.default\extensions [2012/05/29 12:25:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\mozilla\Firefox\Profiles\e9vx3ueb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012/04/21 19:23:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/03/18 13:38:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/07/22 19:39:21 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\USERS\RMANICKAM.HERSEYMETERS\APPDATA\LOCAL\{76409225-D456-11E1-8270-B8AC6F996F26} [2012/08/03 12:07:18 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/08/03 12:07:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/08/03 12:07:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Mozilla\plugins\npoctoshape.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Reader Application Detector (Enabled) = C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (no name) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - No CLSID value found. O2:64bit: - BHO: (no name) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - No CLSID value found. O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (no name) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [asfis] "C:\Windows\System32\rundll32.exe" "C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\asfis.dll",GetFirstRow File not found O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation) O4:64bit: - HKLM..\Run: [mimut] rundll32.exe "C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\mimut.dll",HrIsStreamUnicode File not found O4:64bit: - HKLM..\Run: [NtrigApplet] C:\Program Files\N-trig\DuoSense Control Apps\NtrigApplet.exe (N-trig LLC) O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [Client Access Service] C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe (IBM Corporation) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [iMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation) O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc) O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9} (WebIQ Engine Application Object) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.50.0.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HerseyMeters.Local O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{503EB341-522F-401E-9985-1B771FFD7091}: DhcpNameServer = 10.50.0.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79F3347E-8342-4C91-9BE1-1BE41C57C124}: DhcpNameServer = 10.7.7.251 10.7.7.252 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\tmpx - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tmpx - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.) O30 - LSA: Authentication Packages - (wvauth) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/08/25 14:44:06 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5 [2012/08/25 14:39:21 | 000,000,000 | ---D | C] -- C:\_OTL [2012/08/24 13:50:54 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\Desktop\Tooling Development New Product [2012/08/24 11:37:55 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\Desktop\TEMP2 [2012/08/24 11:32:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDraw 2012 [2012/08/24 11:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartDraw 2012 [2012/08/24 10:27:23 | 000,814,913 | ---- | C] (Farbar) -- C:\Users\rmanickam.HERSEYMETERS\Desktop\ListParts64.exe [2012/08/23 18:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/08/23 18:13:50 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\Documents\PrintScreen Files [2012/08/23 17:11:53 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/08/23 15:02:41 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/08/23 15:02:29 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/08/17 09:24:00 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/08/16 16:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger [2012/08/16 15:07:17 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/08/15 09:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/08/14 12:56:47 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\Documents\NAME CHANGE DOCUMENTS [2012/08/14 10:01:59 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys [2012/08/10 11:14:15 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SPE [2012/08/06 16:42:18 | 000,026,824 | ---- | C] (Softland) -- C:\Windows\SysNative\novamnk6.dll [2012/08/06 16:42:18 | 000,019,656 | ---- | C] (Softland) -- C:\Windows\SysNative\novamik6.dll [2012/08/06 16:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\novaPDF 6 [2012/08/06 16:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Softland [2012/08/06 16:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartDraw PDF Export [2012/08/06 14:01:48 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\Documents\SmartDraw [2012/08/06 14:01:39 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SmartDraw [2012/08/05 18:35:09 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Octoshape [2012/08/05 18:35:08 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Octoshape Streaming Services [2012/08/05 18:35:08 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape [2012/08/03 11:13:55 | 000,000,000 | ---D | C] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\HorizonWimba [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/25 14:50:52 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/25 14:50:52 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/25 14:43:32 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/25 14:42:39 | 000,000,480 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (SD).job [2012/08/25 14:42:25 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012/08/25 14:41:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/25 14:40:55 | 4201,299,966 | -HS- | M] () -- C:\hiberfil.sys [2012/08/25 14:11:17 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/25 14:05:40 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/25 12:05:00 | 173,720,576 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\personal.pst [2012/08/24 22:56:39 | 000,183,193 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\symantec-autoprotect-trojan-list.png [2012/08/24 11:32:39 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\SmartDraw 2012.lnk [2012/08/24 10:53:15 | 030,413,440 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\SmartDraw_2012.exe [2012/08/24 10:26:41 | 000,814,913 | ---- | M] (Farbar) -- C:\Users\rmanickam.HERSEYMETERS\Desktop\ListParts64.exe [2012/08/23 18:09:03 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/22 14:07:55 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/08/17 09:26:16 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Standard.lnk [2012/08/16 21:26:35 | 000,746,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/16 21:26:35 | 000,640,402 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/16 21:26:35 | 000,111,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/16 16:55:39 | 000,001,200 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk [2012/08/16 09:20:16 | 000,463,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/15 09:20:58 | 000,289,846 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\cc_20120815_092040.reg [2012/08/15 09:16:08 | 000,001,056 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/08/14 18:10:22 | 006,423,069 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\census.cache [2012/08/14 18:02:44 | 000,162,340 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\ars.cache [2012/08/14 12:16:30 | 000,121,379 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\get-it-for-free.pdf [2012/08/14 09:59:34 | 000,000,036 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\housecall.guid.cache [2012/08/13 16:08:26 | 000,293,904 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\NYLON-REVIEW.pdf [2012/08/13 12:55:40 | 000,124,237 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\sony S series spec.pdf [2012/08/10 14:48:00 | 000,153,552 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Right-to-Review_-packet.pdf [2012/08/10 14:18:57 | 000,020,961 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\NC house bill 805.pdf [2012/08/10 12:57:09 | 000,098,551 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\CASA.pdf [2012/08/10 11:25:25 | 000,000,362 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SMRResults250.dat [2012/08/09 19:52:45 | 001,123,900 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\12Mueller02Report.pdf [2012/08/09 12:12:31 | 000,080,768 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\paymentSuccessPrintScreen.pdf [2012/08/09 12:00:39 | 000,280,959 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\SonyVAIO2MIRsAug02Sep0812tt35.pdf [2012/08/07 09:44:17 | 000,073,738 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Tooling Development Process2.sdr [2012/08/06 16:42:33 | 000,234,658 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Tooling Development Process2.pdf [2012/08/06 14:53:37 | 000,051,944 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Tooling Development Process.sdr [2012/08/06 14:01:47 | 000,001,047 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Desktop\SmartDraw 2012.lnk [2012/08/06 10:50:07 | 000,114,073 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\MfgS Molded Part Flowcharts - Preliminary release 12102010.pdf [2012/08/02 14:08:19 | 000,118,063 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\effect of moisture on nylon.pdf [2012/08/02 12:41:22 | 000,121,693 | ---- | M] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\budget-storage-Aug 2012-Payment.pdf [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/24 22:56:39 | 000,183,193 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\symantec-autoprotect-trojan-list.png [2012/08/24 11:32:51 | 000,000,480 | ---- | C] () -- C:\Windows\tasks\SDMsgUpdate (SD).job [2012/08/24 11:32:39 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\SmartDraw 2012.lnk [2012/08/24 11:30:32 | 030,413,440 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\SmartDraw_2012.exe [2012/08/16 16:55:39 | 000,001,200 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk [2012/08/15 09:20:47 | 000,289,846 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\cc_20120815_092040.reg [2012/08/15 09:16:08 | 000,001,056 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/08/14 12:16:30 | 000,121,379 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\get-it-for-free.pdf [2012/08/14 10:08:30 | 006,423,069 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\census.cache [2012/08/14 10:08:25 | 000,162,340 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\ars.cache [2012/08/14 09:59:34 | 000,000,036 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\housecall.guid.cache [2012/08/13 16:08:26 | 000,293,904 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\NYLON-REVIEW.pdf [2012/08/13 12:55:40 | 000,124,237 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\sony S series spec.pdf [2012/08/10 14:48:00 | 000,153,552 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Right-to-Review_-packet.pdf [2012/08/10 14:18:57 | 000,020,961 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\NC house bill 805.pdf [2012/08/10 12:57:09 | 000,098,551 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\CASA.pdf [2012/08/10 11:25:25 | 000,000,362 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SMRResults250.dat [2012/08/09 19:52:45 | 001,123,900 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\12Mueller02Report.pdf [2012/08/09 12:12:31 | 000,080,768 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\paymentSuccessPrintScreen.pdf [2012/08/09 12:00:39 | 000,280,959 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\SonyVAIO2MIRsAug02Sep0812tt35.pdf [2012/08/06 16:42:31 | 000,234,658 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Tooling Development Process2.pdf [2012/08/06 16:42:18 | 000,007,537 | ---- | C] () -- C:\Windows\SysNative\novak6.ctm [2012/08/06 15:01:13 | 000,073,738 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Tooling Development Process2.sdr [2012/08/06 14:15:25 | 000,051,944 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\Tooling Development Process.sdr [2012/08/06 14:01:47 | 000,001,077 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartDraw 2012.lnk [2012/08/06 14:01:47 | 000,001,047 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Desktop\SmartDraw 2012.lnk [2012/08/02 14:08:19 | 000,118,063 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\effect of moisture on nylon.pdf [2012/08/02 12:41:22 | 000,121,693 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\Documents\budget-storage-Aug 2012-Payment.pdf [2012/02/12 18:18:27 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2011/08/07 00:40:46 | 000,007,607 | ---- | C] () -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Resmon.ResmonCfg [2011/06/27 18:00:56 | 000,764,968 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/06/27 15:03:47 | 000,002,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/06/27 15:01:47 | 000,024,630 | ---- | C] () -- C:\Windows\SysWow64\cwbunplp.exe [2011/06/27 15:01:44 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\cwbrw.dll [2011/06/27 15:01:44 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\cwbsv.dll [2011/06/27 15:01:44 | 000,020,529 | ---- | C] () -- C:\Windows\SysWow64\cwbwiz.dll [2011/06/27 15:01:44 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\cwbsy.dll [2011/06/27 15:01:44 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\cwbnl.dll [2011/06/27 15:01:44 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\cwbco.dll [2011/06/27 15:01:44 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\cwbnldlg.dll [2011/06/27 15:01:44 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\cwbad.dll [2011/06/27 15:01:43 | 000,126,976 | ---- | C] () -- C:\Windows\cwbzip.exe [2011/06/16 17:50:48 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/06/16 17:50:46 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/06/16 17:50:43 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/06/16 16:16:11 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll [2011/06/16 16:08:02 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\instsrv.exe ========== LOP Check ========== [2011/06/29 11:28:09 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Autodesk [2012/01/30 18:40:57 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\CoreTechSystem [2011/06/29 11:10:22 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\DassaultSystemes [2011/10/01 20:49:55 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\FileZilla [2012/01/06 16:34:37 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Geomagic [2011/06/27 15:37:45 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\IBM [2012/01/30 15:28:24 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Moldex3D R11.0 [2012/08/05 18:35:08 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape [2011/07/26 10:09:50 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\PTC [2012/08/06 14:15:26 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SmartDraw [2012/07/23 17:47:45 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SoftGrid Client [2012/08/10 11:23:25 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\SPE [2012/05/24 12:56:01 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\TeamViewer [2012/05/10 10:19:38 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Thinstall [2011/10/23 12:36:48 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\Wave Systems Corp [2012/01/27 15:04:14 | 000,000,000 | ---D | M] -- C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\webex [2012/08/14 20:50:40 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/08/25 14:42:39 | 000,000,480 | ---- | M] () -- C:\Windows\Tasks\SDMsgUpdate (SD).job ========== Purity Check ========== < End of report >
-
Oops.. sorry, we did so many downloads and havent realized OTL was I already downloaded. Anyway, I ran the command per your previous post and the system rebooted and came back up. When it came on, it gave me this following message. All processes killed Error: Unable to interpret <:Commands[purity][emptytemp][emptyflash][Reboot> in the current context! OTL by OldTimer - Version 3.2.58.1 log created on 08252012_143921 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
-
Hello, I think I understand what you want me to run now. But where do I download OTL from? Can you please send me the link?
-
Hello Sorry, i am not able to follow your instruction. i cant find custom scan and fixes in the symantec virus program. Is your instruction for norton? Please clarify. I am running symantec ed point protection.
-
Hello: I have not seen any redirect so far and hopefully it is clean now. But as i was browsing the web now, my symantec autoprotect popped out and it is quarantaining bunch of trojans which makes me belive there are stil some trojans left on this system. I am not able to paste the screen and so i am attaching a picture file which has the image of the symantec auto protect found list of trojans. Please let me know if this is something still needs to be cleaned. Thanks
-
I will keep checking and will let you know as soon as I encounter any issue. From what we have done so far, can you tell me what was the problem you observed? Thanks
-
Log from listparts64 ListParts by Farbar Version: 10-08-2012 Ran by rmanickam (administrator) on 24-08-2012 at 10:27:37 Windows 7 (X64) Running From: C:\Users\rmanickam.HERSEYMETERS\Desktop Language: 0409 ************************************************************ ========================= Memory info ====================== Percentage of memory in use: 19% Total physical RAM: 16264.9 MB Available physical RAM: 13138.17 MB Total Pagefile: 46263.09 MB Available Pagefile: 42730.46 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:107.54 GB) NTFS 4 Drive z: (Shares) (Network) (Total:800.59 GB) (Free:216.99 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 3072 KB Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 39 MB 31 KB Partition 2 Primary 752 MB 40 MB Partition 3 Primary 464 GB 792 MB ====================================================================================================== Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No There is no volume associated with this partition. ====================================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 RECOVERY NTFS Partition 752 MB Healthy System (partition with boot components) ====================================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 464 GB Healthy Boot ====================================================================================================== ****** End Of Log ******
-
Oh sorry, I forgot to answer on that. This morning, i searched the web and so far I have not been redirected. I dont know for sure if the problem is resolved completely. Even when had the issue, it will not redirect all the time. It will do randomly and i want to try the search few more time before i can tell you 100 %. But so far this morning, i dont find it redirecting.
-
TDSSKILLER LOG is below: 09:35:36.0119 10896 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 09:35:36.0362 10896 ============================================================ 09:35:36.0363 10896 Current date / time: 2012/08/24 09:35:36.0362 09:35:36.0363 10896 SystemInfo: 09:35:36.0363 10896 09:35:36.0363 10896 OS Version: 6.1.7601 ServicePack: 1.0 09:35:36.0363 10896 Product type: Workstation 09:35:36.0363 10896 ComputerName: ENG-RAJ 09:35:36.0363 10896 UserName: rmanickam 09:35:36.0363 10896 Windows directory: C:\Windows 09:35:36.0363 10896 System windows directory: C:\Windows 09:35:36.0363 10896 Running under WOW64 09:35:36.0363 10896 Processor architecture: Intel x64 09:35:36.0363 10896 Number of processors: 8 09:35:36.0363 10896 Page size: 0x1000 09:35:36.0363 10896 Boot type: Normal boot 09:35:36.0363 10896 ============================================================ 09:35:37.0030 10896 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 09:35:37.0042 10896 ============================================================ 09:35:37.0042 10896 \Device\Harddisk0\DR0: 09:35:37.0042 10896 MBR partitions: 09:35:37.0042 10896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000 09:35:37.0042 10896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x3A1F8000 09:35:37.0042 10896 ============================================================ 09:35:37.0070 10896 C: <-> \Device\Harddisk0\DR0\Partition2 09:35:37.0070 10896 ============================================================ 09:35:37.0070 10896 Initialize success 09:35:37.0070 10896 ============================================================ 09:36:37.0602 8844 ============================================================ 09:36:37.0602 8844 Scan started 09:36:37.0602 8844 Mode: Manual; SigCheck; TDLFS; 09:36:37.0602 8844 ============================================================ 09:36:37.0793 8844 ================ Scan system memory ======================== 09:36:37.0793 8844 System memory - ok 09:36:37.0793 8844 ================ Scan services ============================= 09:36:37.0941 8844 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 09:36:38.0040 8844 1394ohci - ok 09:36:38.0101 8844 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys 09:36:38.0118 8844 Acceler - ok 09:36:38.0249 8844 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 09:36:38.0264 8844 ACPI - ok 09:36:38.0335 8844 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 09:36:38.0387 8844 AcpiPmi - ok 09:36:38.0544 8844 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 09:36:38.0566 8844 AdobeARMservice - ok 09:36:38.0694 8844 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 09:36:38.0742 8844 AdobeFlashPlayerUpdateSvc - ok 09:36:38.0794 8844 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 09:36:38.0822 8844 adp94xx - ok 09:36:38.0881 8844 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 09:36:38.0906 8844 adpahci - ok 09:36:38.0918 8844 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 09:36:38.0938 8844 adpu320 - ok 09:36:38.0955 8844 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 09:36:39.0044 8844 AeLookupSvc - ok 09:36:39.0164 8844 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe 09:36:39.0233 8844 AESTFilters - ok 09:36:39.0298 8844 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 09:36:39.0387 8844 AFD - ok 09:36:39.0444 8844 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 09:36:39.0466 8844 agp440 - ok 09:36:39.0480 8844 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 09:36:39.0525 8844 ALG - ok 09:36:39.0572 8844 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 09:36:39.0588 8844 aliide - ok 09:36:39.0592 8844 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 09:36:39.0609 8844 amdide - ok 09:36:39.0661 8844 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 09:36:39.0706 8844 AmdK8 - ok 09:36:39.0731 8844 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 09:36:39.0814 8844 AmdPPM - ok 09:36:39.0859 8844 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 09:36:39.0878 8844 amdsata - ok 09:36:39.0936 8844 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 09:36:39.0956 8844 amdsbs - ok 09:36:39.0964 8844 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 09:36:39.0976 8844 amdxata - ok 09:36:40.0045 8844 [ CA5F1BD1261BC771D30096BBCFD625A0 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 09:36:40.0065 8844 ApfiltrService - ok 09:36:40.0135 8844 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 09:36:40.0165 8844 AppID - ok 09:36:40.0180 8844 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 09:36:40.0229 8844 AppIDSvc - ok 09:36:40.0264 8844 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 09:36:40.0333 8844 Appinfo - ok 09:36:40.0388 8844 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 09:36:40.0465 8844 AppMgmt - ok 09:36:40.0519 8844 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 09:36:40.0544 8844 arc - ok 09:36:40.0550 8844 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 09:36:40.0567 8844 arcsas - ok 09:36:40.0607 8844 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 09:36:40.0665 8844 AsyncMac - ok 09:36:40.0715 8844 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 09:36:40.0731 8844 atapi - ok 09:36:40.0799 8844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 09:36:40.0877 8844 AudioEndpointBuilder - ok 09:36:40.0893 8844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 09:36:40.0935 8844 AudioSrv - ok 09:36:41.0039 8844 [ 721409129AB3503B6C96404FE8D8CDF0 ] Automatic LiveUpdate Scheduler C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe 09:36:41.0073 8844 Automatic LiveUpdate Scheduler - ok 09:36:41.0153 8844 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 09:36:41.0243 8844 AxInstSV - ok 09:36:41.0304 8844 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 09:36:41.0383 8844 b06bdrv - ok 09:36:41.0450 8844 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 09:36:41.0499 8844 b57nd60a - ok 09:36:41.0680 8844 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 09:36:41.0707 8844 BBSvc - ok 09:36:42.0457 8844 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 09:36:42.0484 8844 BBUpdate - ok 09:36:42.0533 8844 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 09:36:42.0611 8844 BDESVC - ok 09:36:42.0618 8844 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 09:36:42.0672 8844 Beep - ok 09:36:42.0726 8844 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 09:36:42.0761 8844 BFE - ok 09:36:42.0813 8844 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 09:36:42.0876 8844 BITS - ok 09:36:42.0919 8844 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 09:36:42.0958 8844 blbdrive - ok 09:36:43.0003 8844 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 09:36:43.0034 8844 bowser - ok 09:36:43.0081 8844 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 09:36:43.0124 8844 BrFiltLo - ok 09:36:43.0151 8844 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 09:36:43.0171 8844 BrFiltUp - ok 09:36:43.0261 8844 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 09:36:43.0328 8844 Browser - ok 09:36:43.0391 8844 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 09:36:43.0517 8844 Brserid - ok 09:36:43.0532 8844 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 09:36:43.0576 8844 BrSerWdm - ok 09:36:43.0605 8844 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 09:36:43.0648 8844 BrUsbMdm - ok 09:36:43.0651 8844 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 09:36:43.0675 8844 BrUsbSer - ok 09:36:43.0724 8844 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 09:36:43.0790 8844 BthEnum - ok 09:36:43.0805 8844 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 09:36:43.0849 8844 BTHMODEM - ok 09:36:43.0885 8844 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 09:36:43.0930 8844 BthPan - ok 09:36:43.0985 8844 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 09:36:44.0065 8844 BTHPORT - ok 09:36:44.0121 8844 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 09:36:44.0183 8844 bthserv - ok 09:36:44.0226 8844 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 09:36:44.0274 8844 BTHUSB - ok 09:36:44.0338 8844 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys 09:36:44.0362 8844 BTWAMPFL - ok 09:36:44.0418 8844 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 09:36:44.0438 8844 btwaudio - ok 09:36:44.0497 8844 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 09:36:44.0520 8844 btwavdt - ok 09:36:44.0601 8844 [ CC9DAE7759AC2C0D19111C0D38DDD232 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 09:36:44.0627 8844 btwdins - ok 09:36:44.0643 8844 [ 9AD0FA253ED531D39FB2D74FE12A5FA9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 09:36:44.0661 8844 btwl2cap - ok 09:36:44.0712 8844 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 09:36:44.0730 8844 btwrchid - ok 09:36:44.0796 8844 [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 09:36:44.0810 8844 ccEvtMgr - ok 09:36:44.0820 8844 [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 09:36:44.0833 8844 ccSetMgr - ok 09:36:44.0884 8844 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 09:36:44.0941 8844 cdfs - ok 09:36:44.0988 8844 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 09:36:45.0038 8844 cdrom - ok 09:36:45.0091 8844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 09:36:45.0148 8844 CertPropSvc - ok 09:36:45.0192 8844 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 09:36:45.0213 8844 circlass - ok 09:36:45.0269 8844 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 09:36:45.0292 8844 CLFS - ok 09:36:45.0342 8844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:36:45.0370 8844 clr_optimization_v2.0.50727_32 - ok 09:36:45.0402 8844 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 09:36:45.0422 8844 clr_optimization_v2.0.50727_64 - ok 09:36:45.0537 8844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:36:45.0558 8844 clr_optimization_v4.0.30319_32 - ok 09:36:45.0585 8844 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 09:36:45.0600 8844 clr_optimization_v4.0.30319_64 - ok 09:36:45.0649 8844 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 09:36:45.0688 8844 CmBatt - ok 09:36:45.0725 8844 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 09:36:45.0739 8844 cmdide - ok 09:36:45.0796 8844 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 09:36:45.0820 8844 CNG - ok 09:36:45.0868 8844 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 09:36:45.0878 8844 Compbatt - ok 09:36:45.0944 8844 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 09:36:45.0991 8844 CompositeBus - ok 09:36:46.0002 8844 COMSysApp - ok 09:36:46.0041 8844 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 09:36:46.0066 8844 crcdisk - ok 09:36:46.0143 8844 [ 6E163FAAF624A03A88DFD92E607DE6E5 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe 09:36:46.0170 8844 Credential Vault Host Control Service - ok 09:36:46.0179 8844 [ 8884B4D345DDB029F43AD2E7ADD54A30 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe 09:36:46.0188 8844 Credential Vault Host Storage - ok 09:36:46.0246 8844 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 09:36:46.0318 8844 CryptSvc - ok 09:36:46.0366 8844 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 09:36:46.0437 8844 CSC - ok 09:36:46.0457 8844 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 09:36:46.0507 8844 CscService - ok 09:36:46.0556 8844 [ 8CE04A5BDD2CE6E62CE02A1C27093104 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 09:36:46.0621 8844 CtClsFlt - ok 09:36:46.0758 8844 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 09:36:46.0789 8844 cvhsvc - ok 09:36:46.0845 8844 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys 09:36:46.0859 8844 cvusbdrv - ok 09:36:46.0931 8844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 09:36:46.0992 8844 DcomLaunch - ok 09:36:47.0049 8844 [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe 09:36:47.0072 8844 dcpsysmgrsvc - ok 09:36:47.0095 8844 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 09:36:47.0131 8844 defragsvc - ok 09:36:47.0186 8844 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 09:36:47.0245 8844 DfsC - ok 09:36:47.0334 8844 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 09:36:47.0371 8844 Dhcp - ok 09:36:47.0386 8844 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 09:36:47.0415 8844 discache - ok 09:36:47.0484 8844 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 09:36:47.0502 8844 Disk - ok 09:36:47.0519 8844 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 09:36:47.0588 8844 Dnscache - ok 09:36:47.0637 8844 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 09:36:47.0697 8844 dot3svc - ok 09:36:47.0724 8844 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 09:36:47.0778 8844 DPS - ok 09:36:47.0830 8844 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 09:36:47.0902 8844 drmkaud - ok 09:36:47.0958 8844 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 09:36:47.0985 8844 DXGKrnl - ok 09:36:48.0042 8844 [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys 09:36:48.0061 8844 e1cexpress - ok 09:36:48.0119 8844 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 09:36:48.0178 8844 EapHost - ok 09:36:48.0266 8844 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 09:36:48.0342 8844 ebdrv - ok 09:36:48.0443 8844 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 09:36:48.0458 8844 eeCtrl - ok 09:36:48.0515 8844 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 09:36:48.0543 8844 EFS - ok 09:36:48.0574 8844 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 09:36:48.0678 8844 ehRecvr - ok 09:36:48.0708 8844 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 09:36:48.0792 8844 ehSched - ok 09:36:48.0845 8844 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 09:36:48.0876 8844 elxstor - ok 09:36:48.0944 8844 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 09:36:48.0959 8844 EraserUtilRebootDrv - ok 09:36:49.0005 8844 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 09:36:49.0049 8844 ErrDev - ok 09:36:49.0094 8844 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 09:36:49.0155 8844 EventSystem - ok 09:36:49.0240 8844 [ 5C08B9A2BAAEC1F33C2D50FD166DEEBB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 09:36:49.0291 8844 EvtEng - ok 09:36:49.0307 8844 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 09:36:49.0341 8844 exfat - ok 09:36:49.0357 8844 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 09:36:49.0410 8844 fastfat - ok 09:36:49.0464 8844 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 09:36:49.0544 8844 Fax - ok 09:36:49.0587 8844 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 09:36:49.0632 8844 fdc - ok 09:36:49.0665 8844 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 09:36:49.0696 8844 fdPHost - ok 09:36:49.0709 8844 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 09:36:49.0740 8844 FDResPub - ok 09:36:49.0798 8844 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 09:36:49.0813 8844 FileInfo - ok 09:36:49.0817 8844 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 09:36:49.0871 8844 Filetrace - ok 09:36:49.0930 8844 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 09:36:49.0977 8844 FLEXnet Licensing Service - ok 09:36:50.0022 8844 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 09:36:50.0071 8844 FLEXnet Licensing Service 64 - ok 09:36:50.0116 8844 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 09:36:50.0131 8844 flpydisk - ok 09:36:50.0181 8844 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 09:36:50.0204 8844 FltMgr - ok 09:36:50.0239 8844 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 09:36:50.0322 8844 FontCache - ok 09:36:50.0413 8844 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 09:36:50.0433 8844 FontCache3.0.0.0 - ok 09:36:50.0445 8844 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 09:36:50.0460 8844 FsDepends - ok 09:36:50.0518 8844 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 09:36:50.0533 8844 Fs_Rec - ok 09:36:50.0606 8844 [ 281A153B01D414F894506026C08A6ADB ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys 09:36:50.0626 8844 FTDIBUS - ok 09:36:50.0684 8844 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 09:36:50.0703 8844 fvevol - ok 09:36:50.0758 8844 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 09:36:50.0779 8844 gagp30kx - ok 09:36:50.0844 8844 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 09:36:50.0926 8844 gpsvc - ok 09:36:51.0026 8844 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:36:51.0052 8844 gupdate - ok 09:36:51.0056 8844 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:36:51.0073 8844 gupdatem - ok 09:36:51.0139 8844 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 09:36:51.0168 8844 gusvc - ok 09:36:51.0227 8844 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 09:36:51.0256 8844 hcw85cir - ok 09:36:51.0317 8844 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 09:36:51.0360 8844 HDAudBus - ok 09:36:51.0385 8844 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 09:36:51.0427 8844 HidBatt - ok 09:36:51.0454 8844 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 09:36:51.0503 8844 HidBth - ok 09:36:51.0537 8844 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 09:36:51.0576 8844 HidIr - ok 09:36:51.0614 8844 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 09:36:51.0647 8844 hidserv - ok 09:36:51.0702 8844 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 09:36:51.0719 8844 HidUsb - ok 09:36:51.0757 8844 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 09:36:51.0829 8844 hkmsvc - ok 09:36:51.0876 8844 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 09:36:51.0903 8844 HomeGroupListener - ok 09:36:51.0943 8844 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 09:36:51.0979 8844 HomeGroupProvider - ok 09:36:52.0019 8844 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 09:36:52.0040 8844 HpSAMD - ok 09:36:52.0114 8844 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 09:36:52.0175 8844 HTTP - ok 09:36:52.0211 8844 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 09:36:52.0226 8844 hwpolicy - ok 09:36:52.0298 8844 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 09:36:52.0317 8844 i8042prt - ok 09:36:52.0347 8844 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 09:36:52.0366 8844 iaStor - ok 09:36:52.0950 8844 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 09:36:52.0966 8844 IAStorDataMgrSvc - ok 09:36:53.0016 8844 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 09:36:53.0039 8844 iaStorV - ok 09:36:53.0100 8844 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 09:36:53.0146 8844 idsvc - ok 09:36:53.0352 8844 [ 8CB8667F5A3B5515F2585F3254F3AAF7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 09:36:53.0580 8844 igfx - ok 09:36:53.0612 8844 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 09:36:53.0629 8844 iirsp - ok 09:36:53.0698 8844 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 09:36:53.0740 8844 IKEEXT - ok 09:36:53.0877 8844 [ 54513301C76D3C0220B74C7D6E7B4B0A ] impi_smpd C:\Program Files\IntelMPI\x64\smpd-intel-4.0.3.009-x64.exe 09:36:53.0927 8844 impi_smpd - ok 09:36:53.0946 8844 [ 28D387EEFAD7CC3A0BEB9C3262E83ADD ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe 09:36:53.0970 8844 Intel® PROSet Monitoring Service - ok 09:36:54.0015 8844 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 09:36:54.0029 8844 intelide - ok 09:36:54.0045 8844 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 09:36:54.0077 8844 intelppm - ok 09:36:54.0118 8844 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 09:36:54.0150 8844 IPBusEnum - ok 09:36:54.0189 8844 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:36:54.0243 8844 IpFilterDriver - ok 09:36:54.0304 8844 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 09:36:54.0339 8844 iphlpsvc - ok 09:36:54.0380 8844 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 09:36:54.0431 8844 IPMIDRV - ok 09:36:54.0463 8844 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 09:36:54.0520 8844 IPNAT - ok 09:36:54.0556 8844 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 09:36:54.0575 8844 IRENUM - ok 09:36:54.0639 8844 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 09:36:54.0656 8844 isapnp - ok 09:36:54.0697 8844 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 09:36:54.0719 8844 iScsiPrt - ok 09:36:54.0823 8844 [ 3B794CA0DE73790420DEBA3C759F1502 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 09:36:54.0855 8844 jhi_service - ok 09:36:54.0903 8844 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 09:36:54.0917 8844 kbdclass - ok 09:36:54.0959 8844 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 09:36:54.0999 8844 kbdhid - ok 09:36:55.0028 8844 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 09:36:55.0043 8844 KeyIso - ok 09:36:55.0055 8844 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 09:36:55.0066 8844 KSecDD - ok 09:36:55.0080 8844 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 09:36:55.0092 8844 KSecPkg - ok 09:36:55.0101 8844 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 09:36:55.0154 8844 ksthunk - ok 09:36:55.0190 8844 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 09:36:55.0259 8844 KtmRm - ok 09:36:55.0313 8844 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 09:36:55.0370 8844 LanmanServer - ok 09:36:55.0406 8844 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 09:36:55.0460 8844 LanmanWorkstation - ok 09:36:55.0533 8844 [ 36375738DC0B3CD1F764268008E74FDF ] LiveUpdate C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE 09:36:55.0580 8844 LiveUpdate - ok 09:36:55.0630 8844 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 09:36:55.0678 8844 lltdio - ok 09:36:55.0719 8844 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 09:36:55.0783 8844 lltdsvc - ok 09:36:55.0819 8844 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 09:36:55.0846 8844 lmhosts - ok 09:36:55.0950 8844 [ DB083F1D27BA8A59CABB00F0A0FB6F84 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 09:36:55.0974 8844 LMS - ok 09:36:56.0024 8844 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 09:36:56.0045 8844 LSI_FC - ok 09:36:56.0057 8844 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 09:36:56.0075 8844 LSI_SAS - ok 09:36:56.0084 8844 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 09:36:56.0100 8844 LSI_SAS2 - ok 09:36:56.0107 8844 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 09:36:56.0125 8844 LSI_SCSI - ok 09:36:56.0133 8844 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 09:36:56.0192 8844 luafv - ok 09:36:56.0256 8844 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 09:36:56.0269 8844 MBAMProtector - ok 09:36:56.0357 8844 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 09:36:56.0389 8844 MBAMService - ok 09:36:56.0434 8844 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 09:36:56.0454 8844 Mcx2Svc - ok 09:36:56.0572 8844 MDXComManagerR1000 - ok 09:36:56.0685 8844 MDXComManagerR11 - ok 09:36:56.0773 8844 [ AFA5A02F612DF40F48307ECFAA2BC019 ] MDXParallelServiceR10SP2 C:\Program Files\MPICH2\R10SP2\x64\MDXParallelServiceR10SP2.exe 09:36:56.0823 8844 MDXParallelServiceR10SP2 ( UnsignedFile.Multi.Generic ) - warning 09:36:56.0823 8844 MDXParallelServiceR10SP2 - detected UnsignedFile.Multi.Generic (1) 09:36:56.0877 8844 [ 338D4C7870EE189A6BBB96202DDA14AF ] MDXParallelServiceR11 C:\Program Files\IntelMPI\x64\MDXParallelServiceR11.exe 09:36:56.0921 8844 MDXParallelServiceR11 ( UnsignedFile.Multi.Generic ) - warning 09:36:56.0921 8844 MDXParallelServiceR11 - detected UnsignedFile.Multi.Generic (1) 09:36:56.0950 8844 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 09:36:56.0964 8844 megasas - ok 09:36:56.0979 8844 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 09:36:57.0000 8844 MegaSR - ok 09:36:57.0055 8844 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 09:36:57.0070 8844 MEIx64 - ok 09:36:57.0149 8844 Microsoft SharePoint Workspace Audit Service - ok 09:36:57.0166 8844 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 09:36:57.0224 8844 MMCSS - ok 09:36:57.0227 8844 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 09:36:57.0261 8844 Modem - ok 09:36:57.0360 8844 [ 42FD754C9ED621CD010AFBD8E767FFE4 ] Moldex3D-LM Service C:\Moldex3D\Moldex3DLMSR\MDX3DLMService.exe 09:36:57.0411 8844 Moldex3D-LM Service ( UnsignedFile.Multi.Generic ) - warning 09:36:57.0411 8844 Moldex3D-LM Service - detected UnsignedFile.Multi.Generic (1) 09:36:57.0444 8844 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 09:36:57.0486 8844 monitor - ok 09:36:57.0529 8844 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 09:36:57.0542 8844 mouclass - ok 09:36:57.0599 8844 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 09:36:57.0639 8844 mouhid - ok 09:36:57.0673 8844 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 09:36:57.0689 8844 mountmgr - ok 09:36:57.0771 8844 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 09:36:57.0824 8844 MozillaMaintenance - ok 09:36:57.0901 8844 [ 8A410F87B43D1A84768CD12A3E05C96D ] mpich2_smpd_MdxR10 C:\Program Files\MPICH2\R10SP2\x64\smpd-1.2.1-x64.exe 09:36:57.0941 8844 mpich2_smpd_MdxR10 ( UnsignedFile.Multi.Generic ) - warning 09:36:57.0941 8844 mpich2_smpd_MdxR10 - detected UnsignedFile.Multi.Generic (1) 09:36:57.0966 8844 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 09:36:57.0988 8844 mpio - ok 09:36:58.0004 8844 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 09:36:58.0052 8844 mpsdrv - ok 09:36:58.0101 8844 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 09:36:58.0181 8844 MpsSvc - ok 09:36:58.0210 8844 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 09:36:58.0251 8844 MRxDAV - ok 09:36:58.0286 8844 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 09:36:58.0355 8844 mrxsmb - ok 09:36:58.0400 8844 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:36:58.0417 8844 mrxsmb10 - ok 09:36:58.0436 8844 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:36:58.0470 8844 mrxsmb20 - ok 09:36:58.0504 8844 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 09:36:58.0521 8844 msahci - ok 09:36:58.0568 8844 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 09:36:58.0593 8844 msdsm - ok 09:36:58.0602 8844 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 09:36:58.0620 8844 MSDTC - ok 09:36:58.0672 8844 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 09:36:58.0705 8844 Msfs - ok 09:36:58.0750 8844 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 09:36:58.0809 8844 mshidkmdf - ok 09:36:58.0831 8844 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 09:36:58.0843 8844 msisadrv - ok 09:36:58.0866 8844 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 09:36:58.0921 8844 MSiSCSI - ok 09:36:58.0923 8844 msiserver - ok 09:36:58.0958 8844 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 09:36:58.0989 8844 MSKSSRV - ok 09:36:59.0028 8844 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 09:36:59.0084 8844 MSPCLOCK - ok 09:36:59.0102 8844 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 09:36:59.0130 8844 MSPQM - ok 09:36:59.0171 8844 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 09:36:59.0192 8844 MsRPC - ok 09:36:59.0243 8844 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 09:36:59.0255 8844 mssmbios - ok 09:36:59.0258 8844 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 09:36:59.0287 8844 MSTEE - ok 09:36:59.0299 8844 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 09:36:59.0340 8844 MTConfig - ok 09:36:59.0381 8844 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 09:36:59.0396 8844 Mup - ok 09:36:59.0443 8844 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 09:36:59.0499 8844 napagent - ok 09:36:59.0555 8844 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 09:36:59.0576 8844 NativeWifiP - ok 09:36:59.0668 8844 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120823.004\ENG64.SYS 09:36:59.0684 8844 NAVENG - ok 09:36:59.0739 8844 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120823.004\EX64.SYS 09:36:59.0770 8844 NAVEX15 - ok 09:36:59.0811 8844 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys 09:36:59.0846 8844 NDIS - ok 09:36:59.0905 8844 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 09:36:59.0958 8844 NdisCap - ok 09:36:59.0992 8844 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 09:37:00.0047 8844 NdisTapi - ok 09:37:00.0085 8844 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 09:37:00.0115 8844 Ndisuio - ok 09:37:00.0164 8844 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 09:37:00.0221 8844 NdisWan - ok 09:37:00.0259 8844 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 09:37:00.0315 8844 NDProxy - ok 09:37:00.0365 8844 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 09:37:00.0392 8844 NetBIOS - ok 09:37:00.0436 8844 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 09:37:00.0492 8844 NetBT - ok 09:37:00.0496 8844 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 09:37:00.0509 8844 Netlogon - ok 09:37:00.0551 8844 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 09:37:00.0611 8844 Netman - ok 09:37:00.0645 8844 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 09:37:00.0718 8844 netprofm - ok 09:37:00.0752 8844 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 09:37:00.0772 8844 NetTcpPortSharing - ok 09:37:00.0946 8844 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 09:37:01.0156 8844 NETwNs64 - ok 09:37:01.0208 8844 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 09:37:01.0229 8844 nfrd960 - ok 09:37:01.0287 8844 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 09:37:01.0347 8844 NlaSvc - ok 09:37:01.0370 8844 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 09:37:01.0397 8844 Npfs - ok 09:37:01.0418 8844 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 09:37:01.0445 8844 nsi - ok 09:37:01.0454 8844 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 09:37:01.0480 8844 nsiproxy - ok 09:37:01.0556 8844 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 09:37:01.0603 8844 Ntfs - ok 09:37:01.0657 8844 [ 88EBCF7A02955D1808D906137751EB1E ] NtrigDigitizerUSBLowerFilter C:\Windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys 09:37:01.0669 8844 NtrigDigitizerUSBLowerFilter - ok 09:37:01.0687 8844 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 09:37:01.0736 8844 Null - ok 09:37:01.0783 8844 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 09:37:01.0809 8844 nusb3hub - ok 09:37:01.0856 8844 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 09:37:01.0881 8844 nusb3xhc - ok 09:37:01.0932 8844 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 09:37:01.0954 8844 NVHDA - ok 09:37:02.0192 8844 [ 0C24C7403DBBAD616FEFA479C3D66DD2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 09:37:02.0388 8844 nvlddmkm - ok 09:37:02.0400 8844 [ D607B05EBB6D65A22AAB9014DAFA06E4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 09:37:02.0409 8844 nvpciflt - ok 09:37:02.0468 8844 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 09:37:02.0493 8844 nvraid - ok 09:37:02.0501 8844 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 09:37:02.0520 8844 nvstor - ok 09:37:02.0542 8844 [ CEA337A460199E88A9469EE6CEA6E662 ] NVSvc C:\Windows\system32\nvvsvc.exe 09:37:02.0578 8844 NVSvc - ok 09:37:02.0669 8844 [ 2414291E43E300B9ACADDA7668488A0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 09:37:02.0725 8844 nvUpdatusService - ok 09:37:02.0777 8844 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 09:37:02.0797 8844 nv_agp - ok 09:37:02.0816 8844 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe 09:37:02.0834 8844 O2FLASH - ok 09:37:02.0841 8844 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\Windows\system32\DRIVERS\O2MDFw7x64.sys 09:37:02.0856 8844 O2MDFRDR - ok 09:37:02.0866 8844 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRw7x64.sys 09:37:02.0876 8844 O2MDRRDR - ok 09:37:02.0882 8844 [ 61B2ACA7F48738AFC883C05FA136A468 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7x64.sys 09:37:02.0891 8844 O2SDJRDR - ok 09:37:02.0933 8844 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 09:37:03.0453 8844 ohci1394 - ok 09:37:03.0553 8844 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:37:03.0606 8844 ose - ok 09:37:03.0713 8844 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 09:37:03.0841 8844 osppsvc - ok 09:37:03.0869 8844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 09:37:03.0942 8844 p2pimsvc - ok 09:37:03.0959 8844 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 09:37:03.0980 8844 p2psvc - ok 09:37:04.0071 8844 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 09:37:04.0092 8844 Parport - ok 09:37:04.0132 8844 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 09:37:04.0150 8844 partmgr - ok 09:37:04.0203 8844 [ 363B3F857ABEE85767E01E3044C539CD ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys 09:37:04.0214 8844 PBADRV - ok 09:37:04.0226 8844 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 09:37:04.0262 8844 PcaSvc - ok 09:37:04.0299 8844 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 09:37:04.0318 8844 pci - ok 09:37:04.0373 8844 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 09:37:04.0390 8844 pciide - ok 09:37:04.0406 8844 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 09:37:04.0426 8844 pcmcia - ok 09:37:04.0432 8844 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 09:37:04.0443 8844 pcw - ok 09:37:04.0462 8844 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 09:37:04.0498 8844 PEAUTH - ok 09:37:04.0578 8844 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 09:37:04.0664 8844 PeerDistSvc - ok 09:37:04.0759 8844 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 09:37:04.0805 8844 PerfHost - ok 09:37:04.0857 8844 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 09:37:04.0917 8844 pla - ok 09:37:04.0974 8844 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 09:37:05.0008 8844 PlugPlay - ok 09:37:05.0026 8844 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 09:37:05.0069 8844 PNRPAutoReg - ok 09:37:05.0096 8844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 09:37:05.0113 8844 PNRPsvc - ok 09:37:05.0162 8844 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 09:37:05.0218 8844 PolicyAgent - ok 09:37:05.0257 8844 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 09:37:05.0307 8844 Power - ok 09:37:05.0354 8844 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 09:37:05.0406 8844 PptpMiniport - ok 09:37:05.0433 8844 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 09:37:05.0474 8844 Processor - ok 09:37:05.0514 8844 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 09:37:05.0582 8844 ProfSvc - ok 09:37:05.0594 8844 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 09:37:05.0605 8844 ProtectedStorage - ok 09:37:05.0666 8844 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 09:37:05.0720 8844 Psched - ok 09:37:05.0764 8844 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 09:37:05.0776 8844 PxHlpa64 - ok 09:37:05.0851 8844 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 09:37:05.0900 8844 ql2300 - ok 09:37:05.0910 8844 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 09:37:05.0927 8844 ql40xx - ok 09:37:05.0948 8844 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 09:37:05.0969 8844 QWAVE - ok 09:37:05.0979 8844 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 09:37:06.0025 8844 QWAVEdrv - ok 09:37:06.0046 8844 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 09:37:06.0103 8844 RasAcd - ok 09:37:06.0149 8844 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 09:37:06.0180 8844 RasAgileVpn - ok 09:37:06.0190 8844 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 09:37:06.0243 8844 RasAuto - ok 09:37:06.0274 8844 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 09:37:06.0304 8844 Rasl2tp - ok 09:37:06.0360 8844 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 09:37:06.0400 8844 RasMan - ok 09:37:06.0412 8844 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 09:37:06.0440 8844 RasPppoe - ok 09:37:06.0446 8844 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 09:37:06.0505 8844 RasSstp - ok 09:37:06.0538 8844 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 09:37:06.0577 8844 rdbss - ok 09:37:06.0584 8844 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 09:37:06.0622 8844 rdpbus - ok 09:37:06.0659 8844 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 09:37:06.0689 8844 RDPCDD - ok 09:37:06.0734 8844 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 09:37:06.0773 8844 RDPDR - ok 09:37:06.0785 8844 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 09:37:06.0810 8844 RDPENCDD - ok 09:37:06.0814 8844 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 09:37:06.0840 8844 RDPREFMP - ok 09:37:06.0865 8844 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 09:37:06.0939 8844 RDPWD - ok 09:37:07.0008 8844 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 09:37:07.0024 8844 rdyboost - ok 09:37:07.0103 8844 [ F90CC59135F2945A6EBB1670A7BBD8B3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 09:37:07.0124 8844 RegSrvc - ok 09:37:07.0142 8844 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 09:37:07.0202 8844 RemoteAccess - ok 09:37:07.0233 8844 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 09:37:07.0268 8844 RemoteRegistry - ok 09:37:07.0325 8844 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 09:37:07.0372 8844 RFCOMM - ok 09:37:07.0475 8844 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 09:37:07.0524 8844 RoxMediaDB12OEM - ok 09:37:07.0546 8844 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 09:37:07.0566 8844 RoxWatch12 - ok 09:37:07.0587 8844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 09:37:07.0640 8844 RpcEptMapper - ok 09:37:07.0669 8844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 09:37:07.0706 8844 RpcLocator - ok 09:37:07.0749 8844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 09:37:07.0780 8844 RpcSs - ok 09:37:07.0838 8844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 09:37:07.0874 8844 rspndr - ok 09:37:07.0915 8844 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 09:37:07.0943 8844 s3cap - ok 09:37:07.0950 8844 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 09:37:07.0962 8844 SamSs - ok 09:37:07.0969 8844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 09:37:07.0986 8844 sbp2port - ok 09:37:08.0008 8844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 09:37:08.0041 8844 SCardSvr - ok 09:37:08.0088 8844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 09:37:08.0142 8844 scfilter - ok 09:37:08.0181 8844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 09:37:08.0264 8844 Schedule - ok 09:37:08.0299 8844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 09:37:08.0326 8844 SCPolicySvc - ok 09:37:08.0338 8844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 09:37:08.0362 8844 SDRSVC - ok 09:37:08.0413 8844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 09:37:08.0476 8844 secdrv - ok 09:37:08.0507 8844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 09:37:08.0542 8844 seclogon - ok 09:37:08.0623 8844 [ F3D951071C624137430FE65A67541EF9 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe 09:37:08.0734 8844 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning 09:37:08.0734 8844 SecureStorageService - detected UnsignedFile.Multi.Generic (1) 09:37:08.0759 8844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 09:37:08.0820 8844 SENS - ok 09:37:08.0844 8844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 09:37:08.0907 8844 SensrSvc - ok 09:37:08.0975 8844 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys 09:37:08.0989 8844 Sentinel64 - ok 09:37:09.0025 8844 [ 1BA2C677C6146A8B3ADEA7B69D2EED56 ] SentinelKeysServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe 09:37:09.0046 8844 SentinelKeysServer - ok 09:37:09.0118 8844 [ D1A2BA8BF092DDF18F3D3DB1D5AC7803 ] SentinelProtectionServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe 09:37:09.0149 8844 SentinelProtectionServer - ok 09:37:09.0163 8844 [ E80B91AEC007711B1EEC9C83487754E2 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe 09:37:09.0178 8844 SentinelSecurityRuntime - ok 09:37:09.0226 8844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 09:37:09.0265 8844 Serenum - ok 09:37:09.0305 8844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 09:37:09.0324 8844 Serial - ok 09:37:09.0389 8844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 09:37:09.0430 8844 sermouse - ok 09:37:09.0469 8844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 09:37:09.0534 8844 SessionEnv - ok 09:37:09.0606 8844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 09:37:09.0668 8844 sffdisk - ok 09:37:09.0672 8844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 09:37:09.0715 8844 sffp_mmc - ok 09:37:09.0718 8844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 09:37:09.0744 8844 sffp_sd - ok 09:37:09.0784 8844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 09:37:09.0801 8844 sfloppy - ok 09:37:09.0865 8844 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 09:37:09.0883 8844 Sftfs - ok 09:37:09.0985 8844 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 09:37:10.0015 8844 sftlist - ok 09:37:10.0030 8844 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 09:37:10.0042 8844 Sftplay - ok 09:37:10.0048 8844 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 09:37:10.0057 8844 Sftredir - ok 09:37:10.0068 8844 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 09:37:10.0079 8844 Sftvol - ok 09:37:10.0095 8844 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 09:37:10.0121 8844 sftvsa - ok 09:37:10.0173 8844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 09:37:10.0242 8844 SharedAccess - ok 09:37:10.0306 8844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 09:37:10.0366 8844 ShellHWDetection - ok 09:37:10.0408 8844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 09:37:10.0429 8844 SiSRaid2 - ok 09:37:10.0436 8844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 09:37:10.0453 8844 SiSRaid4 - ok 09:37:10.0522 8844 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 09:37:10.0611 8844 SkypeUpdate - ok 09:37:10.0653 8844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 09:37:10.0719 8844 Smb - ok 09:37:10.0813 8844 [ 26EB194D1FB2870E0453A99B84889F8D ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe 09:37:10.0925 8844 SmcService - ok 09:37:10.0981 8844 [ C2E9B4E50CF3A15255B45A7C7A0A881E ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE 09:37:11.0008 8844 SNAC - ok 09:37:11.0060 8844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 09:37:11.0101 8844 SNMPTRAP - ok 09:37:11.0159 8844 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe 09:37:11.0196 8844 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning 09:37:11.0196 8844 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1) 09:37:11.0222 8844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 09:37:11.0233 8844 spldr - ok 09:37:11.0260 8844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 09:37:11.0330 8844 Spooler - ok 09:37:11.0418 8844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 09:37:11.0490 8844 sppsvc - ok 09:37:11.0512 8844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 09:37:11.0547 8844 sppuinotify - ok 09:37:11.0609 8844 [ B531FC8918DCDAAE638511A123C3465E ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS 09:37:11.0632 8844 SRTSP - ok 09:37:11.0648 8844 [ 2BD3A73D0601320B72486FC3EBC2544F ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS 09:37:11.0679 8844 SRTSPL - ok 09:37:11.0688 8844 [ 529B337C1AEEB289F0B502EB0EE6A8F5 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS 09:37:11.0702 8844 SRTSPX - ok 09:37:11.0726 8844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 09:37:11.0802 8844 srv - ok 09:37:11.0826 8844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 09:37:11.0862 8844 srv2 - ok 09:37:11.0900 8844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 09:37:11.0945 8844 srvnet - ok 09:37:11.0983 8844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 09:37:12.0018 8844 SSDPSRV - ok 09:37:12.0030 8844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 09:37:12.0059 8844 SstpSvc - ok 09:37:12.0158 8844 [ 46B72C1C296C1E985D031D98F0FFA5E5 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 09:37:12.0178 8844 STacSV - ok 09:37:12.0223 8844 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys 09:37:12.0233 8844 stdcfltn - ok 09:37:12.0302 8844 [ D914873C89A3DD4FFF110C23BA872C59 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 09:37:12.0343 8844 Stereo Service - ok 09:37:12.0364 8844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 09:37:12.0379 8844 stexstor - ok 09:37:12.0401 8844 [ 501B376781EB6E46AAE43946E3DD7D84 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys 09:37:12.0447 8844 STHDA - ok 09:37:12.0488 8844 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 09:37:12.0528 8844 StillCam - ok 09:37:12.0575 8844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 09:37:12.0627 8844 stisvc - ok 09:37:12.0675 8844 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 09:37:12.0697 8844 stllssvr - ok 09:37:12.0737 8844 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 09:37:12.0751 8844 storflt - ok 09:37:12.0764 8844 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 09:37:12.0833 8844 StorSvc - ok 09:37:12.0847 8844 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 09:37:12.0862 8844 storvsc - ok 09:37:12.0912 8844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 09:37:12.0930 8844 swenum - ok 09:37:12.0959 8844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 09:37:13.0022 8844 swprv - ok 09:37:13.0077 8844 [ F3A4EAD0B3946E439F0397F7A4D09952 ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe 09:37:13.0114 8844 Symantec AntiVirus - ok 09:37:13.0175 8844 [ 7E4D281982E19ABD06728C7EE9AC40A8 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 09:37:13.0193 8844 SymEvent - ok 09:37:13.0965 8844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 09:37:14.0060 8844 SysMain - ok 09:37:14.0105 8844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 09:37:14.0126 8844 TabletInputService - ok 09:37:14.0172 8844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 09:37:14.0234 8844 TapiSrv - ok 09:37:14.0265 8844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 09:37:14.0297 8844 TBS - ok 09:37:14.0359 8844 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 09:37:14.0428 8844 Tcpip - ok 09:37:14.0499 8844 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 09:37:14.0530 8844 TCPIP6 - ok 09:37:14.0590 8844 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 09:37:14.0649 8844 tcpipreg - ok 09:37:14.0713 8844 [ E42D560E2163480E7B586B14ABEB3386 ] tcsd_win32.exe C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe 09:37:14.0798 8844 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning 09:37:14.0798 8844 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1) 09:37:14.0881 8844 [ 347D6407C90C0B6AC82F8249EBA9A482 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe 09:37:14.0970 8844 TdmService - ok 09:37:14.0989 8844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 09:37:15.0024 8844 TDPIPE - ok 09:37:15.0070 8844 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 09:37:15.0112 8844 TDTCP - ok 09:37:15.0158 8844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 09:37:15.0191 8844 tdx - ok 09:37:15.0333 8844 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 09:37:15.0383 8844 TeamViewer7 - ok 09:37:15.0442 8844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 09:37:15.0456 8844 TermDD - ok 09:37:15.0511 8844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 09:37:15.0570 8844 TermService - ok 09:37:15.0588 8844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 09:37:15.0630 8844 Themes - ok 09:37:15.0670 8844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 09:37:15.0704 8844 THREADORDER - ok 09:37:15.0717 8844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 09:37:15.0777 8844 TrkWks - ok 09:37:15.0855 8844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 09:37:15.0910 8844 TrustedInstaller - ok 09:37:15.0947 8844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 09:37:16.0003 8844 tssecsrv - ok 09:37:16.0066 8844 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 09:37:16.0135 8844 TsUsbFlt - ok 09:37:16.0200 8844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 09:37:16.0259 8844 tunnel - ok 09:37:16.0288 8844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 09:37:16.0309 8844 uagp35 - ok 09:37:16.0362 8844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 09:37:16.0402 8844 udfs - ok 09:37:16.0416 8844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 09:37:16.0432 8844 UI0Detect - ok 09:37:16.0481 8844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 09:37:16.0504 8844 uliagpkx - ok 09:37:16.0559 8844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 09:37:16.0590 8844 umbus - ok 09:37:16.0621 8844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 09:37:16.0664 8844 UmPass - ok 09:37:16.0699 8844 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 09:37:16.0742 8844 UmRdpService - ok 09:37:16.0848 8844 [ 07AE0C9F64C4D83ABAA816EE23548D6D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 09:37:16.0889 8844 UNS - ok 09:37:16.0907 8844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 09:37:16.0968 8844 upnphost - ok 09:37:17.0012 8844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 09:37:17.0053 8844 usbccgp - ok 09:37:17.0102 8844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 09:37:17.0124 8844 usbcir - ok 09:37:17.0131 8844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 09:37:17.0167 8844 usbehci - ok 09:37:17.0207 8844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 09:37:17.0227 8844 usbhub - ok 09:37:17.0241 8844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 09:37:17.0279 8844 usbohci - ok 09:37:17.0311 8844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 09:37:17.0355 8844 usbprint - ok 09:37:17.0379 8844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:37:17.0447 8844 USBSTOR - ok 09:37:17.0462 8844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 09:37:17.0506 8844 usbuhci - ok 09:37:17.0561 8844 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 09:37:17.0584 8844 usbvideo - ok 09:37:17.0609 8844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 09:37:17.0661 8844 UxSms - ok 09:37:17.0684 8844 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 09:37:17.0701 8844 VaultSvc - ok 09:37:17.0744 8844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 09:37:17.0758 8844 vdrvroot - ok 09:37:17.0814 8844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 09:37:17.0856 8844 vds - ok 09:37:17.0906 8844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 09:37:17.0927 8844 vga - ok 09:37:17.0937 8844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 09:37:17.0987 8844 VgaSave - ok 09:37:18.0024 8844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 09:37:18.0046 8844 vhdmp - ok 09:37:18.0096 8844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 09:37:18.0112 8844 viaide - ok 09:37:18.0155 8844 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 09:37:18.0170 8844 vmbus - ok 09:37:18.0179 8844 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 09:37:18.0223 8844 VMBusHID - ok 09:37:18.0254 8844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 09:37:18.0270 8844 volmgr - ok 09:37:18.0316 8844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 09:37:18.0335 8844 volmgrx - ok 09:37:18.0384 8844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 09:37:18.0406 8844 volsnap - ok 09:37:18.0461 8844 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys 09:37:18.0477 8844 vpcbus - ok 09:37:18.0524 8844 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys 09:37:18.0538 8844 vpcnfltr - ok 09:37:18.0548 8844 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys 09:37:18.0587 8844 vpcusb - ok 09:37:18.0635 8844 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys 09:37:18.0649 8844 vpcvmm - ok 09:37:18.0707 8844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 09:37:18.0730 8844 vsmraid - ok 09:37:18.0772 8844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 09:37:18.0848 8844 VSS - ok 09:37:18.0859 8844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 09:37:18.0895 8844 vwifibus - ok 09:37:18.0930 8844 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 09:37:18.0976 8844 vwififlt - ok 09:37:19.0016 8844 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 09:37:19.0063 8844 vwifimp - ok 09:37:19.0100 8844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 09:37:19.0142 8844 W32Time - ok 09:37:19.0156 8844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 09:37:19.0175 8844 WacomPen - ok 09:37:19.0239 8844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 09:37:19.0303 8844 WANARP - ok 09:37:19.0347 8844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 09:37:19.0380 8844 Wanarpv6 - ok 09:37:19.0441 8844 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 09:37:19.0496 8844 WatAdminSvc - ok 09:37:19.0567 8844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 09:37:19.0660 8844 wbengine - ok 09:37:19.0686 8844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 09:37:19.0710 8844 WbioSrvc - ok 09:37:19.0756 8844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 09:37:19.0803 8844 wcncsvc - ok 09:37:19.0829 8844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 09:37:19.0864 8844 WcsPlugInService - ok 09:37:19.0884 8844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 09:37:19.0899 8844 Wd - ok 09:37:19.0955 8844 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 09:37:19.0979 8844 WDC_SAM - ok 09:37:20.0000 8844 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 09:37:20.0021 8844 Wdf01000 - ok 09:37:20.0039 8844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 09:37:20.0242 8844 WdiServiceHost - ok 09:37:20.0244 8844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 09:37:20.0261 8844 WdiSystemHost - ok 09:37:20.0310 8844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 09:37:20.0375 8844 WebClient - ok 09:37:20.0401 8844 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 09:37:20.0463 8844 Wecsvc - ok 09:37:20.0491 8844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 09:37:20.0549 8844 wercplsupport - ok 09:37:20.0593 8844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 09:37:20.0629 8844 WerSvc - ok 09:37:20.0702 8844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 09:37:20.0731 8844 WfpLwf - ok 09:37:20.0739 8844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 09:37:20.0755 8844 WIMMount - ok 09:37:20.0766 8844 WinDefend - ok 09:37:20.0769 8844 WinHttpAutoProxySvc - ok 09:37:20.0811 8844 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 09:37:20.0866 8844 Winmgmt - ok 09:37:20.0935 8844 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 09:37:21.0010 8844 WinRM - ok 09:37:21.0081 8844 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUsb.sys 09:37:21.0097 8844 WinUSB - ok 09:37:21.0131 8844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 09:37:21.0182 8844 Wlansvc - ok 09:37:21.0241 8844 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 09:37:21.0260 8844 wlcrasvc - ok 09:37:21.0331 8844 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 09:37:21.0396 8844 wlidsvc - ok 09:37:21.0453 8844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 09:37:21.0468 8844 WmiAcpi - ok 09:37:21.0489 8844 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 09:37:21.0543 8844 wmiApSrv - ok 09:37:21.0575 8844 WMPNetworkSvc - ok 09:37:21.0640 8844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 09:37:21.0669 8844 WPCSvc - ok 09:37:21.0716 8844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 09:37:21.0740 8844 WPDBusEnum - ok 09:37:21.0761 8844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 09:37:21.0817 8844 ws2ifsl - ok 09:37:21.0846 8844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 09:37:21.0888 8844 wscsvc - ok 09:37:21.0940 8844 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 09:37:21.0981 8844 WSDPrintDevice - ok 09:37:21.0983 8844 WSearch - ok 09:37:22.0051 8844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 09:37:22.0120 8844 wuauserv - ok 09:37:22.0161 8844 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 09:37:22.0191 8844 WudfPf - ok 09:37:22.0207 8844 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 09:37:22.0235 8844 WUDFRd - ok 09:37:22.0280 8844 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 09:37:22.0306 8844 wudfsvc - ok 09:37:22.0330 8844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 09:37:22.0351 8844 WwanSvc - ok 09:37:22.0403 8844 [ 21B9155492D21782A023C1768D624FD6 ] ZooService C:\PROGRA~2\ZOO4~1.0\ZOOSER~1.EXE 09:37:22.0419 8844 ZooService ( UnsignedFile.Multi.Generic ) - warning 09:37:22.0419 8844 ZooService - detected UnsignedFile.Multi.Generic (1) 09:37:22.0443 8844 ================ Scan global =============================== 09:37:22.0473 8844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 09:37:22.0514 8844 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 09:37:22.0523 8844 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 09:37:22.0530 8844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 09:37:22.0539 8844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 09:37:22.0543 8844 [Global] - ok 09:37:22.0544 8844 ================ Scan MBR ================================== 09:37:22.0550 8844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 09:37:22.0835 8844 \Device\Harddisk0\DR0 - ok 09:37:22.0836 8844 ================ Scan VBR ================================== 09:37:22.0839 8844 [ FD25CA69F425815D4C99318E5F78D8BB ] \Device\Harddisk0\DR0\Partition1 09:37:22.0841 8844 \Device\Harddisk0\DR0\Partition1 - ok 09:37:22.0868 8844 [ 04E40B7754B3875E0EFE40ED1AFF951F ] \Device\Harddisk0\DR0\Partition2 09:37:22.0871 8844 \Device\Harddisk0\DR0\Partition2 - ok 09:37:22.0871 8844 ============================================================ 09:37:22.0871 8844 Scan finished 09:37:22.0871 8844 ============================================================ 09:37:22.0877 7024 Detected object count: 8 09:37:22.0877 7024 Actual detected object count: 8 09:38:33.0888 7024 MDXParallelServiceR10SP2 ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0888 7024 MDXParallelServiceR10SP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0888 7024 MDXParallelServiceR11 ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0888 7024 MDXParallelServiceR11 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0889 7024 Moldex3D-LM Service ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0889 7024 Moldex3D-LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0890 7024 mpich2_smpd_MdxR10 ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0890 7024 mpich2_smpd_MdxR10 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0891 7024 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0891 7024 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0892 7024 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0892 7024 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0892 7024 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0892 7024 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:38:33.0893 7024 ZooService ( UnsignedFile.Multi.Generic ) - skipped by user 09:38:33.0893 7024 ZooService ( UnsignedFile.Multi.Generic ) - User select action: Ski
-
Its almost midnight for me. I will check your next instruction tomorrow before noon time. Thanks.
-
Here is the log from eset scan: C:\Qoobox\Quarantine\C\Users\rmanickam.HERSEYMETERS\AppData\Roaming\asfis.dll.vir a variant of Win32/Medfos.BT trojan cleaned by deleting - quarantined C:\Users\rmanickam.HERSEYMETERS\AppData\Local\{76409225-D456-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\asfis.dll a variant of Win32/Medfos.BT trojan cleaned by deleting (after the next restart) - quarantined C:\Users\rmanickam.HERSEYMETERS\Desktop\RK_Quarantine\asfis.dll.vir a variant of Win32/Medfos.BT trojan cleaned by deleting - quarantined
