Jump to content

Infected with partner37.mydomainadvisor virus and something called the 404 Error NGINX


Recommended Posts

Hi my computer seems to be infected with the partner37.mydomainadvsior virus and I am also seeing an error : 404 Error NGINX/0.6.32. I am using the Google Chrome web browser.

As per the instructions, I am posting the "MBAM log file" along with the "Attach" and "DDS" files.

It would be really helpful if you could instruct me on what to do next as soon as possible.

Regards,

mrssa

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1

Run by Soumitro Auddy at 15:49:34 on 2012-06-22

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3990.900 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\SysWOW64\lkads.exe

C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\SysWOW64\lkcitdl.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Windows\SysWOW64\lktsrv.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\explorer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\spotify.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\notepad.exe

C:\Program Files (x86)\Veetle\Player\player.exe

C:\Program Files (x86)\Veetle\Player\VeetleNet.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=86E0887E02AA9FAAE066AB4FE03BC340&tbp=homepage

uDefault_Page_URL = hxxp://www.dell.com

mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8

mStart Page = hxxp://www.yahoo.com/?ilc=8

uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: BetterLinks: {6921710f-6ac6-4113-8ae6-82a1660ebb09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe -update activex

uRunOnce: [blekkotb] reg.exe delete "HKCU\Software\AppDataLow\Software\blekkotb" /f

uRunOnce: [blekkotb_XP] reg.exe delete "HKCU\Software\blekkotb" /f

uRunOnce: [blekkotb_DATA_FOLDER] cmd.exe /c rmdir "C:\ProgramData\Anti-phishing Domain Advisor" /s /q

uRunOnce: [blekkotb_INSTALL_FOLDER] cmd.exe /c rmdir "C:\Users\Soumitro Auddy\AppData\Local\blekkotb" /s /q

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4CC1758F-D365-413E-B1A8-70778E1C6369} : DhcpNameServer = 192.168.1.254

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: BetterLinks: {6921710F-6AC6-4113-8AE6-82A1660EBB09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll

BHO-X64: BetterLinks BHO - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

BHO-X64: uTorrentBar - No File

BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll

BHO-X64: Yontoo Layers - No File

TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask

mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-19 98208]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-16 44768]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-21 654408]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336]

R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224]

R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-6-10 121032]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-19 2009704]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-8-19 1692480]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-19 2656280]

R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-8-3 645048]

R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-8 136176]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-5-3 158856]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-8 136176]

S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]

S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

S3 MCHPUSB;MCHPUSB;C:\Windows\system32\DRIVERS\mchpusb64.sys --> C:\Windows\system32\DRIVERS\mchpusb64.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]

S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?]

S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-06-22 18:52:16 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5EF48EA-BBF3-4C7E-A92A-06641C9D29C8}\mpengine.dll

2012-06-22 02:50:37 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Unity

2012-06-19 08:44:12 -------- d-----w- C:\Windows\Application Data

2012-06-19 08:44:09 -------- d-----w- C:\QIMacros

2012-06-19 08:43:56 -------- d-----w- C:\ProgramData\blekko toolbars

2012-06-19 08:43:43 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\blekkotb_031

2012-06-19 08:43:42 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor

2012-06-17 22:10:28 -------- d-----w- C:\ProgramData\Cisco

2012-06-14 08:00:59 754808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2012-06-14 03:04:00 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-14 03:04:00 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-14 03:04:00 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-13 20:44:00 -------- d--h--w- C:\Windows\msdownld.tmp

2012-06-13 20:42:07 -------- d-sh--w- C:\Windows\ftpcache

2012-06-13 20:39:54 -------- d-----w- C:\Program Files (x86)\id Software

2012-06-03 00:28:31 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Ares

2012-05-27 06:07:57 -------- d-----w- C:\Program Files (x86)\Oracle

2012-05-27 06:07:22 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-05-25 03:20:00 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

.

==================== Find3M ====================

.

2012-05-25 03:19:20 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-05-25 03:19:20 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-06 04:30:40 348160 ----a-w- C:\Windows\SysWow64\SDL_ttf.dll

2012-05-06 04:30:38 56565 ----a-w- C:\Windows\SysWow64\SDL_image.dll

2012-05-06 04:30:29 266436 ----a-w- C:\Windows\SysWow64\tiff.dll

2012-05-06 04:30:16 565248 ----a-w- C:\Windows\SysWow64\alleg42.dll

2012-05-05 20:29:11 249856 ------w- C:\Windows\Setup1.exe

2012-05-05 20:29:08 73216 ----a-w- C:\Windows\ST6UNST.EXE

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 20:00:46 1198 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg

2012-04-28 06:23:01 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-12 08:28:16 0 ----a-w- C:\Windows\SysWow64\sho5A69.tmp

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-04-04 23:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

.

============= FINISH: 15:52:11.37 ===============

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.20.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Soumitro Auddy :: SOUMITROAUDDY [administrator]

Protection: Enabled

6/22/2012 1:40:34 PM

mbam-log-2012-06-22 (13-40-34).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 649519

Time elapsed: 1 hour(s), 46 minute(s), 59 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 8/24/2011 10:39:58 PM

System Uptime: 6/21/2012 2:36:02 PM (25 hours ago)

.

Motherboard: Dell Inc. | | 0YR8NN

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU | 782/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 446 GiB total, 203.655 GiB free.

D: is CDROM ()

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

PNP Device ID: ROOT\NET\0000

Service: vpnva

.

==== System Restore Points ===================

.

RP152: 6/17/2012 5:08:55 PM - Installed Cisco AnyConnect VPN Client

RP153: 6/19/2012 1:04:02 PM - Windows Update

RP154: 6/20/2012 3:29:27 PM - Removed Google Talk Plugin

RP155: 6/22/2012 1:50:54 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

????:????

µTorrent

AccelerometerP11

Adobe AIR

Adobe Reader X (10.1.3) MUI

Advanced Audio FX Engine

avast! Free Antivirus

Batman: Arkham Asylum

BetterLinks v1.7.5.24 (remove only)

Bing Bar

Bing Bar Platform

Bing Rewards Client Installer

Blio

BlueJ 3.0.4

Cisco AnyConnect VPN Client

Cozi

Crysis WARHEAD®

Crystal Reports 2008 Runtime

D3DX10

DAEMON Tools Lite

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell VideoStage

Dell Webcam Central

DirectX 9 Runtime

Dropbox

eBay

Facebook Video Calling 1.2.0.159

FormatFactory 2.90

Free YouTube to MP3 Converter version 3.10.17.221

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0

High-Definition Video Playback

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Wireless Display

Internet Explorer

Java Auto Updater

Java™ 6 Update 29

Java™ 7 Update 4

Java™ SE Development Kit 6

Java™ SE Runtime Environment 6

JavaFX 2.1.0

Junk Mail filter update

LogMeTT 2.9.9

Malwarebytes Anti-Malware version 1.61.0.1400

Mesh Runtime

Messenger Companion

Michael's Creative C++

Microsoft Default Manager

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Click-to-Run 2010

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

MPLAB C for PIC24 MCUs and-or dsPIC DSCs

MPLAB Tools v8.76

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

National Instruments Software

Need for Speed The Run version 1.0

Nero 10 Movie ThemePack Basic

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

NI-DAQmx/LabVIEW shared documentation 1.9.5

NI-RPC 4.2.2f0

NI-RPC 4.2.2f0 for Phar Lap ETS

NI Assistant Framework

NI Assistant Framework LabVIEW 2011 Support

NI Assistant Framework LabVIEW Code Generator 2011

NI Authentication 2.0

NI CodeSignAPI

NI Curl 1.1

NI DataSocket 4.9

NI Distributed System Manager 2011

NI DN 2.0 SP1 installer

NI Error Reporting 2011

NI EulaDepot

NI Example Finder 11.0

NI GMP Windows 32-bit Installer 11.0.0

NI Help Assistant

NI Instrument IO Assistant for LabVIEW 2011 32-bit

NI LabVIEW 2009 SP1 Run-Time Engine Web Services

NI LabVIEW 2011

NI LabVIEW 2011 Deployable License

NI LabVIEW 2011 Deployment Framework

NI LabVIEW 2011 Help

NI LabVIEW 2011 Help File

NI LabVIEW 2011 License

NI LabVIEW 2011 Manuals

NI LabVIEW 2011 MeasAppChm File

NI LabVIEW 2011 Real-Time Error Dialog

NI LabVIEW 2011 Real-Time NBFifo

NI LabVIEW 2011 Run-Time Engine Non-English Support.

NI LabVIEW 2011 Search

NI LabVIEW 2011 Simulation

NI LabVIEW 2011 VIPM Helper

NI LabVIEW 2011 Web Server

NI LabVIEW Broker

NI LabVIEW C Interface

NI LabVIEW Compare Utility 11.0.0

NI LabVIEW MAX XML

NI LabVIEW Merge Utility 11.0.0

NI LabVIEW Real-Time NBFifo

NI LabVIEW Run-Time Engine 2009 SP1

NI LabVIEW Run-Time Engine 2011

NI LabVIEW Run-Time Engine Interop 2009

NI LabVIEW Run-Time Engine Interop 2011

NI LabVIEW Web Server for Run-Time Engine

NI LabVIEW Web Services Runtime

NI LabWindows/CVI 2010 Code Generator

NI LabWindows/CVI 2010 LabVIEW DLL Builder

NI LabWindows/CVI 9.0 Run-Time Engine

NI License Manager

NI Logos 5.3.0

NI Logos LabVIEW 2011 Support

NI Logos XT Support

NI Math Kernel Libraries

NI MAX Remote Configuration Installer 5.0

NI MDF Support

NI mDNS Responder 1.6.0

NI Measurement & Automation Explorer 5.0.0

NI Measurement Studio Recipe Processor

NI MetaSuite Installer

NI Microsoft Silverlight Wrapper

NI MXS 5.0.0

NI Network Discovery 5.0

NI OPC Support

NI Portable Configuration 5.0.0

NI Registration Wizard

NI Remote Provider for MAX 5.0.0

NI Remote PXI Provider for MAX 5.0.0

NI Search Shared

NI Software Provider for MAX 5.0.0

NI SSL LabVIEW 2011 Support

NI SSL Support

NI System API Client for WIF 5.0.0

NI System API Web-Servce 32-bit 5.0.0

NI System API Windows 32-bit 5.0.0

NI System Configuration Runtime 5.0.0

NI System State Publisher

NI System Web Server 2.0

NI System Web Server Base 2.0

NI TDM Excel Add-In 3.3

NI TDMS

NI Trace Engine

NI Uninstaller

NI Update Service 2.0

NI USI 1.9.0

NI Variable Engine 2.5.0

NI Variable Engine LabVIEW 2011 Support

NI VC2005MSMs x86

NI VC2008MSMs x86

NI Web Application Server 2.0

NI Web Interface Framework 2.0

NI Web Pipeline 2.0.1

NI Xalan Delay Load 1.10.1

NI Xerces Delay Load 2.7.3

NuMap7.1 - Nonlinear Networks for Approximation

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OpenAL

OrCAD 16.5 Lite

PhotoShowExpress

PL-2303 USB-to-Serial

PL-2303 Vista Driver Installer

PlayReady PC Runtime x86

PremiumSoft Navicat Premium 9.1

PremiumSoft NaviCoder IDE for Java

Quake 4™

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Reset NI Config 5.0.0

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Skype Click to Call

Skype™ 5.9

Sonic CinePlayer Decoder Pack

Spotify

SyncUP

Tera Term 4.71

The QI Macros for Excel

TrustedID

TTLEditor 1.2.1

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

uTorrentBar Toolbar

Veetle TV

VLC media player 1.1.11

WIF Core Dependencies Windows 5.0.0

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

6/20/2012 2:17:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service.

6/20/2012 2:16:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

6/15/2012 12:40:01 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

.

==== End Of File ===========================

Edited by Maurice Naggar
highlight added & logs In-line
Link to post
Share on other sites

Hello mrssa and welcome to MalwareBytes forums.

Please do NOT attach logs. Use NOTEPAD to Copy and Paste the contents of logs into the main-body of reply.

I see this note in one of your logs.

The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

I would advise that you backup your personal files and personal data to offline media (USB external drives or CD or DVD) before you go much further.

You will then need to run CHKDSK on your system.

Type in

CMD

and look for CMD.exe

and click on it to start Command prompt window

in Command prompt, type in

CHKDSK /F

Note there is a space after the K

Edited by Maurice Naggar
Link to post
Share on other sites

Hi Maurice,

I ran the CHKDSK /F as you instructed. It ran normally, but the problem is still not fixed. Now, when I try to access the Google homepage with the Chrome browser, it does not open the page. Instead this message comes on a screen with a white background:

Welcome to nginx!

What should I do now?

Link to post
Share on other sites

Question 1/issue 1 is : Did the CHKDSK complete and did it note no further errors? The condition of the file system is primary.

Your Google browser has a malware (apparently) that is causing redirects. What I also need to know is, Does your Internet Explorer work?

Answer these questions, please.

Link to post
Share on other sites

Yes the CHKDSK noted no further errors. It ended after the 3 steps of the scan.

Yes the Internet Explorer is working but there is one noticable change in it. The default search engine changed to "Blekko" by itself. A similar thing happened on the Chrome browser, where "Blekko" became an additional page which opened up on starting the browser. This too happened by itself, without any change in the settings on my side.

Link to post
Share on other sites

Do as much as you can of the following.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 4

Please read carefully and follow these steps.

  • Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
  • Download TDSSKiller and save it to your Desktop.
  • If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
    If on Windows XP, double-click to start.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Then press Start Scan

When the scan is done, it will display a summary screen.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

Create a new folder on your C drive, name it ARK ===> C:\\ARK

Go Here and click the "Download EXE" button & Save the file to ARK folder

RIGHT-click the exe and select Run As Administrator to launch the program. (If you get an immediate message about rootkit activity, ignore and proceed with instructuions please)

Click on the Rootkit/Malware Tab &

then, on the far right side, untick the Registry box,

then click Scan.

Scan progress will be shown at bottom of the program screen. Have "infinite" patience while it runs.

Once the scan is done, press the Copy button, then open NOTEPAD, Paste to it, and Save the file as Gmer.log in your ARK folder.

Attach the results here in your reply.

Step 6

RE-Enable your antivirus program. :excl:

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!
eusa_hand.gifIf one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
Then copy/paste the following into your post (in order):
  • the contents of aswMBR report;
  • the contents of TDSSKILLER log;
  • the contents of GMER log;
  • the contents of OTL.txt;
  • the contents of Extras.txt ; and
  • the contents of checkup.txt

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

aswMBR Report:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-06-22 22:34:32

-----------------------------

22:34:32.956 OS Version: Windows x64 6.1.7601 Service Pack 1

22:34:32.956 Number of processors: 4 586 0x2A07

22:34:32.956 ComputerName: SOUMITROAUDDY UserName:

22:34:39.030 Initialize success

22:34:40.395 AVAST engine defs: 12062201

22:35:18.165 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

22:35:18.175 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3

22:35:18.245 Disk 0 MBR read successfully

22:35:18.245 Disk 0 MBR scan

22:35:18.255 Disk 0 Windows VISTA default MBR code

22:35:18.265 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63

22:35:18.295 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992

22:35:18.555 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 456835 MB offset 41172992

22:35:18.583 Disk 0 scanning C:\Windows\system32\drivers

22:35:38.887 Service scanning

22:35:54.082 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32

22:35:58.882 Modules scanning

22:35:58.889 Scan finished successfully

23:22:45.861 Disk 0 MBR has been saved successfully to "C:\Users\Soumitro Auddy\Desktop\MBAM\MBR.dat"

23:22:45.861 The log file has been saved successfully to "C:\Users\Soumitro Auddy\Desktop\MBAM\aswMBR.txt"

TDSSKILLER log:

23:24:19.0765 7744 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32

23:24:20.0307 7744 ============================================================

23:24:20.0307 7744 Current date / time: 2012/06/22 23:24:20.0307

23:24:20.0307 7744 SystemInfo:

23:24:20.0307 7744

23:24:20.0307 7744 OS Version: 6.1.7601 ServicePack: 1.0

23:24:20.0307 7744 Product type: Workstation

23:24:20.0307 7744 ComputerName: SOUMITROAUDDY

23:24:20.0307 7744 UserName: Soumitro Auddy

23:24:20.0307 7744 Windows directory: C:\Windows

23:24:20.0307 7744 System windows directory: C:\Windows

23:24:20.0307 7744 Running under WOW64

23:24:20.0307 7744 Processor architecture: Intel x64

23:24:20.0307 7744 Number of processors: 4

23:24:20.0307 7744 Page size: 0x1000

23:24:20.0307 7744 Boot type: Normal boot

23:24:20.0307 7744 ============================================================

23:24:20.0777 7744 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

23:24:20.0777 7744 ============================================================

23:24:20.0777 7744 \Device\Harddisk0\DR0:

23:24:20.0777 7744 MBR partitions:

23:24:20.0777 7744 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000

23:24:20.0777 7744 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830

23:24:20.0777 7744 ============================================================

23:24:20.0797 7744 C: <-> \Device\Harddisk0\DR0\Partition1

23:24:20.0797 7744 ============================================================

23:24:20.0797 7744 Initialize success

23:24:20.0797 7744 ============================================================

23:24:55.0367 5320 ============================================================

23:24:55.0367 5320 Scan started

23:24:55.0367 5320 Mode: Manual; SigCheck; TDLFS;

23:24:55.0367 5320 ============================================================

23:24:56.0705 5320 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

23:24:56.0885 5320 1394ohci - ok

23:24:56.0935 5320 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys

23:24:56.0975 5320 Acceler - ok

23:24:57.0005 5320 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

23:24:57.0035 5320 ACPI - ok

23:24:57.0064 5320 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

23:24:57.0121 5320 AcpiPmi - ok

23:24:57.0238 5320 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

23:24:57.0247 5320 AdobeARMservice - ok

23:24:57.0299 5320 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

23:24:57.0327 5320 adp94xx - ok

23:24:57.0339 5320 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

23:24:57.0369 5320 adpahci - ok

23:24:57.0379 5320 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

23:24:57.0399 5320 adpu320 - ok

23:24:57.0439 5320 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

23:24:57.0549 5320 AeLookupSvc - ok

23:24:57.0589 5320 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

23:24:57.0599 5320 AERTFilters - ok

23:24:57.0659 5320 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

23:24:57.0719 5320 AFD - ok

23:24:57.0789 5320 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

23:24:57.0809 5320 agp440 - ok

23:24:57.0829 5320 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

23:24:57.0879 5320 ALG - ok

23:24:57.0899 5320 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

23:24:57.0909 5320 aliide - ok

23:24:57.0929 5320 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

23:24:57.0939 5320 amdide - ok

23:24:57.0959 5320 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

23:24:57.0989 5320 AmdK8 - ok

23:24:57.0999 5320 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

23:24:58.0044 5320 AmdPPM - ok

23:24:58.0079 5320 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

23:24:58.0094 5320 amdsata - ok

23:24:58.0128 5320 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

23:24:58.0145 5320 amdsbs - ok

23:24:58.0189 5320 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

23:24:58.0200 5320 amdxata - ok

23:24:58.0231 5320 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

23:24:58.0373 5320 AppID - ok

23:24:58.0393 5320 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

23:24:58.0443 5320 AppIDSvc - ok

23:24:58.0493 5320 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

23:24:58.0543 5320 Appinfo - ok

23:24:58.0603 5320 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll

23:24:58.0653 5320 AppMgmt - ok

23:24:58.0673 5320 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

23:24:58.0683 5320 arc - ok

23:24:58.0713 5320 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

23:24:58.0723 5320 arcsas - ok

23:24:58.0813 5320 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

23:24:58.0823 5320 aspnet_state - ok

23:24:58.0893 5320 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys

23:24:58.0903 5320 aswFsBlk - ok

23:24:58.0943 5320 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys

23:24:58.0953 5320 aswMonFlt - ok

23:24:58.0993 5320 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys

23:24:59.0013 5320 aswRdr - ok

23:24:59.0053 5320 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys

23:24:59.0083 5320 aswSnx - ok

23:24:59.0123 5320 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys

23:24:59.0153 5320 aswSP - ok

23:24:59.0183 5320 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys

23:24:59.0193 5320 aswTdi - ok

23:24:59.0223 5320 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

23:24:59.0273 5320 AsyncMac - ok

23:24:59.0323 5320 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

23:24:59.0343 5320 atapi - ok

23:24:59.0383 5320 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

23:24:59.0443 5320 AudioEndpointBuilder - ok

23:24:59.0453 5320 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

23:24:59.0493 5320 AudioSrv - ok

23:24:59.0593 5320 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

23:24:59.0603 5320 avast! Antivirus - ok

23:24:59.0623 5320 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

23:24:59.0713 5320 AxInstSV - ok

23:24:59.0773 5320 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

23:24:59.0823 5320 b06bdrv - ok

23:24:59.0873 5320 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

23:24:59.0923 5320 b57nd60a - ok

23:24:59.0963 5320 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

23:25:00.0013 5320 BDESVC - ok

23:25:00.0033 5320 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

23:25:00.0081 5320 Beep - ok

23:25:00.0164 5320 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

23:25:00.0243 5320 BFE - ok

23:25:00.0314 5320 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

23:25:00.0389 5320 BITS - ok

23:25:00.0449 5320 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

23:25:00.0469 5320 blbdrive - ok

23:25:00.0499 5320 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

23:25:00.0539 5320 bowser - ok

23:25:00.0569 5320 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

23:25:00.0589 5320 BrFiltLo - ok

23:25:00.0609 5320 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

23:25:00.0629 5320 BrFiltUp - ok

23:25:00.0649 5320 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

23:25:00.0709 5320 Browser - ok

23:25:00.0739 5320 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

23:25:00.0779 5320 Brserid - ok

23:25:00.0789 5320 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

23:25:00.0819 5320 BrSerWdm - ok

23:25:00.0829 5320 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

23:25:00.0869 5320 BrUsbMdm - ok

23:25:00.0869 5320 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

23:25:00.0889 5320 BrUsbSer - ok

23:25:00.0909 5320 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

23:25:00.0939 5320 BTHMODEM - ok

23:25:00.0969 5320 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

23:25:01.0019 5320 bthserv - ok

23:25:01.0059 5320 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

23:25:01.0099 5320 cdfs - ok

23:25:01.0109 5320 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

23:25:01.0139 5320 cdrom - ok

23:25:01.0169 5320 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

23:25:01.0229 5320 CertPropSvc - ok

23:25:01.0259 5320 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

23:25:01.0269 5320 circlass - ok

23:25:01.0299 5320 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

23:25:01.0319 5320 CLFS - ok

23:25:01.0389 5320 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

23:25:01.0399 5320 clr_optimization_v2.0.50727_32 - ok

23:25:01.0449 5320 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

23:25:01.0459 5320 clr_optimization_v2.0.50727_64 - ok

23:25:01.0519 5320 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

23:25:01.0529 5320 clr_optimization_v4.0.30319_32 - ok

23:25:01.0569 5320 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

23:25:01.0579 5320 clr_optimization_v4.0.30319_64 - ok

23:25:01.0609 5320 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

23:25:01.0639 5320 CmBatt - ok

23:25:01.0679 5320 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

23:25:01.0689 5320 cmdide - ok

23:25:01.0759 5320 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

23:25:01.0799 5320 CNG - ok

23:25:01.0829 5320 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

23:25:01.0839 5320 Compbatt - ok

23:25:01.0849 5320 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

23:25:01.0869 5320 CompositeBus - ok

23:25:01.0889 5320 COMSysApp - ok

23:25:01.0899 5320 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

23:25:01.0909 5320 crcdisk - ok

23:25:01.0969 5320 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

23:25:01.0999 5320 CryptSvc - ok

23:25:02.0039 5320 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

23:25:02.0108 5320 CSC - ok

23:25:02.0146 5320 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll

23:25:02.0202 5320 CscService - ok

23:25:02.0237 5320 CtClsFlt (df214bff646880d0eb31bdc86136b29b) C:\Windows\system32\DRIVERS\CtClsFlt.sys

23:25:02.0275 5320 CtClsFlt - ok

23:25:02.0419 5320 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

23:25:02.0479 5320 cvhsvc - ok

23:25:02.0519 5320 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys

23:25:02.0529 5320 dc3d - ok

23:25:02.0589 5320 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

23:25:02.0649 5320 DcomLaunch - ok

23:25:02.0699 5320 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

23:25:02.0759 5320 defragsvc - ok

23:25:02.0829 5320 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

23:25:02.0879 5320 DfsC - ok

23:25:02.0939 5320 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

23:25:02.0999 5320 Dhcp - ok

23:25:03.0049 5320 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

23:25:03.0094 5320 discache - ok

23:25:03.0162 5320 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

23:25:03.0174 5320 Disk - ok

23:25:03.0199 5320 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys

23:25:03.0232 5320 dmvsc - ok

23:25:03.0264 5320 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

23:25:03.0311 5320 Dnscache - ok

23:25:03.0333 5320 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

23:25:03.0393 5320 dot3svc - ok

23:25:03.0413 5320 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

23:25:03.0473 5320 DPS - ok

23:25:03.0513 5320 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

23:25:03.0523 5320 drmkaud - ok

23:25:03.0583 5320 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

23:25:03.0613 5320 dtsoftbus01 - ok

23:25:03.0663 5320 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

23:25:03.0703 5320 DXGKrnl - ok

23:25:03.0723 5320 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

23:25:03.0773 5320 EapHost - ok

23:25:03.0903 5320 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

23:25:04.0013 5320 ebdrv - ok

23:25:04.0113 5320 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

23:25:04.0153 5320 EFS - ok

23:25:04.0213 5320 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

23:25:04.0283 5320 ehRecvr - ok

23:25:04.0303 5320 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

23:25:04.0323 5320 ehSched - ok

23:25:04.0393 5320 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

23:25:04.0423 5320 elxstor - ok

23:25:04.0423 5320 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

23:25:04.0453 5320 ErrDev - ok

23:25:04.0493 5320 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

23:25:04.0563 5320 EventSystem - ok

23:25:04.0703 5320 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

23:25:04.0733 5320 EvtEng - ok

23:25:04.0863 5320 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

23:25:04.0893 5320 exfat - ok

23:25:04.0913 5320 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

23:25:04.0963 5320 fastfat - ok

23:25:05.0013 5320 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

23:25:05.0073 5320 Fax - ok

23:25:05.0083 5320 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

23:25:05.0113 5320 fdc - ok

23:25:05.0123 5320 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

23:25:05.0163 5320 fdPHost - ok

23:25:05.0183 5320 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

23:25:05.0243 5320 FDResPub - ok

23:25:05.0273 5320 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

23:25:05.0293 5320 FileInfo - ok

23:25:05.0303 5320 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

23:25:05.0333 5320 Filetrace - ok

23:25:05.0333 5320 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

23:25:05.0353 5320 flpydisk - ok

23:25:05.0373 5320 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

23:25:05.0393 5320 FltMgr - ok

23:25:05.0463 5320 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

23:25:05.0523 5320 FontCache - ok

23:25:05.0583 5320 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

23:25:05.0593 5320 FontCache3.0.0.0 - ok

23:25:05.0633 5320 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

23:25:05.0643 5320 FsDepends - ok

23:25:05.0663 5320 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

23:25:05.0673 5320 Fs_Rec - ok

23:25:05.0723 5320 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys

23:25:05.0733 5320 FTDIBUS - ok

23:25:05.0773 5320 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys

23:25:05.0783 5320 FTSER2K - ok

23:25:05.0823 5320 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

23:25:05.0843 5320 fvevol - ok

23:25:05.0873 5320 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

23:25:05.0893 5320 gagp30kx - ok

23:25:05.0943 5320 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

23:25:06.0003 5320 gpsvc - ok

23:25:06.0033 5320 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

23:25:06.0063 5320 hcw85cir - ok

23:25:06.0093 5320 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

23:25:06.0123 5320 HDAudBus - ok

23:25:06.0163 5320 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

23:25:06.0183 5320 HidBatt - ok

23:25:06.0203 5320 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

23:25:06.0223 5320 HidBth - ok

23:25:06.0253 5320 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

23:25:06.0283 5320 HidIr - ok

23:25:06.0303 5320 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

23:25:06.0343 5320 hidserv - ok

23:25:06.0363 5320 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

23:25:06.0373 5320 HidUsb - ok

23:25:06.0393 5320 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

23:25:06.0453 5320 hkmsvc - ok

23:25:06.0473 5320 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

23:25:06.0513 5320 HomeGroupListener - ok

23:25:06.0533 5320 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

23:25:06.0573 5320 HomeGroupProvider - ok

23:25:06.0603 5320 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

23:25:06.0613 5320 HpSAMD - ok

23:25:06.0663 5320 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

23:25:06.0723 5320 HTTP - ok

23:25:06.0753 5320 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

23:25:06.0763 5320 hwpolicy - ok

23:25:06.0803 5320 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

23:25:06.0813 5320 i8042prt - ok

23:25:06.0853 5320 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys

23:25:06.0873 5320 iaStor - ok

23:25:06.0913 5320 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

23:25:06.0943 5320 iaStorV - ok

23:25:07.0083 5320 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

23:25:07.0083 5320 IDriverT ( UnsignedFile.Multi.Generic ) - warning

23:25:07.0083 5320 IDriverT - detected UnsignedFile.Multi.Generic (1)

23:25:07.0183 5320 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

23:25:07.0223 5320 idsvc - ok

23:25:07.0723 5320 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys

23:25:08.0023 5320 igfx - ok

23:25:08.0123 5320 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

23:25:08.0133 5320 iirsp - ok

23:25:08.0193 5320 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

23:25:08.0253 5320 IKEEXT - ok

23:25:08.0313 5320 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys

23:25:08.0353 5320 Impcd - ok

23:25:08.0473 5320 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys

23:25:08.0553 5320 IntcAzAudAddService - ok

23:25:08.0663 5320 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

23:25:08.0693 5320 IntcDAud - ok

23:25:08.0733 5320 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

23:25:08.0743 5320 intelide - ok

23:25:08.0773 5320 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

23:25:08.0793 5320 intelppm - ok

23:25:08.0823 5320 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

23:25:08.0873 5320 IPBusEnum - ok

23:25:08.0893 5320 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

23:25:08.0923 5320 IpFilterDriver - ok

23:25:08.0963 5320 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

23:25:09.0033 5320 iphlpsvc - ok

23:25:09.0053 5320 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

23:25:09.0063 5320 IPMIDRV - ok

23:25:09.0083 5320 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

23:25:09.0113 5320 IPNAT - ok

23:25:09.0133 5320 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

23:25:09.0153 5320 IRENUM - ok

23:25:09.0153 5320 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

23:25:09.0163 5320 isapnp - ok

23:25:09.0193 5320 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

23:25:09.0223 5320 iScsiPrt - ok

23:25:09.0273 5320 JMCR (e56417c56b6a7316b6f527c890a1860d) C:\Windows\system32\DRIVERS\jmcr.sys

23:25:09.0283 5320 JMCR - ok

23:25:09.0313 5320 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

23:25:09.0323 5320 kbdclass - ok

23:25:09.0343 5320 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

23:25:09.0363 5320 kbdhid - ok

23:25:09.0403 5320 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

23:25:09.0413 5320 KeyIso - ok

23:25:09.0433 5320 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

23:25:09.0443 5320 KSecDD - ok

23:25:09.0483 5320 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

23:25:09.0503 5320 KSecPkg - ok

23:25:09.0513 5320 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

23:25:09.0563 5320 ksthunk - ok

23:25:09.0603 5320 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

23:25:09.0663 5320 KtmRm - ok

23:25:09.0713 5320 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

23:25:09.0763 5320 LanmanServer - ok

23:25:09.0803 5320 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

23:25:09.0853 5320 LanmanWorkstation - ok

23:25:09.0973 5320 LkCitadelServer (20cdb07017497c94a0bad253c4bafcbc) C:\Windows\SysWOW64\lkcitdl.exe

23:25:10.0003 5320 LkCitadelServer - ok

23:25:10.0033 5320 lkClassAds (b07d786736e7b1719a90365911bc2d0a) C:\Windows\SysWOW64\lkads.exe

23:25:10.0043 5320 lkClassAds - ok

23:25:10.0053 5320 lkTimeSync (ab1faa47332ec2ee43bbfed7a6f0ea09) C:\Windows\SysWOW64\lktsrv.exe

23:25:10.0063 5320 lkTimeSync - ok

23:25:10.0168 5320 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

23:25:10.0219 5320 lltdio - ok

23:25:10.0264 5320 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

23:25:10.0322 5320 lltdsvc - ok

23:25:10.0340 5320 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

23:25:10.0370 5320 lmhosts - ok

23:25:10.0480 5320 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

23:25:10.0500 5320 LMS - ok

23:25:10.0530 5320 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

23:25:10.0540 5320 LSI_FC - ok

23:25:10.0560 5320 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

23:25:10.0570 5320 LSI_SAS - ok

23:25:10.0580 5320 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

23:25:10.0590 5320 LSI_SAS2 - ok

23:25:10.0610 5320 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

23:25:10.0620 5320 LSI_SCSI - ok

23:25:10.0640 5320 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

23:25:10.0680 5320 luafv - ok

23:25:10.0760 5320 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

23:25:10.0770 5320 MBAMProtector - ok

23:25:10.0860 5320 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

23:25:10.0890 5320 MBAMService - ok

23:25:10.0910 5320 MCHPUSB (ba3963a603f0504eb2a1475b335eab53) C:\Windows\system32\DRIVERS\mchpusb64.sys

23:25:10.0920 5320 MCHPUSB - ok

23:25:10.0950 5320 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

23:25:10.0970 5320 Mcx2Svc - ok

23:25:10.0980 5320 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

23:25:10.0990 5320 megasas - ok

23:25:11.0020 5320 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

23:25:11.0030 5320 MegaSR - ok

23:25:11.0070 5320 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

23:25:11.0080 5320 MEIx64 - ok

23:25:11.0180 5320 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

23:25:11.0190 5320 Microsoft Office Groove Audit Service - ok

23:25:11.0220 5320 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

23:25:11.0270 5320 MMCSS - ok

23:25:11.0270 5320 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

23:25:11.0310 5320 Modem - ok

23:25:11.0330 5320 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

23:25:11.0360 5320 monitor - ok

23:25:11.0380 5320 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

23:25:11.0390 5320 mouclass - ok

23:25:11.0410 5320 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

23:25:11.0440 5320 mouhid - ok

23:25:11.0470 5320 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

23:25:11.0480 5320 mountmgr - ok

23:25:11.0500 5320 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

23:25:11.0510 5320 mpio - ok

23:25:11.0550 5320 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

23:25:11.0580 5320 mpsdrv - ok

23:25:11.0630 5320 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

23:25:11.0690 5320 MpsSvc - ok

23:25:11.0710 5320 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

23:25:11.0750 5320 MRxDAV - ok

23:25:11.0770 5320 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

23:25:11.0810 5320 mrxsmb - ok

23:25:11.0840 5320 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

23:25:11.0880 5320 mrxsmb10 - ok

23:25:11.0890 5320 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

23:25:11.0910 5320 mrxsmb20 - ok

23:25:11.0940 5320 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

23:25:11.0950 5320 msahci - ok

23:25:12.0000 5320 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

23:25:12.0020 5320 msdsm - ok

23:25:12.0050 5320 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

23:25:12.0087 5320 MSDTC - ok

23:25:12.0104 5320 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

23:25:12.0136 5320 Msfs - ok

23:25:12.0145 5320 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

23:25:12.0195 5320 mshidkmdf - ok

23:25:12.0213 5320 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

23:25:12.0227 5320 msisadrv - ok

23:25:12.0269 5320 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

23:25:12.0310 5320 MSiSCSI - ok

23:25:12.0312 5320 msiserver - ok

23:25:12.0327 5320 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

23:25:12.0360 5320 MSKSSRV - ok

23:25:12.0370 5320 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

23:25:12.0410 5320 MSPCLOCK - ok

23:25:12.0430 5320 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

23:25:12.0480 5320 MSPQM - ok

23:25:12.0510 5320 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

23:25:12.0540 5320 MsRPC - ok

23:25:12.0550 5320 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

23:25:12.0570 5320 mssmbios - ok

23:25:12.0590 5320 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

23:25:12.0640 5320 MSTEE - ok

23:25:12.0640 5320 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

23:25:12.0650 5320 MTConfig - ok

23:25:12.0670 5320 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

23:25:12.0680 5320 Mup - ok

23:25:12.0830 5320 mxssvr (a3ba8a14490fdbf106939c37a125e82c) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

23:25:12.0840 5320 mxssvr - ok

23:25:12.0930 5320 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

23:25:12.0950 5320 MyWiFiDHCPDNS - ok

23:25:12.0990 5320 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

23:25:13.0060 5320 napagent - ok

23:25:13.0114 5320 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

23:25:13.0162 5320 NativeWifiP - ok

23:25:13.0266 5320 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe

23:25:13.0294 5320 NAUpdate - ok

23:25:13.0350 5320 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

23:25:13.0387 5320 NDIS - ok

23:25:13.0397 5320 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

23:25:13.0427 5320 NdisCap - ok

23:25:13.0447 5320 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

23:25:13.0477 5320 NdisTapi - ok

23:25:13.0487 5320 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

23:25:13.0537 5320 Ndisuio - ok

23:25:13.0567 5320 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

23:25:13.0627 5320 NdisWan - ok

23:25:13.0637 5320 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

23:25:13.0667 5320 NDProxy - ok

23:25:13.0677 5320 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

23:25:13.0727 5320 NetBIOS - ok

23:25:13.0757 5320 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

23:25:13.0797 5320 NetBT - ok

23:25:13.0837 5320 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

23:25:13.0847 5320 Netlogon - ok

23:25:13.0887 5320 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

23:25:13.0947 5320 Netman - ok

23:25:14.0037 5320 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:25:14.0047 5320 NetMsmqActivator - ok

23:25:14.0057 5320 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:25:14.0067 5320 NetPipeActivator - ok

23:25:14.0108 5320 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

23:25:14.0176 5320 netprofm - ok

23:25:14.0179 5320 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:25:14.0189 5320 NetTcpActivator - ok

23:25:14.0191 5320 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:25:14.0202 5320 NetTcpPortSharing - ok

23:25:14.0259 5320 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys

23:25:14.0285 5320 netvsc - ok

23:25:14.0609 5320 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys

23:25:14.0809 5320 NETwNs64 - ok

23:25:14.0909 5320 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

23:25:14.0919 5320 nfrd960 - ok

23:25:15.0049 5320 NIApplicationWebServer (f0e38750822eecc47b9913c55990f86a) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

23:25:15.0049 5320 NIApplicationWebServer - ok

23:25:15.0129 5320 NIApplicationWebServer64 (633cdf3ef922dd438f82468de1c10700) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

23:25:15.0139 5320 NIApplicationWebServer64 - ok

23:25:15.0219 5320 NIDomainService (908b9667f2fd7453cbcf3a2a0444dcc1) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

23:25:15.0239 5320 NIDomainService - ok

23:25:15.0359 5320 NILM License Manager (aa8896bcd689851665efc02dc41181ac) C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe

23:25:15.0399 5320 NILM License Manager - ok

23:25:15.0449 5320 nimDNSResponder (8fed4893cb017f81cd1769448ad567e5) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

23:25:15.0459 5320 nimDNSResponder - ok

23:25:15.0489 5320 NINetworkDiscovery (5ff602d7890da09f45811c3263f81264) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

23:25:15.0499 5320 NINetworkDiscovery - ok

23:25:15.0559 5320 niSvcLoc (fc87856060bd0b667d2086b7050240a3) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

23:25:15.0569 5320 niSvcLoc - ok

23:25:15.0619 5320 NITaggerService (4dc8c4ec1f9637110142c7d65ffb40e5) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

23:25:15.0629 5320 NITaggerService - ok

23:25:15.0729 5320 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

23:25:15.0789 5320 NlaSvc - ok

23:25:15.0959 5320 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

23:25:16.0039 5320 NOBU - ok

23:25:16.0139 5320 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

23:25:16.0179 5320 Npfs - ok

23:25:16.0189 5320 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

23:25:16.0249 5320 nsi - ok

23:25:16.0259 5320 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

23:25:16.0309 5320 nsiproxy - ok

23:25:16.0379 5320 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

23:25:16.0439 5320 Ntfs - ok

23:25:16.0499 5320 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

23:25:16.0529 5320 Null - ok

23:25:16.0559 5320 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys

23:25:16.0599 5320 nusb3hub - ok

23:25:16.0619 5320 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys

23:25:16.0649 5320 nusb3xhc - ok

23:25:17.0119 5320 nvlddmkm (573b0941a37aebee96085d56a103f57b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

23:25:17.0429 5320 nvlddmkm - ok

23:25:17.0489 5320 nvpciflt (43af7ebeac2ab623468e32caddcb61a4) C:\Windows\system32\DRIVERS\nvpciflt.sys

23:25:17.0499 5320 nvpciflt - ok

23:25:17.0529 5320 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

23:25:17.0539 5320 nvraid - ok

23:25:17.0569 5320 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

23:25:17.0579 5320 nvstor - ok

23:25:17.0599 5320 NvStUSB (9e01b716c8085f7adb1cdc10103ceef8) C:\Windows\system32\drivers\nvstusb.sys

23:25:17.0609 5320 NvStUSB - ok

23:25:17.0659 5320 NVSvc (c500760572c6059918fb0c960967695b) C:\Windows\system32\nvvsvc.exe

23:25:17.0709 5320 NVSvc - ok

23:25:17.0809 5320 nvUpdatusService (f28169a7adf7b41809cf92d369e744f0) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

23:25:17.0879 5320 nvUpdatusService - ok

23:25:17.0989 5320 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

23:25:17.0999 5320 nv_agp - ok

23:25:18.0089 5320 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

23:25:18.0119 5320 odserv - ok

23:25:18.0129 5320 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

23:25:18.0149 5320 ohci1394 - ok

23:25:18.0279 5320 OpcEnum (eae6208900e2986f66f68b30aef86e4d) C:\Windows\SysWOW64\OpcEnum.exe

23:25:18.0289 5320 OpcEnum ( UnsignedFile.Multi.Generic ) - warning

23:25:18.0289 5320 OpcEnum - detected UnsignedFile.Multi.Generic (1)

23:25:18.0349 5320 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

23:25:18.0359 5320 ose - ok

23:25:18.0579 5320 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

23:25:18.0709 5320 osppsvc - ok

23:25:18.0799 5320 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

23:25:18.0859 5320 p2pimsvc - ok

23:25:18.0889 5320 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

23:25:18.0919 5320 p2psvc - ok

23:25:18.0969 5320 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

23:25:18.0989 5320 Parport - ok

23:25:19.0029 5320 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

23:25:19.0039 5320 partmgr - ok

23:25:19.0059 5320 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

23:25:19.0099 5320 PcaSvc - ok

23:25:19.0119 5320 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

23:25:19.0139 5320 pci - ok

23:25:19.0149 5320 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

23:25:19.0159 5320 pciide - ok

23:25:19.0179 5320 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

23:25:19.0199 5320 pcmcia - ok

23:25:19.0219 5320 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

23:25:19.0229 5320 pcw - ok

23:25:19.0269 5320 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

23:25:19.0319 5320 PEAUTH - ok

23:25:19.0399 5320 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll

23:25:19.0479 5320 PeerDistSvc - ok

23:25:19.0539 5320 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

23:25:19.0589 5320 PerfHost - ok

23:25:19.0709 5320 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

23:25:19.0789 5320 pla - ok

23:25:19.0839 5320 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

23:25:19.0889 5320 PlugPlay - ok

23:25:19.0899 5320 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

23:25:19.0919 5320 PNRPAutoReg - ok

23:25:19.0959 5320 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

23:25:19.0969 5320 PNRPsvc - ok

23:25:20.0029 5320 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys

23:25:20.0039 5320 Point64 - ok

23:25:20.0079 5320 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

23:25:20.0146 5320 PolicyAgent - ok

23:25:20.0175 5320 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

23:25:20.0219 5320 Power - ok

23:25:20.0242 5320 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

23:25:20.0290 5320 PptpMiniport - ok

23:25:20.0306 5320 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

23:25:20.0327 5320 Processor - ok

23:25:20.0371 5320 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

23:25:20.0431 5320 ProfSvc - ok

23:25:20.0441 5320 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

23:25:20.0461 5320 ProtectedStorage - ok

23:25:20.0491 5320 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

23:25:20.0541 5320 Psched - ok

23:25:20.0581 5320 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

23:25:20.0591 5320 PxHlpa64 - ok

23:25:20.0621 5320 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys

23:25:20.0631 5320 qicflt - ok

23:25:20.0701 5320 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

23:25:20.0751 5320 ql2300 - ok

23:25:20.0851 5320 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

23:25:20.0861 5320 ql40xx - ok

23:25:20.0901 5320 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

23:25:20.0941 5320 QWAVE - ok

23:25:20.0961 5320 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

23:25:20.0991 5320 QWAVEdrv - ok

23:25:20.0991 5320 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

23:25:21.0041 5320 RasAcd - ok

23:25:21.0061 5320 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

23:25:21.0091 5320 RasAgileVpn - ok

23:25:21.0112 5320 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

23:25:21.0156 5320 RasAuto - ok

23:25:21.0182 5320 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

23:25:21.0229 5320 Rasl2tp - ok

23:25:21.0258 5320 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

23:25:21.0309 5320 RasMan - ok

23:25:21.0330 5320 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

23:25:21.0374 5320 RasPppoe - ok

23:25:21.0394 5320 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

23:25:21.0434 5320 RasSstp - ok

23:25:21.0464 5320 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

23:25:21.0514 5320 rdbss - ok

23:25:21.0524 5320 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

23:25:21.0544 5320 rdpbus - ok

23:25:21.0564 5320 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

23:25:21.0604 5320 RDPCDD - ok

23:25:21.0644 5320 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

23:25:21.0664 5320 RDPDR - ok

23:25:21.0674 5320 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

23:25:21.0724 5320 RDPENCDD - ok

23:25:21.0744 5320 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

23:25:21.0774 5320 RDPREFMP - ok

23:25:21.0814 5320 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

23:25:21.0844 5320 RDPWD - ok

23:25:21.0874 5320 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

23:25:21.0904 5320 rdyboost - ok

23:25:22.0014 5320 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

23:25:22.0054 5320 RegSrvc - ok

23:25:22.0084 5320 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

23:25:22.0133 5320 RemoteAccess - ok

23:25:22.0156 5320 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

23:25:22.0198 5320 RemoteRegistry - ok

23:25:22.0254 5320 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

23:25:22.0277 5320 RimUsb - ok

23:25:22.0394 5320 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

23:25:22.0444 5320 RoxMediaDB12OEM - ok

23:25:22.0484 5320 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

23:25:22.0504 5320 RoxWatch12 - ok

23:25:22.0584 5320 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

23:25:22.0634 5320 RpcEptMapper - ok

23:25:22.0654 5320 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

23:25:22.0674 5320 RpcLocator - ok

23:25:22.0704 5320 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

23:25:22.0734 5320 RpcSs - ok

23:25:22.0784 5320 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

23:25:22.0834 5320 rspndr - ok

23:25:22.0884 5320 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys

23:25:22.0914 5320 RTL8167 - ok

23:25:22.0934 5320 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

23:25:22.0964 5320 s3cap - ok

23:25:22.0994 5320 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

23:25:23.0004 5320 SamSs - ok

23:25:23.0024 5320 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

23:25:23.0044 5320 sbp2port - ok

23:25:23.0064 5320 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

23:25:23.0118 5320 SCardSvr - ok

23:25:23.0131 5320 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

23:25:23.0173 5320 scfilter - ok

23:25:23.0232 5320 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

23:25:23.0306 5320 Schedule - ok

23:25:23.0331 5320 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

23:25:23.0365 5320 SCPolicySvc - ok

23:25:23.0434 5320 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys

23:25:23.0464 5320 sdbus - ok

23:25:23.0494 5320 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

23:25:23.0514 5320 SDRSVC - ok

23:25:23.0584 5320 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

23:25:23.0614 5320 SeaPort - ok

23:25:23.0644 5320 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

23:25:23.0684 5320 secdrv - ok

23:25:23.0704 5320 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

23:25:23.0744 5320 seclogon - ok

23:25:23.0754 5320 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

23:25:23.0804 5320 SENS - ok

23:25:23.0814 5320 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

23:25:23.0844 5320 SensrSvc - ok

23:25:23.0894 5320 Ser2pl (2cd118925f9cdf665f7c08aecd8177ef) C:\Windows\system32\DRIVERS\ser2pl64.sys

23:25:23.0934 5320 Ser2pl - ok

23:25:23.0964 5320 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

23:25:23.0984 5320 Serenum - ok

23:25:23.0994 5320 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

23:25:24.0024 5320 Serial - ok

23:25:24.0064 5320 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

23:25:24.0084 5320 sermouse - ok

23:25:24.0114 5320 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

23:25:24.0174 5320 SessionEnv - ok

23:25:24.0174 5320 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

23:25:24.0204 5320 sffdisk - ok

23:25:24.0204 5320 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

23:25:24.0224 5320 sffp_mmc - ok

23:25:24.0224 5320 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys

23:25:24.0254 5320 sffp_sd - ok

23:25:24.0254 5320 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

23:25:24.0274 5320 sfloppy - ok

23:25:24.0354 5320 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

23:25:24.0384 5320 Sftfs - ok

23:25:24.0494 5320 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

23:25:24.0524 5320 sftlist - ok

23:25:24.0574 5320 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

23:25:24.0604 5320 Sftplay - ok

23:25:24.0624 5320 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

23:25:24.0624 5320 Sftredir - ok

23:25:24.0724 5320 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

23:25:24.0754 5320 SftService - ok

23:25:24.0844 5320 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

23:25:24.0854 5320 Sftvol - ok

23:25:24.0964 5320 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

23:25:24.0984 5320 sftvsa - ok

23:25:25.0024 5320 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

23:25:25.0064 5320 SharedAccess - ok

23:25:25.0104 5320 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

23:25:25.0164 5320 ShellHWDetection - ok

23:25:25.0204 5320 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

23:25:25.0214 5320 SiSRaid2 - ok

23:25:25.0224 5320 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

23:25:25.0244 5320 SiSRaid4 - ok

23:25:25.0314 5320 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe

23:25:25.0324 5320 SkypeUpdate - ok

23:25:25.0354 5320 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

23:25:25.0414 5320 Smb - ok

23:25:25.0434 5320 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

23:25:25.0464 5320 SNMPTRAP - ok

23:25:25.0474 5320 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

23:25:25.0494 5320 spldr - ok

23:25:25.0524 5320 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

23:25:25.0574 5320 Spooler - ok

23:25:25.0704 5320 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

23:25:25.0824 5320 sppsvc - ok

23:25:25.0904 5320 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

23:25:25.0944 5320 sppuinotify - ok

23:25:26.0044 5320 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys

23:25:26.0044 5320 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2

23:25:26.0044 5320 sptd ( LockedFile.Multi.Generic ) - warning

23:25:26.0044 5320 sptd - detected LockedFile.Multi.Generic (1)

23:25:26.0084 5320 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

23:25:26.0144 5320 srv - ok

23:25:26.0174 5320 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

23:25:26.0204 5320 srv2 - ok

23:25:26.0224 5320 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

23:25:26.0244 5320 srvnet - ok

23:25:26.0294 5320 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys

23:25:26.0354 5320 ssadbus - ok

23:25:26.0394 5320 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys

23:25:26.0414 5320 ssadmdfl - ok

23:25:26.0434 5320 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys

23:25:26.0464 5320 ssadmdm - ok

23:25:26.0494 5320 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys

23:25:26.0524 5320 ssadserd - ok

23:25:26.0564 5320 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

23:25:26.0624 5320 SSDPSRV - ok

23:25:26.0644 5320 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

23:25:26.0684 5320 SstpSvc - ok

23:25:26.0714 5320 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys

23:25:26.0724 5320 stdcfltn - ok

23:25:26.0814 5320 Stereo Service (0683504bbb3ffc0a73d9d217b63dd0e0) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

23:25:26.0824 5320 Stereo Service - ok

23:25:26.0844 5320 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

23:25:26.0854 5320 stexstor - ok

23:25:26.0904 5320 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

23:25:26.0944 5320 stisvc - ok

23:25:26.0974 5320 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

23:25:26.0984 5320 stllssvr - ok

23:25:27.0004 5320 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll

23:25:27.0044 5320 StorSvc - ok

23:25:27.0074 5320 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

23:25:27.0084 5320 storvsc - ok

23:25:27.0104 5320 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

23:25:27.0114 5320 swenum - ok

23:25:27.0154 5320 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

23:25:27.0224 5320 swprv - ok

23:25:27.0244 5320 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys

23:25:27.0254 5320 SynthVid - ok

23:25:27.0334 5320 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys

23:25:27.0384 5320 SynTP - ok

23:25:27.0514 5320 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

23:25:27.0594 5320 SysMain - ok

23:25:27.0644 5320 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

23:25:27.0674 5320 TabletInputService - ok

23:25:27.0694 5320 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

23:25:27.0774 5320 TapiSrv - ok

23:25:27.0784 5320 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

23:25:27.0824 5320 TBS - ok

23:25:28.0044 5320 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

23:25:28.0104 5320 Tcpip - ok

23:25:28.0234 5320 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

23:25:28.0274 5320 TCPIP6 - ok

23:25:28.0334 5320 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

23:25:28.0374 5320 tcpipreg - ok

23:25:28.0394 5320 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

23:25:28.0414 5320 TDPIPE - ok

23:25:28.0454 5320 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

23:25:28.0474 5320 TDTCP - ok

23:25:28.0494 5320 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

23:25:28.0524 5320 tdx - ok

23:25:28.0534 5320 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

23:25:28.0554 5320 TermDD - ok

23:25:28.0594 5320 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

23:25:28.0664 5320 TermService - ok

23:25:28.0684 5320 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

23:25:28.0714 5320 Themes - ok

23:25:28.0744 5320 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

23:25:28.0784 5320 THREADORDER - ok

23:25:28.0804 5320 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

23:25:28.0864 5320 TrkWks - ok

23:25:28.0904 5320 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

23:25:28.0954 5320 TrustedInstaller - ok

23:25:28.0984 5320 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

23:25:29.0034 5320 tssecsrv - ok

23:25:29.0054 5320 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

23:25:29.0074 5320 TsUsbFlt - ok

23:25:29.0084 5320 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

23:25:29.0094 5320 TsUsbGD - ok

23:25:29.0124 5320 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

23:25:29.0174 5320 tunnel - ok

23:25:29.0214 5320 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys

23:25:29.0224 5320 TurboB - ok

23:25:29.0264 5320 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

23:25:29.0274 5320 TurboBoost - ok

23:25:29.0304 5320 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

23:25:29.0324 5320 uagp35 - ok

23:25:29.0354 5320 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

23:25:29.0404 5320 udfs - ok

23:25:29.0444 5320 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

23:25:29.0454 5320 UI0Detect - ok

23:25:29.0464 5320 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

23:25:29.0474 5320 uliagpkx - ok

23:25:29.0494 5320 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

23:25:29.0524 5320 umbus - ok

23:25:29.0524 5320 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

23:25:29.0554 5320 UmPass - ok

23:25:29.0584 5320 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll

23:25:29.0624 5320 UmRdpService - ok

23:25:29.0794 5320 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

23:25:29.0874 5320 UNS - ok

23:25:29.0974 5320 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

23:25:30.0044 5320 upnphost - ok

23:25:30.0124 5320 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys

23:25:30.0154 5320 usbccgp - ok

23:25:30.0174 5320 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

23:25:30.0194 5320 usbcir - ok

23:25:30.0224 5320 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

23:25:30.0244 5320 usbehci - ok

23:25:30.0274 5320 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

23:25:30.0314 5320 usbhub - ok

23:25:30.0344 5320 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

23:25:30.0364 5320 usbohci - ok

23:25:30.0374 5320 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

23:25:30.0394 5320 usbprint - ok

23:25:30.0414 5320 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

23:25:30.0454 5320 USBSTOR - ok

23:25:30.0484 5320 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

23:25:30.0504 5320 usbuhci - ok

23:25:30.0544 5320 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

23:25:30.0564 5320 usbvideo - ok

23:25:30.0584 5320 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

23:25:30.0634 5320 UxSms - ok

23:25:30.0674 5320 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

23:25:30.0704 5320 VaultSvc - ok

23:25:30.0734 5320 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

23:25:30.0744 5320 vdrvroot - ok

23:25:30.0774 5320 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

23:25:30.0854 5320 vds - ok

23:25:30.0894 5320 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

23:25:30.0904 5320 vga - ok

23:25:30.0924 5320 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

23:25:30.0974 5320 VgaSave - ok

23:25:30.0994 5320 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

23:25:31.0024 5320 vhdmp - ok

23:25:31.0024 5320 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

23:25:31.0044 5320 viaide - ok

23:25:31.0064 5320 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

23:25:31.0084 5320 VMBusHID - ok

23:25:31.0104 5320 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

23:25:31.0121 5320 volmgr - ok

23:25:31.0142 5320 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

23:25:31.0168 5320 volmgrx - ok

23:25:31.0195 5320 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

23:25:31.0220 5320 volsnap - ok

23:25:31.0344 5320 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

23:25:31.0359 5320 vpnagent - ok

23:25:31.0406 5320 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys

23:25:31.0416 5320 vpnva - ok

23:25:31.0456 5320 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

23:25:31.0466 5320 vsmraid - ok

23:25:31.0546 5320 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

23:25:31.0636 5320 VSS - ok

23:25:31.0756 5320 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

23:25:31.0786 5320 vwifibus - ok

23:25:31.0796 5320 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

23:25:31.0836 5320 vwififlt - ok

23:25:31.0856 5320 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

23:25:31.0876 5320 vwifimp - ok

23:25:31.0916 5320 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

23:25:31.0956 5320 W32Time - ok

23:25:31.0986 5320 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

23:25:32.0006 5320 WacomPen - ok

23:25:32.0036 5320 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

23:25:32.0076 5320 WANARP - ok

23:25:32.0076 5320 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

23:25:32.0106 5320 Wanarpv6 - ok

23:25:32.0228 5320 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

23:25:32.0273 5320 WatAdminSvc - ok

23:25:32.0343 5320 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

23:25:32.0417 5320 wbengine - ok

23:25:32.0497 5320 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

23:25:32.0527 5320 WbioSrvc - ok

23:25:32.0547 5320 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

23:25:32.0597 5320 wcncsvc - ok

23:25:32.0607 5320 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

23:25:32.0627 5320 WcsPlugInService - ok

23:25:32.0677 5320 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

23:25:32.0687 5320 Wd - ok

23:25:32.0747 5320 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

23:25:32.0767 5320 WDC_SAM - ok

23:25:32.0807 5320 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

23:25:32.0837 5320 Wdf01000 - ok

23:25:32.0857 5320 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

23:25:32.0947 5320 WdiServiceHost - ok

23:25:32.0947 5320 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

23:25:32.0967 5320 WdiSystemHost - ok

23:25:32.0987 5320 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys

23:25:32.0997 5320 wdkmd - ok

23:25:33.0017 5320 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

23:25:33.0067 5320 WebClient - ok

23:25:33.0097 5320 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

23:25:33.0157 5320 Wecsvc - ok

23:25:33.0177 5320 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

23:25:33.0217 5320 wercplsupport - ok

23:25:33.0237 5320 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

23:25:33.0287 5320 WerSvc - ok

23:25:33.0317 5320 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

23:25:33.0347 5320 WfpLwf - ok

23:25:33.0397 5320 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

23:25:33.0417 5320 WimFltr - ok

23:25:33.0427 5320 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

23:25:33.0437 5320 WIMMount - ok

23:25:33.0467 5320 WinDefend - ok

23:25:33.0477 5320 WinHttpAutoProxySvc - ok

23:25:33.0527 5320 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

23:25:33.0567 5320 Winmgmt - ok

23:25:33.0657 5320 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

23:25:33.0727 5320 WinRM - ok

23:25:33.0857 5320 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

23:25:33.0877 5320 WinUsb - ok

23:25:33.0927 5320 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

23:25:33.0977 5320 Wlansvc - ok

23:25:34.0047 5320 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

23:25:34.0057 5320 wlcrasvc - ok

23:25:34.0187 5320 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

23:25:34.0217 5320 wlidsvc - ok

23:25:34.0277 5320 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

23:25:34.0307 5320 WmiAcpi - ok

23:25:34.0367 5320 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

23:25:34.0407 5320 wmiApSrv - ok

23:25:34.0447 5320 WMPNetworkSvc - ok

23:25:34.0467 5320 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

23:25:34.0487 5320 WPCSvc - ok

23:25:34.0507 5320 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

23:25:34.0517 5320 WPDBusEnum - ok

23:25:34.0537 5320 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

23:25:34.0567 5320 ws2ifsl - ok

23:25:34.0577 5320 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

23:25:34.0617 5320 wscsvc - ok

23:25:34.0617 5320 WSearch - ok

23:25:34.0737 5320 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

23:25:34.0827 5320 wuauserv - ok

23:25:34.0927 5320 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

23:25:34.0977 5320 WudfPf - ok

23:25:35.0007 5320 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

23:25:35.0057 5320 WUDFRd - ok

23:25:35.0077 5320 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

23:25:35.0117 5320 wudfsvc - ok

23:25:35.0127 5320 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

23:25:35.0177 5320 WwanSvc - ok

23:25:35.0217 5320 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

23:25:35.0517 5320 \Device\Harddisk0\DR0 - ok

23:25:35.0527 5320 Boot (0x1200) (3c6c1e474d4604f6427319a693787869) \Device\Harddisk0\DR0\Partition0

23:25:35.0527 5320 \Device\Harddisk0\DR0\Partition0 - ok

23:25:35.0557 5320 Boot (0x1200) (935d9df834fa10b64d14e1f5bc549fdb) \Device\Harddisk0\DR0\Partition1

23:25:35.0567 5320 \Device\Harddisk0\DR0\Partition1 - ok

23:25:35.0567 5320 ============================================================

23:25:35.0567 5320 Scan finished

23:25:35.0567 5320 ============================================================

23:25:35.0577 2764 Detected object count: 3

23:25:35.0577 2764 Actual detected object count: 3

23:26:04.0573 2764 C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine

23:26:04.0573 2764 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

23:26:04.0733 2764 C:\Windows\SysWOW64\OpcEnum.exe - copied to quarantine

23:26:04.0733 2764 OpcEnum ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

23:26:04.0853 2764 C:\Windows\System32\Drivers\sptd.sys - copied to quarantine

23:26:04.0853 2764 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine

GMER log:

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit scan 2012-06-23 00:07:30

Windows 6.1.7601 Service Pack 1

Running: lnk5y2uv.exe

---- Files - GMER 1.0.15 ----

File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LIH2TQCY\errorPageStrings[2] 0 bytes

File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZ1L7ELR\12[1].htm 0 bytes

File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZ1L7ELR\down[1] 0 bytes

File C:\Users\Soumitro Auddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZ1L7ELR\httpErrorPagesScripts[1] 0 bytes

---- EOF - GMER 1.0.15 ----

Link to post
Share on other sites

OTL.txt:

OTL logfile created on: 6/23/2012 12:13:55 AM - Run 1

OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Soumitro Auddy\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.90 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 22.48% Memory free

7.79 Gb Paging File | 3.81 Gb Available in Paging File | 48.90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 446.13 Gb Total Space | 204.17 Gb Free Space | 45.76% Space Free | Partition Type: NTFS

Computer Name: SOUMITROAUDDY | User Name: Soumitro Auddy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/23 00:08:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Soumitro Auddy\Downloads\OTL.exe

PRC - [2012/05/24 22:19:22 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012/05/04 16:51:00 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\spotify.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2012/02/26 12:24:45 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe

PRC - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

PRC - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

PRC - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

PRC - [2012/01/13 19:25:14 | 000,624,744 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\VeetleNet.exe

PRC - [2012/01/13 19:25:12 | 000,025,704 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\player.exe

PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

PRC - [2011/08/12 10:46:02 | 000,520,330 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2011/08/03 15:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

PRC - [2011/06/19 09:29:04 | 000,619,672 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

PRC - [2011/06/14 18:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

PRC - [2011/06/14 12:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

PRC - [2011/06/14 10:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

PRC - [2011/06/14 10:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe

PRC - [2011/06/14 10:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe

PRC - [2011/06/10 15:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

PRC - [2011/06/01 17:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

PRC - [2011/05/27 14:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

PRC - [2011/05/27 14:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

PRC - [2011/04/22 11:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011/04/21 21:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/12/17 10:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010/10/27 10:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/14 03:37:11 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll

MOD - [2012/06/14 03:36:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll

MOD - [2012/06/14 03:36:51 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll

MOD - [2012/06/14 03:36:41 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll

MOD - [2012/05/13 19:27:59 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll

MOD - [2012/05/13 16:24:47 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll

MOD - [2012/05/13 16:23:44 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll

MOD - [2012/05/13 16:23:38 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll

MOD - [2012/05/13 16:23:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll

MOD - [2012/05/13 16:23:33 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll

MOD - [2012/05/13 16:23:26 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll

MOD - [2012/05/04 16:50:53 | 020,101,120 | ---- | M] () -- C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\Data\libcef.dll

MOD - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

MOD - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

MOD - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll

MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll

MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll

MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll

MOD - [2012/01/13 19:25:38 | 000,062,056 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libvrc_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,047,720 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libvout_directx_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,023,656 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libwingdi_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,022,632 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libwaveout_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,019,048 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libwav_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libugly_resampler_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libu8tofloat32_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libu8tofixed32_plugin.dll

MOD - [2012/01/13 19:25:38 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libtrivial_resampler_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,023,656 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libsubsdec_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,020,072 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libspudec_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,017,000 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libsgimb_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libtrivial_channel_mixer_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libsimple_channel_mixer_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs16tofloat32_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libtrivial_mixer_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libscale_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs8tofloat32_plugin.dll

MOD - [2012/01/13 19:25:36 | 000,012,904 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libspdif_mixer_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,052,328 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\librc_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,051,816 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libplaylist_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,018,024 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libparam_eq_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,016,488 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libnsc_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,015,976 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libnormvol_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\librawvideo_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs16tofloat32swab_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libs16tofixed32_plugin.dll

MOD - [2012/01/13 19:25:34 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\librv32_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,098,408 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmpgatofixed32_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,018,536 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmpga_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,018,024 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libipv4_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,017,000 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libimage_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,016,488 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\liblinear_resampler_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,016,488 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libipv6_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\liblpcm_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmpgv_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libm4a_plugin.dll

MOD - [2012/01/13 19:25:32 | 000,012,904 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libmemcpy_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,487,016 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfreetype_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,034,920 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi420_rgb_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,029,288 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libglwin32_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,026,728 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libhotkeys_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,017,512 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libheadphone_channel_mixer_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,015,464 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi420_yuy2_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libh264_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi422_yuy2_plugin.dll

MOD - [2012/01/13 19:25:30 | 000,012,392 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libi420_ymga_plugin.dll

MOD - [2012/01/13 19:25:28 | 004,298,344 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libffmpeg_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,298,088 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfaad_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tou8_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,014,952 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tou16_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tos8_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,014,440 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32_mixer_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfloat32tos16_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfixed32tofloat32_plugin.dll

MOD - [2012/01/13 19:25:28 | 000,013,416 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libfixed32tos16_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,042,600 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaudio_format_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,041,576 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libequalizer_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,040,552 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libdeinterlace_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,039,528 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libdirect3d_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,029,288 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libbandlimited_resampler_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,025,192 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libblend_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,019,560 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libcrop_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,018,024 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libclone_plugin.dll

MOD - [2012/01/13 19:25:26 | 000,017,512 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libexport_plugin.dll

MOD - [2012/01/13 19:25:24 | 000,056,936 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libasf_plugin.dll

MOD - [2012/01/13 19:25:24 | 000,033,896 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaccess_http_plugin.dll

MOD - [2012/01/13 19:25:24 | 000,024,680 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaout_directx_plugin.dll

MOD - [2012/01/13 19:25:24 | 000,023,144 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libadpcm_plugin.dll

MOD - [2012/01/13 19:25:24 | 000,015,976 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaraw_plugin.dll

MOD - [2012/01/13 19:25:24 | 000,013,928 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\plugins\libaccess_tcp_plugin.dll

MOD - [2012/01/13 19:25:14 | 000,624,744 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\VeetleNet.exe

MOD - [2012/01/13 19:25:12 | 000,025,704 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\player.exe

MOD - [2012/01/13 19:25:10 | 001,761,384 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\libvlc.dll

MOD - [2012/01/13 19:25:10 | 000,212,584 | ---- | M] () -- C:\Program Files (x86)\Veetle\Player\axvlc.dll

MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

MOD - [2011/06/19 09:29:06 | 001,967,104 | ---- | M] () -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll

MOD - [2011/04/22 11:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll

MOD - [2010/12/17 10:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll

MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011/05/27 14:43:58 | 000,068,256 | ---- | M] (National Instruments Corporation) [Disabled | Stopped] -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer64) NI Application Web Server (64-bit)

SRV:64bit: - [2010/12/17 14:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®

SRV:64bit: - [2010/12/17 14:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV:64bit: - [2010/12/17 14:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®

SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)

SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

SRV - [2011/08/03 15:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)

SRV - [2011/06/14 18:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe -- (mxssvr)

SRV - [2011/06/14 12:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService)

SRV - [2011/06/14 10:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)

SRV - [2011/06/14 10:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync)

SRV - [2011/06/14 10:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds)

SRV - [2011/06/10 15:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe -- (NINetworkDiscovery)

SRV - [2011/06/01 17:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder)

SRV - [2011/05/27 14:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc)

SRV - [2011/05/27 14:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer)

SRV - [2011/04/22 11:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/04/21 21:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010/10/27 10:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer)

SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010/08/02 11:00:00 | 001,427,688 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)

SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/03 11:26:34 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Opcenum.exe -- (OpcEnum)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/06 18:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012/03/06 18:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012/03/06 18:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012/03/06 18:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012/03/06 18:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012/03/06 18:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/14 02:23:51 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2012/01/04 16:06:52 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011/08/19 07:23:29 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/08/19 07:23:29 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/08/03 15:27:28 | 000,022,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)

DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

DRV:64bit: - [2011/07/28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)

DRV:64bit: - [2011/06/16 15:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2011/05/13 04:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)

DRV:64bit: - [2011/05/13 04:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)

DRV:64bit: - [2011/05/13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)

DRV:64bit: - [2011/05/13 04:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)

DRV:64bit: - [2011/04/22 11:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2011/03/26 04:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)

DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)

DRV:64bit: - [2011/02/16 20:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/02/10 17:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2011/02/10 17:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/12/22 04:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®

DRV:64bit: - [2010/12/17 12:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/12/15 12:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010/12/13 12:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)

DRV:64bit: - [2010/12/12 09:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)

DRV:64bit: - [2010/12/01 05:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)

DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 22:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)

DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010/11/20 22:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)

DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®

DRV:64bit: - [2010/10/15 11:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®

DRV:64bit: - [2010/08/20 13:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)

DRV:64bit: - [2010/07/12 21:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)

DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/02/27 02:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008/05/12 08:09:06 | 000,064,512 | ---- | M] (Microchip Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mchpusb64.sys -- (MCHPUSB)

DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

DRV:64bit: - [2007/02/12 18:56:08 | 000,089,600 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)

DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE:64bit: - HKLM\..\SearchScopes\{461ECB06-0E73-474D-BB3D-70B32ECE64F5}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{461ECB06-0E73-474D-BB3D-70B32ECE64F5}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=86E0887E02AA9FAAE066AB4FE03BC340&tbp=homepage

IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=86E0887E02AA9FAAE066AB4FE03BC340&q={searchTerms}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co.in/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNTG_en

IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Soumitro Auddy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/08/19 07:04:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/08/19 07:04:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/08/19 07:05:41 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/24 22:19:55 | 000,000,000 | ---D | M]

[2012/01/09 00:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Soumitro Auddy\AppData\Roaming\Mozilla\Firefox\extensions

[2012/01/09 00:18:34 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Soumitro Auddy\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (BetterLinks) - {6921710F-6AC6-4113-8AE6-82A1660EBB09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll (MashLogic Inc.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient_2.dll (Yontoo LLC)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found

O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()

O4 - HKLM..\Run: [NI Update Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe (National Instruments)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found

O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: C:\Users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)

O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC1758F-D365-413E-B1A8-70778E1C6369}: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\cozi - No CLSID value found

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{21e7cc73-54fc-11e1-97bd-14feb5bf0fbf}\Shell - "" = AutoRun

O33 - MountPoints2\{21e7cc73-54fc-11e1-97bd-14feb5bf0fbf}\Shell\AutoRun\command - "" = F:\Setup\rsrc\Autorun.exe

O33 - MountPoints2\{21e7cc73-54fc-11e1-97bd-14feb5bf0fbf}\Shell\dinstall\command - "" = F:\Directx\dxsetup.exe

O33 - MountPoints2\{2e6c1f7d-0f21-11e1-9ca8-14feb5bf0fbf}\Shell - "" = AutoRun

O33 - MountPoints2\{2e6c1f7d-0f21-11e1-9ca8-14feb5bf0fbf}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{4304c140-ee59-11e0-a6c6-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{4304c140-ee59-11e0-a6c6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe

O33 - MountPoints2\{ef6e5702-1613-11e1-a567-14feb5bf0fbf}\Shell - "" = AutoRun

O33 - MountPoints2\{ef6e5702-1613-11e1-a567-14feb5bf0fbf}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/22 23:28:05 | 000,000,000 | ---D | C] -- C:\ARK

[2012/06/22 23:26:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/06/22 22:27:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2012/06/22 22:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2012/06/22 22:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT

[2012/06/22 15:49:58 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\Desktop\MBAM

[2012/06/21 21:50:37 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\AppData\Local\Unity

[2012/06/19 03:44:12 | 000,000,000 | ---D | C] -- C:\Windows\Application Data

[2012/06/19 03:44:10 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\Documents\QI Macros Test Data

[2012/06/19 03:44:09 | 000,000,000 | ---D | C] -- C:\QIMacros

[2012/06/19 03:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars

[2012/06/19 03:43:43 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\AppData\Local\blekkotb_031

[2012/06/17 17:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco

[2012/06/17 17:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco

[2012/06/14 03:01:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012/06/14 03:01:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/06/14 03:01:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/06/14 03:01:02 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/06/14 03:01:00 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/06/14 03:01:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/06/14 03:01:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012/06/14 03:01:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/06/14 03:00:58 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012/06/14 03:00:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/06/14 03:00:57 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/06/14 03:00:57 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/06/14 03:00:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/06/13 22:04:00 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll

[2012/06/13 22:04:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll

[2012/06/13 22:04:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe

[2012/06/13 22:03:52 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2012/06/13 22:03:51 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2012/06/13 22:03:51 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2012/06/13 22:03:45 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll

[2012/06/13 22:03:36 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2012/06/13 22:03:35 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2012/06/13 15:42:07 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache

[2012/06/13 15:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake 4

[2012/06/13 15:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\id Software

[2012/06/07 19:18:49 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\Desktop\index.php_files

[2012/06/02 19:28:31 | 000,000,000 | ---D | C] -- C:\Users\Soumitro Auddy\AppData\Local\Ares

[2012/05/27 01:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle

[2012/05/27 01:07:22 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012/05/27 01:07:22 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012/05/24 22:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2012/05/24 22:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

[2012/05/05 15:19:27 | 000,005,632 | ---- | C] (Seyyed HosseiN Hasan Pour Matikolae) -- C:\ProgramData\Set-up Enviroment.exe

[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Soumitro Auddy\Desktop\*.tmp files -> C:\Users\Soumitro Auddy\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/23 00:13:06 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job

[2012/06/22 23:21:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/22 22:33:42 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/22 22:33:42 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/22 22:26:46 | 000,000,930 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\NTREGOPT.lnk

[2012/06/22 22:26:46 | 000,000,911 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\ERUNT.lnk

[2012/06/22 21:14:18 | 000,780,220 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/06/22 21:14:18 | 000,660,982 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/06/22 21:14:18 | 000,121,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/06/22 21:08:26 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/22 19:14:28 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job

[2012/06/22 19:13:11 | 000,006,640 | ---- | M] () -- C:\bootsqm.dat

[2012/06/22 13:50:38 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job

[2012/06/22 03:49:30 | 000,059,121 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\Cover Letter(Soumitro S. Auddy).pdf

[2012/06/14 20:36:37 | 000,001,067 | ---- | M] () -- C:\Users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012/06/14 03:33:25 | 000,465,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/06/07 19:18:49 | 000,030,382 | ---- | M] () -- C:\Users\Soumitro Auddy\Desktop\index.php.htm

[2012/05/29 22:32:13 | 000,000,973 | ---- | M] () -- C:\Users\Soumitro Auddy\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2012/05/29 22:21:55 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

[2012/05/27 01:06:49 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/05/27 01:06:49 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/05/26 19:36:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job

[2012/05/24 22:20:19 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2012/05/24 22:19:48 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2012/05/24 22:19:30 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2012/05/24 22:19:30 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2012/05/24 22:19:25 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Soumitro Auddy\Desktop\*.tmp files -> C:\Users\Soumitro Auddy\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/22 22:26:46 | 000,000,930 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\NTREGOPT.lnk

[2012/06/22 22:26:46 | 000,000,911 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\ERUNT.lnk

[2012/06/22 19:13:11 | 000,006,640 | ---- | C] () -- C:\bootsqm.dat

[2012/06/20 17:30:55 | 000,059,121 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\Cover Letter(Soumitro S. Auddy).pdf

[2012/06/07 19:18:47 | 000,030,382 | ---- | C] () -- C:\Users\Soumitro Auddy\Desktop\index.php.htm

[2012/05/26 18:06:10 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job

[2012/05/24 22:20:19 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2012/05/05 23:30:41 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\SDL_ttf.dll

[2012/05/05 23:30:38 | 000,056,565 | ---- | C] () -- C:\Windows\SysWow64\SDL_image.dll

[2012/05/05 23:30:29 | 000,266,436 | ---- | C] () -- C:\Windows\SysWow64\tiff.dll

[2012/05/05 23:30:16 | 000,565,248 | ---- | C] () -- C:\Windows\SysWow64\alleg42.dll

[2012/05/05 15:19:28 | 002,107,904 | ---- | C] () -- C:\ProgramData\SimEngine.dll.backup

[2012/05/05 15:19:27 | 002,108,416 | ---- | C] () -- C:\ProgramData\SimEngine.exe

[2012/05/05 15:19:27 | 000,324,096 | ---- | C] () -- C:\ProgramData\SDL.dll

[2012/05/05 15:19:27 | 000,013,312 | -H-- | C] () -- C:\ProgramData\SDL_net.dll

[2012/03/30 08:23:10 | 000,007,641 | ---- | C] () -- C:\Users\Soumitro Auddy\AppData\Local\Resmon.ResmonCfg

[2012/02/04 16:21:42 | 000,004,096 | -H-- | C] () -- C:\Users\Soumitro Auddy\AppData\Local\keyfile3.drm

[2012/01/06 17:46:55 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll

[2012/01/05 00:35:14 | 000,004,608 | ---- | C] () -- C:\Users\Soumitro Auddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/11/13 22:04:19 | 000,000,138 | ---- | C] () -- C:\Users\Soumitro Auddy\AppData\Roaming\wpstate.ini

[2011/11/09 01:23:25 | 000,002,671 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy2.asv

[2011/11/09 01:09:43 | 000,002,664 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy2.m

[2011/11/08 06:36:17 | 000,002,269 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy1.asv

[2011/11/08 06:32:29 | 000,002,227 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy1.m

[2011/11/08 06:06:17 | 000,002,565 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy.asv

[2011/11/08 05:57:47 | 000,002,729 | ---- | C] () -- C:\Users\Soumitro Auddy\auddy.m

[2011/11/08 05:24:44 | 000,000,673 | ---- | C] () -- C:\Users\Soumitro Auddy\Untitled.asv

[2011/11/08 05:11:01 | 000,000,657 | ---- | C] () -- C:\Users\Soumitro Auddy\Untitled.m

[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/08/25 14:33:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011/08/19 07:03:51 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

[2011/08/19 07:02:56 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011/08/19 07:02:53 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011/08/19 07:02:48 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011/08/01 08:17:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\MPMapTrace.dll

[2011/08/01 07:37:24 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\mpPathan.dll

[2011/06/10 14:52:52 | 000,000,244 | ---- | C] () -- C:\Windows\SysWow64\nirpc.ini

[2011/02/10 09:33:46 | 000,774,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2011/09/06 01:47:26 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Blio

[2011/11/18 21:13:53 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\com.AccuWeather.air.stratus.6AF67E59E785A9A644FCA43BED05A7731922EF40.1

[2012/06/04 18:01:58 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\DAEMON Tools Lite

[2012/06/22 21:09:42 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox

[2012/02/25 22:02:13 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoft

[2012/02/25 21:55:45 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers

[2012/01/23 14:54:48 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Fingertapps

[2012/02/15 23:58:15 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Microchip

[2012/01/06 17:49:32 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\NaviCoder IDE for Java

[2012/01/04 16:07:06 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\OpenCandy

[2011/08/25 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\PCDr

[2012/05/13 16:14:37 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\SoftGrid Client

[2012/06/22 23:21:27 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\Spotify

[2011/08/31 11:53:49 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\TP

[2012/06/22 21:09:42 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\uTorrent

[2011/09/21 02:28:57 | 000,000,000 | ---D | M] -- C:\Users\Soumitro Auddy\AppData\Roaming\ZinioReader4

[2012/06/22 13:50:38 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job

[2012/06/23 00:13:06 | 000,000,964 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job

[2012/05/26 19:36:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job

[2012/05/29 22:21:55 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

[2012/04/22 00:45:07 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2012/06/22 19:14:28 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

EXTRAS.txt

OTL Extras logfile created on: 6/23/2012 12:13:55 AM - Run 1

OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Soumitro Auddy\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.90 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 22.48% Memory free

7.79 Gb Paging File | 3.81 Gb Available in Paging File | 48.90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 446.13 Gb Total Space | 204.17 Gb Free Space | 45.76% Space Free | Partition Type: NTFS

Computer Name: SOUMITROAUDDY | User Name: Soumitro Auddy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{021A57C6-304D-4397-8A24-C94F8C45E9AF}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\_cdnshelp.exe |

"{04EA4EC6-622D-4E9C-8383-468B61214A31}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\linguist.exe |

"{05241B40-B1FD-494A-9C01-1F3793323E4C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\genfeedformat.exe |

"{0599D5FD-E154-467B-9873-B142265F0716}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\newgenasym.exe |

"{0847A25D-C889-480E-9F50-61852D960AB0}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\tnameserv.exe |

"{09DD2E84-1749-4701-998D-9F862735E709}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\cdnshelp.exe |

"{0ADB3A7B-47D4-4AD2-B0BB-F53C03B99EDF}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\wmpiconfig.exe |

"{0BA2F329-FA49-4C96-AB27-42BEE65E4D2D}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\purge.exe |

"{0BE300E6-F2FF-4856-9C3B-B93DD1148BB3}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\netin.exe |

"{0C20E988-CB49-4969-88B2-0B5C3D256130}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2def.exe |

"{0C47DD3C-8D02-4428-8EFE-21251B7C83C9}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\tcl\bin\tclsh80.exe |

"{0DF31E2D-0627-4973-B2BF-1E56A897A92F}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\dumpcpp.exe |

"{0FBC40EB-79D7-4AA5-832C-6AF93854110D}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\mpsinfo.exe |

"{101409D3-3609-406E-9630-30EEC319FA23}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pdf_out.exe |

"{1177F414-CBE7-4FA8-86AE-A8FBB5DD2628}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\pspiceexplorersrvr.exe |

"{11B295CE-E5AE-414B-96DC-379B78251932}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\xcon2project.exe |

"{17F02BD9-9242-4A69-8063-032328B371AB}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\report.exe |

"{1913F896-770D-4EB5-9E62-8FB69009D455}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\idf_out.exe |

"{19507799-7915-40CB-9256-E3424798F849}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dump_libraries.exe |

"{1ABEF9AA-0020-4628-8D0D-3879802E87B8}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\switchversion.exe |

"{1D196AF2-CEDE-47EE-B8CB-0521528DAB1D}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\keytool.exe |

"{1DD29CF0-841D-4D30-866B-57849E13B3E1}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\refresh_padstack.exe |

"{1FAD54F9-0363-4DEB-B5A5-9784737E9504}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mbs2brd.exe |

"{217AD653-557F-4D38-91D9-D717D60380CE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\spif.exe |

"{221AAD69-E70A-40F4-B07A-DBD99BD07594}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsservipc.exe |

"{27542366-3EAD-499E-961F-7E45CC521ACD}" = dir=in | app=c:\program files (x86)\cadence\tools\perl5\ntt\cmd32.exe |

"{287C238A-9148-4EB1-BCFF-CD1CD34DBE5C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pads_in.exe |

"{294F74B9-0E8E-4A97-A041-9C0D458F190E}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qmake.exe |

"{295237D3-9D84-43C6-B767-FA9549FD1AD7}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\pack200.exe |

"{2A4B3A17-749B-49C4-84AD-165AB98C4742}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\strip_ger.exe |

"{2AB5B9DF-95B9-43D2-B0F7-CBD67C163D47}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\moc.exe |

"{3047CF3A-192E-4F7F-AB35-278932E3E837}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\lconvert.exe |

"{30B33861-5D5F-4540-92FB-811B875A6EF9}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\explot.exe |

"{31991F95-EA75-4F82-BA60-BCEA5B89A9F3}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\strm2oa.exe |

"{327DD1A5-A7FD-4BE1-BCFC-B6388B5DB063}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\servertool.exe |

"{32802E72-1C1B-43F3-B1BD-187ED0589734}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qt3to4.exe |

"{32F098D3-5D64-453A-AB37-B958FB37ACB5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\wmpiregister.exe |

"{350BA5FC-792D-4798-ADDC-87BCB8E449DF}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\pspiceenc.exe |

"{355071B7-1EB2-4291-9100-7293FB2C9249}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\simsrvr.exe |

"{35D0E574-22A8-4D82-AE5D-399B711D6494}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pe_wordpad.exe |

"{36BF474C-EAE5-4C09-AFCA-C31C82357829}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mbs2lib.exe |

"{37C79B45-D85D-48C3-A9AC-CB2F3D0128AA}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dfa_dlg.exe |

"{3826C325-4FB7-4667-B8A1-DDC7842B3BEE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile13.exe |

"{38C7831A-ECB5-4D12-9BD7-DDE68BA47439}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsrunhidden.exe |

"{39B140CF-4A3A-4F10-ACA0-F524F83043FE}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\consmgr.exe |

"{3AC6A8CE-A411-4497-ADA6-EEB23BF49C2C}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\libaccess.exe |

"{3B48EC74-0429-4AAB-9676-AFCE68D329C9}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\pseteditor.exe |

"{3B5B8A24-A8CC-429D-9558-E07B61FBB409}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\l2a.exe |

"{3C1B1FEE-AF7A-42EC-A509-39EDD6A4BCC4}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbfix13.exe |

"{3E200ED7-E6D9-4E6D-9589-4D1CC007C62C}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\cpmaccess.exe |

"{3E63B4DE-0756-4329-BC5C-ADAFEE51EC0B}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsunzip.exe |

"{3E89A087-049F-4B4F-8198-C0C570725A98}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\tutorial\captutor.exe |

"{3F823074-363A-4A5B-9FF0-1DB23D9EA97B}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\idc.exe |

"{3F973A79-F649-4706-B2EA-0F67E98BFEB9}" = dir=in | app=c:\program files (x86)\cadence\tools\specctra\bin\specctra.exe |

"{41180520-D709-4D8A-A432-201A029E9805}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\javaw.exe |

"{434DA93A-2E00-457A-AAA8-0E6FDE5F5FE2}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\iges_out.exe |

"{44ABE590-8593-451C-96CF-21E60AD3A7EC}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\swap.exe |

"{45A7399F-6900-40A2-9AC7-0FD193361258}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\mkdefcfg.exe |

"{45F22A26-BBF1-47AF-A957-8B7DB34C85FE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\uprev.exe |

"{461381F4-89E1-4A38-ADDE-F4DC81459921}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{471BF145-7D87-46B4-B4FA-52AF52CCCC3C}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\pspice.exe |

"{472E3AA1-8A8C-43E7-AEB3-91CEDD299C48}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\convert_ger.exe |

"{47BEB322-53AB-41B5-8AE7-5A60AC60B84D}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsmsgserver.exe |

"{4914943F-C39F-4702-9DBD-3257E093C397}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\designer.exe |

"{49CF6BDF-4887-4C70-8575-CC462DB0DA46}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\genrad.exe |

"{4AE745F6-C2F3-4A36-859F-1037D4929227}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\parallel.exe |

"{4B988331-7C91-4A6F-B126-2B605A66D84C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\convert_gerber.exe |

"{4BF62981-352D-4F60-B0EF-A60780D38B3D}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\uic.exe |

"{4D0F2E6F-6984-4163-81AE-152ED2DCE5E9}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\a2dxf.exe |

"{4DF87F9A-8494-4039-8DFF-0824745DB4E1}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\ncroute.exe |

"{4E597009-AC6B-4789-BE1A-FF9AED1E961A}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\van.exe |

"{4F08CF52-B016-4A68-944C-1304C9C0BE35}" = protocol=6 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |

"{4F2D7B11-3F4E-4309-ACEB-0F6312EB67CB}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\emschecker.exe |

"{4FB1BEE8-8B56-456E-B2B4-4743FEC33930}" = dir=in | app=c:\users\soumitro auddy\appdata\local\facebook\video\skype\facebookvideocalling.exe |

"{4FDB7330-A6BB-4A53-8D5D-BD901B3A523F}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2strm.exe |

"{509075CA-0B3A-4A71-AC66-882FF62E07AB}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\indexer.exe |

"{53036AD6-1698-4EDC-A89A-B7542A9B8C19}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile.exe |

"{538A7D5D-FDAB-4166-992B-AF49AF85B7F6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fpbrowse.exe |

"{53A3F0C0-A1A3-4FCD-8EB2-E6ED1777D0C4}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdszip.exe |

"{54246C98-9C49-4ADB-9CC9-845E1E55B645}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\reftxt.exe |

"{5445376B-A87D-42D0-B902-122456128778}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2spef.exe |

"{54D15802-36A7-4E17-BDF3-DE4AE39C7631}" = dir=in | app=c:\program files (x86)\cadence\tools\perl5\bin\perlglob.exe |

"{5583A9E9-A832-4AD8-A6C7-9EF0F50B8C54}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdswhich.exe |

"{55AD93AE-B6E4-44D5-B247-21671EB745F5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\create_devices.exe |

"{55C674AE-DDBD-469F-B42D-0D01FD2C12BA}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\gate_assign.exe |

"{5665118F-A64E-461B-A6EF-09057E472C13}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\nmppath.exe |

"{57194165-823E-4A7E-AD96-934F6343CBB5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dfa_update.exe |

"{572C72BD-A130-4F87-9862-A387A319A17A}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\conceptnmplistcheck.exe |

"{5733347F-6816-4823-A8E1-98FB20364D1E}" = dir=in | app=c:\program files (x86)\cadence\tools\specctra\bin\mbs2sp.exe |

"{5ABEE5B6-9F76-4CE1-B287-4149F9543485}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fsvia.exe |

"{5B4BF33C-917C-46CF-B789-0437D01D786E}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\publishpdf.exe |

"{5C07714B-DD68-4C5D-B119-EF66F8F27C78}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\assistant.exe |

"{5D46E52E-7B63-4574-9A34-9333817FD2BD}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\zrouter.exe |

"{605CD507-6D43-4AAC-8FD3-026E74C4C282}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\downrev_library.exe |

"{62226254-AEAF-4431-BB1C-0744ECFAA2CC}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\sipdiffviewer.exe |

"{6304A333-8DF3-4F30-ACA8-A18B8F71D1B3}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\tcl\bin\wish80.exe |

"{64CBBB27-1BA8-4B84-A474-D6C12B19A16F}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsinfo.exe |

"{66CBD697-96A9-4688-AA3E-8DB1E0A66A9E}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\javaws.exe |

"{6774E2AF-7C0B-4099-ADD7-F219A437104F}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\verilogannotate.exe |

"{691A16B1-D86D-4A4F-9E92-5F2B1DACD60C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pad_designer.exe |

"{6A5B6001-842D-4EA0-9C71-443B43301CB1}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\lef2oa.exe |

"{6E47CEA9-1A02-4AF2-933A-144FD4189DB7}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oadmturboserver.exe |

"{7021B101-331A-4CA4-8CEE-D130497E0AD1}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\wish.exe |

"{70B26F2D-F6B9-4318-AA30-FD11F3BF62A5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\gloss.exe |

"{71A45C75-8C7A-4BBB-A90E-E80024836698}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\nctape.exe |

"{739E527C-E0AC-43C8-83CA-0DC146519D16}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\modeled.exe |

"{73DC6EA1-BBD9-41A5-BE5A-872235A19BB6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\baf.exe |

"{77000B2A-CFCD-49FB-89E6-0E7358298156}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\allegro_batch.exe |

"{773B93E3-3C10-45EE-A12A-CBCA5FE7A79D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\downrev14.exe |

"{777475E4-D032-4D91-8DA3-2234A7C9437B}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\lrelease.exe |

"{77E1BE8C-C4B8-4B56-B738-F22C9DBF0E5D}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\bodygen.exe |

"{787B0FB9-5A6D-4AF0-A825-DF60CD6096D5}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\xmlpatterns.exe |

"{791D65F2-9C51-47C2-BEDD-32F907A6F24B}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\spif_batch.exe |

"{79ACA08A-4F5F-417A-9320-D70BBD7507A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{7B1D924A-FA4E-4997-A489-38D6501FA3B6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\artwork.exe |

"{7B6AB4E2-DEFC-4435-BE5E-2CDB6C87AC01}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\downrev15.exe |

"{7BBC6C2B-A0E2-4555-9461-36E18F846012}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\bbvia.exe |

"{7E51D7F2-95FA-4FF3-AF60-FB0FA4639697}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\javacpl.exe |

"{81E2A06A-E0E7-4471-9001-C5D8613F0770}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\rcc.exe |

"{826F9D53-5789-40DD-A9AC-F910B96A1AE0}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qhelpgenerator.exe |

"{83D3CDA1-6CF2-4524-AD89-DEEEBA2FEBD3}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\dregprint.exe |

"{87F1091C-A7C0-4103-8CDA-7342872495C8}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\tagtest.exe |

"{880E8546-8AF7-4806-BEAF-684D8CD6FEB9}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\cdnshelpindexer.exe |

"{893B8DB8-9DE0-426F-AC1E-0419CAEA1FDE}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qhelpconverter.exe |

"{89B63739-CF70-4489-816B-371BBF16D91D}" = dir=in | app=c:\program files (x86)\cadence\tools\dfii\bin\skill.exe |

"{8AD43CA2-B2D2-4C95-BAF7-D9E76CD5AA70}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbdoctor15.exe |

"{8B7DFFB1-8D6A-47B3-967C-FE6D9F6B047A}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile14.exe |

"{8BB01137-E49D-48C6-AE14-07D12912B8C5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\flash_convert.exe |

"{8D867629-0036-4848-94DF-A8CDB4BD9861}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\ipc356_out.exe |

"{8DF62793-799F-4FC9-A2F0-F91C67EA6713}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\tclsh.exe |

"{8DFBD46B-DD5F-41E0-A1A0-7D5563961FAD}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dbdoctor.exe |

"{8F1B13B0-21F8-4F39-A76D-1CB4379752D7}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\idx_out.exe |

"{91AD0BF5-9B51-4849-A163-749245BC1A09}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cds_root.exe |

"{9216768B-BD95-443B-B925-44AE3B0A0106}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\j2script.exe |

"{923BBF09-83F6-43A3-95F7-AE2099CACAA6}" = dir=in | app=c:\program files (x86)\cadence\tools\perl5\bin\perl.exe |

"{93D03B78-FFA4-4932-B573-8893AA9CBC1D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\iges_in.exe |

"{94848E9F-C261-4A18-B5AA-F1426182C5DF}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsnameserver.exe |

"{94BFCD50-74A2-450E-89F3-CC63EC26BC52}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\smpd.exe |

"{963281EE-FAF1-4863-A36A-80FA79D7BFED}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\java-rmi.exe |

"{9678EAC8-B424-49CB-B6FF-E629C3AE3EA6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\extracta.exe |

"{97046E79-A757-4A7C-A82F-96EBEA0D94F8}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\clsbd.exe |

"{9865E421-2278-4047-A263-B39C319CA3F9}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\productserver.exe |

"{990D765F-543C-49E7-A114-77905D0CEF9A}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\msghelp.exe |

"{99E4BFF6-AF96-4335-A2E2-E6D34CEAF0F4}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\mrksrvr.exe |

"{9BFF0C67-4B1C-4CF7-89CE-286307F20D9C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\batch_drc.exe |

"{9D20F08D-5074-4AFA-B048-34913648D8A4}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\tclsh84.exe |

"{9D332A97-4DBE-4B69-99EC-C22761AA0728}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\techfile15.exe |

"{9EACEA7E-DA82-4DB6-9052-EB4F08C0308D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\enved.exe |

"{9F878666-5C3D-4E10-AE2F-0E16F709A138}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\pcbcache.exe |

"{A17EEDBC-6C65-4C0E-B3B8-BE35AD6DDA80}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\uic3.exe |

"{A1BD5B76-DD6C-4B0E-A47B-C496B747C369}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\magneticdesigner.exe |

"{A221CDDA-CCE2-4D73-A529-81259EDAB766}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbfix12.exe |

"{A241DB75-8D24-4E47-BABF-D6251B65240D}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\capture.exe |

"{A3CFD01A-BDB6-4869-B90D-2C3BA8A5701A}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\universalbrowser.exe |

"{A60614B5-D7B3-40FA-8B16-C9E8F8AA1680}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fsviasolver.exe |

"{ACAA1DAC-27D4-4376-8A52-8564813A267A}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\projmgr.exe |

"{ADF5CA39-9F21-4BB9-9777-40AB6D195D0B}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\netrev.exe |

"{AE233D4C-9A3B-4F12-9EDB-C60AC3169A43}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\qvupdate.exe |

"{AE41E51C-FEF1-4BD2-B73B-AB169BF616A4}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fatten.exe |

"{AEE908FE-8AA7-4215-8603-7286A6EBE0C5}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\create_sym.exe |

"{AFC5F4A4-9FE8-48B9-AE13-727BED040A15}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\verilog2oa.exe |

"{B0A367C9-D157-4E27-AF5E-7A0A9288D71A}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\indicefilegeneration.exe |

"{B2066E28-7B89-486C-B0A0-0899C8D569CF}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\jusched.exe |

"{B2F71E8B-D5B3-4D89-B209-9025D4399F03}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\spef2oa.exe |

"{B334F33F-191A-4C41-9F5B-9DEAA73F2CF4}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\pixeltool.exe |

"{B5555641-02F6-4B62-B173-102FC9FB0D37}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\unpack200.exe |

"{B598194F-6A65-4769-A0AE-9F0C1E52AFEE}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\jureg.exe |

"{B5A99843-AC06-4C93-B0F7-61FDC333BEB7}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsmps.exe |

"{B8074937-E23F-4BB8-A0E6-22973163D4EC}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\draw_check.exe |

"{BA40CEC0-9A10-4779-BC14-A8DB9299C704}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\wmpiexec.exe |

"{BB769A40-FEBA-40C9-8292-994FE965F546}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oafslockd.exe |

"{BC762760-E243-4A36-A0BD-CFC9000DE606}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\systemdump.exe |

"{BDE7FBA1-B990-43CB-B844-00E63E032C00}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\placement.exe |

"{BEC13C8C-E6F4-4A24-A570-8AAC2F0E7431}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\klist.exe |

"{BF0A886B-1CF9-40F2-9634-2B5F5AD3E4D1}" = dir=in | app=c:\program files (x86)\cadence\tools\msbase\vcredist_x86.exe |

"{BF4C0147-A360-40EE-9E0F-806A2DA8D510}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\def2oa.exe |

"{BFA5F239-8442-4203-9258-DE2D7322E2F3}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\kinit.exe |

"{BFB37277-C4C4-4999-90F6-71525CE6C8E4}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\ktab.exe |

"{C1287505-37D3-48D2-A3A3-BA0BA32BE7A1}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsremshclient.exe |

"{C229CA86-D1D2-4089-A45B-2E31E803BAF1}" = protocol=17 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |

"{C2A65B6A-31DC-4DA0-BA9E-0BB64A1889F7}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oagetversion.exe |

"{C3C4EB5A-05FB-4A44-B2F8-D9814EAF3713}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\refresh_symbol.exe |

"{C3CB5BAA-D902-4424-9861-AF73584008C8}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\clsadmintool.exe |

"{C564F82E-43F8-41B3-8A98-29692F9E8B04}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dbstat.exe |

"{C5F23898-A8C7-417F-8133-B681F150FD7F}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\db_change_type.exe |

"{C7DAAA87-C91D-4C78-9C97-1760F2DE53BD}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\ssvagent.exe |

"{C89979A1-8D6A-44A6-9419-5C584724AD0B}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\rmid.exe |

"{C953113D-4174-419C-B5A7-ED582E76556C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\allegro.exe |

"{CAD74B79-8C7D-437C-B5C9-3099BE613982}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\clu.exe |

"{CBDB9979-BC78-4A94-ABF5-76874A20DE88}" = dir=in | app=c:\program files (x86)\cadence\tools\dfii\bin\skill_g.exe |

"{CBF36914-E33D-482A-8008-B5756355AAFD}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2lef.exe |

"{CCE56B93-D573-4964-BB95-8C025DEA3E55}" = dir=in | app=c:\program files (x86)\cadence\tools\tcltk\8.4\bin\wish84.exe |

"{CCFFCC0D-D184-47AA-84E9-705FA71F4B94}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dbdoctor_ui.exe |

"{CD4A55A3-AC69-4910-B11D-11764353D2A1}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |

"{CE8C07B3-841D-4120-AC4C-C433ADEFA683}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\psp_cmd.exe |

"{CF43A175-A85B-4C5E-82AF-A33F1248CB37}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\rmiregistry.exe |

"{D012940E-9C74-49B1-B2A9-556F560DA9C5}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qtdemo.exe |

"{D1528D9D-28F4-43BB-86F2-199B69599DF6}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pcad_in.exe |

"{D1C95002-A00E-4E3A-8945-E6F6D385ED53}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\lupdate.exe |

"{D48F24F6-C2F7-4719-91E1-9596574DC3DD}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\java.exe |

"{D4AC5223-4F12-490B-8EFD-A4C665FEFD02}" = dir=in | app=c:\program files (x86)\cadence\tools\cdnshelp\bin\topicgen.exe |

"{D5506AC1-3CFC-4601-BF64-9D0C24C08E7D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\refresh_vs.exe |

"{D63C0D3A-B4BE-46D7-A262-2B3072C4DB49}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\jucheck.exe |

"{D6E259B5-2BED-40D8-964A-2D4D7D384B84}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\pspiceaa.exe |

"{D7C6FA66-9EA6-4BC6-8179-DDA207D90077}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\emsmkerror.exe |

"{D9284F89-5B85-4959-88CB-3D080BDFF510}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\policytool.exe |

"{D92D19F9-6FD2-4034-BAB9-83B4995070D6}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\qcollectiongenerator.exe |

"{DAE3B7DD-D61A-4F41-9E8B-7B8C6903EA4B}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\rollback.exe |

"{DC117A93-7895-4ABF-A024-0AA09707879B}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mpiexec.exe |

"{DD40E7DA-0354-41EE-8154-27C165DDD999}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\pstswp.exe |

"{DD70BA27-78D1-458C-91C0-9DFA07136680}" = dir=in | app=c:\program files (x86)\cadence\tools\jre\bin\orbd.exe |

"{DDFA5240-368E-434B-8AD3-8DA9CB52E4BA}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\idf_in.exe |

"{DEF6B518-36FA-48E1-B4ED-4702A1D81797}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbdoctor14.exe |

"{DF01EB41-419E-4AA1-BE50-9E3E9AD247AE}" = dir=in | app=c:\program files (x86)\cadence\tools\qt\bin\assistant_adp.exe |

"{E17C56E5-E132-4F6D-A782-9BA0BD57E9F9}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\sch2cap.exe |

"{E211C0A3-D3E2-4C91-9A4F-7C55DDA7DBAD}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\simmgr.exe |

"{E27C28B0-A4B8-4A9C-B552-DF1C0D77CA1A}" = dir=in | app=c:\program files (x86)\cadence\tools\pspice\stmed.exe |

"{E358AB30-4AE5-4B91-85A7-0802DD743369}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\allegro_free_viewer.exe |

"{E3D22210-DECF-4DDA-AE73-AE4098F93409}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsremote.exe |

"{E43F23C0-38EB-4CF7-890B-F65ED9D5EBDE}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\bem2d.exe |

"{E461FECA-EF24-49CE-8931-FFD13388E78E}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\plctxt.exe |

"{E4F30C08-3411-4533-9F38-89CDFDA1C5B0}" = dir=in | app=c:\program files (x86)\cadence\openaccess\bin\win32\opt\oa2verilog.exe |

"{E5E43144-5AE5-4A1D-B6AD-0E3FE7E0E99C}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\versiontool.exe |

"{E6214E0B-4625-41EF-A835-FA04089FB4C4}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\nmp.exe |

"{E6483CC8-2579-4858-BE4D-ED3AF5C459BA}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cmfeedback.exe |

"{E7CD071E-3DCD-46C7-A30E-19227C3B7F00}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\pre_check.exe |

"{E89B0425-3091-4169-9F71-0A528B1B234C}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdnshelp.exe |

"{E8BF2612-786F-4209-8098-21E69B60266A}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\qpseteditor.exe |

"{E941B778-B0AE-4914-9B20-3BCBC2CD7849}" = dir=in | app=c:\program files (x86)\cadence\tools\fet\bin\lrm.exe |

"{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |

"{EBC6BD7E-87B0-4983-AA86-26C6B186872E}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\regsvr32.exe |

"{EBFB0E13-0308-4DCB-965F-442EA50F961C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\il_allegro.exe |

"{EDD9D124-640D-4C2F-919D-8343B646C160}" = dir=in | app=c:\program files (x86)\cadence\tools\specctra\bin\sp2mbs.exe |

"{EDF09591-0AB9-48AD-8CBD-5C6360362293}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\layer_compare.exe |

"{EE59066C-58CA-4F98-A6FC-9F494A495774}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\cdsoapathutil.exe |

"{F0F6382D-6975-4B5D-A353-E1FAD01B9F64}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\vc5\dbfix11.exe |

"{F355153F-41A8-4E51-99C3-4DCACAC4A6D8}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\comp16.exe |

"{F37D96F0-8D57-4D30-B0FE-68CE346669A6}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{F5B97C8F-0340-432C-8F9C-CDFFEFF7F944}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\fill_ipf.exe |

"{F8498A57-D1B8-473F-ACB4-A262ADE0032C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\ems2d.exe |

"{F8850C54-C46F-49F5-9A9F-166D8584B0EF}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\mcm_escapes.exe |

"{F8CFF746-1301-406D-AB7A-8EC21FE8D87D}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\gbplot.exe |

"{FC21C46B-DB77-4A71-876B-951F1A33E693}" = dir=in | app=c:\program files (x86)\cadence\tools\bin\versionviewer.exe |

"{FC5F6E7C-05CD-46B3-8FF7-B074BBE6E5D8}" = dir=in | app=c:\program files (x86)\cadence\tools\capture\pcadi.exe |

"{FEBC3327-0CA3-4594-8DC1-D6E913F76476}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\sys_root.exe |

"{FFDF61D0-E2D8-4093-BF0A-1E4FE4DF853C}" = dir=in | app=c:\program files (x86)\cadence\tools\pcb\bin\dxf2a.exe |

"TCP Query User{1146D7AD-7FEC-41E4-AA41-F7BABD7EC04F}C:\program files (x86)\black_box\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=c:\program files (x86)\black_box\need for speed the run\need for speed the run.exe |

"TCP Query User{1F7339D0-889D-4F94-A920-11437234B02A}C:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe |

"TCP Query User{719D5AC1-09E9-48E6-AD50-1765D05701FE}C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |

"TCP Query User{7B590C0F-9D76-44D8-86BC-319EDBCDD82F}C:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe |

"TCP Query User{934CF8F3-0484-4EA8-8E76-191DD239240F}C:\program files (x86)\veetle\player\veetlenet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |

"TCP Query User{A0EF6287-9727-444A-AD73-81426B07B8B5}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |

"TCP Query User{A452E34D-6CD9-480D-A37D-DA2A9EBD0130}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"TCP Query User{AE1FCF1D-9029-423C-8A63-0B877A80698C}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |

"TCP Query User{B32506F2-E31A-4942-8C79-03D6DE5E8133}C:\program files (x86)\matlab\bin\win64\matlab.exe" = protocol=6 | dir=in | app=c:\program files (x86)\matlab\bin\win64\matlab.exe |

"TCP Query User{D391171D-36E8-4A00-BDAB-45985587EBB1}C:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe |

"TCP Query User{D40F5532-BD98-413A-82F5-EAE6E1BB0123}C:\counter strike\half-life\czero.exe" = protocol=6 | dir=in | app=c:\counter strike\half-life\czero.exe |

"TCP Query User{E1FFA68E-1593-4FCD-B655-6C6531C59A1C}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |

"UDP Query User{0AE9BB8C-045B-49BB-ACB2-3EFA1D4861F0}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |

"UDP Query User{1994D5AB-3A1D-48CC-AD86-10D0CA0A5921}C:\program files (x86)\matlab\bin\win64\matlab.exe" = protocol=17 | dir=in | app=c:\program files (x86)\matlab\bin\win64\matlab.exe |

"UDP Query User{25031FCC-D710-4FA3-B6DD-2C4A1A6330DD}C:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\spotify\spotify.exe |

"UDP Query User{2C37310D-BF96-47C4-AB66-DE2FCDA88B11}C:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\soumitro auddy\appdata\roaming\dropbox\bin\dropbox.exe |

"UDP Query User{2F0A4966-5926-43C9-B49F-D896C8EBFBC4}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"UDP Query User{38B952D3-9183-45A9-A739-CDFF17D58F19}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe |

"UDP Query User{6ADD0D84-1CCE-4601-8F9F-271051F7348F}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |

"UDP Query User{83BD53B4-0C5A-4A3D-ADEC-7011A9D03F35}C:\program files (x86)\black_box\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=c:\program files (x86)\black_box\need for speed the run\need for speed the run.exe |

"UDP Query User{AEA241DE-4A4E-47C8-B036-A01F8CC2DDDF}C:\program files (x86)\veetle\player\veetlenet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |

"UDP Query User{C0B47C48-1B83-4E57-9B4F-74D11DA4C75B}C:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\users\soumitro auddy\desktop\gaming\games\call of duty - black ops\blackops.exe |

"UDP Query User{C448C770-5F66-40A1-9C0B-9BB86E3BFBB9}C:\counter strike\half-life\czero.exe" = protocol=17 | dir=in | app=c:\counter strike\half-life\czero.exe |

"UDP Query User{F5610E01-EF35-4A00-BF87-EAF712CB2C79}C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0B7AFE8D-1265-4025-AD23-3624CEAD4F3C}" = NI Xalan Delay Load 1.10.1 64-bit

"{0D5534F6-AF96-489F-A69F-082199EE027F}" = NI Authentication 2.0 (64-bit)

"{1778742E-59D3-4090-AB8A-DAA281D66772}" = NI Assistant Framework 64-bit

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1C174277-CE5D-44A2-888F-2522A8B4739D}" = NI DataSocket 4.9 (64-bit)

"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java 6 Update 24 (64-bit)

"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display

"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software

"{2C304E7A-A1E0-4E56-8679-7B7FC80BE6BE}" = NI-RPC 4.2.2f0 for 64 Bit Windows

"{36399014-1508-46F3-A31B-379C3B1FC451}" = NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5

"{3AFD5259-24B6-4332-8EEF-9947200DF693}" = NI GMP Windows 64-bit Installer 11.0.0

"{4168FF33-8D45-40B3-B2A8-FD91BB2A1BA0}" = NI mDNS Responder 1.6 for Windows 64-bit

"{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit)

"{50B2D9D8-87B6-49EE-BC5C-874119FD6B7B}" = NI Xerces Delay Load 2.7.3 64-bit

"{53794485-921A-4C71-8E82-6F5A15E9ECBA}" = NI Network Discovery 5.0 for Windows 64-bit

"{5780B596-E0C0-4E78-8671-6C80D2913366}" = NI TDMS (64-bit)

"{5E3886A4-EAFC-40F6-A03E-14E594B1037D}" = NI Curl 1.1 (64-bit)

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{678EB05F-D317-48C9-9C67-E33AE7C0F900}" = NI MXS 5.0.0 for 64 Bit Windows

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{803E7FD0-02FE-440E-990A-77B0E50EC30B}" = NI Web Application Server 2.0 (64-bit)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{82DA2AE0-AC4B-4D34-BE7D-B4C720A1E7D2}" = NI VC2008MSMs x64

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01

"{899576E7-3569-417F-8EFE-EB881BE22EDE}" = NI MAX Remote Configuration 64-bit Installer 5.0

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{922317D8-F321-4F43-9D50-03399CECD597}" = NI MAX Support for 64 Bit Windows

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{974391A4-9358-4122-951C-CE73EF490A40}" = NI System Configuration Runtime 5.0.0 for Windows 64-bit

"{9852ECEE-C1A0-4D3B-9702-00097BD8BE80}" = NI System State Publisher (64-bit)

"{99ACA06A-648E-4045-BF5C-A79EC35DBEE9}" = NI Trace Engine (64-bit)

"{9CE96256-FAF1-4E48-9CA1-02F7ED80A2E6}" = NI Logos64 5.3.0

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{A2B07F9D-69FA-4BE8-A6B0-C0F13B5EDE62}" = NI USI 1.9.0 64-Bit

"{AC4088C0-E5F7-45F1-ACAB-0FB1C78AFA3F}" = NI Variable Engine (64-bit)

"{ACDE2A50-97CF-47FE-B92C-ED8147F85A9D}" = NI VC2005MSMs x64

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.30

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.30

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.30

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B3ACDAEB-08E0-41F8-8789-D0A333AE4964}" = NI System Web Server Base 2.0 (64-bit)

"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0

"{B9254715-D10D-4B4B-B002-54CBA61E6F64}" = NI LabVIEW Broker (64 bit)

"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support

"{CFCC7864-15DB-46AB-96A2-69F716E7D963}" = NI Logos64 XT Support

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{D198B514-B24E-43FC-AE19-E634F48B928C}" = NI System API Windows 64-bit 5.0.0

"{D5D8BFCD-C9F4-488A-B660-8876D02AA572}" = NI Portable Configuration for 64 Bit Windows 5.0.0

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{E3867DF9-81D4-40BC-880C-1F134FECF995}" = NI Help Assistant (64bit)

"{E45B7F5F-A814-4C15-A0D6-14CEE02AD72D}" = NI SSL Support (64-bit)

"{EDC7187A-CA7C-472E-81CD-84806FDB1B6F}" = NI Math Kernel Libraries (64-bit)

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F63D3568-80A4-47AB-B97D-8988DF18BD0C}" = NI TDM Excel Add-In 3.3 64-bit

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"Dell Support Center" = Dell Support Center

"MatlabR2010b" = MATLAB R2010b

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2

"ProInst" = Intel PROSet Wireless

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{010A2C18-0830-45A0-BE2B-DD37A2D8A2FE}" = NI LabVIEW Run-Time Engine Interop 2011

"{01415FEA-D7D9-40CF-9370-AF74ABC1AE39}" = NI System API Web-Servce 32-bit 5.0.0

"{01AC4D6A-05F0-4158-95E7-FC299961B50A}" = NI Math Kernel Libraries

"{033F0FD6-07E0-414A-8367-51EB862EFE12}" = NI System Configuration Runtime 5.0.0

"{043955AD-7E11-4B6D-A317-B72F7BB87736}" = NI Assistant Framework LabVIEW 2011 Support

"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable

"{05617B99-0727-4FFB-AC8E-8F6427799C8F}" = NI-DAQmx/LabVIEW shared documentation 1.9.5

"{05C030B8-DC4F-489D-B86B-FC6B7DB3F607}" = NI SSL LabVIEW 2011 Support

"{066F687E-1CA0-4D94-A2C9-F8E6E817F4CB}" = NI LabVIEW Run-Time Engine 2011

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}" = 極速快感:亡命天涯

"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1

"{110ACDD7-71B0-4A09-B45C-4A4C5CFA3103}" = MPLAB Tools v8.76

"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0

"{112DFF69-BD66-43B4-9F6A-FE2FFB60A075}" = NI LabVIEW 2011

"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4

"{1968D913-702C-4418-9DC8-A095B15CE8A5}" = NI LabVIEW 2011

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1A609A84-71AF-4D96-962B-E060D34FD4AB}" = NI MetaSuite Installer

"{1B5ABB51-8AAB-4FBA-8987-9A8820756E2B}" = NI USI 1.9.0

"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{22923F17-B592-4A7F-84A8-18F3BFC13B94}" = NI Microsoft Silverlight Wrapper

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{268B0789-E2BF-4836-BF05-A6140B4983CA}" = NI MAX Remote Configuration Installer 5.0

"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 29

"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4

"{27111B7A-97FE-46BD-81F9-4E87737DF803}" = NI LabVIEW 2011 MeasAppChm File

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{292382C0-61F7-458A-9008-55F272A4DD9C}" = NI Logos 5.3.0

"{2ADC660A-77C9-4A6C-9D4B-5E48A27BCA10}" = NI Help Assistant

"{31A184AC-4ACA-463B-BE84-F4ABA7FC4655}" = NI Logos LabVIEW 2011 Support

"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6

"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress

"{32A3A4F4-B792-11D6-A78A-00B0D0160000}" = Java SE Development Kit 6

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33AAA123-A24A-46A7-8CD6-F03C5B375033}" = NI TDM Excel Add-In 3.3

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3AC01660-F640-4AFB-A25E-082B260C025C}" = WIF Core Dependencies Windows 5.0.0

"{3AE9153C-1E52-4B6B-9405-FE403342A3C8}" = NI Update Service 2.0

"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage

"{3D1F6E51-C98C-4C01-8170-D2DBF2837F13}" = NI LabVIEW Merge Utility 11.0.0

"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP

"{415780C0-4A19-4567-AAAE-10CCB9832B13}" = NI-RPC 4.2.2f0 for Phar Lap ETS

"{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor

"{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML

"{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client

"{445D1CC7-9C3C-4823-9597-B7DDD8698FE6}" = NI LabVIEW 2011 Manuals

"{451F962A-92A1-407C-AFA0-A29C0349A76F}" = NI MDF Support

"{45C5DE6E-85AB-466E-9A6F-8BAB11EE0EDD}" = NI Web Interface Framework 2.0

"{46BF7707-A511-47E7-B118-0E53DCA1A0EA}" = NI Remote PXI Provider for MAX 5.0.0

"{482A01F8-A9C9-4DB6-84DE-265A2B763F20}_is1" = LogMeTT 2.9.9

"{49F05354-04F7-4AE4-8434-9E7B5462C727}" = NI DN 2.0 SP1 installer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A3975BD-F85A-4CCB-9520-EB5604775A0F}" = NI LabVIEW 2011

"{4B7IL77L-LKS1-75B1-NFSRUN-18CD6E6334R1}_is1" = Need for Speed The Run version 1.0

"{4BDAF6F8-8C28-49FD-8FA7-CEE3E9E9BAD4}" = NI LabVIEW 2011 Simulation

"{4BEFB7C6-F103-42FB-9482-861C6D9690A0}" = NI LabVIEW Compare Utility 11.0.0

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{50F728C0-9A37-4868-B9E1-42565C228B12}" = Reset NI Config 5.0.0

"{52252F5C-58CD-48ED-8C88-9AAD6FE887B4}" = NI Trace Engine

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{523B5D39-C209-41C8-9075-F6C14C2394D2}" = NI LabVIEW 2011 Search

"{555B2ADE-B3CB-4C95-A789-8A7C03A004B7}" = NI LabVIEW 2011 Deployment Framework

"{578A6214-6CC6-4043-A9A8-C045DDAE2B39}" = NI Remote Provider for MAX 5.0.0

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo

"{5F123C21-A5E2-4CFB-A6A7-034C9087099F}" = NI Logos XT Support

"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68DE7BF6-AFA9-4609-9C96-8C15E46E2093}" = NI Example Finder 11.0

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter

"{6F1B061C-AB4B-4FB4-8715-269FFCC2FD07}" = NI LabVIEW 2011

"{70BA7761-629A-4118-BFE0-02753B9019C8}" = NI MXS 5.0.0

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{712723FB-BF99-4406-8F91-A2DB766AB2C9}" = NI VC2008MSMs x86

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD®

"{73854BF9-E78E-4D6F-B8C2-A7A3CD855124}" = NI LabVIEW 2011 Help File

"{74543E90-425B-46D2-BB83-D91C7974834D}" = NI LabVIEW 2011

"{7571F0A3-AC23-4F7B-A64E-442C5C82CE01}" = NI LabVIEW 2011

"{75C812EE-06B8-4A47-B37D-9777BE9A644C}" = NI SSL Support

"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7A29AA0C-202A-467E-9257-DE2E8DBC60B3}" = NI LabVIEW 2011 License

"{7C62B54A-E524-4F3D-83E7-0F2ABAFC978A}" = NI Xalan Delay Load 1.10.1

"{7C6869BF-6CBE-4CB0-8869-2743B419343C}" = NI LabVIEW 2011 Real-Time NBFifo

"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159

"{7D64A463-C3C9-40B6-BC46-4DD7D0DE2BFD}" = NI LabVIEW 2011 Run-Time Engine Non-English Support.

"{7D89ECEB-7E27-4898-812E-80862E91AB94}" = NI Portable Configuration 5.0.0

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online

"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{80C792E1-78BC-4F4A-839E-BCD107770938}" = NI System API Windows 32-bit 5.0.0

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11

"{886C3E95-4032-45C8-92F6-57861871635A}" = NI Software Provider for MAX 5.0.0

"{89089F33-94D7-4E9C-918F-75CC933FC88F}" = NI DataSocket 4.9

"{8923D179-24D1-475D-A381-0B8C1AF1A206}" = NI LabVIEW 2011 Web Server

"{896849EE-EEE6-4E45-B20B-9F4DDCF805DA}" = NI Assistant Framework

"{89CE9AA7-0615-4DB5-83DB-B0AA2FDAD454}" = NI LabVIEW 2011

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8D9F6EFD-6EAF-4327-AD59-92DEA050BDAF}" = NI Instrument IO Assistant for LabVIEW 2011 32-bit

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F1B9FE1-5777-4118-B982-B50B030101FF}" = NI LabVIEW 2011

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{98F4DC3F-958E-4DE5-BE1D-DBD72B05A204}" = NI Search Shared

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A87DA58-1C1C-4305-BD69-231886F03191}" = NI Uninstaller

"{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009 SP1

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C2113B6-30DC-4827-9166-E6F4889D7594}" = NI LabVIEW 2011 Deployable License

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A11A542A-37BF-4943-9810-3F1DC0AD4A1C}" = NI LabWindows/CVI 2010 Code Generator

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A1BFEB7F-3126-4F60-9CFD-8D4FC1B87BEB}_is1" = TTLEditor 1.2.1

"{A363C314-2242-4BBE-9ADE-B427AF646EFF}" = NI mDNS Responder 1.6.0

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7B1ABA8-E2A2-4565-A8AF-F01657FF5CEA}" = NI LabVIEW Web Services Runtime

"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB9BBC2E-83F6-47A9-9FA3-08D3774F8E45}" = NI-RPC 4.2.2f0

"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries

"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI

"{AE593237-3C8E-44F2-A9AA-2DDE0A472CDE}" = NI LabVIEW Web Server for Run-Time Engine

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009

"{B1DCBBC7-8ECE-497F-926F-02FE4E42216B}" = NI Distributed System Manager 2011

"{B1EE55C1-F98B-40AB-AF0C-422ECCC88454}" = NI Measurement & Automation Explorer 5.0.0

"{B2BDA3BC-29BE-49C1-A30E-15DA8D041601}" = NI License Manager

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{BB3EBB9E-1CA1-4B7F-9E67-09540CCE9F45}" = NI Assistant Framework LabVIEW Code Generator 2011

"{BEBCBC05-4B39-4935-8B7C-B06E9FF1EA2A}" = NI EulaDepot

"{C0DE25AE-B0E5-4D4B-96CE-EE757066D0BA}" = NI Network Discovery 5.0

"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID

"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime

"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CC17CE69-4AB6-4434-ADB4-27DB49D36080}" = NI Curl 1.1

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF30E2B5-A7A7-47AD-8B03-22A27D4E9971}" = NI LabVIEW 2011 Real-Time Error Dialog

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4877334-6730-4C84-B9C9-218EA466CA74}" = NI LabVIEW 2011

"{D5BB7AAE-62F4-4C4F-B272-F27AEE16BA7F}" = NI TDMS

"{D70CCDE0-44B0-460D-94AD-7BE162E49126}" = NI LabVIEW 2011

"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP

"{DB0D5AFF-0B60-4287-9BC2-F4AE797B02F4}" = NI Authentication 2.0

"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0D8CD4E-4771-4848-A09D-60A31D883883}" = NI VC2005MSMs x86

"{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI

"{E3739FE9-3BAF-4250-82FA-230C7CC0EAD8}" = NI LabVIEW 2011 Help

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E5BCF967-F2DF-40F4-A1DE-25DB6AB6B278}" = Blio

"{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3

"{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard

"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi

"{EA37AB72-EC8C-432C-A1C6-186850FB0559}" = NI System State Publisher

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EB708DAB-CD04-46E4-88C9-E3BC80595982}" = NI System Web Server Base 2.0

"{EB8D0A82-E02A-437C-A7C4-90516F1CFB39}" = NI Web Application Server 2.0

"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9

"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer

"{EF1B1A68-988E-4A68-8504-774373A4651C}" = NI OPC Support

"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter

"{F04A89CB-A185-4263-85ED-4BAD766F7DAE}" = NI Error Reporting 2011

"{F055B0A4-8F75-4F85-B6FF-1C5BE10A72DC}" = NI LabWindows/CVI 9.0 Run-Time Engine

"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2E01659-A397-4F84-9B5E-484A431CE1C5}" = NI System Web Server 2.0

"{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker

"{F45CE5E8-4A60-4292-8FD5-1807DFEBE221}" = NI LabWindows/CVI 2010 LabVIEW DLL Builder

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{F6C682B6-7714-41CC-80B6-3288364910AF}" = NI GMP Windows 32-bit Installer 11.0.0

"{F7CCA6E5-1D14-4907-83BB-6B6BF36F1D90}" = NI Variable Engine LabVIEW 2011 Support

"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel® Wireless Display

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F9A74F70-7597-47B8-B04C-044824C23B15}" = NI LabVIEW 2011 VIPM Helper

"{F9E0880D-B263-48F9-B8E5-BAFCAE9BE150}" = NI System API Client for WIF 5.0.0

"{FDED748C-432B-4B44-BB33-3BB8550A2AD2}" = NI Variable Engine 2.5.0

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage

"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine

"Adobe AIR" = Adobe AIR

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"avast" = avast! Free Antivirus

"BetterLinks" = BetterLinks v1.7.5.24 (remove only)

"BlueJ_is1" = BlueJ 3.0.4

"CreativeIDE" = Michael's Creative C++

"Crysis WARHEAD®" = Crysis WARHEAD®

"DAEMON Tools Lite" = DAEMON Tools Lite

"Dell Webcam Central" = Dell Webcam Central

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ERUNT_is1" = ERUNT 1.1j

"FormatFactory" = FormatFactory 2.90

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221

"InstallShield_{110ACDD7-71B0-4A09-B45C-4A4C5CFA3103}" = MPLAB Tools v8.76

"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"MPLAB C for PIC24 MCUs and-or dsPIC DSCs v3.30c" = MPLAB C for PIC24 MCUs and-or dsPIC DSCs

"NI Uninstaller" = National Instruments Software

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"OpenAL" = OpenAL

"PICC 9.82" = HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0

"PremiumSoft Navicat Premium_is1" = PremiumSoft Navicat Premium 9.1

"PremiumSoft NaviCoder IDE for Java_is1" = PremiumSoft NaviCoder IDE for Java

"RealPlayer 15.0" = RealPlayer

"ST6UNST #1" = NuMap7.1 - Nonlinear Networks for Approximation

"Tera Term_is1" = Tera Term 4.71

"uTorrent" = µTorrent

"uTorrentBar Toolbar" = uTorrentBar Toolbar

"Veetle TV" = Veetle TV

"VLC media player" = VLC media player 1.1.11

"WinLiveSuite" = Windows Live Essentials

"ZinioReader4" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{09AB0B35-9138-4765-900C-28FC4011058E}" = OrCAD 16.5 Lite

"Dropbox" = Dropbox

"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 4/27/2012 12:04:55 PM | Computer Name = SoumitroAuddy | Source = VSS | ID = 12289

Description =

Error - 4/28/2012 3:47:20 PM | Computer Name = SoumitroAuddy | Source = WinMgmt | ID = 10

Description =

Error - 4/28/2012 3:51:36 PM | Computer Name = SoumitroAuddy | Source = WinMgmt | ID = 10

Description =

Error - 4/28/2012 5:35:49 PM | Computer Name = SoumitroAuddy | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\Program Files (x86)\Cozi

Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component

version required by the application conflicts with another component version already

active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 4/29/2012 5:30:39 PM | Computer Name = SoumitroAuddy | Source = Application Error | ID = 1000

Description = Faulting application name: WebcamDell2.exe, version: 1.0.60.0, time

stamp: 0x4e41f4a8 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception

code: 0xc000041d Fault offset: 0x73394f0d Faulting process id: 0x1628 Faulting application

start time: 0x01cd2578a685db42 Faulting application path: C:\Program Files (x86)\Dell

Webcam\Dell Webcam Central\WebcamDell2.exe Faulting module path: unknown Report Id:

90293f4c-9242-11e1-ae32-14feb5bf0fbf

Error - 5/2/2012 5:47:09 PM | Computer Name = SoumitroAuddy | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\Program Files (x86)\Cozi

Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component

version required by the application conflicts with another component version already

active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 5/3/2012 5:09:56 AM | Computer Name = SoumitroAuddy | Source = Application Error | ID = 1000

Description = Faulting application name: realplay.exe, version: 15.0.0.198, time

stamp: 0x4eb9c708 Faulting module name: ole32.dll, version: 6.1.7601.17514, time

stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x0004ba3d Faulting process

id: 0x27b0 Faulting application start time: 0x01cd290c801a1fb6 Faulting application

path: c:\program files (x86)\real\realplayer\realplay.exe Faulting module path:

C:\Windows\syswow64\ole32.dll Report Id: c01f0ae9-94ff-11e1-ae32-14feb5bf0fbf

Error - 5/4/2012 1:49:42 PM | Computer Name = SoumitroAuddy | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):

DownloadLatest Failed: HTTP status 304: The server's response was not valid. The

server was not following the defined protocol. Resume the job, and then Background

Intelligent Transfer Service (BITS) will try again.

Error - 5/4/2012 5:49:12 PM | Computer Name = SoumitroAuddy | Source = WinMgmt | ID = 10

Description =

Error - 5/4/2012 7:26:35 PM | Computer Name = SoumitroAuddy | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\Program Files (x86)\Cozi

Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component

version required by the application conflicts with another component version already

active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component

2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

[ Cisco AnyConnect VPN Client Events ]

Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:

2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647

(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp

Line:

7639 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33161196

(0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE

Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::OnTimerExpired File: .\MainThread.cpp Line: 4287

Invoked

Function: CMainThread::applyHostConfigForNoVpn Return Code: -33161196 (0xFE060014)

Description:

ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE

Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp

Line:

2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647

(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 6/21/2012 6:18:16 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:

2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647

(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 6/21/2012 10:29:03 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: CDNSRequest::OnSocketReadComplete File: .\IP\DNSRequest.cpp

Line:

1069 Invoked Function: CDNSRequest::processResponse Return Code: -29229042 (0xFE42000E)

Description:

DNSREQUEST_ERROR_REFUSED Failed to resolve 17.1.107.129.in-addr.arpa via DNS server

192.168.1.254

Error - 6/22/2012 8:14:21 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp

Line:

31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:

WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.

Error - 6/22/2012 8:14:29 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:

_tstat Return Code: 2 (0x00000002) Description: The system cannot find the file specified.

File:

C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error:

No such file or directory

Error - 6/22/2012 10:08:50 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp

Line:

31 Invoked Function: CVCMSSaxParser Return Code: -1072897499 (0xC00CE225) Description:

WINDOWS_ERROR_CODE XML Parser fatal error: Validate failed.

Error - 6/22/2012 10:08:50 PM | Computer Name = SoumitroAuddy | Source = vpnagent | ID = 67108866

Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:

_tstat Return Code: 2 (0x00000002) Description: The system cannot find the file specified.

File:

C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error:

No such file or directory

[ Media Center Events ]

Error - 1/29/2012 7:03:55 PM | Computer Name = SoumitroAuddy | Source = MCUpdate | ID = 0

Description = 5:03:48 PM - Error connecting to the internet. 5:03:48 PM - Unable

to contact server..

Error - 2/11/2012 7:50:55 PM | Computer Name = SoumitroAuddy | Source = MCUpdate | ID = 0

Description = 5:26:01 PM - Failed to retrieve Directory (Error: The operation has

timed out)

[ System Events ]

Error - 6/23/2012 1:20:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874

Description = An SSL 3.0 connection request was received from a remote client application,

but none of the cipher suites supported by the client application are supported

by the server. The SSL connection request has failed.

Error - 6/23/2012 1:20:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888

Description = The following fatal alert was generated: 40. The internal error state

is 107.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874

Description = An SSL 3.0 connection request was received from a remote client application,

but none of the cipher suites supported by the client application are supported

by the server. The SSL connection request has failed.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888

Description = The following fatal alert was generated: 40. The internal error state

is 107.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874

Description = An SSL 3.0 connection request was received from a remote client application,

but none of the cipher suites supported by the client application are supported

by the server. The SSL connection request has failed.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888

Description = The following fatal alert was generated: 40. The internal error state

is 107.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874

Description = An SSL 3.0 connection request was received from a remote client application,

but none of the cipher suites supported by the client application are supported

by the server. The SSL connection request has failed.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888

Description = The following fatal alert was generated: 40. The internal error state

is 107.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36874

Description = An SSL 3.0 connection request was received from a remote client application,

but none of the cipher suites supported by the client application are supported

by the server. The SSL connection request has failed.

Error - 6/23/2012 1:21:54 AM | Computer Name = SoumitroAuddy | Source = Schannel | ID = 36888

Description = The following fatal alert was generated: 40. The internal error state

is 107.

< End of report >

checkup.txt:

Results of screen317's Security Check version 0.99.42

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.61.0.1400

PremiumSoft NaviCoder IDE for Java

JavaFX 2.1.0

Java 6 Update 29

Java 7 Update 4

Java SE Runtime Environment 6

Java SE Development Kit 6

Java version out of Date!

Adobe Reader X (10.1.3)

Google Chrome 19.0.1084.56

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 1%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Your logs showed some peer-to-peer filesharing apps: uTorrent. I do not recommend the use of P-2-P programs since such filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Use Control Panel >>Programs and Features

locate each of uTorrent + uTorrent Toolbar

select one at a time of these, right-click and do Un-install

You need to remove both, before we can proceed. Confirm that you have done so.

Close Control Panel when done.

Logoff and Restart the system fresh.

Link to post
Share on other sites

Yes Maurice, I have uninstalled both uTorrent applications. Windows performed some sort of update when I restarted the computer. The first time I restarted it, my desktop was not prepared correctly and no icons were displayed. The themes and all graphics were missing and it displayed the following message:

"C:\Windows\system32\config\systemprofile\Desktop refers to a location that is unavailable.It could be on a hard drive on this computer, or on a network. Check to make sure the disk is properly inserted, or that you are connected to the Internet or your network, and then try again. If it still cannot be located, the information may have been moved to a different location."

Upon restarting the computer again, the desktop loaded properly and this message was not displayed. Is this part of the process I performed earlier?

Link to post
Share on other sites

Is that part of the process? No. That is a fluke; chalk it up to a one-off, one-time thing.

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member mrssa only. If you are a casual viewer, do NOT try this on your system!

If you are not mrssa and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

Step 1

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop cf-icon.jpg and select "Run as Administrator".

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Note:

Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

Reply with a copy of the C:\Combofix.txt log

Link to post
Share on other sites

After I ran ComboFix, the computer restarted. The log file was generated and I tried to access my web browsers. But on clicking the browser icons, I got a message saying, "This has been marked for deletion. Do you want to delete it now?" or something like that, I can't recall the exact words. I restarted the computer and this problem went away. Is this also a one-off or was it part of the scan?

The log for the ComboFix is as follows.

ComboFix:

ComboFix 12-06-23.06 - Soumitro Auddy 06/24/2012 3:50.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3990.2448 [GMT -5:00]

Running from: c:\users\Soumitro Auddy\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Roaming

c:\programdata\SDL.dll

c:\programdata\SDL_net.dll

c:\programdata\SimEngine.dll.backup

c:\programdata\SimEngine.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-05-24 to 2012-06-24 )))))))))))))))))))))))))))))))

.

.

2012-06-24 09:00 . 2012-06-24 09:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-06-24 09:00 . 2012-06-24 09:00 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-23 15:51 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-23 15:51 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-23 15:51 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-23 15:51 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-23 15:50 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-23 15:50 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-23 15:50 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-23 15:50 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-23 15:50 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-23 04:28 . 2012-06-23 04:28 -------- d-----w- C:\ARK

2012-06-23 04:26 . 2012-06-23 04:26 -------- d-----w- C:\TDSSKiller_Quarantine

2012-06-23 03:26 . 2012-06-23 03:26 -------- d-----w- c:\program files (x86)\ERUNT

2012-06-22 18:52 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C5EF48EA-BBF3-4C7E-A92A-06641C9D29C8}\mpengine.dll

2012-06-22 02:50 . 2012-06-23 01:50 -------- d-----w- c:\users\Soumitro Auddy\AppData\Local\Unity

2012-06-19 08:44 . 2012-06-19 08:44 -------- d-----w- c:\windows\Application Data

2012-06-19 08:44 . 2012-06-19 08:44 -------- d-----w- C:\QIMacros

2012-06-19 08:43 . 2012-06-20 20:27 -------- d-----w- c:\programdata\blekko toolbars

2012-06-19 08:43 . 2012-06-19 08:43 -------- d-----w- c:\users\Soumitro Auddy\AppData\Local\blekkotb_031

2012-06-17 22:10 . 2012-06-17 22:10 -------- d-----w- c:\programdata\Cisco

2012-06-14 08:00 . 2012-05-18 02:51 754808 ----a-w- c:\program files\Internet Explorer\iexplore.exe

2012-06-14 03:04 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-14 03:04 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-06-14 03:04 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-06-13 20:44 . 2012-06-13 20:44 -------- d--h--w- c:\windows\msdownld.tmp

2012-06-13 20:42 . 2012-06-13 20:42 -------- d-sh--w- c:\windows\ftpcache

2012-06-13 20:39 . 2012-06-13 20:39 -------- d-----w- c:\program files (x86)\id Software

2012-06-03 00:28 . 2012-06-03 00:34 -------- d-----w- c:\users\Soumitro Auddy\AppData\Local\Ares

2012-05-27 06:07 . 2012-05-27 06:07 -------- d-----w- c:\program files (x86)\Oracle

2012-05-27 06:07 . 2012-04-04 23:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-25 03:19 . 2006-07-11 23:35 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2012-05-25 03:19 . 2006-07-11 23:35 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-05-06 04:30 . 2012-05-06 04:30 348160 ----a-w- c:\windows\SysWow64\SDL_ttf.dll

2012-05-06 04:30 . 2012-05-06 04:30 56565 ----a-w- c:\windows\SysWow64\SDL_image.dll

2012-05-06 04:30 . 2012-05-06 04:30 266436 ----a-w- c:\windows\SysWow64\tiff.dll

2012-05-06 04:30 . 2012-05-06 04:30 565248 ----a-w- c:\windows\SysWow64\alleg42.dll

2012-05-05 20:29 . 2012-05-05 20:29 249856 ------w- c:\windows\Setup1.exe

2012-05-05 20:29 . 2012-05-05 20:29 73216 ----a-w- c:\windows\ST6UNST.EXE

2012-04-28 20:00 . 2012-04-28 06:06 1198 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg

2012-04-28 06:23 . 2012-04-28 06:23 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll

2012-04-12 08:28 . 2012-04-12 08:28 0 ----a-w- c:\windows\SysWow64\sho5A69.tmp

2012-04-04 23:47 . 2011-08-19 11:12 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-04 20:56 . 2011-10-09 18:45 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-30 11:35 . 2012-05-10 23:34 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="c:\users\Soumitro Auddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-04 932528]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-07-07 75064]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330]

"NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2011-06-07 3002976]

"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-05-25 296056]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\users\Soumitro Auddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2011-6-19 619672]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]

R3 MCHPUSB;MCHPUSB;c:\windows\system32\DRIVERS\mchpusb64.sys [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]

R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x]

R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]

R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]

R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336]

S2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224]

S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-06-10 121032]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-22 378472]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]

S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-08-03 645048]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job

- c:\users\Soumitro Auddy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-12 18:08]

.

2012-06-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job

- c:\users\Soumitro Auddy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-12 18:08]

.

2012-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001Core.job

- c:\users\Soumitro Auddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 17:14]

.

2012-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3951609019-3787041138-3828994402-1001UA.job

- c:\users\Soumitro Auddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 17:14]

.

2012-05-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

2012-05-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

2012-06-24 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]

"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]

"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mStart Page = hxxp://www.yahoo.com/?ilc=8

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe

Toolbar-Locked - (no file)

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-{0EDC9BA0-016E-406a-86DA-04FC1BE00C21} - c:\program files\Common Files\EAInstaller\Need for Speed The Run\Cleanup.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\windows\SysWOW64\lkads.exe

c:\program files (x86)\National Instruments\MAX\nimxs.exe

c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe

c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\SysWOW64\lkcitdl.exe

c:\windows\SysWOW64\lktsrv.exe

c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-06-24 04:07:45 - machine was rebooted

ComboFix-quarantined-files.txt 2012-06-24 09:07

.

Pre-Run: 216,997,560,320 bytes free

Post-Run: 226,515,599,360 bytes free

.

- - End Of File - - 0F26BBAD24E5AEAF877E57337818327B

Link to post
Share on other sites

re:

After I ran ComboFix, the computer restarted. The log file was generated and I tried to access my web browsers. But on clicking the browser icons, I got a message saying, "This has been marked for deletion. Do you want to delete it now?" or something like that, I can't recall the exact words. I restarted the computer and this problem went away. Is this also a one-off or was it part of the scan?

A bit odd and not too clear. But CF does not delete browsers. You did the right thing by rebooting.

How are things, generally, now?

Any more of "mydomainadvisor" ?

or "page not found" in browser(s) ?

Link to post
Share on other sites

P.S.S. This pc has installed Anti Phishing Domain Advisor by Panda. A legitimate program to protect from phishing sites, etc.

That is why you see the 404 "errors".

Did you install that program yourself?

Your Java needs to be updated & older versions removed.

javaicon.gifYour Java runtime is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of >> Windows Offline << from here and save it to your desktop.
  • Get the Offline version that corresponds to your "bit-tedness" of your Windows (32-bit or 64-bit)
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
  • Close any programs you may have running - especially your web browser(s).
  • Go to Start > Settings > Control Panel, select Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u5-windows-i586.exe to install the newest version.
    ( jre-7u5-windows-x64.exe if this is a 64-bit Windows o.s.)

  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) javaicon.gif
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      • Applications and Applets
        Trace and Log Files

      [*]Click OK on Delete Temporary Files Window

      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

      [*]Click OK to leave the Temporary Files Window

Small tweaks for Java runtime, since most all users do not need to load Java at each Windows startup:

Click Advanced Tab. Expand the Miscellaneous item.

UN-check the line Java quick starter

Press Apply then OK. Close the applet when done.

To test your Java Run-time, you may go to this page http://www.java.com/en/download/help/testvm.xml

When all is well, you should see Java Version: Java 7 Update 5 from Sun Microsystems Inc.

Get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm

Steps to follow for the MVP Hosts file:

1) Download and SAVE the zip file to a temporary folder

2) Unzip (extract the contents) in the same folder

3) Temporarily disable your antivirus program. Some antivirus apps will block changes to the Hosts file; so turn it off.

4) After extract is complete, run mvps.bat batch file. This copies your pre-existing Hosts file to Hosts.mvp in the folder where Windows' Hosts resides

typically, C:\WINDOWS\system32\drivers\etc

and after that copy is saved, it replaces the old Hosts with the new one.

And you should see (in the blue background command window) the following:

_________________________________________________

¦ +---+¦

¦ THE MVPS HOSTS FILE IS NOW UPDATED ¦ v ¦¦

¦ +---+¦

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Previous version saved and renamed to HOSTS.MVP

Press any key to continue . . .

Find the folder where you saved the original download. Delete hosts.zip and a file folder there named hosts

The latter is the same folder that had mvps.bat

5) Re-enable your antivirus app.

The MVP Hosts file is updated from time to time. See http://msmvps.com/blogs/hostsnews

for information. And you can also sign-up for email notice when Mike publishes updates.

Link to post
Share on other sites

Kindly provide a status update, and answer my questions. If I do not hear back from you in 3 days, I will close this.

How are things, generally, now?

Any more of "mydomainadvisor" ?

or "page not found" in browser(s) ?

This pc has installed Anti Phishing Domain Advisor by Panda. A legitimate program to protect from phishing sites, etc.

That is why you see the 404 "errors".

Did you install that program yourself?

re-run DDS and post a new (fresh) DDS.txt log for review.

Link to post
Share on other sites

hey Maurice sorry for the delay in replying but I had some exams this week. Yes the Nginx and domainadvisor messages are gone. But I am pretty sure I did not install the Panda anti-phishing software on my computer. Also I still have to perform the steps you mentioned in your last reply. I will post the results of that step by today evening.

Link to post
Share on other sites

I'll definitely keep you abreast in the future Maurice. Here is the DDS.txt log file.

DDS.txt:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Soumitro Auddy at 15:14:50 on 2012-06-29

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3990.2153 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\SysWOW64\lkads.exe

C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\SysWOW64\lkcitdl.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\SysWOW64\lktsrv.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\msiexec.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = hxxp://www.yahoo.com/?ilc=8

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: BetterLinks: {6921710f-6ac6-4113-8ae6-82a1660ebb09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

uRun: [spotify Web Helper] "C:\Users\Soumitro Auddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Soumitro Auddy\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\SOUMIT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - C:\Users\Soumitro Auddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4CC1758F-D365-413E-B1A8-70778E1C6369} : DhcpNameServer = 192.168.1.254

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: BetterLinks: {6921710F-6AC6-4113-8AE6-82A1660EBB09} - C:\Program Files (x86)\BetterLinks\BetterLinks.dll

BHO-X64: BetterLinks BHO - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask

mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 nvkflt;nvkflt;C:\Windows\system32\DRIVERS\nvkflt.sys --> C:\Windows\system32\DRIVERS\nvkflt.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-8-19 98208]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-6-28 44808]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336]

R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224]

R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-6-10 121032]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-6-29 1262400]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-8-19 1692480]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-19 2656280]

R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-8-3 645048]

R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-5-3 158856]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]

S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 MCHPUSB;MCHPUSB;C:\Windows\system32\DRIVERS\mchpusb64.sys --> C:\Windows\system32\DRIVERS\mchpusb64.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]

S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?]

S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-21 654408]

S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-06-29 20:07:02 -------- d-----w- C:\Program Files (x86)\Oracle

2012-06-29 20:00:38 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll

2012-06-29 17:07:16 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA2F0D51-8306-4334-B573-8F13622DD02B}\mpengine.dll

2012-06-29 07:53:16 -------- d-----w- C:\NVIDIA

2012-06-24 09:23:01 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-06-24 09:23:00 958912 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-06-24 09:23:00 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-06-24 09:22:39 41224 ----a-w- C:\Windows\avastSS.scr

2012-06-24 09:03:19 -------- d-sh--w- C:\$RECYCLE.BIN

2012-06-24 08:48:30 98816 ----a-w- C:\Windows\sed.exe

2012-06-24 08:48:30 518144 ----a-w- C:\Windows\SWREG.exe

2012-06-24 08:48:30 256000 ----a-w- C:\Windows\PEV.exe

2012-06-24 08:48:30 208896 ----a-w- C:\Windows\MBR.exe

2012-06-23 15:51:11 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-23 15:50:51 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-23 15:50:35 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-23 15:50:35 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-23 04:28:05 -------- d-----w- C:\ARK

2012-06-23 04:26:04 -------- d-----w- C:\TDSSKiller_Quarantine

2012-06-22 02:50:37 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Unity

2012-06-19 08:44:12 -------- d-----w- C:\Windows\Application Data

2012-06-19 08:44:09 -------- d-----w- C:\QIMacros

2012-06-19 08:43:56 -------- d-----w- C:\ProgramData\blekko toolbars

2012-06-19 08:43:43 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\blekkotb_031

2012-06-17 22:10:28 -------- d-----w- C:\ProgramData\Cisco

2012-06-14 08:00:59 754808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2012-06-14 03:04:00 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-14 03:04:00 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-14 03:04:00 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-13 20:44:00 -------- d--h--w- C:\Windows\msdownld.tmp

2012-06-13 20:42:07 -------- d-sh--w- C:\Windows\ftpcache

2012-06-13 20:39:54 -------- d-----w- C:\Program Files (x86)\id Software

2012-06-03 00:28:31 -------- d-----w- C:\Users\Soumitro Auddy\AppData\Local\Ares

.

==================== Find3M ====================

.

2012-06-29 20:00:20 839096 ----a-w- C:\Windows\System32\deployJava1.dll

2012-05-25 03:19:20 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-05-25 03:19:20 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-05-15 09:29:47 858944 ----a-w- C:\Windows\System32\nv3dappshext.dll

2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll

2012-05-15 09:29:46 55616 ----a-w- C:\Windows\System32\nv3dappshextr.dll

2012-05-15 09:29:46 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll

2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin

2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll

2012-05-15 07:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-06 04:30:40 348160 ----a-w- C:\Windows\SysWow64\SDL_ttf.dll

2012-05-06 04:30:38 56565 ----a-w- C:\Windows\SysWow64\SDL_image.dll

2012-05-06 04:30:29 266436 ----a-w- C:\Windows\SysWow64\tiff.dll

2012-05-06 04:30:16 565248 ----a-w- C:\Windows\SysWow64\alleg42.dll

2012-05-05 20:29:11 249856 ------w- C:\Windows\Setup1.exe

2012-05-05 20:29:08 73216 ----a-w- C:\Windows\ST6UNST.EXE

2012-05-05 00:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 20:00:46 1198 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg

2012-04-28 06:23:01 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-12 08:28:16 0 ----a-w- C:\Windows\SysWow64\sho5A69.tmp

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-04-04 23:47:08 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

.

============= FINISH: 15:16:29.82 ===============

Link to post
Share on other sites

We can wrap this up now. I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

Advise me when you have completed the following cleanups.

The following few steps will remove tools we used.

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use on a periodic basis to backup Windows registry.

Delete the following if still present:

aswMBR.exe

GMER.exe

TDSSKILLER.exe

Safer practices

We are finished here. Best regards.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.