Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SMART virus

Started by hknh , Jul 02 2012 05:19 PM

  • This topic is locked This topic is locked

#76
JSntgRvr
Posted 02 August 2012 - 12:00 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Download the enclosed file.

Save and extract its contents to the USB drive.

Insert the USB drive into the ailing computer and boot to Reatogo. Browse to the USB drive. Open the Profilechk folder and double click on the Profilechk.bat file. If successful, a Report.txt file will be created in the USB drive, next to the batch file you just ran. Please attach that report to your next reply. If too large, upload the file here.
  • 0

Advertisements

#77
hknh
Posted 02 August 2012 - 12:12 PM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
The size of your file is greater than maximum file size of 5 MBs.

I could not upload it here or at the other link -
  • 0

#78
hknh
Posted 02 August 2012 - 12:13 PM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Will this work? I compressed it into a zippered folder

Attached Files


  • 0

#79
JSntgRvr
Posted 02 August 2012 - 12:39 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Tell me that you change the drive letters, prior to running this batch file. Because if you did, we may still in business.

Following the same process, download the enclosed file.

Save and extract its contents to the USB dive.

Insert the USB drive into the ailing computer and boot to Reatogo. Browse to the USB drive. Open the BCD_Check folder and double click on the BCD_Check.bat file. If successful, a BCD.txt file will be created in the USB drive, next to the batch file you just ran.

Please copy and paste its contents in your next reply.
  • 0

#80
hknh
Posted 02 August 2012 - 01:41 PM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
You said to make sure that OS is always changed to c and Recovery s always chaged to H - so that is how I booted reatogo

Attached Files

  • Attached File  BDC.txt   4.05KB   341 downloads

  • 0

#81
JSntgRvr
Posted 03 August 2012 - 10:49 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets remove the rogue partition from the boot record.

Please remove the current Result.txt from the USB drive.

Download the enclosed file.

Save it next to ListParts in the USB drive, replacing the existing one.

Run ListParts as you did before throughout Reatogo, except that this time around click on the Fix button and wait.

Once done, click on the Scan button. Post the new log (Result.txt) produced in the flash drive.

Attempt to restart in Normal Mode and let me know the outcome.
  • 0

#82
hknh
Posted 04 August 2012 - 06:23 AM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
I clicked on start windows normally - it looped back to windows error recovery
  • 0

#83
JSntgRvr
Posted 06 August 2012 - 02:19 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
From my previous post.

Once done, click on the Scan button. Post the new log (Result.txt) produced in the flash drive.


  • 0

#84
hknh
Posted 06 August 2012 - 02:28 PM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
ListParts by Farbar Version: 25-07-2012
Ran by SYSTEM (administrator) on 04-08-2012 at 15:17:32
Windows XP (X86)
Running From: E:\
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 17%
Total physical RAM: 2045.84 MB
Available physical RAM: 1689.15 MB
Total Pagefile: 1876.54 MB
Available Pagefile: 1783.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 2008.25 MB

======================= Partitions =========================

2 Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
3 Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:23.5 GB) NTFS
4 Drive e: (KINGSTON) (Removable) (Total:1.87 GB) (Free:1.86 GB) FAT
5 Drive h: (RECOVERY) (Fixed) (Total:10 GB) (Free:2.57 GB) NTFS
6 Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 55 MB 32 KB
Partition 2 Primary 10 GB 55 MB
Partition 3 Primary 223 GB 10 GB
======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 FAT Partition 55 MB Healthy
======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 H RECOVERY NTFS Partition 10 GB Healthy
======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 223 GB Healthy
======================================================================================================

****** End Of Log ******

Attached Files


  • 0

#85
JSntgRvr
Posted 06 August 2012 - 08:20 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets try this again.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive replacing the existing one.

Insert the USB into the ailing computer (If not recognized by Reatogo, boot to the Reatogo desktop with the flash drive inserted). Throughout My computer, browse to the USB and double click on FRST.

If successful, the tool will start to run. When the tool opens click Yes to disclaimer. Press the Scan button.It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.
  • 0

Advertisements

#86
hknh
Posted 07 August 2012 - 06:39 AM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 05-08-2012 01
Ran by SYSTEM at 07-08-2012 16:31:34
Running from D:\
Windows Vista ™ Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet002

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [151552 2006-09-29] (Intel Corporation)
HKLM\...\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe [x]
HKLM\...\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [81920 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [] [x]
HKLM\...\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2010-09-09] (Google)
HKLM\...\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe [17920 2006-11-17] ( )
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [VolPanel] "C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" /r [180224 2006-11-27] (Creative Technology Ltd)
HKLM\...\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s [312200 2006-11-03] ()
HKLM\...\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe" [292336 2007-01-12] ()
HKLM\...\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 926\memcard.exe" [304008 2006-11-03] ()
HKLM\...\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [16384 2007-11-15] ( )
HKLM\...\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM\...\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [45056 2008-05-21] (The Nielsen Company)
HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] sttray.exe [x]
HKLM\...\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 [106496 2006-10-16] ()
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2012-03-06] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [1996200 2012-06-27] (LogMeIn Inc.)
HKU\Default\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKU\Default User\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKU\Heidi\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKU\Heidi\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\Heidi\...\Run: [googletalk] C:\Users\Heidi\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKU\Heidi\...\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKU\Heidi\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2097488 2008-01-28] (Safer Networking Limited)
HKU\Heidi\...\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [x]
HKU\Heidi\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [68856 2008-06-17] (Google Inc.)
HKU\Heidi\...\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [4351216 2009-05-26] (Yahoo! Inc.)
HKU\Heidi\...\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe [5247624 2010-12-08] ()
HKU\Heidi\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\Heidi\...\Run: [Spino] C:\Program Files\Jurassic Park III Games\Dino Defender\DINO3.EXE [x]
HKU\Heidi\...\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent [1242448 2012-06-28] (Valve Corporation)
HKU\Heidi\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Heidi\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\Heidi\...\Run: [xBuRdeRWhJWa.exe] C:\ProgramData\xBuRdeRWhJWa.exe [x]
HKU\TEMP\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
Startup: C:\Users\Heidi\Start Menu\Programs\Startup\Kuma_Tray.lnk
ShortcutTarget: Kuma_Tray.lnk -> C:\Program Files\Animal Planet Games\kgsystray\Kuma_tray.exe ()
Startup: C:\Users\Heidi\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
ShortcutTarget: OpenOffice.org 2.4.lnk -> C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()

================================ Services (Whitelisted) ==================

2 Creative Labs Licensing Service; "C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe" [72704 2007-05-17] (Creative Labs)
2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
2 dlcx_device; C:\Windows\system32\dlcxcoms.exe -service [532480 2006-10-11] ( )
3 DSBrokerService; "C:\Program Files\DellSupport\brkrsvc.exe" [70656 2006-11-07] ()
2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-19] (Microsoft Corporation)
3 getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33752 2008-12-01] (NOS Microsystems Ltd.)
3 GoogleDesktopManager-051210-111108; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2010-09-09] (Google)
2 Hamachi2Svc; "C:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s [1385896 2012-06-27] (LogMeIn Inc.)
2 IHA_MessageCenter; "C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [290832 2011-12-12] (Verizon)
2 MyWebSearchService; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [28728 2007-12-19] (MyWebSearch.com)
2 NielsenUpdate; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [825664 2012-02-24] (The Nielsen Company)
3 npggsvc; C:\Windows\system32\GameMon.des -service [4005936 2011-06-06] (INCA Internet Co., Ltd.)
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-06-24] ()
2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [810320 2008-01-28] (Safer Networking Ltd.)
2 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [158856 2012-02-29] (Skype Technologies)
2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [201968 2008-08-13] (SupportSoft, Inc.)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [0 2008-01-19] ()
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

2 dsunidrv; \??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys [7424 2006-08-17] (Gteko Ltd.)
3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79816 2009-09-16] (McAfee, Inc.)
3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-09-16] (McAfee, Inc.)
1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214664 2009-09-16] (McAfee, Inc.)
3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
1 MpKsl156dce76; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7502AF7B-D9D0-44F0-A841-AC1685747FC2}\MpKsl156dce76.sys [29904 2012-07-02] ()
3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [822272 2009-11-16] (Ralink Technology Corp.)
1 nnfwdk; \??\C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys [22064 2012-03-20] (The Nielsen Company)
3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
3 SQTECH913D; C:\Windows\System32\Drivers\Capt913D.sys [29522 2006-12-21] (Service & Quality Technology.)
3 sscdbus; C:\Windows\System32\DRIVERS\sscdbus.sys [104648 2010-04-26] (MCCI Corporation)
3 sscdmdfl; C:\Windows\System32\DRIVERS\sscdmdfl.sys [14920 2010-04-26] (MCCI Corporation)
3 sscdmdm; C:\Windows\System32\DRIVERS\sscdmdm.sys [132424 2010-04-26] (MCCI Corporation)
3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [110280 2010-04-26] (MCCI Corporation)
3 STHDA; C:\Windows\System32\drivers\stwrt.sys [647680 2007-02-08] (SigmaTel, Inc.)
3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [12672 2007-04-09] (LG Electronics Inc.)
3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [21248 2007-04-09] (LG Electronics Inc.)
3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [22912 2007-04-09] (LG Electronics Inc.)
3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [56448 2009-04-08] (Microsoft Corporation)
3 ZDCNDIS5; \??\C:\Windows\system32\ZDCNDIS5.SYS [20736 2008-10-28] (ZDC., Inc. (ZDC))
4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
2 MCSTRM; [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
2 X4HSX32; \??\C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys [x]
3 XG762_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-08-07 16:31 - 2012-08-07 16:31 - 00000000 ____D C:\FRST
2012-07-31 22:44 - 2012-07-31 23:27 - 59896688 ____A C:\cmd.txt
2012-07-31 22:44 - 2012-07-31 23:20 - 00000036 ____A C:\cmd.bat
2012-07-31 22:44 - 2012-07-31 22:44 - 00000000 ____D C:\_OTL
2012-07-27 19:18 - 2012-07-28 15:28 - 00102370 ____A C:\OTL.Txt


============ 3 Months Modified Files ========================

2012-07-31 23:27 - 2012-07-31 22:44 - 59896688 ____A C:\cmd.txt
2012-07-31 23:20 - 2012-07-31 22:44 - 00000036 ____A C:\cmd.bat
2012-07-28 15:28 - 2012-07-27 19:18 - 00102370 ____A C:\OTL.Txt
2012-07-02 15:09 - 2012-07-02 15:09 - 00000609 ____A C:\Users\Heidi\Desktop\Data_Recovery.lnk
2012-07-02 15:08 - 2011-07-23 20:00 - 00000368 ____A C:\Windows\Tasks\FinalTorrent Update Checker.job
2012-07-02 15:08 - 2010-12-24 20:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-02 15:08 - 2006-11-02 06:22 - 00262144 ____A C:\Windows\System32\config\sam.123
2012-07-02 15:02 - 2010-12-24 20:20 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-02 15:02 - 2006-11-02 08:47 - 00003696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-02 15:02 - 2006-11-02 08:47 - 00003696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-02 14:43 - 2012-04-21 19:28 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-07-02 13:06 - 2007-05-17 19:31 - 01155874 ____A C:\Windows\WindowsUpdate.log
2012-07-02 13:02 - 2011-01-11 18:20 - 00000434 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2012-07-02 13:02 - 2007-05-17 19:57 - 00797632 ____A C:\Windows\PFRO.log
2012-07-02 13:02 - 2006-11-02 09:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-02 13:00 - 2006-11-02 09:01 - 00032546 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-02 11:43 - 2008-03-12 16:23 - 00056077 ____A C:\Windows\setupact.log
2012-06-28 12:25 - 2007-05-23 17:04 - 00089600 ___AH C:\Users\Heidi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-25 20:22 - 2012-06-25 20:22 - 00028016 ____A C:\Windows\System32\wbers.dat.dmp
2012-06-25 20:22 - 2012-06-25 20:22 - 00003672 ____A C:\Windows\System32\wbers.dat
2012-06-24 22:52 - 2011-08-30 19:51 - 00283416 ____A C:\Windows\System32\PnkBstrB.xtr
2012-06-24 22:52 - 2011-08-30 12:34 - 00283416 ____A C:\Windows\System32\PnkBstrB.exe
2012-06-24 22:52 - 2011-08-30 12:34 - 00140232 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2012-06-24 22:44 - 2011-08-30 12:34 - 00189248 ____A C:\Windows\System32\PnkBstrB.ex0
2012-06-24 22:44 - 2011-08-30 12:34 - 00138904 ___AH C:\Users\Heidi\AppData\Roaming\PnkBstrK.sys
2012-06-24 22:44 - 2011-08-30 12:34 - 00076888 ____A C:\Windows\System32\PnkBstrA.exe
2012-06-24 22:44 - 2007-05-26 08:31 - 00424752 ____A C:\Windows\DirectX.log
2012-06-17 16:37 - 2008-10-23 07:01 - 00023232 ___AH C:\Users\Heidi\AppData\Roaming\wklnhst.dat
2012-06-17 16:33 - 2006-11-02 06:33 - 00771926 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-17 16:32 - 2012-06-17 16:32 - 00034592 ___AH C:\Users\Heidi\Desktop\Staff Member Name.tif
2012-06-14 16:37 - 2012-06-14 16:51 - 00807734 ___AH C:\Users\Heidi\Documents\MinecraftForge-3.3.7.135-Client.zip
2012-06-14 04:10 - 2006-11-02 08:47 - 00457016 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-14 03:16 - 2006-11-02 06:24 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-06-06 05:46 - 2008-11-16 15:34 - 00130832 ___AH C:\Users\Heidi\AppData\Roaming\GDIPFONTCACHEV1.DAT
2012-06-05 16:52 - 2010-06-24 20:25 - 00002032 ___AH C:\Users\Heidi\AppData\Local\d3d9caps.dat
2012-06-02 18:19 - 2012-06-22 05:24 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 18:19 - 2012-06-22 05:24 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 18:19 - 2012-06-22 05:24 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 18:19 - 2012-06-22 05:23 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 18:19 - 2012-06-22 05:23 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 18:12 - 2012-06-22 05:24 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 18:12 - 2012-06-22 05:23 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 15:19 - 2012-06-22 05:23 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 15:12 - 2012-06-22 05:23 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-05-29 21:54 - 2007-05-23 17:01 - 00130832 ___AH C:\Users\Heidi\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-22 16:45 - 2012-05-22 16:45 - 00135100 ___AH C:\Users\Heidi\Desktop\WITNESS WHEREOF each.tif
2012-05-20 11:03 - 2012-05-20 11:03 - 00000723 ___AH C:\Users\Heidi\Desktop\Toribash.lnk
2012-05-17 19:11 - 2012-06-14 03:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-17 18:48 - 2012-06-14 03:07 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-17 18:45 - 2012-06-14 03:07 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-17 18:36 - 2012-06-14 03:07 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-17 18:35 - 2012-06-14 03:07 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-17 18:35 - 2012-06-14 03:07 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-17 18:33 - 2012-06-14 03:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-17 18:31 - 2012-06-14 03:07 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-17 18:29 - 2012-06-14 03:07 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-17 18:29 - 2012-06-14 03:07 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-17 18:27 - 2012-06-14 03:07 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-17 18:25 - 2012-06-14 03:07 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-17 18:24 - 2012-06-14 03:07 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-17 18:20 - 2012-06-14 03:07 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-15 15:51 - 2012-06-13 05:52 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points (XP) =====================


========================= Memory info ======================

Percentage of memory in use: 15%
Total physical RAM: 2045.84 MB
Available physical RAM: 1734.55 MB
Total Pagefile: 1876.54 MB
Available Pagefile: 1816.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 2001.38 MB

======================= Partitions =========================

2 Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
3 Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:23.9 GB) NTFS
4 Drive d: (KINGSTON) (Removable) (Total:1.87 GB) (Free:1.86 GB) FAT
5 Drive h: (RECOVERY) (Fixed) (Total:10 GB) (Free:2.57 GB) NTFS
6 Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 55 MB 32 KB
Partition 2 Primary 10 GB 55 MB
Partition 3 Primary 223 GB 10 GB
==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 FAT Partition 55 MB Healthy
==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 H RECOVERY NTFS Partition 10 GB Healthy
==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 223 GB Healthy
==================================================================================

==========================================================

Last Boot: 2012-07-02 13:20

======================= End Of Log ==========================
Attached File  FRST.txt   20.6KB   295 downloads
  • 0

#87
JSntgRvr
Posted 07 August 2012 - 10:26 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
There is a 0 byte library. Lets take a look.

Run FRST.

Type the following in the edit box after "Search:".

ssdpsrv.dll

It then should look like:

Search: ssdpsrv.dll

Click Search button and post the log (Search.txt) it makes to your reply.

Once finished, remove all checkmarks from FRST, and click on the Scan button. Post the new FRST.txt log it will produced.
  • 0

#88
hknh
Posted 07 August 2012 - 11:15 AM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 05-08-2012 01
Ran by SYSTEM at 07-08-2012 21:12:23
Running from D:\
Windows Vista ™ Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet002

========================== Registry ==========================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [151552 2006-09-29] (Intel Corporation)
HKLM\...\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe [x]
HKLM\...\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [81920 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [] [x]
HKLM\...\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2010-09-09] (Google)
HKLM\...\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe [17920 2006-11-17] ( )
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [VolPanel] "C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" /r [180224 2006-11-27] (Creative Technology Ltd)
HKLM\...\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s [312200 2006-11-03] ()
HKLM\...\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe" [292336 2007-01-12] ()
HKLM\...\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 926\memcard.exe" [304008 2006-11-03] ()
HKLM\...\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [16384 2007-11-15] ( )
HKLM\...\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM\...\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [45056 2008-05-21] (The Nielsen Company)
HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] sttray.exe [x]
HKLM\...\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 [106496 2006-10-16] ()
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2012-03-06] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [1996200 2012-06-27] (LogMeIn Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1233920 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2153472 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1233920 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2153472 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKU\Heidi\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKU\Heidi\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\Heidi\...\Run: [googletalk] C:\Users\Heidi\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKU\Heidi\...\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKU\Heidi\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2097488 2008-01-28] (Safer Networking Limited)
HKU\Heidi\...\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [x]
HKU\Heidi\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [68856 2008-06-17] (Google Inc.)
HKU\Heidi\...\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [4351216 2009-05-26] (Yahoo! Inc.)
HKU\Heidi\...\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe [5247624 2010-12-08] ()
HKU\Heidi\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\Heidi\...\Run: [Spino] C:\Program Files\Jurassic Park III Games\Dino Defender\DINO3.EXE [x]
HKU\Heidi\...\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent [1242448 2012-06-28] (Valve Corporation)
HKU\Heidi\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Heidi\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\Heidi\...\Run: [xBuRdeRWhJWa.exe] C:\ProgramData\xBuRdeRWhJWa.exe [x]
HKU\TEMP\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-11] (Microsoft Corporation)
HKU\TEMP\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2153472 2009-04-11] (Microsoft Corporation)
HKU\TEMP\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [446976 2006-11-12] (Gteko Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [25088 2008-01-19] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2926592 2009-04-11] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
Startup: C:\Users\Heidi\Start Menu\Programs\Startup\Kuma_Tray.lnk
ShortcutTarget: Kuma_Tray.lnk -> C:\Program Files\Animal Planet Games\kgsystray\Kuma_tray.exe ()
Startup: C:\Users\Heidi\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
ShortcutTarget: OpenOffice.org 2.4.lnk -> C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()

========================== Services ==========================

3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [253088 2012-04-21] (Adobe Systems Incorporated)
2 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [24576 2006-11-02] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [59392 2008-01-19] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [33280 2008-01-19] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [55144 2012-02-27] (Apple Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [315392 2009-04-11] (Microsoft Corporation)
2 Audiosrv; C:\Windows\System32\Audiosrv.dll [315392 2009-04-11] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [334848 2009-04-11] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [758784 2009-04-11] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [390504 2011-08-30] (Apple Inc.)
2 Browser; C:\Windows\System32\browser.dll [81920 2008-01-19] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [40448 2009-04-11] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66368 2009-03-30] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2006-11-02] (Microsoft Corporation)
2 Creative Labs Licensing Service; "C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe" [72704 2007-05-17] (Creative Labs)
2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [133120 2012-04-23] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [550400 2009-04-11] (Microsoft Corporation)
3 DFSR; C:\Windows\System32\DFSR.exe [2092544 2009-04-11] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcsvc.dll [204288 2009-04-11] (Microsoft Corporation)
2 dlcx_device; C:\Windows\system32\dlcxcoms.exe -service [532480 2006-10-11] ( )
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [86528 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [175616 2009-04-11] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [134656 2008-01-19] (Microsoft Corporation)
3 DSBrokerService; "C:\Program Files\DellSupport\brkrsvc.exe" [70656 2006-11-07] ()
3 EapHost; C:\Windows\System32\eapsvc.dll [57344 2008-01-19] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [292352 2008-01-19] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [131072 2006-11-02] (Microsoft Corporation)
2 ehstart; C:\Windows\ehome\ehstart.dll [13312 2006-11-02] (Microsoft Corporation)
2 EMDMgmt; C:\Windows\System32\emdmgmt.dll [564224 2009-04-11] (Microsoft Corporation)
2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-19] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [268800 2009-04-11] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [13312 2008-01-19] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [27648 2006-11-02] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [797696 2011-02-22] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
3 GamesAppService; "C:\Program Files\WildTangent Games\App\GamesAppService.exe" [206072 2010-10-12] (WildTangent, Inc.)
3 getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33752 2008-12-01] (NOS Microsystems Ltd.)
3 GoogleDesktopManager-051210-111108; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2010-09-09] (Google)
2 gpsvc; C:\Windows\System32\gpsvc.dll [576512 2009-04-11] (Microsoft Corporation)
2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [136176 2010-12-24] (Google Inc.)
3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [136176 2010-12-24] (Google Inc.)
3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [183280 2009-03-24] (Google)
2 Hamachi2Svc; "C:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s [1385896 2012-06-27] (LogMeIn Inc.)
2 hidserv; C:\Windows\System32\hidserv.dll [26112 2009-04-11] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [68096 2008-01-19] (Microsoft Corporation)
2 IAANTMON; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [81920 2006-09-29] (Intel Corporation)
3 IDriverT; "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [69632 2005-04-04] (Macrovision Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [879448 2009-02-18] (Microsoft Corporation)
2 IHA_MessageCenter; "C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [290832 2011-12-12] (Verizon)
2 IKEEXT; C:\Windows\System32\ikeext.dll [438784 2009-04-11] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [74240 2008-01-19] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [200704 2010-02-18] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [821608 2012-03-06] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [9728 2011-11-16] (Microsoft Corporation)
2 KtmRm; C:\Windows\System32\msdtckrm.dll [344576 2008-01-19] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [125952 2010-09-06] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [160256 2009-06-10] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [188928 2008-01-19] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [18944 2006-11-02] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [53760 2008-01-19] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [45056 2008-01-19] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [407552 2009-04-11] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [105984 2008-01-19] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [111616 2008-01-19] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [73216 2009-04-11] (Microsoft Corporation)
2 MyWebSearchService; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [28728 2007-12-19] (MyWebSearch.com)
3 napagent; C:\Windows\System32\qagentRT.dll [302592 2009-04-11] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [9728 2011-11-16] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [274432 2008-01-19] (Microsoft Corporation)
2 netprofm; C:\Windows\System32\netprofm.dll [237056 2008-01-19] (Microsoft Corporation)
2 NielsenUpdate; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [825664 2012-02-24] (The Nielsen Company)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [168448 2008-01-19] (Microsoft Corporation)
3 npggsvc; C:\Windows\system32\GameMon.des -service [4005936 2011-06-06] (INCA Internet Co., Ltd.)
2 nsi; C:\Windows\System32\nsisvc.dll [18432 2008-01-19] (Microsoft Corporation)
2 nvsvc; C:\Windows\System32\nvvsvc.exe [615528 2011-05-25] (NVIDIA Corporation)
3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [440696 2011-07-20] (Microsoft Corporation)
3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [149352 2010-01-09] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\p2psvc.dll [644608 2009-04-11] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [644608 2009-04-11] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [37888 2008-01-19] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1502208 2008-01-19] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [222720 2009-04-11] (Microsoft Corporation)
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-06-24] ()
3 PNRPAutoReg; C:\Windows\System32\p2psvc.dll [644608 2009-04-11] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\p2psvc.dll [644608 2009-04-11] (Microsoft Corporation)
2 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [364032 2009-04-11] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [153088 2009-04-11] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [9728 2011-11-16] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [243712 2008-01-19] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2008-01-19] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [262144 2009-04-11] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [68608 2008-01-19] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [107008 2009-04-11] (Microsoft Corporation)
3 RoxMediaDB9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" [880640 2006-11-05] (Sonic Solutions)
2 RoxWatch9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe" [159744 2006-11-05] (Sonic Solutions)
3 RpcLocator; C:\Windows\System32\locator.exe [7680 2006-11-02] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [550400 2009-04-11] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [9728 2011-11-16] (Microsoft Corporation)
2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [810320 2008-01-28] (Safer Networking Ltd.)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [95232 2009-04-11] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [601600 2010-11-04] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [40448 2009-04-11] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [104960 2008-01-19] (Microsoft Corporation)
2 seclogon; C:\Windows\system32\seclogon.dll [19968 2008-01-19] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [47104 2008-01-19] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [84992 2008-01-19] (Microsoft Corporation)
2 SharedAccess; C:\Windows\System32\ipnathlp.dll [288256 2008-01-19] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation)
2 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [158856 2012-02-29] (Skype Technologies)
2 slsvc; C:\Windows\System32\SLsvc.exe [3408896 2009-04-11] (Microsoft Corporation)
3 SLUINotify; C:\Windows\System32\SLUINotify.dll [60928 2009-04-11] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2006-11-02] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [128000 2010-08-17] (Microsoft Corporation)
2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [201968 2008-08-13] (SupportSoft, Inc.)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [0 2008-01-19] ()
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [116736 2008-01-19] (Microsoft Corporation)
3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [529232 2012-06-28] (Valve Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [453120 2009-04-11] (Microsoft Corporation)
3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [73728 2006-09-14] (MicroVision Development, Inc.)
3 swprv; C:\Windows\System32\swprv.dll [311808 2009-04-11] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [558080 2009-04-11] (Microsoft Corporation)
2 TabletInputService; C:\Windows\System32\TabSvc.dll [68096 2006-11-02] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [242688 2009-04-11] (Microsoft Corporation)
2 TBS; C:\Windows\System32\tbssvc.dll [56320 2008-01-19] (Microsoft Corporation)
2 TermService; C:\Windows\System32\termsrv.dll [449024 2009-04-11] (Microsoft Corporation)
2 Themes; C:\Windows\System32\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [45056 2008-01-19] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [75264 2008-01-19] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [39424 2009-04-11] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [35840 2008-01-19] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [259072 2008-01-19] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [29184 2009-04-11] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [385536 2009-04-11] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1055232 2009-04-11] (Microsoft Corporation)
2 W32Time; C:\Windows\System32\w32time.dll [282624 2009-04-11] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [413696 2009-04-11] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32256 2006-11-02] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [73728 2008-01-19] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [73728 2008-01-19] (Microsoft Corporation)
2 WebClient; C:\Windows\System32\webclnt.dll [199680 2009-04-11] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [146944 2009-10-09] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [62976 2008-01-19] (Microsoft Corporation)
2 WerSvc; C:\Windows\System32\WerSvc.dll [126976 2009-04-11] (Microsoft Corporation)
2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [377344 2011-11-16] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [162304 2009-04-11] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [1181696 2009-10-09] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [513536 2009-07-11] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [1529728 2009-08-18] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [137728 2009-04-11] (Microsoft Corporation)
3 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [896512 2008-01-19] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [140288 2009-04-11] (Microsoft Corporation)
2 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [81920 2009-09-30] (Microsoft Corporation)
3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [61440 2009-04-11] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [441344 2009-04-11] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [1933848 2012-06-02] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [55296 2008-01-19] (Microsoft Corporation)
2 XAudioService; C:\Windows\System32\DRIVERS\xaudio.exe [386560 2006-08-04] (Conexant Systems, Inc.)
2 YahooAUService; "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe" [602392 2008-11-09] (Yahoo! Inc.)
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]

========================== Drivers ===========================

0 ACPI; C:\Windows\System32\drivers\acpi.sys [265688 2009-04-11] (Microsoft Corporation)
4 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [420968 2006-11-02] (Adaptec, Inc.)
4 adpahci; C:\Windows\system32\drivers\adpahci.sys [297576 2006-11-02] (Adaptec, Inc.)
4 adpu160m; C:\Windows\system32\drivers\adpu160m.sys [98408 2006-11-02] (Adaptec, Inc.)
4 adpu320; C:\Windows\system32\drivers\adpu320.sys [147048 2006-11-02] (Adaptec, Inc.)
1 AFD; C:\Windows\system32\drivers\afd.sys [273408 2011-04-21] (Microsoft Corporation)
3 agp440; C:\Windows\system32\drivers\agp440.sys [53864 2007-05-18] (Microsoft Corporation)
4 aic78xx; C:\Windows\system32\drivers\djsvs.sys [71272 2006-11-02] (Adaptec, Inc.)
4 aliide; C:\Windows\system32\drivers\aliide.sys [17592 2007-05-18] (Acer Laboratories Inc.)
3 amdagp; C:\Windows\system32\drivers\amdagp.sys [54888 2007-05-18] (Microsoft Corporation)
4 amdide; C:\Windows\system32\drivers\amdide.sys [18104 2007-05-18] (Microsoft Corporation)
4 AmdK7; C:\Windows\system32\drivers\amdk7.sys [38912 2006-11-02] (Microsoft Corporation)
4 AmdK8; C:\Windows\system32\drivers\amdk8.sys [40960 2006-11-02] (Microsoft Corporation)
4 arc; C:\Windows\system32\drivers\arc.sys [67688 2006-11-02] (Adaptec, Inc.)
4 arcsas; C:\Windows\system32\drivers\arcsas.sys [67688 2006-11-02] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17408 2008-01-19] (Microsoft Corporation)
4 atapi; C:\Windows\system32\drivers\atapi.sys [21688 2007-05-18] (Microsoft Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6144 2008-01-19] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\system32\drivers\brfiltlo.sys [13568 2006-11-02] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\system32\drivers\brfiltup.sys [5248 2006-11-02] (Brother Industries, Ltd.)
4 Brserid; C:\Windows\system32\drivers\brserid.sys [71808 2006-11-02] (Brother Industries Ltd.)
4 BrSerWdm; C:\Windows\system32\drivers\brserwdm.sys [62336 2006-11-02] (Brother Industries Ltd.)
4 BrUsbMdm; C:\Windows\system32\drivers\brusbmdm.sys [12160 2006-11-02] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\system32\drivers\brusbser.sys [11904 2006-11-02] (Brother Industries Ltd.)
4 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [39936 2006-11-02] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70144 2008-01-19] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [67072 2009-04-11] (Microsoft Corporation)
4 circlass; C:\Windows\system32\drivers\circlass.sys [35328 2006-11-02] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
4 cmdide; C:\Windows\system32\drivers\cmdide.sys [19128 2007-05-18] (CMD Technology, Inc.)
4 Compbatt; C:\Windows\system32\drivers\compbatt.sys [18280 2006-11-02] (Microsoft Corporation)
0 crcdisk; C:\Windows\System32\drivers\crcdisk.sys [22632 2006-11-02] (Microsoft Corporation)
4 Crusoe; C:\Windows\system32\drivers\crusoe.sys [38912 2006-11-02] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [75264 2011-04-14] (Microsoft Corporation)
0 disk; C:\Windows\System32\drivers\disk.sys [53736 2009-04-11] (Microsoft Corporation)
2 DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [35096 2006-10-26] (Roxio)
2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [32472 2006-10-26] (Roxio)
1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [12856 2007-02-08] (Roxio)
2 DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [9400 2006-10-26] (Roxio)
2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [104536 2006-10-26] (Roxio)
2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [26296 2006-10-26] (Roxio)
2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [14520 2006-10-26] (Roxio)
1 DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [28120 2007-02-08] (Roxio)
2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94648 2006-10-26] (Roxio)
2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [97848 2006-10-26] (Roxio)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2008-01-19] (Microsoft Corporation)
0 DRVMCDB; C:\Windows\System32\Drivers\DRVMCDB.SYS [99176 2006-07-21] (Sonic Solutions)
2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [51768 2007-02-09] (Roxio)
3 DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.)
2 dsunidrv; \??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys [7424 2006-08-17] (Gteko Ltd.)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [638336 2011-01-20] (Microsoft Corporation)
3 e1express; C:\Windows\System32\DRIVERS\e1e6032.sys [220672 2008-01-19] (Intel Corporation)
3 E1G60; C:\Windows\System32\DRIVERS\E1G60I32.sys [117760 2006-11-02] (Intel Corporation)
0 Ecache; C:\Windows\System32\drivers\ecache.sys [141288 2009-04-11] (Microsoft Corporation)
4 elxstor; C:\Windows\system32\drivers\elxstor.sys [316520 2006-11-02] (Emulex)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [136704 2009-04-11] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [142848 2009-04-11] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2008-01-19] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58936 2008-01-19] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [27648 2008-01-19] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [20480 2008-01-19] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Corporation)
1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [12800 2012-02-29] (Microsoft Corporation)
3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [58984 2006-11-02] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26600 2009-05-18] (GEAR Software Inc.)
3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [236544 2009-04-11] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [561152 2009-04-11] (Microsoft Corporation)
4 HidBth; C:\Windows\system32\drivers\hidbth.sys [29184 2006-11-02] (Microsoft Corporation)
4 HidIr; C:\Windows\system32\drivers\hidir.sys [21504 2006-11-02] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [12800 2009-04-11] (Microsoft Corporation)
4 HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [37480 2006-11-02] (Hewlett-Packard Company)
3 HSF_DPV; C:\Windows\System32\DRIVERS\HSX_DPV.sys [986624 2006-10-18] (Conexant Systems, Inc.)
3 HSXHWBS2; C:\Windows\System32\DRIVERS\HSXHWBS2.sys [258048 2006-10-18] (Conexant Systems, Inc.)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [411648 2010-02-20] (Microsoft Corporation)
4 i2omp; C:\Windows\system32\drivers\i2omp.sys [27752 2006-11-02] (Microsoft Corporation)
4 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [54784 2008-01-19] (Microsoft Corporation)
0 iaStor; C:\Windows\System32\drivers\iastor.sys [250368 2006-09-29] (Intel Corporation)
4 iaStorV; C:\Windows\system32\drivers\iastorv.sys [232040 2006-11-02] (Intel Corporation)
4 iirsp; C:\Windows\system32\drivers\iirsp.sys [41576 2006-11-02] (Intel Corp./ICP vortex GmbH)
4 intelide; C:\Windows\system32\drivers\intelide.sys [17592 2007-05-18] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [41472 2008-01-19] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [47616 2008-01-19] (Microsoft Corporation)
4 IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [65536 2006-11-02] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\DRIVERS\ipnat.sys [100864 2008-01-19] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13312 2008-01-19] (Microsoft Corporation)
4 isapnp; C:\Windows\system32\drivers\isapnp.sys [47208 2007-05-18] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [180712 2009-04-11] (Microsoft Corporation)
4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Integrated Technology Express, Inc.)
4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Integrated Technology Express, Inc.)
1 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [35384 2008-01-19] (Microsoft Corporation)
1 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [17408 2009-04-11] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [440192 2011-11-17] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [47104 2008-01-19] (Microsoft Corporation)
4 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [65640 2006-11-02] (LSI Logic)
4 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [65640 2006-11-02] (LSI Logic)
4 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [65640 2006-11-02] (LSI Logic)
2 luafv; C:\Windows\system32\drivers\luafv.sys [84480 2008-01-19] (Microsoft Corporation)
2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Conexant)
4 megasas; C:\Windows\system32\drivers\megasas.sys [28776 2006-11-02] (LSI Logic Corporation)
3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79816 2009-09-16] (McAfee, Inc.)
3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-09-16] (McAfee, Inc.)
1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214664 2009-09-16] (McAfee, Inc.)
3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2008-01-19] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [41984 2008-01-19] (Microsoft Corporation)
1 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [34360 2008-01-19] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [15872 2008-01-19] (Microsoft Corporation)
0 MountMgr; C:\Windows\System32\drivers\mountmgr.sys [57400 2008-01-19] (Microsoft Corporation)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
4 mpio; C:\Windows\system32\drivers\mpio.sys [78952 2006-11-02] (Microsoft Corporation)
1 MpKsl156dce76; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7502AF7B-D9D0-44F0-A841-AC1685747FC2}\MpKsl156dce76.sys [29904 2012-07-02] ()
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [64000 2008-01-19] (Microsoft Corporation)
4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (LSI Logic Corporation)
3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [114688 2009-04-11] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [106496 2011-04-29] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [214016 2011-07-06] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [79872 2011-04-29] (Microsoft Corporation)
4 msahci; C:\Windows\system32\drivers\msahci.sys [25784 2007-05-18] (Microsoft Corporation)
4 msdsm; C:\Windows\system32\drivers\msdsm.sys [80488 2006-11-02] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [22528 2008-01-19] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [16440 2008-01-19] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8192 2008-01-19] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2008-01-19] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2008-01-19] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [161752 2009-04-11] (Microsoft Corporation)
3 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [31288 2008-01-19] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6016 2008-01-19] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [48104 2009-04-11] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [148480 2009-04-11] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [527848 2009-04-11] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2008-01-19] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [16896 2008-01-19] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [121344 2009-04-11] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [49664 2008-01-19] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [35840 2008-01-19] (Microsoft Corporation)
1 netbt; C:\Windows\System32\DRIVERS\netbt.sys [185856 2009-04-11] (Microsoft Corporation)
3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [822272 2009-11-16] (Ralink Technology Corp.)
4 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [45160 2006-11-02] (IBM Corporation)
3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [74112 2012-03-20] (Microsoft Corporation)
1 nnfwdk; \??\C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys [22064 2012-03-20] (The Nielsen Company)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [35328 2009-04-11] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16384 2008-01-19] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1083880 2009-04-11] (Microsoft Corporation)
4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (N-trig Innovative Technologies)
3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [4608 2008-01-19] (Microsoft Corporation)
3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [10589800 2011-05-25] (NVIDIA Corporation)
4 nvraid; C:\Windows\system32\drivers\nvraid.sys [88680 2006-11-02] (NVIDIA Corporation)
4 nvstor; C:\Windows\system32\drivers\nvstor.sys [40040 2006-11-02] (NVIDIA Corporation)
3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [106600 2007-05-18] (Microsoft Corporation)
4 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62080 2006-11-02] (Microsoft Corporation)
4 Parport; C:\Windows\system32\drivers\parport.sys [79360 2006-11-02] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [53120 2012-03-20] (Microsoft Corporation)
2 Parvdm; C:\Windows\system32\drivers\parvdm.sys [8704 2006-11-02] (Microsoft Corporation)
0 pci; C:\Windows\System32\drivers\pci.sys [149480 2009-04-11] (Microsoft Corporation)
4 pciide; C:\Windows\system32\drivers\pciide.sys [16056 2007-05-18] (Microsoft Corporation)
4 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [167528 2006-11-02] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [878080 2006-11-02] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [62976 2008-01-19] (Microsoft Corporation)
4 Processor; C:\Windows\system32\drivers\processr.sys [38400 2006-11-02] (Microsoft Corporation)
1 PSched; C:\Windows\System32\DRIVERS\pacer.sys [72192 2009-04-11] (Microsoft Corporation)
0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions)
4 ql2300; C:\Windows\system32\drivers\ql2300.sys [900712 2006-11-02] (QLogic Corporation)
4 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [106088 2006-11-02] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31232 2008-01-19] (Microsoft Corporation)
3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [2028032 2006-11-02] (ATI Technologies Inc.)
1 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2008-01-19] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [76288 2008-01-19] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [41472 2009-04-11] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [69120 2009-04-11] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [225280 2009-04-11] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6144 2008-01-19] (Microsoft Corporation)
4 rdpdr; C:\Windows\system32\drivers\rdpdr.sys [242688 2007-05-18] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6144 2008-01-19] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [180736 2012-05-01] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60416 2008-01-19] (Microsoft Corporation)
4 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [76392 2006-11-02] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2006-11-02] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\system32\drivers\serenum.sys [17920 2006-11-02] (Microsoft Corporation)
3 Serial; C:\Windows\system32\drivers\serial.sys [83456 2006-11-02] (Microsoft Corporation)
4 sermouse; C:\Windows\system32\drivers\sermouse.sys [19968 2008-01-19] (Microsoft Corporation)
4 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [13312 2006-11-02] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12800 2006-11-02] (Microsoft Corporation)
3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2006-11-02] (Microsoft Corporation)
4 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [13312 2006-11-02] (Microsoft Corporation)
3 sisagp; C:\Windows\system32\drivers\sisagp.sys [53352 2007-05-18] (Microsoft Corporation)
4 SiSRaid2; C:\Windows\system32\drivers\sisraid2.sys [38504 2006-11-02] (Silicon Integrated Systems Corp.)
4 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [71784 2006-11-02] (Silicon Integrated Systems)
1 Smb; C:\Windows\System32\DRIVERS\smb.sys [66560 2009-04-11] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [21048 2008-01-19] (Microsoft Corporation)
3 SQTECH913D; C:\Windows\System32\Drivers\Capt913D.sys [29522 2006-12-21] (Service & Quality Technology.)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [305152 2011-02-18] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [146432 2011-04-29] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [102400 2011-04-29] (Microsoft Corporation)
3 sscdbus; C:\Windows\System32\DRIVERS\sscdbus.sys [104648 2010-04-26] (MCCI Corporation)
3 sscdmdfl; C:\Windows\System32\DRIVERS\sscdmdfl.sys [14920 2010-04-26] (MCCI Corporation)
3 sscdmdm; C:\Windows\System32\DRIVERS\sscdmdm.sys [132424 2010-04-26] (MCCI Corporation)
3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [110280 2010-04-26] (MCCI Corporation)
3 STHDA; C:\Windows\System32\drivers\stwrt.sys [647680 2007-02-08] (SigmaTel, Inc.)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [15288 2008-01-19] (Microsoft Corporation)
4 Symc8xx; C:\Windows\system32\drivers\symc8xx.sys [35944 2006-11-02] (LSI Logic)
4 Sym_hi; C:\Windows\system32\drivers\sym_hi.sys [31848 2006-11-02] (LSI Logic)
4 Sym_u3; C:\Windows\system32\drivers\sym_u3.sys [34920 2006-11-02] (LSI Logic)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [914304 2012-03-30] (Microsoft Corporation)
3 Tcpip6; C:\Windows\System32\DRIVERS\tcpip.sys [914304 2012-03-30] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [31232 2012-03-29] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [17920 2008-01-19] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [29184 2008-01-19] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [72192 2009-04-11] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [53224 2009-04-11] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [23552 2008-01-19] (Microsoft Corporation)
3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [15360 2008-01-19] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [25088 2010-02-18] (Microsoft Corporation)
3 uagp35; C:\Windows\system32\drivers\uagp35.sys [56936 2006-11-02] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [226816 2009-04-11] (Microsoft Corporation)
3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [58472 2007-05-18] (Microsoft Corporation)
4 uliahci; C:\Windows\system32\drivers\uliahci.sys [235112 2006-11-02] (ULi Electronics Inc.)
4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2006-11-02] (Promise Technology, Inc.)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [34816 2008-01-19] (Microsoft Corporation)
3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.)
3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [73216 2009-04-11] (Microsoft Corporation)
3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [12672 2007-04-09] (LG Electronics Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [73216 2008-01-19] (Microsoft Corporation)
4 usbcir; C:\Windows\system32\drivers\usbcir.sys [68608 2006-11-02] (Microsoft Corporation)
3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [21248 2007-04-09] (LG Electronics Inc.)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [39936 2009-04-11] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [196096 2009-04-11] (Microsoft Corporation)
3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [22912 2007-04-09] (LG Electronics Inc.)
4 usbohci; C:\Windows\system32\drivers\usbohci.sys [19456 2006-11-02] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [18944 2008-01-19] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [35328 2008-01-19] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [65536 2009-04-11] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [23552 2008-01-19] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2008-01-19] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2008-01-19] (Microsoft Corporation)
3 viaagp; C:\Windows\system32\drivers\viaagp.sys [54376 2007-05-18] (Microsoft Corporation)
4 ViaC7; C:\Windows\system32\drivers\viac7.sys [39424 2006-11-02] (Microsoft Corporation)
4 viaide; C:\Windows\system32\drivers\viaide.sys [20152 2007-05-18] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\drivers\volmgr.sys [52792 2008-01-19] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [292840 2009-04-11] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\drivers\volsnap.sys [226280 2009-04-11] (Microsoft Corporation)
4 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [112232 2006-11-02] (VIA Technologies Inc.,Ltd)
4 WacomPen; C:\Windows\system32\drivers\wacompen.sys [20608 2006-11-02] (Microsoft Corporation)
3 Wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [62464 2008-01-19] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [62464 2008-01-19] (Microsoft Corporation)
4 Wd; C:\Windows\system32\drivers\wd.sys [19560 2006-11-02] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [445008 2009-07-14] (Microsoft Corporation)
3 winachsf; C:\Windows\System32\DRIVERS\HSX_CNXT.sys [659968 2006-10-18] (Conexant Systems, Inc.)
4 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2006-11-02] (Microsoft Corporation)
3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [40448 2009-09-30] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [15872 2008-01-19] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [83328 2008-01-19] (Microsoft Corporation)
2 XAudio; C:\Windows\System32\DRIVERS\xaudio.sys [8192 2006-08-04] (Conexant Systems, Inc.)
3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [56448 2009-04-08] (Microsoft Corporation)
3 ZDCNDIS5; \??\C:\Windows\system32\ZDCNDIS5.SYS [20736 2008-10-28] (ZDC., Inc. (ZDC))
4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
2 MCSTRM; [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
2 X4HSX32; \??\C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys [x]
3 XG762_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\acpi.sys 82B296AE1892FE3DBEE00C9CF92F8AC7
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu160m.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 3911B972B55FEA0478476B2E777B29FA
C:\Windows\system32\drivers\agp440.sys 8B10CE1C1F9F1D47E4DEB1A547A00CD4
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys 5C42A992E68724D2CD3DDB4FC3B0409F
C:\Windows\system32\drivers\amdagp.sys 848F27E5B27C1C253F6CEFDC1A5D8F21
C:\Windows\system32\drivers\amdide.sys 849DFACDDE533DA5D1810F0CAF84EB19
C:\Windows\system32\drivers\amdk7.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys 53B202ABEE6455406254444303E87BE1
C:\Windows\system32\drivers\atapi.sys 9E7E85EC61D1C9C3171CC08427108863
C:\Windows\System32\Drivers\Beep.sys 67E506B75BD5326A3EC7B70BD014DFB6
C:\Windows\System32\DRIVERS\bowser.sys 35F376253F687BDE63976CCB3F2108CA
C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserid.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys 7ADD03E75BEB9E6DD102C3081D29840A
C:\Windows\System32\DRIVERS\cdrom.sys 6B4BFFB9BECD728097024276430DB314
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys D7659D3B5B92C31E84E53C1431F35132
C:\Windows\system32\drivers\cmdide.sys DE11A06E187756ECB86CFA82DAC40FF7
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\crusoe.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys 622C41A07CA7E6DD91770F50D532CB6C
C:\Windows\System32\drivers\disk.sys 5D4AEFC3386920236A548271F8F1AF6A
C:\Windows\System32\DLA\DLABMFSM.SYS A53723176D0002FEB486EFF8E17812F2
C:\Windows\System32\DLA\DLABOIOM.SYS D4587063ACEA776699251E177D719586
C:\Windows\System32\Drivers\DLACDBHM.SYS 5230CDB7E715F3A3B4A882E254CDD35D
C:\Windows\System32\DLA\DLADResM.SYS C950C2E7B9ED1A4FC4A2AC7EC044F1D6
C:\Windows\System32\DLA\DLAIFS_M.SYS 24400137E387A24410C52A591F3CFB4D
C:\Windows\System32\DLA\DLAOPIOM.SYS 29A303FECEB28641ECEBDAE89EB71C63
C:\Windows\System32\DLA\DLAPoolM.SYS C93E33A22A1AE0C5508F3FB1F6D0A50C
C:\Windows\System32\Drivers\DLARTL_M.SYS 77FE51F0F8D86804CB81F6EF6BFB86DD
C:\Windows\System32\DLA\DLAUDFAM.SYS B953498C35A31E5AC98F49ADBCF3E627
C:\Windows\System32\DLA\DLAUDF_M.SYS 4897704C093C1F59CE58FC65E1E1EF1E
C:\Windows\System32\drivers\drmkaud.sys 97FEF831AB90BEE128C9AF390E243F80
C:\Windows\System32\Drivers\DRVMCDB.SYS C00440385CF9F3D142917C63F989E244
C:\Windows\System32\Drivers\DRVNDDM.SYS FFC371525AA55D1BAE18715EBCB8797C
C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys 413F2D5F9D802688242C23B38F767ECB
C:\Program Files\DellSupport\Drivers\dsunidrv.sys 64FA28C15DD71A80BEF3527E1EF07DF6
C:\Windows\System32\drivers\dxgkrnl.sys C68AC676B0EF30CFBB1080ADCE49EB1F
C:\Windows\System32\DRIVERS\e1e6032.sys 908ED85B7806E8AF3AF5E9B74F7809D4
C:\Windows\System32\DRIVERS\E1G60I32.sys ==> MD5 is legit
C:\Windows\System32\drivers\ecache.sys 7F64EA048DCFAC7ACF8B4D7B4E6FE371
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys 22B408651F9123527BCEE54B4F6C5CAE
C:\Windows\System32\Drivers\fastfat.sys 1E9B9A70D332103C52995E957DC09EF8
C:\Windows\System32\DRIVERS\fdc.sys AFE1E8B9782A0DD7FB46BBD88E43F89A
C:\Windows\System32\drivers\fileinfo.sys A8C0139A884861E3AAE9CFE73B208A9F
C:\Windows\System32\drivers\filetrace.sys 0AE429A696AECBC5970E3CF2C62635AE
C:\Windows\System32\DRIVERS\flpydisk.sys 85B7CF99D532820495D68D747FDA9EBD
C:\Windows\System32\drivers\fltmgr.sys 01334F9EA68E6877C4EF05D3EA8ABB05
C:\Windows\System32\Drivers\Fs_Rec.sys B972A66758577E0BFD1DE0F91AAA27B5
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\System32\drivers\HdAudio.sys 3F90E001369A07243763BD5A523D8722
C:\Windows\System32\DRIVERS\HDAudBus.sys 062452B7FFD68C8C042A6261FE8DFF4A
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys CCA4B519B17E23A00B826C55716809CC
C:\Windows\system32\drivers\hpcisss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_DPV.sys 53229DCF431D76434816CD29251168A0
C:\Windows\System32\DRIVERS\HSXHWBS2.sys ED98350ECD4A5A9C9F1E641C09872BB2
C:\Windows\System32\drivers\HTTP.sys F870AA3E254628EBEAFE754108D664DE
C:\Windows\system32\drivers\i2omp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys 22D56C8184586B7A1F6FA60BE5F5A2BD
C:\Windows\System32\drivers\iastor.sys E9F704CA833BD24BFAA3B4A59707633A
C:\Windows\system32\drivers\iastorv.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys 1B16626BEAE3A52E611FC681CD796F86
C:\Windows\System32\DRIVERS\intelppm.sys 224191001E78C89DFA78924C3EA595FF
C:\Windows\System32\DRIVERS\ipfltdrv.sys 62C265C38769B864CB25B4BCF62DF6C3
C:\Windows\system32\drivers\ipmidrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipnat.sys 8793643A67B42CEC66490B2A0CF92D68
C:\Windows\System32\drivers\irenum.sys 109C0DFB82C3632FBD11949B73AEEAC9
C:\Windows\system32\drivers\isapnp.sys 2F8ECE2699E7E2070545E9B0960A8ED2
C:\Windows\System32\DRIVERS\msiscsi.sys 232FA340531D940AAC623B121A595034
C:\Windows\system32\drivers\iteatapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\iteraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys 37605E0A8CF00CBBA538E753E4344C6E
C:\Windows\System32\DRIVERS\kbdhid.sys EDE59EC70E25C24581ADD1FBEC7325F7
C:\Windows\System32\Drivers\ksecdd.sys 2B2F1638466E8CB091400C9019CC730E
C:\Windows\System32\DRIVERS\lltdio.sys D1C5883087A0C3F1344D9D55A44901F6
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys 8F5C7426567798E62A3B3614965D62CC
C:\Windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\System32\drivers\mfeavfk.sys BAFDD5E28BAEA99D7F4772AF2F5EC7EE
C:\Windows\System32\drivers\mfebopk.sys 1D003E3056A43D881597D6763E83B943
C:\Windows\System32\drivers\mfehidk.sys 3F138A1C8A0659F329F242D1E389B2CF
C:\Windows\System32\drivers\mferkdk.sys 41FE2F288E05A6C8AB85DD56770FFBAD
C:\Windows\System32\drivers\mfesmfk.sys 096B52EA918AA909BA5903D79E129005
C:\Windows\System32\drivers\modem.sys E13B5EA0F51BA5B1512EC671393D09BA
C:\Windows\System32\DRIVERS\monitor.sys 0A9BB33B56E294F686ABB7C1E4E2D8A8
C:\Windows\System32\DRIVERS\mouclass.sys 5BF6A1326A335C5298477754A506D263
C:\Windows\System32\DRIVERS\mouhid.sys 93B8D4869E12CFBE663915502900876F
C:\Windows\System32\drivers\mountmgr.sys BDAFC88AA6B92F7842416EA6A48E1600
C:\Windows\System32\DRIVERS\MpFilter.sys D993BEA500E7382DC4E760BF4F35EFCB
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7502AF7B-D9D0-44F0-A841-AC1685747FC2}\MpKsl156dce76.sys 4137EE420481D10734DA3018D0325582
C:\Windows\System32\drivers\mpsdrv.sys 22241FEBA9B2DEFA669C8CB0A8DD7D2E
C:\Windows\system32\drivers\mraid35x.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 82CEA0395524AACFEB58BA1448E8325C
C:\Windows\System32\DRIVERS\mrxsmb.sys 1E94971C4B446AB2290DEB71D01CF0C2
C:\Windows\System32\DRIVERS\mrxsmb10.sys 4FCCB34D793B116423209C0F8B7A3B03
C:\Windows\System32\DRIVERS\mrxsmb20.sys C3CB1B40AD4A0124D617A1199B0B9D7C
C:\Windows\system32\drivers\msahci.sys 0D1C042188FFE61A702A9DF5944DE5BA
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys A9927F4A46B816C92F461ACB90CF8515
C:\Windows\System32\drivers\msisadrv.sys 0F400E306F385C56317357D6DEA56F62
C:\Windows\System32\drivers\MSKSSRV.sys D8C63D34D9C9E56C059E24EC7185CC07
C:\Windows\System32\drivers\MSPCLOCK.sys 1D373C90D62DDB641D50E55B9E78D65E
C:\Windows\System32\drivers\MSPQM.sys B572DA05BF4E098D4BBA3A4734FB505B
C:\Windows\System32\Drivers\MsRPC.sys B49456D70555DE905C311BCDA6EC6ADB
C:\Windows\System32\DRIVERS\mssmbios.sys E384487CB84BE41D09711C30CA79646C
C:\Windows\System32\drivers\MSTEE.sys 7199C1EEC1E4993CAF96B8C0A26BD58A
C:\Windows\System32\Drivers\mup.sys 6A57B5733D4CB702C8EA4542E836B96C
C:\Windows\System32\DRIVERS\nwifi.sys 85C44FDFF9CF7E72A40DCB7EC06A4416
C:\Windows\System32\drivers\ndis.sys 1357274D1883F68300AEADD15D7BBB42
C:\Windows\System32\DRIVERS\ndistapi.sys 0E186E90404980569FB449BA7519AE61
C:\Windows\System32\DRIVERS\ndisuio.sys D6973AA34C4D5D76C0430B181C3CD389
C:\Windows\System32\DRIVERS\ndiswan.sys 818F648618AE34F729FDB47EC68345C3
C:\Windows\System32\Drivers\NDProxy.sys 71DAB552B41936358F3B541AE5997FB3
C:\Windows\System32\DRIVERS\netbios.sys BCD093A5A6777CF626434568DC7DBA78
C:\Windows\System32\DRIVERS\netbt.sys ECD64230A59CBD93C85F1CD1CAB9F3F6
C:\Windows\System32\DRIVERS\netr28u.sys AEC0AFA7382DDA52AB13D3E033636C74
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys B52F26BADE7D7E4A79706E3FD91834CD
C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys 59D2B30A1B3D56AE543FEB44D02D22BB
C:\Windows\System32\Drivers\Npfs.sys D36F239D7CCE1931598E8FB90A0DBC26
C:\Windows\System32\drivers\nsiproxy.sys 609773E344A97410CE4EBF74A8914FCF
C:\Windows\System32\Drivers\Ntfs.sys 6A4A98CEE84CF9E99564510DDA4BAA47
C:\Windows\system32\drivers\ntrigdigi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NuidFltr.sys CF7E041663119E09D2E118521ADA9300
C:\Windows\System32\Drivers\Null.sys C5DBBCDA07D780BDA9B685DF333BB41E
C:\Windows\System32\DRIVERS\nvlddmkm.sys 847B1755F7757F825305A1FFE6DAC3E9
C:\Windows\system32\drivers\nvraid.sys E69E946F80C1C31C53003BFBF50CBB7C
C:\Windows\system32\drivers\nvstor.sys 9E0BA19A28C498A6D323D065DB76DFFC
C:\Windows\system32\drivers\nv_agp.sys 055081FD5076401C1EE1BCAB08D81911
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys B9C2B89F08670E159F7181891E449CD9
C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys 941DC1D19E7E8620F40BBC206981EFDB
C:\Windows\system32\drivers\pciide.sys 54D23DC5B5072311116826FDB7F6E83E
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ECFFFAEC0C1ECD8DBC77F39070EA1DB1
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys 99514FAA8DF93D34B5589187DB3AA0BA
C:\Windows\System32\Drivers\PxHelp20.sys FEFFCFDC528764A04C8ED63D5FA6E711
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys 9F5E0E1926014D17486901C88ECA2DB7
C:\Windows\System32\DRIVERS\atikmdag.sys E642B131FB74CAF4BB8A014F31113142
C:\Windows\System32\DRIVERS\rasacd.sys 147D7F9C556D259924351FEB0DE606C3
C:\Windows\System32\DRIVERS\rasl2tp.sys A214ADBAF4CB47DD2728859EF31F26B0
C:\Windows\System32\DRIVERS\raspppoe.sys 509A98DD18AF4375E1FC40BC175F1DEF
C:\Windows\System32\DRIVERS\rassstp.sys 2005F4A1E05FA09389AC85840F0A9E4D
C:\Windows\System32\DRIVERS\rdbss.sys B14C9D5B9ADD2F84F70570BBBFAA7935
C:\Windows\System32\DRIVERS\RDPCDD.sys 89E59BE9A564262A3FB6C4F4F1CD9899
C:\Windows\system32\drivers\rdpdr.sys 0245418224CFA77BF4B41C2FE0622258
C:\Windows\System32\drivers\rdpencdd.sys 9D91FE5286F748862ECFFA05F8A0710C
C:\Windows\System32\Drivers\RDPWD.sys C127EBD5AFAB31524662C48DFCEB773A
C:\Windows\System32\DRIVERS\rspndr.sys 9C508F4074A39E8B4B31D27198146FAD
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys 8AF3D28A879BF75DB53A0EE7A4289624
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys 08072B2FB92477FC813271A84B3A8698
C:\Windows\system32\drivers\sisraid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys 7B75299A4D201D6A6533603D6914AB04
C:\Windows\System32\Drivers\spldr.sys 7AEBDEEF071FE28B0EEF2CDD69102BFF
C:\Windows\System32\Drivers\Capt913D.sys C48495C76A551C1ACC0E5FFAB0958476
C:\Windows\System32\DRIVERS\srv.sys 41987F9FC0E61ADF54F581E15029AD91
C:\Windows\System32\DRIVERS\srv2.sys FF33AFF99564B1AA534F58868CBE41EF
C:\Windows\System32\DRIVERS\srvnet.sys 7605C0E1D01A08F3ECD743F38B834A44
C:\Windows\System32\DRIVERS\sscdbus.sys FFE42941E0326C322F40B0B79A46493C
C:\Windows\System32\DRIVERS\sscdmdfl.sys A68E7D87ADFBB8C50D88CD58230C6819
C:\Windows\System32\DRIVERS\sscdmdm.sys B534B24151281856EC2F69ED3D6D60DD
C:\Windows\System32\DRIVERS\sscdserd.sys D04BD59F28C78E2E66632092CAFC0A2B
C:\Windows\System32\drivers\stwrt.sys 9CEA131B5EB0EA653F6B3EA80B54956D
C:\Windows\System32\DRIVERS\swenum.sys 7BA58ECF0C0A9A69D44B3DCA62BECF56
C:\Windows\system32\drivers\symc8xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\sym_hi.sys ==> MD5 is legit
C:\Windows\system32\drivers\sym_u3.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys EE7E10BED85C312C1D5D30C435BDDA9F
C:\Windows\System32\DRIVERS\tcpip.sys EE7E10BED85C312C1D5D30C435BDDA9F
C:\Windows\System32\drivers\tcpipreg.sys 2C2D4CFF5E09C73908F9B5AF49A51365
C:\Windows\System32\drivers\tdpipe.sys 5DCF5E267BE67A1AE926F2DF77FBCC56
C:\Windows\System32\drivers\tdtcp.sys 389C63E32B3CEFED425B61ED92D3F021
C:\Windows\System32\DRIVERS\tdx.sys 76B06EB8A01FC8624D699E7045303E54
C:\Windows\System32\DRIVERS\termdd.sys 3CAD38910468EAB9A6479E2F01DB43C7
C:\Windows\System32\DRIVERS\tssecsrv.sys DCF0F056A2E4F52287264F5AB29CF206
C:\Windows\System32\DRIVERS\tunmp.sys CAECC0120AC49E3D2F758B9169872D38
C:\Windows\System32\DRIVERS\tunnel.sys 300DB877AC094FEAB0BE7688C3454A9C
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys D9728AF68C4C7693CB100B8441CBDEC6
C:\Windows\system32\drivers\uliagpkx.sys 6D72EF05921ABDF59FC45C7EBFE7E8DD
C:\Windows\system32\drivers\uliahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\ulsata.sys ==> MD5 is legit
C:\Windows\system32\drivers\ulsata2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys 32CFF9F809AE9AED85464492BF3E32D2
C:\Windows\System32\Drivers\usbaapl.sys EAFE1E00739AFE6C51487A050E772E17
C:\Windows\System32\drivers\usbaudio.sys 32DB9517628FF0D070682AAB61E688F0
C:\Windows\System32\DRIVERS\lgusbbus.sys D9F3BB7C292F194F3B053CE295754EB8
C:\Windows\System32\DRIVERS\usbccgp.sys CAF811AE4C147FFCD5B51750C7F09142
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lgusbdiag.sys C4F77DA649F99FAD116EA585376FC164
C:\Windows\System32\DRIVERS\usbehci.sys 79E96C23A97CE7B8F14D310DA2DB0C9B
C:\Windows\System32\DRIVERS\usbhub.sys 4673BBCB006AF60E7ABDDBE7A130BA42
C:\Windows\System32\DRIVERS\lgusbmodem.sys C0613CE45E617BC671DE8EBB1B30D175
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys E75C4B5269091D15A2E7DC0B6D35F2F5
C:\Windows\System32\DRIVERS\usbscan.sys A508C9BD8724980512136B039BBA65E9
C:\Windows\System32\DRIVERS\USBSTOR.SYS BE3DA31C191BC222D9AD503C5224F2AD
C:\Windows\System32\DRIVERS\usbuhci.sys 814D653EFC4D48BE3B04A307ECEFF56F
C:\Windows\System32\DRIVERS\vgapnp.sys 87B06E1F30B749A114F74622D013F8D4
C:\Windows\System32\drivers\vga.sys 2E93AC0A1D8C79D019DB6C51F036636C
C:\Windows\system32\drivers\viaagp.sys D5929A28BDFF4367A12CAF06AF901971
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys C0ACE9D0F5A5EE0B00F58345947A57FC
C:\Windows\System32\drivers\volmgr.sys 69503668AC66C77C6CD7AF86FBDF8C43
C:\Windows\System32\drivers\volmgrx.sys 23E41B834759917BFD6B9A0D625D0C28
C:\Windows\System32\drivers\volsnap.sys 147281C01FCB1DF9252DE2A10D5E7093
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_CNXT.sys 6D2350BB6E77E800FC4BE4E5B7A2E89A
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wpdusb.sys DE9D36F91A4DF3D911626643DEBF11EA
C:\Windows\system32\drivers\ws2ifsl.sys E3A3CB253C0EC2494D4A61F5E43A389C
C:\Windows\System32\DRIVERS\WUDFRd.sys AC13CB789D93412106B0FB6C7EB2BCB6
C:\Windows\System32\DRIVERS\xaudio.sys 5A7FF9A18FF6D7E0527FE3ABF9204EF8
C:\Windows\System32\DRIVERS\xusb21.sys A640C90B007762939507C28A021BE3B3
C:\Windows\system32\ZDCNDIS5.SYS 228EF1572CED753FE18409BB77123204

========================== NetSvcs (Whitelisted) ===========


========================= Known DLLs =========================

[2008-09-11 07:08] - [2008-01-19 03:33] - 0523776 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2010-10-13 15:32] - [2010-06-28 13:00] - 1316864 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 0800768 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 0450560 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 0297472 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2012-06-14 03:07] - [2012-05-17 18:27] - 1793024 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2012-04-12 03:22] - [2012-02-29 11:09] - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\IMAGEHLP.dll
[2009-09-22 17:30] - [2009-04-11 02:28] - 0114688 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2011-07-14 01:30] - [2011-04-12 12:07] - 0892416 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-14 17:39] - [2009-06-15 10:52] - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 0807424 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2012-02-14 21:02] - [2011-12-14 12:17] - 0680448 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2006-11-02 04:33] - [2006-11-02 04:33] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2008-09-11 07:06] - [2008-01-19 03:35] - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2011-10-13 10:44] - [2011-08-25 12:14] - 0563712 ____A (Microsoft Corporation) C:\Windows\System32\OLEAUT32.dll
[2009-06-11 09:40] - [2009-04-23 08:15] - 0784896 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 1591296 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2011-02-09 19:32] - [2011-01-21 12:35] - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\SHELL32.dll
[2011-02-09 19:32] - [2011-01-21 12:35] - 0353280 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2012-06-14 03:07] - [2012-05-17 18:36] - 1103872 ____A (Microsoft Corporation) C:\Windows\System32\URLMON.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 0627712 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2010-09-14 13:31] - [2010-04-16 12:46] - 0502272 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2012-06-14 03:07] - [2012-05-17 18:35] - 1129472 ____A (Microsoft Corporation) C:\Windows\System32\WININET.dll
[2009-09-22 17:31] - [2009-04-11 02:28] - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\WLDAP32.dll
[2008-09-11 07:08] - [2008-01-19 03:37] - 0179200 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points (XP) =====================


========================= Memory info ======================

Percentage of memory in use: 18%
Total physical RAM: 2045.84 MB
Available physical RAM: 1664.05 MB
Total Pagefile: 1876.54 MB
Available Pagefile: 1780.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.38 MB

======================= Partitions =========================

2 Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
3 Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:23.9 GB) NTFS
4 Drive d: (KINGSTON) (Removable) (Total:1.87 GB) (Free:1.86 GB) FAT
5 Drive h: (RECOVERY) (Fixed) (Total:10 GB) (Free:2.57 GB) NTFS
6 Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 233 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 55 MB 32 KB
Partition 2 Primary 10 GB 55 MB
Partition 3 Primary 223 GB 10 GB
==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 FAT Partition 55 MB Healthy
==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 H RECOVERY NTFS Partition 10 GB Healthy
==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 223 GB Healthy
==================================================================================

==========================================================

Last Boot: 2012-07-02 13:20

======================= End Of Log ==========================

Attached File  Search.txt   700bytes   287 downloadsAttached File  FRST.txt   70.42KB   309 downloads
  • 0

#89
JSntgRvr
Posted 07 August 2012 - 11:56 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets replace that file first and see its results.

Download the enclosed file.

Save it next to FRST, replacing the existing one.

Run FRST as you did before, except that this time around click on the Fix button and wait.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.


Try Normal Mode.
  • 0

#90
hknh
Posted 07 August 2012 - 12:39 PM

hknh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 05-08-2012 01
Ran by SYSTEM at 2012-08-07 22:34:43 Run:1
Running from D:\

==============================================

Could not move C:\Windows\System32\ssdpsrv.dll.
Could not replece C:\Windows\System32\ssdpsrv.dll.

==== End of Fixlog ====


Attached File  Fixlog.txt   324bytes   293 downloads

I clicked on start windows normally - it loops back to windows error recovery
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP