The Fix button was disabled. A quick note: I checked Microsoft Security essentials even before I executed the steps suggested. Microsoft Security Essentials didnt have any problems in staying open and running a scan for me. Although I am not sure if the problem of redirecting the webpage was resolved. In order to resolve this issue I still went ahead and executed all the steps suggested. Also I did not download the AVAST full version when prompted, and went ahead with the Scan after I had unchecked Trace disk I/O calls. Please find all the logs as attachment as well.
OTL log
========== OTL ==========
C:\WINDOWS\system32\ntkrnlpa4.dll moved successfully.
C:\WINDOWS\tasks\yogdukgi.job moved successfully.
C:\WINDOWS\Tasks\At1.job moved successfully.
C:\WINDOWS\Tasks\At2.job moved successfully.
C:\WINDOWS\Tasks\At3.job moved successfully.
C:\WINDOWS\Tasks\At4.job moved successfully.
C:\WINDOWS\Tasks\RMSchedule.job moved successfully.
C:\WINDOWS\Tasks\RMSmartUpdate.job moved successfully.
File C:\WINDOWS\Tasks\yogdukgi.job not found.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >0 File(s) copied
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\cmd.txt deleted successfully.
File\Folder C:\Documents and Settings\All Users\Application Data\*.exe not found.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1547161642-1801674531-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1547161642-1801674531-1003UA.job moved successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default User
User: LocalService
User: Manisha_ibkr
User: NetworkService
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: Manisha_ibkr
->Flash cache emptied: 9575 bytes
User: NetworkService
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.57.0 log created on 08132012_170351
ComboFix.txt file is attached
TDSSKiller.txt content
17:35:13.0859 3692 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:35:15.0171 3692 ============================================================
17:35:15.0171 3692 Current date / time: 2012/08/13 17:35:15.0171
17:35:15.0171 3692 SystemInfo:
17:35:15.0171 3692
17:35:15.0171 3692 OS Version: 5.1.2600 ServicePack: 3.0
17:35:15.0171 3692 Product type: Workstation
17:35:15.0171 3692 ComputerName: MANISHA
17:35:15.0171 3692 UserName: Manisha_ibkr
17:35:15.0171 3692 Windows directory: C:\WINDOWS
17:35:15.0171 3692 System windows directory: C:\WINDOWS
17:35:15.0171 3692 Processor architecture: Intel x86
17:35:15.0171 3692 Number of processors: 4
17:35:15.0171 3692 Page size: 0x1000
17:35:15.0171 3692 Boot type: Normal boot
17:35:15.0171 3692 ============================================================
17:35:16.0171 3692 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:35:16.0171 3692 ============================================================
17:35:16.0171 3692 \Device\Harddisk0\DR0:
17:35:16.0171 3692 MBR partitions:
17:35:16.0171 3692 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
17:35:16.0187 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0x321B88EA
17:35:16.0187 3692 ============================================================
17:35:16.0218 3692 C: <-> \Device\Harddisk0\DR0\Partition0
17:35:16.0234 3692 D: <-> \Device\Harddisk0\DR0\Partition1
17:35:16.0234 3692 ============================================================
17:35:16.0234 3692 Initialize success
17:35:16.0234 3692 ============================================================
17:35:19.0453 3468 ============================================================
17:35:19.0453 3468 Scan started
17:35:19.0453 3468 Mode: Manual;
17:35:19.0453 3468 ============================================================
17:35:20.0046 3468 Abiosdsk - ok
17:35:20.0046 3468 abp480n5 - ok
17:35:20.0078 3468 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:35:20.0093 3468 ACPI - ok
17:35:20.0109 3468 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:35:20.0109 3468 ACPIEC - ok
17:35:20.0109 3468 adpu160m - ok
17:35:20.0140 3468 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:35:20.0140 3468 aec - ok
17:35:20.0171 3468 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:35:20.0171 3468 AFD - ok
17:35:20.0171 3468 Aha154x - ok
17:35:20.0171 3468 aic78u2 - ok
17:35:20.0171 3468 aic78xx - ok
17:35:20.0203 3468 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:35:20.0203 3468 Alerter - ok
17:35:20.0218 3468 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:35:20.0218 3468 ALG - ok
17:35:20.0218 3468 AliIde - ok
17:35:20.0250 3468 AMonTDnt (7ae4f193ca2ad413a0bca3d846625f75) C:\WINDOWS\system32\Drivers\AMonTDnt.sys
17:35:20.0250 3468 AMonTDnt - ok
17:35:20.0250 3468 amsint - ok
17:35:20.0265 3468 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:35:20.0265 3468 AppMgmt - ok
17:35:20.0265 3468 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:35:20.0281 3468 Arp1394 - ok
17:35:20.0281 3468 asc - ok
17:35:20.0281 3468 asc3350p - ok
17:35:20.0281 3468 asc3550 - ok
17:35:20.0343 3468 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:35:20.0343 3468 aspnet_state - ok
17:35:20.0343 3468 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:35:20.0343 3468 AsyncMac - ok
17:35:20.0359 3468 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:35:20.0375 3468 atapi - ok
17:35:20.0375 3468 Atdisk - ok
17:35:20.0406 3468 Ati HotKey Poller (fce2918d8dc01e02bccb64f06fe91d45) C:\WINDOWS\system32\Ati2evxx.exe
17:35:20.0421 3468 Ati HotKey Poller - ok
17:35:20.0453 3468 ATI Smart (5b867f6d5331d7df70b70e18586f8d0f) C:\WINDOWS\system32\ati2sgag.exe
17:35:20.0453 3468 ATI Smart - ok
17:35:20.0640 3468 ati2mtag (067fca861588b18399555412a456de12) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:35:20.0656 3468 ati2mtag - ok
17:35:20.0718 3468 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:35:20.0718 3468 Atmarpc - ok
17:35:20.0750 3468 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:35:20.0750 3468 AudioSrv - ok
17:35:20.0750 3468 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:35:20.0750 3468 audstub - ok
17:35:20.0843 3468 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:35:20.0843 3468 BBSvc - ok
17:35:20.0875 3468 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:35:20.0890 3468 BBUpdate - ok
17:35:20.0890 3468 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:35:20.0890 3468 Beep - ok
17:35:20.0937 3468 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:35:20.0937 3468 BITS - ok
17:35:20.0968 3468 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:35:20.0968 3468 Browser - ok
17:35:20.0968 3468 catchme - ok
17:35:20.0984 3468 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:35:20.0984 3468 cbidf2k - ok
17:35:20.0984 3468 cd20xrnt - ok
17:35:20.0984 3468 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:35:20.0984 3468 Cdaudio - ok
17:35:20.0984 3468 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:35:20.0984 3468 Cdfs - ok
17:35:21.0015 3468 CdmDrvNt (21c0133490fc6afb1fbdc7ed9ee32312) C:\WINDOWS\system32\Drivers\CdmDrvNt.sys
17:35:21.0015 3468 CdmDrvNt - ok
17:35:21.0015 3468 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:35:21.0015 3468 Cdrom - ok
17:35:21.0015 3468 Changer - ok
17:35:21.0046 3468 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:35:21.0046 3468 CiSvc - ok
17:35:21.0046 3468 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:35:21.0046 3468 ClipSrv - ok
17:35:21.0093 3468 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:35:21.0109 3468 clr_optimization_v2.0.50727_32 - ok
17:35:21.0109 3468 CmdIde - ok
17:35:21.0109 3468 COMSysApp - ok
17:35:21.0109 3468 Cpqarray - ok
17:35:21.0125 3468 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:35:21.0125 3468 CryptSvc - ok
17:35:21.0125 3468 dac2w2k - ok
17:35:21.0125 3468 dac960nt - ok
17:35:21.0156 3468 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:35:21.0156 3468 DcomLaunch - ok
17:35:21.0171 3468 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:35:21.0171 3468 Dhcp - ok
17:35:21.0187 3468 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:35:21.0187 3468 Disk - ok
17:35:21.0187 3468 dmadmin - ok
17:35:21.0218 3468 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:35:21.0234 3468 dmboot - ok
17:35:21.0250 3468 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:35:21.0250 3468 dmio - ok
17:35:21.0250 3468 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:35:21.0250 3468 dmload - ok
17:35:21.0250 3468 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:35:21.0250 3468 dmserver - ok
17:35:21.0281 3468 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:35:21.0281 3468 DMusic - ok
17:35:21.0296 3468 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:35:21.0296 3468 Dnscache - ok
17:35:21.0312 3468 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:35:21.0312 3468 Dot3svc - ok
17:35:21.0312 3468 dpti2o - ok
17:35:21.0328 3468 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:35:21.0328 3468 drmkaud - ok
17:35:21.0343 3468 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:35:21.0343 3468 dtsoftbus01 - ok
17:35:21.0359 3468 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:35:21.0359 3468 EapHost - ok
17:35:21.0359 3468 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:35:21.0359 3468 ERSvc - ok
17:35:21.0375 3468 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:35:21.0390 3468 Eventlog - ok
17:35:21.0406 3468 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:35:21.0406 3468 EventSystem - ok
17:35:21.0421 3468 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:35:21.0421 3468 Fastfat - ok
17:35:21.0437 3468 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:21.0437 3468 FastUserSwitchingCompatibility - ok
17:35:21.0453 3468 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:35:21.0453 3468 Fdc - ok
17:35:21.0468 3468 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:35:21.0468 3468 Fips - ok
17:35:21.0468 3468 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:35:21.0468 3468 Flpydisk - ok
17:35:21.0484 3468 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:35:21.0484 3468 FltMgr - ok
17:35:21.0546 3468 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:35:21.0546 3468 FontCache3.0.0.0 - ok
17:35:21.0546 3468 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:35:21.0546 3468 Fs_Rec - ok
17:35:21.0562 3468 FTDIBUS (d6e3667f5e2bc6afc50308b480de2999) C:\WINDOWS\system32\drivers\ftdibus.sys
17:35:21.0562 3468 FTDIBUS - ok
17:35:21.0578 3468 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:35:21.0578 3468 Ftdisk - ok
17:35:21.0578 3468 FTSER2K (e4cf4c1f9e3d57a66850f484c08e9ecf) C:\WINDOWS\system32\drivers\ftser2k.sys
17:35:21.0593 3468 FTSER2K - ok
17:35:21.0609 3468 gdrv (ad6bd6bdc97bede8a5507ee01220c00f) C:\WINDOWS\gdrv.sys
17:35:21.0609 3468 gdrv - ok
17:35:21.0625 3468 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:35:21.0625 3468 Gpc - ok
17:35:21.0640 3468 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:35:21.0640 3468 HDAudBus - ok
17:35:21.0640 3468 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:35:21.0640 3468 helpsvc - ok
17:35:21.0656 3468 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:35:21.0656 3468 HidServ - ok
17:35:21.0671 3468 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:35:21.0671 3468 hidusb - ok
17:35:21.0687 3468 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:35:21.0687 3468 hkmsvc - ok
17:35:21.0703 3468 hpn - ok
17:35:21.0781 3468 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:35:21.0781 3468 HTTP - ok
17:35:21.0812 3468 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:35:21.0812 3468 HTTPFilter - ok
17:35:21.0812 3468 i2omgmt - ok
17:35:21.0812 3468 i2omp - ok
17:35:21.0906 3468 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:35:21.0937 3468 idsvc - ok
17:35:21.0953 3468 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:35:21.0953 3468 Imapi - ok
17:35:21.0984 3468 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:35:21.0984 3468 ImapiService - ok
17:35:21.0984 3468 ini910u - ok
17:35:22.0203 3468 IntcAzAudAddService (6f336c2d18ba1e7ce8d0f31541c87a1d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:35:22.0234 3468 IntcAzAudAddService - ok
17:35:22.0281 3468 IntelIde - ok
17:35:22.0296 3468 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:35:22.0296 3468 intelppm - ok
17:35:22.0312 3468 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:35:22.0312 3468 Ip6Fw - ok
17:35:22.0328 3468 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:35:22.0328 3468 IpFilterDriver - ok
17:35:22.0328 3468 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:35:22.0328 3468 IpInIp - ok
17:35:22.0343 3468 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:35:22.0343 3468 IpNat - ok
17:35:22.0375 3468 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:35:22.0375 3468 IPSec - ok
17:35:22.0390 3468 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:35:22.0390 3468 IRENUM - ok
17:35:22.0406 3468 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:35:22.0406 3468 isapnp - ok
17:35:22.0437 3468 JRSUKD25 (813ecde501d8970645360b4151ecb5b9) C:\WINDOWS\system32\JRSUKD25.SYS
17:35:22.0437 3468 JRSUKD25 - ok
17:35:22.0437 3468 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:35:22.0437 3468 Kbdclass - ok
17:35:22.0453 3468 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:35:22.0453 3468 kbdhid - ok
17:35:22.0468 3468 kcrtx86 (cbbc332b9a94d9eb16e3328b50760587) C:\WINDOWS\system32\kcrtx86.sys
17:35:22.0468 3468 kcrtx86 - ok
17:35:22.0500 3468 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:35:22.0500 3468 kmixer - ok
17:35:22.0515 3468 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:35:22.0515 3468 KSecDD - ok
17:35:22.0546 3468 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:35:22.0546 3468 LanmanServer - ok
17:35:22.0562 3468 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:35:22.0578 3468 lanmanworkstation - ok
17:35:22.0578 3468 lbrtfdc - ok
17:35:22.0609 3468 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:35:22.0609 3468 LmHosts - ok
17:35:22.0671 3468 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
17:35:22.0671 3468 McComponentHostService - ok
17:35:22.0718 3468 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:35:22.0718 3468 Messenger - ok
17:35:22.0781 3468 MfFWEnt (5a60a55f6b8af51a6b7642b8981fd834) C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfFWEnt.sys
17:35:22.0781 3468 MfFWEnt - ok
17:35:22.0796 3468 MfIPSEnt (99c7209b747e4d25afaf241a140e4be5) C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfIPSEnt.sys
17:35:22.0796 3468 MfIPSEnt - ok
17:35:22.0859 3468 Microsoft SharePoint Workspace Audit Service - ok
17:35:22.0875 3468 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:35:22.0875 3468 mnmdd - ok
17:35:22.0906 3468 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:35:22.0906 3468 mnmsrvc - ok
17:35:22.0921 3468 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:35:22.0921 3468 Modem - ok
17:35:22.0937 3468 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:35:22.0937 3468 Mouclass - ok
17:35:22.0953 3468 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:35:22.0953 3468 mouhid - ok
17:35:22.0953 3468 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:35:22.0953 3468 MountMgr - ok
17:35:22.0984 3468 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:35:22.0984 3468 MpFilter - ok
17:35:22.0984 3468 mraid35x - ok
17:35:23.0015 3468 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:35:23.0015 3468 MRxDAV - ok
17:35:23.0046 3468 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:35:23.0062 3468 MRxSmb - ok
17:35:23.0078 3468 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:35:23.0078 3468 MSDTC - ok
17:35:23.0078 3468 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:35:23.0078 3468 Msfs - ok
17:35:23.0078 3468 MSIServer - ok
17:35:23.0109 3468 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:35:23.0109 3468 MSKSSRV - ok
17:35:23.0140 3468 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:35:23.0140 3468 MsMpSvc - ok
17:35:23.0140 3468 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:35:23.0140 3468 MSPCLOCK - ok
17:35:23.0140 3468 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:35:23.0140 3468 MSPQM - ok
17:35:23.0156 3468 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:35:23.0156 3468 mssmbios - ok
17:35:23.0203 3468 MSSQL$SQLEXPRESS - ok
17:35:23.0250 3468 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:35:23.0250 3468 MSSQLServerADHelper - ok
17:35:23.0468 3468 msvsmon90 (70e994d23895df6b1ee1e70145299fcf) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
17:35:23.0531 3468 msvsmon90 - ok
17:35:23.0625 3468 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:35:23.0625 3468 Mup - ok
17:35:23.0640 3468 NA2USB (63214ad48ba99a2d0f0c77b3a4369bb0) C:\WINDOWS\system32\Drivers\UsbFpDrv.sys
17:35:23.0640 3468 NA2USB - ok
17:35:23.0656 3468 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:35:23.0671 3468 napagent - ok
17:35:23.0718 3468 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:35:23.0718 3468 NDIS - ok
17:35:23.0734 3468 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:35:23.0734 3468 NdisTapi - ok
17:35:23.0765 3468 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:35:23.0765 3468 Ndisuio - ok
17:35:23.0765 3468 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:35:23.0765 3468 NdisWan - ok
17:35:23.0796 3468 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:35:23.0796 3468 NDProxy - ok
17:35:23.0796 3468 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:35:23.0796 3468 NetBIOS - ok
17:35:23.0812 3468 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:35:23.0812 3468 NetBT - ok
17:35:23.0828 3468 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:35:23.0843 3468 NetDDE - ok
17:35:23.0843 3468 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:35:23.0843 3468 NetDDEdsdm - ok
17:35:23.0859 3468 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:23.0859 3468 Netlogon - ok
17:35:23.0890 3468 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:35:23.0890 3468 Netman - ok
17:35:23.0968 3468 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:35:23.0984 3468 NetTcpPortSharing - ok
17:35:24.0000 3468 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:35:24.0000 3468 NIC1394 - ok
17:35:24.0015 3468 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:35:24.0031 3468 Nla - ok
17:35:24.0031 3468 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:35:24.0031 3468 Npfs - ok
17:35:24.0062 3468 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:35:24.0062 3468 Ntfs - ok
17:35:24.0078 3468 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:24.0078 3468 NtLmSsp - ok
17:35:24.0109 3468 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:35:24.0109 3468 NtmsSvc - ok
17:35:24.0125 3468 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:35:24.0125 3468 Null - ok
17:35:24.0156 3468 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:35:24.0156 3468 NwlnkFlt - ok
17:35:24.0156 3468 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:35:24.0156 3468 NwlnkFwd - ok
17:35:24.0171 3468 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:35:24.0171 3468 ohci1394 - ok
17:35:24.0234 3468 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:35:24.0250 3468 ose - ok
17:35:24.0437 3468 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:35:24.0500 3468 osppsvc - ok
17:35:24.0593 3468 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:35:24.0593 3468 Parport - ok
17:35:24.0609 3468 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:35:24.0609 3468 PartMgr - ok
17:35:24.0640 3468 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:35:24.0640 3468 ParVdm - ok
17:35:24.0640 3468 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:35:24.0640 3468 PCI - ok
17:35:24.0640 3468 PCIDump - ok
17:35:24.0656 3468 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:35:24.0656 3468 PCIIde - ok
17:35:24.0687 3468 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:35:24.0687 3468 Pcmcia - ok
17:35:24.0765 3468 PCToolsSSDMonitorSvc (c98cd9ee0012df72206bd519db9780d4) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:35:24.0765 3468 PCToolsSSDMonitorSvc - ok
17:35:24.0781 3468 PDCOMP - ok
17:35:24.0781 3468 PDFRAME - ok
17:35:24.0781 3468 PDRELI - ok
17:35:24.0781 3468 PDRFRAME - ok
17:35:24.0781 3468 perc2 - ok
17:35:24.0781 3468 perc2hib - ok
17:35:24.0812 3468 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:35:24.0812 3468 PlugPlay - ok
17:35:24.0828 3468 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:24.0828 3468 PolicyAgent - ok
17:35:24.0843 3468 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:35:24.0843 3468 PptpMiniport - ok
17:35:24.0843 3468 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:24.0843 3468 ProtectedStorage - ok
17:35:24.0843 3468 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:35:24.0843 3468 PSched - ok
17:35:24.0843 3468 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:35:24.0843 3468 Ptilink - ok
17:35:24.0843 3468 ql1080 - ok
17:35:24.0859 3468 Ql10wnt - ok
17:35:24.0859 3468 ql12160 - ok
17:35:24.0859 3468 ql1240 - ok
17:35:24.0859 3468 ql1280 - ok
17:35:24.0875 3468 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:35:24.0875 3468 RasAcd - ok
17:35:24.0890 3468 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:35:24.0906 3468 RasAuto - ok
17:35:24.0906 3468 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:35:24.0906 3468 Rasl2tp - ok
17:35:24.0921 3468 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:35:24.0937 3468 RasMan - ok
17:35:24.0937 3468 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:35:24.0937 3468 RasPppoe - ok
17:35:24.0937 3468 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:35:24.0937 3468 Raspti - ok
17:35:24.0953 3468 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:35:24.0953 3468 Rdbss - ok
17:35:24.0953 3468 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:35:24.0953 3468 RDPCDD - ok
17:35:24.0984 3468 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:35:25.0000 3468 rdpdr - ok
17:35:25.0031 3468 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
17:35:25.0031 3468 RDPWD - ok
17:35:25.0062 3468 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:35:25.0078 3468 RDSessMgr - ok
17:35:25.0093 3468 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:35:25.0093 3468 redbook - ok
17:35:25.0125 3468 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:35:25.0125 3468 RemoteAccess - ok
17:35:25.0140 3468 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:35:25.0140 3468 RemoteRegistry - ok
17:35:25.0156 3468 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:35:25.0156 3468 RpcLocator - ok
17:35:25.0187 3468 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
17:35:25.0187 3468 RpcSs - ok
17:35:25.0218 3468 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:35:25.0218 3468 RSVP - ok
17:35:25.0234 3468 RTLE8023xp (185641ad7e80bfce0aa545d3ec79d557) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:35:25.0234 3468 RTLE8023xp - ok
17:35:25.0250 3468 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:25.0250 3468 SamSs - ok
17:35:25.0265 3468 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:35:25.0265 3468 SCardSvr - ok
17:35:25.0281 3468 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:35:25.0296 3468 Schedule - ok
17:35:25.0296 3468 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:35:25.0296 3468 Secdrv - ok
17:35:25.0296 3468 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:35:25.0296 3468 seclogon - ok
17:35:25.0312 3468 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:35:25.0312 3468 SENS - ok
17:35:25.0312 3468 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:35:25.0312 3468 serenum - ok
17:35:25.0312 3468 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:35:25.0328 3468 Serial - ok
17:35:25.0328 3468 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:35:25.0328 3468 Sfloppy - ok
17:35:25.0359 3468 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:35:25.0375 3468 SharedAccess - ok
17:35:25.0406 3468 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:25.0406 3468 ShellHWDetection - ok
17:35:25.0406 3468 Simbad - ok
17:35:25.0406 3468 Sparrow - ok
17:35:25.0421 3468 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:35:25.0421 3468 splitter - ok
17:35:25.0437 3468 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:35:25.0437 3468 Spooler - ok
17:35:25.0531 3468 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:35:25.0531 3468 SQLBrowser - ok
17:35:25.0562 3468 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:35:25.0562 3468 SQLWriter - ok
17:35:25.0578 3468 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:35:25.0578 3468 sr - ok
17:35:25.0578 3468 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:35:25.0593 3468 srservice - ok
17:35:25.0609 3468 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:35:25.0625 3468 Srv - ok
17:35:25.0640 3468 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:35:25.0640 3468 SSDPSRV - ok
17:35:25.0656 3468 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
17:35:25.0656 3468 StillCam - ok
17:35:25.0703 3468 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:35:25.0703 3468 stisvc - ok
17:35:25.0734 3468 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:35:25.0734 3468 swenum - ok
17:35:25.0750 3468 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:35:25.0750 3468 swmidi - ok
17:35:25.0750 3468 SwPrv - ok
17:35:25.0750 3468 symc810 - ok
17:35:25.0750 3468 symc8xx - ok
17:35:25.0750 3468 sym_hi - ok
17:35:25.0750 3468 sym_u3 - ok
17:35:25.0765 3468 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:35:25.0765 3468 sysaudio - ok
17:35:25.0781 3468 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:35:25.0781 3468 SysmonLog - ok
17:35:25.0796 3468 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:35:25.0796 3468 TapiSrv - ok
17:35:25.0828 3468 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:35:25.0828 3468 Tcpip - ok
17:35:25.0859 3468 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:35:25.0859 3468 TDPIPE - ok
17:35:25.0875 3468 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:35:25.0875 3468 TDTCP - ok
17:35:25.0890 3468 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:35:25.0890 3468 TermDD - ok
17:35:25.0921 3468 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:35:25.0937 3468 TermService - ok
17:35:25.0968 3468 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:25.0968 3468 Themes - ok
17:35:25.0984 3468 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
17:35:25.0984 3468 TlntSvr - ok
17:35:25.0984 3468 TosIde - ok
17:35:26.0000 3468 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:35:26.0000 3468 TrkWks - ok
17:35:26.0031 3468 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:35:26.0031 3468 Udfs - ok
17:35:26.0031 3468 ultra - ok
17:35:26.0062 3468 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:35:26.0062 3468 Update - ok
17:35:26.0093 3468 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:35:26.0093 3468 upnphost - ok
17:35:26.0093 3468 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:35:26.0093 3468 UPS - ok
17:35:26.0109 3468 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:35:26.0109 3468 usbccgp - ok
17:35:26.0125 3468 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:35:26.0125 3468 usbehci - ok
17:35:26.0125 3468 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:35:26.0125 3468 usbhub - ok
17:35:26.0156 3468 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:35:26.0156 3468 USBSTOR - ok
17:35:26.0171 3468 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:35:26.0171 3468 usbuhci - ok
17:35:26.0187 3468 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:35:26.0187 3468 VgaSave - ok
17:35:26.0203 3468 ViaIde - ok
17:35:26.0218 3468 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:35:26.0218 3468 VolSnap - ok
17:35:26.0265 3468 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:35:26.0281 3468 VSS - ok
17:35:26.0296 3468 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:35:26.0296 3468 W32Time - ok
17:35:26.0312 3468 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:35:26.0312 3468 Wanarp - ok
17:35:26.0359 3468 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:35:26.0359 3468 Wdf01000 - ok
17:35:26.0375 3468 WDICA - ok
17:35:26.0406 3468 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:35:26.0406 3468 wdmaud - ok
17:35:26.0406 3468 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:35:26.0421 3468 WebClient - ok
17:35:26.0468 3468 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:35:26.0468 3468 winmgmt - ok
17:35:26.0484 3468 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\winusb.sys
17:35:26.0484 3468 WinUSB - ok
17:35:26.0656 3468 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:35:26.0671 3468 wlidsvc - ok
17:35:26.0750 3468 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
17:35:26.0750 3468 WmdmPmSN - ok
17:35:26.0796 3468 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:35:26.0796 3468 Wmi - ok
17:35:26.0843 3468 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:35:26.0843 3468 WmiApSrv - ok
17:35:26.0859 3468 WmUsbIce (a654186474c38764ba82e5b47976193f) C:\WINDOWS\system32\Drivers\WmUsbIce.sys
17:35:26.0859 3468 WmUsbIce - ok
17:35:26.0875 3468 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:35:26.0875 3468 WS2IFSL - ok
17:35:26.0890 3468 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
17:35:26.0890 3468 wscsvc - ok
17:35:26.0921 3468 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:35:26.0921 3468 wuauserv - ok
17:35:26.0953 3468 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:35:26.0953 3468 WZCSVC - ok
17:35:27.0000 3468 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:35:27.0000 3468 xmlprov - ok
17:35:27.0000 3468 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:35:27.0281 3468 \Device\Harddisk0\DR0 - ok
17:35:27.0281 3468 Boot (0x1200) (ff7914e8cc132e0d992fcd15312d7f66) \Device\Harddisk0\DR0\Partition0
17:35:27.0281 3468 \Device\Harddisk0\DR0\Partition0 - ok
17:35:27.0296 3468 Boot (0x1200) (e200ec1dc2803bc4494a845f6e6bb182) \Device\Harddisk0\DR0\Partition1
17:35:27.0296 3468 \Device\Harddisk0\DR0\Partition1 - ok
17:35:27.0296 3468 ============================================================
17:35:27.0296 3468 Scan finished
17:35:27.0296 3468 ============================================================
17:35:27.0312 3936 Detected object count: 0
17:35:27.0312 3936 Actual detected object count: 0
17:36:44.0140 0960 Deinitialize success
TDSSkiller second run:
17:37:55.0421 0932 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:37:56.0171 0932 ============================================================
17:37:56.0171 0932 Current date / time: 2012/08/13 17:37:56.0171
17:37:56.0171 0932 SystemInfo:
17:37:56.0171 0932
17:37:56.0171 0932 OS Version: 5.1.2600 ServicePack: 3.0
17:37:56.0171 0932 Product type: Workstation
17:37:56.0171 0932 ComputerName: MANISHA
17:37:56.0171 0932 UserName: Manisha_ibkr
17:37:56.0171 0932 Windows directory: C:\WINDOWS
17:37:56.0171 0932 System windows directory: C:\WINDOWS
17:37:56.0171 0932 Processor architecture: Intel x86
17:37:56.0171 0932 Number of processors: 4
17:37:56.0171 0932 Page size: 0x1000
17:37:56.0171 0932 Boot type: Normal boot
17:37:56.0171 0932 ============================================================
17:37:57.0234 0932 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:37:57.0234 0932 ============================================================
17:37:57.0234 0932 \Device\Harddisk0\DR0:
17:37:57.0234 0932 MBR partitions:
17:37:57.0234 0932 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
17:37:57.0234 0932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0x321B88EA
17:37:57.0234 0932 ============================================================
17:37:57.0265 0932 C: <-> \Device\Harddisk0\DR0\Partition0
17:37:57.0296 0932 D: <-> \Device\Harddisk0\DR0\Partition1
17:37:57.0296 0932 ============================================================
17:37:57.0296 0932 Initialize success
17:37:57.0296 0932 ============================================================
17:38:22.0984 2144 ============================================================
17:38:22.0984 2144 Scan started
17:38:22.0984 2144 Mode: Manual; SigCheck; TDLFS;
17:38:22.0984 2144 ============================================================
17:38:23.0468 2144 Abiosdsk - ok
17:38:23.0468 2144 abp480n5 - ok
17:38:23.0515 2144 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:38:23.0687 2144 ACPI - ok
17:38:23.0718 2144 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:38:23.0796 2144 ACPIEC - ok
17:38:23.0796 2144 adpu160m - ok
17:38:23.0828 2144 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:38:23.0921 2144 aec - ok
17:38:23.0937 2144 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:38:23.0984 2144 AFD - ok
17:38:23.0984 2144 Aha154x - ok
17:38:23.0984 2144 aic78u2 - ok
17:38:23.0984 2144 aic78xx - ok
17:38:24.0015 2144 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:38:24.0078 2144 Alerter - ok
17:38:24.0109 2144 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:38:24.0140 2144 ALG - ok
17:38:24.0140 2144 AliIde - ok
17:38:24.0171 2144 AMonTDnt (7ae4f193ca2ad413a0bca3d846625f75) C:\WINDOWS\system32\Drivers\AMonTDnt.sys
17:38:24.0187 2144 AMonTDnt - ok
17:38:24.0203 2144 amsint - ok
17:38:24.0218 2144 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:38:24.0250 2144 AppMgmt - ok
17:38:24.0265 2144 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:38:24.0328 2144 Arp1394 - ok
17:38:24.0328 2144 asc - ok
17:38:24.0328 2144 asc3350p - ok
17:38:24.0343 2144 asc3550 - ok
17:38:24.0406 2144 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:38:24.0406 2144 aspnet_state - ok
17:38:24.0421 2144 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:38:24.0484 2144 AsyncMac - ok
17:38:24.0500 2144 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:38:24.0562 2144 atapi - ok
17:38:24.0578 2144 Atdisk - ok
17:38:24.0609 2144 Ati HotKey Poller (fce2918d8dc01e02bccb64f06fe91d45) C:\WINDOWS\system32\Ati2evxx.exe
17:38:24.0656 2144 Ati HotKey Poller - ok
17:38:24.0687 2144 ATI Smart (5b867f6d5331d7df70b70e18586f8d0f) C:\WINDOWS\system32\ati2sgag.exe
17:38:24.0718 2144 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:38:24.0718 2144 ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:38:24.0906 2144 ati2mtag (067fca861588b18399555412a456de12) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:38:25.0000 2144 ati2mtag - ok
17:38:25.0078 2144 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:38:25.0140 2144 Atmarpc - ok
17:38:25.0171 2144 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:38:25.0250 2144 AudioSrv - ok
17:38:25.0265 2144 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:38:25.0343 2144 audstub - ok
17:38:25.0421 2144 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:38:25.0437 2144 BBSvc - ok
17:38:25.0453 2144 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:38:25.0468 2144 BBUpdate - ok
17:38:25.0500 2144 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:38:25.0578 2144 Beep - ok
17:38:25.0609 2144 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:38:25.0687 2144 BITS - ok
17:38:25.0718 2144 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:38:25.0796 2144 Browser - ok
17:38:25.0796 2144 catchme - ok
17:38:25.0812 2144 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:38:25.0890 2144 cbidf2k - ok
17:38:25.0890 2144 cd20xrnt - ok
17:38:25.0906 2144 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:38:26.0000 2144 Cdaudio - ok
17:38:26.0015 2144 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:38:26.0093 2144 Cdfs - ok
17:38:26.0125 2144 CdmDrvNt (21c0133490fc6afb1fbdc7ed9ee32312) C:\WINDOWS\system32\Drivers\CdmDrvNt.sys
17:38:26.0125 2144 CdmDrvNt - ok
17:38:26.0218 2144 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:38:26.0359 2144 Cdrom - ok
17:38:26.0359 2144 Changer - ok
17:38:26.0375 2144 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:38:26.0437 2144 CiSvc - ok
17:38:26.0468 2144 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:38:26.0625 2144 ClipSrv - ok
17:38:26.0734 2144 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:26.0968 2144 clr_optimization_v2.0.50727_32 - ok
17:38:26.0968 2144 CmdIde - ok
17:38:26.0984 2144 COMSysApp - ok
17:38:26.0984 2144 Cpqarray - ok
17:38:27.0078 2144 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:38:27.0500 2144 CryptSvc - ok
17:38:27.0500 2144 dac2w2k - ok
17:38:27.0500 2144 dac960nt - ok
17:38:27.0546 2144 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:38:29.0281 2144 DcomLaunch - ok
17:38:29.0312 2144 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:38:29.0625 2144 Dhcp - ok
17:38:29.0671 2144 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:38:29.0765 2144 Disk - ok
17:38:29.0765 2144 dmadmin - ok
17:38:29.0890 2144 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:38:30.0093 2144 dmboot - ok
17:38:30.0125 2144 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:38:30.0250 2144 dmio - ok
17:38:30.0281 2144 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:38:30.0375 2144 dmload - ok
17:38:30.0406 2144 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:38:30.0484 2144 dmserver - ok
17:38:30.0515 2144 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:38:30.0593 2144 DMusic - ok
17:38:30.0609 2144 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:38:30.0625 2144 Dnscache - ok
17:38:30.0656 2144 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:38:30.0734 2144 Dot3svc - ok
17:38:30.0734 2144 dpti2o - ok
17:38:30.0781 2144 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:38:30.0859 2144 drmkaud - ok
17:38:31.0031 2144 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:38:31.0046 2144 dtsoftbus01 - ok
17:38:31.0062 2144 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:38:31.0218 2144 EapHost - ok
17:38:31.0234 2144 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:38:31.0328 2144 ERSvc - ok
17:38:31.0359 2144 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:38:31.0375 2144 Eventlog - ok
17:38:31.0406 2144 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:38:31.0406 2144 EventSystem - ok
17:38:31.0437 2144 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:38:31.0515 2144 Fastfat - ok
17:38:31.0562 2144 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:38:31.0578 2144 FastUserSwitchingCompatibility - ok
17:38:31.0609 2144 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:38:31.0687 2144 Fdc - ok
17:38:31.0703 2144 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:38:31.0765 2144 Fips - ok
17:38:31.0781 2144 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:38:31.0859 2144 Flpydisk - ok
17:38:31.0890 2144 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:38:31.0953 2144 FltMgr - ok
17:38:32.0015 2144 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:38:32.0031 2144 FontCache3.0.0.0 - ok
17:38:32.0046 2144 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:38:32.0125 2144 Fs_Rec - ok
17:38:32.0125 2144 FTDIBUS (d6e3667f5e2bc6afc50308b480de2999) C:\WINDOWS\system32\drivers\ftdibus.sys
17:38:32.0140 2144 FTDIBUS - ok
17:38:32.0156 2144 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:38:32.0234 2144 Ftdisk - ok
17:38:32.0234 2144 FTSER2K (e4cf4c1f9e3d57a66850f484c08e9ecf) C:\WINDOWS\system32\drivers\ftser2k.sys
17:38:32.0234 2144 FTSER2K - ok
17:38:32.0265 2144 gdrv (ad6bd6bdc97bede8a5507ee01220c00f) C:\WINDOWS\gdrv.sys
17:38:32.0265 2144 gdrv - ok
17:38:32.0281 2144 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:38:32.0359 2144 Gpc - ok
17:38:32.0406 2144 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:38:32.0500 2144 HDAudBus - ok
17:38:32.0515 2144 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:38:32.0593 2144 helpsvc - ok
17:38:32.0609 2144 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:38:32.0687 2144 HidServ - ok
17:38:32.0703 2144 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:38:32.0781 2144 hidusb - ok
17:38:32.0796 2144 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:38:32.0875 2144 hkmsvc - ok
17:38:32.0875 2144 hpn - ok
17:38:32.0906 2144 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:38:32.0921 2144 HTTP - ok
17:38:32.0953 2144 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:38:33.0031 2144 HTTPFilter - ok
17:38:33.0031 2144 i2omgmt - ok
17:38:33.0031 2144 i2omp - ok
17:38:33.0109 2144 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:38:33.0140 2144 idsvc - ok
17:38:33.0156 2144 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:38:33.0234 2144 Imapi - ok
17:38:33.0250 2144 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:38:33.0343 2144 ImapiService - ok
17:38:33.0343 2144 ini910u - ok
17:38:33.0578 2144 IntcAzAudAddService (6f336c2d18ba1e7ce8d0f31541c87a1d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:38:33.0765 2144 IntcAzAudAddService - ok
17:38:33.0843 2144 IntelIde - ok
17:38:33.0859 2144 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:38:33.0937 2144 intelppm - ok
17:38:33.0937 2144 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:38:34.0031 2144 Ip6Fw - ok
17:38:34.0046 2144 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:38:34.0125 2144 IpFilterDriver - ok
17:38:34.0125 2144 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:38:34.0203 2144 IpInIp - ok
17:38:34.0218 2144 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:38:34.0296 2144 IpNat - ok
17:38:34.0328 2144 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:38:34.0421 2144 IPSec - ok
17:38:34.0437 2144 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:38:34.0468 2144 IRENUM - ok
17:38:34.0515 2144 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:38:34.0593 2144 isapnp - ok
17:38:34.0625 2144 JRSUKD25 (813ecde501d8970645360b4151ecb5b9) C:\WINDOWS\system32\JRSUKD25.SYS
17:38:34.0625 2144 JRSUKD25 - ok
17:38:34.0656 2144 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:38:34.0734 2144 Kbdclass - ok
17:38:34.0750 2144 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:38:34.0828 2144 kbdhid - ok
17:38:34.0843 2144 kcrtx86 (cbbc332b9a94d9eb16e3328b50760587) C:\WINDOWS\system32\kcrtx86.sys
17:38:34.0859 2144 kcrtx86 - ok
17:38:34.0906 2144 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:38:34.0984 2144 kmixer - ok
17:38:35.0015 2144 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:38:35.0046 2144 KSecDD - ok
17:38:35.0078 2144 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:38:35.0109 2144 LanmanServer - ok
17:38:35.0156 2144 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:38:35.0203 2144 lanmanworkstation - ok
17:38:35.0203 2144 lbrtfdc - ok
17:38:35.0250 2144 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:38:35.0625 2144 LmHosts - ok
17:38:35.0703 2144 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
17:38:35.0703 2144 McComponentHostService - ok
17:38:35.0734 2144 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:38:35.0812 2144 Messenger - ok
17:38:35.0890 2144 MfFWEnt (5a60a55f6b8af51a6b7642b8981fd834) C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfFWEnt.sys
17:38:35.0906 2144 MfFWEnt - ok
17:38:35.0921 2144 MfIPSEnt (99c7209b747e4d25afaf241a140e4be5) C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfIPSEnt.sys
17:38:35.0937 2144 MfIPSEnt - ok
17:38:36.0000 2144 Microsoft SharePoint Workspace Audit Service - ok
17:38:36.0015 2144 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:38:36.0093 2144 mnmdd - ok
17:38:36.0109 2144 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:38:36.0187 2144 mnmsrvc - ok
17:38:36.0218 2144 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:38:36.0296 2144 Modem - ok
17:38:36.0328 2144 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:38:36.0406 2144 Mouclass - ok
17:38:36.0437 2144 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:38:36.0515 2144 mouhid - ok
17:38:36.0531 2144 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:38:36.0609 2144 MountMgr - ok
17:38:36.0640 2144 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:38:36.0656 2144 MpFilter - ok
17:38:36.0671 2144 mraid35x - ok
17:38:36.0671 2144 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:38:36.0750 2144 MRxDAV - ok
17:38:36.0796 2144 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:38:36.0812 2144 MRxSmb - ok
17:38:36.0828 2144 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:38:36.0906 2144 MSDTC - ok
17:38:36.0906 2144 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:38:36.0968 2144 Msfs - ok
17:38:36.0984 2144 MSIServer - ok
17:38:37.0015 2144 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:38:37.0093 2144 MSKSSRV - ok
17:38:37.0156 2144 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:38:37.0156 2144 MsMpSvc - ok
17:38:37.0187 2144 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:38:37.0265 2144 MSPCLOCK - ok
17:38:37.0265 2144 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:38:37.0343 2144 MSPQM - ok
17:38:37.0359 2144 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:38:37.0437 2144 mssmbios - ok
17:38:37.0500 2144 MSSQL$SQLEXPRESS - ok
17:38:37.0546 2144 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:38:37.0546 2144 MSSQLServerADHelper - ok
17:38:37.0828 2144 msvsmon90 (70e994d23895df6b1ee1e70145299fcf) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
17:38:37.0921 2144 msvsmon90 - ok
17:38:38.0031 2144 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:38:38.0046 2144 Mup - ok
17:38:38.0062 2144 NA2USB (63214ad48ba99a2d0f0c77b3a4369bb0) C:\WINDOWS\system32\Drivers\UsbFpDrv.sys
17:38:38.0078 2144 NA2USB - ok
17:38:38.0421 2144 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:38:38.0500 2144 napagent - ok
17:38:38.0671 2144 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:38:38.0796 2144 NDIS - ok
17:38:38.0859 2144 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:38:38.0906 2144 NdisTapi - ok
17:38:39.0046 2144 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:38:39.0187 2144 Ndisuio - ok
17:38:39.0296 2144 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:38:39.0375 2144 NdisWan - ok
17:38:39.0593 2144 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:38:39.0640 2144 NDProxy - ok
17:38:39.0687 2144 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:38:39.0765 2144 NetBIOS - ok
17:38:39.0812 2144 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:38:39.0890 2144 NetBT - ok
17:38:39.0953 2144 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:38:40.0031 2144 NetDDE - ok
17:38:40.0031 2144 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:38:40.0109 2144 NetDDEdsdm - ok
17:38:40.0140 2144 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:38:40.0218 2144 Netlogon - ok
17:38:40.0281 2144 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:38:40.0546 2144 Netman - ok
17:38:40.0906 2144 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:38:40.0921 2144 NetTcpPortSharing - ok
17:38:41.0609 2144 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:38:41.0703 2144 NIC1394 - ok
17:38:41.0750 2144 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:38:41.0765 2144 Nla - ok
17:38:41.0781 2144 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:38:41.0859 2144 Npfs - ok
17:38:42.0046 2144 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:38:42.0140 2144 Ntfs - ok
17:38:42.0140 2144 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:38:42.0218 2144 NtLmSsp - ok
17:38:43.0718 2144 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:38:43.0812 2144 NtmsSvc - ok
17:38:43.0937 2144 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:38:44.0031 2144 Null - ok
17:38:44.0156 2144 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:38:44.0234 2144 NwlnkFlt - ok
17:38:44.0250 2144 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:38:44.0343 2144 NwlnkFwd - ok
17:38:44.0421 2144 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:38:44.0500 2144 ohci1394 - ok
17:38:44.0625 2144 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:38:44.0640 2144 ose - ok
17:38:46.0656 2144 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:38:46.0812 2144 osppsvc - ok
17:38:47.0078 2144 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:38:47.0156 2144 Parport - ok
17:38:47.0171 2144 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:38:47.0250 2144 PartMgr - ok
17:38:47.0296 2144 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:38:47.0375 2144 ParVdm - ok
17:38:47.0390 2144 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:38:47.0468 2144 PCI - ok
17:38:47.0468 2144 PCIDump - ok
17:38:47.0500 2144 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:38:47.0562 2144 PCIIde - ok
17:38:47.0625 2144 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:38:47.0703 2144 Pcmcia - ok
17:38:47.0875 2144 PCToolsSSDMonitorSvc (c98cd9ee0012df72206bd519db9780d4) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:38:47.0906 2144 PCToolsSSDMonitorSvc - ok
17:38:47.0906 2144 PDCOMP - ok
17:38:47.0906 2144 PDFRAME - ok
17:38:47.0906 2144 PDRELI - ok
17:38:47.0906 2144 PDRFRAME - ok
17:38:47.0921 2144 perc2 - ok
17:38:47.0921 2144 perc2hib - ok
17:38:47.0968 2144 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:38:47.0968 2144 PlugPlay - ok
17:38:48.0000 2144 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:38:48.0078 2144 PolicyAgent - ok
17:38:48.0125 2144 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:38:48.0203 2144 PptpMiniport - ok
17:38:48.0218 2144 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:38:48.0281 2144 ProtectedStorage - ok
17:38:48.0296 2144 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:38:48.0390 2144 PSched - ok
17:38:48.0406 2144 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:38:48.0484 2144 Ptilink - ok
17:38:48.0484 2144 ql1080 - ok
17:38:48.0500 2144 Ql10wnt - ok
17:38:48.0500 2144 ql12160 - ok
17:38:48.0500 2144 ql1240 - ok
17:38:48.0500 2144 ql1280 - ok
17:38:48.0609 2144 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:38:48.0671 2144 RasAcd - ok
17:38:48.0718 2144 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:38:48.0828 2144 RasAuto - ok
17:38:48.0843 2144 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:38:48.0937 2144 Rasl2tp - ok
17:38:49.0109 2144 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:38:49.0187 2144 RasMan - ok
17:38:49.0203 2144 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:38:49.0281 2144 RasPppoe - ok
17:38:49.0328 2144 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:38:49.0406 2144 Raspti - ok
17:38:49.0437 2144 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:38:49.0546 2144 Rdbss - ok
17:38:49.0578 2144 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:38:49.0656 2144 RDPCDD - ok
17:38:49.0671 2144 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:38:49.0750 2144 rdpdr - ok
17:38:49.0828 2144 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
17:38:49.0875 2144 RDPWD - ok
17:38:49.0890 2144 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:38:49.0968 2144 RDSessMgr - ok
17:38:50.0015 2144 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:38:50.0093 2144 redbook - ok
17:38:50.0187 2144 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:38:50.0265 2144 RemoteAccess - ok
17:38:50.0375 2144 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:38:50.0468 2144 RemoteRegistry - ok
17:38:50.0546 2144 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:38:50.0609 2144 RpcLocator - ok
17:38:50.0718 2144 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
17:38:50.0734 2144 RpcSs - ok
17:38:50.0843 2144 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:38:50.0937 2144 RSVP - ok
17:38:51.0000 2144 RTLE8023xp (185641ad7e80bfce0aa545d3ec79d557) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:38:51.0031 2144 RTLE8023xp - ok
17:38:51.0156 2144 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:38:51.0218 2144 SamSs - ok
17:38:51.0406 2144 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:38:51.0500 2144 SCardSvr - ok
17:38:51.0546 2144 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:38:51.0609 2144 Schedule - ok
17:38:51.0640 2144 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:38:51.0687 2144 Secdrv - ok
17:38:51.0765 2144 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:38:51.0843 2144 seclogon - ok
17:38:51.0859 2144 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:38:51.0968 2144 SENS - ok
17:38:52.0015 2144 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:38:52.0093 2144 serenum - ok
17:38:52.0156 2144 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:38:52.0250 2144 Serial - ok
17:38:52.0265 2144 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:38:52.0343 2144 Sfloppy - ok
17:38:52.0515 2144 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:38:52.0593 2144 SharedAccess - ok
17:38:52.0875 2144 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:38:52.0890 2144 ShellHWDetection - ok
17:38:52.0890 2144 Simbad - ok
17:38:52.0890 2144 Sparrow - ok
17:38:52.0937 2144 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:38:53.0031 2144 splitter - ok
17:38:53.0078 2144 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:38:53.0093 2144 Spooler - ok
17:38:53.0343 2144 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:38:53.0359 2144 SQLBrowser - ok
17:38:53.0359 2144 Scan interrupted by user!
17:38:53.0359 2144 Scan interrupted by user!
17:38:53.0359 2144 Scan interrupted by user!
17:38:53.0359 2144 ============================================================
17:38:53.0359 2144 Scan finished
17:38:53.0359 2144 ============================================================
17:38:53.0468 0892 Detected object count: 1
17:38:53.0468 0892 Actual detected object count: 1
17:38:59.0390 0892 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:59.0390 0892 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:39:27.0343 3396 ============================================================
17:39:27.0343 3396 Scan started
17:39:27.0343 3396 Mode: Manual; SigCheck; TDLFS;
17:39:27.0343 3396 ============================================================
17:39:27.0484 3396 Abiosdsk - ok
17:39:27.0484 3396 abp480n5 - ok
17:39:27.0515 3396 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:39:27.0593 3396 ACPI - ok
17:39:27.0609 3396 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:39:27.0687 3396 ACPIEC - ok
17:39:27.0687 3396 adpu160m - ok
17:39:27.0703 3396 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:39:27.0781 3396 aec - ok
17:39:27.0828 3396 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:39:27.0828 3396 AFD - ok
17:39:27.0843 3396 Aha154x - ok
17:39:27.0843 3396 aic78u2 - ok
17:39:27.0843 3396 aic78xx - ok
17:39:27.0859 3396 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:39:27.0921 3396 Alerter - ok
17:39:27.0953 3396 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:39:27.0984 3396 ALG - ok
17:39:27.0984 3396 AliIde - ok
17:39:28.0015 3396 AMonTDnt (7ae4f193ca2ad413a0bca3d846625f75) C:\WINDOWS\system32\Drivers\AMonTDnt.sys
17:39:28.0031 3396 AMonTDnt - ok
17:39:28.0031 3396 amsint - ok
17:39:28.0046 3396 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:39:28.0093 3396 AppMgmt - ok
17:39:28.0093 3396 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:39:28.0156 3396 Arp1394 - ok
17:39:28.0156 3396 asc - ok
17:39:28.0171 3396 asc3350p - ok
17:39:28.0171 3396 asc3550 - ok
17:39:28.0218 3396 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:39:28.0234 3396 aspnet_state - ok
17:39:28.0234 3396 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:39:28.0312 3396 AsyncMac - ok
17:39:28.0312 3396 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:39:28.0390 3396 atapi - ok
17:39:28.0390 3396 Atdisk - ok
17:39:28.0421 3396 Ati HotKey Poller (fce2918d8dc01e02bccb64f06fe91d45) C:\WINDOWS\system32\Ati2evxx.exe
17:39:28.0453 3396 Ati HotKey Poller - ok
17:39:28.0500 3396 ATI Smart (5b867f6d5331d7df70b70e18586f8d0f) C:\WINDOWS\system32\ati2sgag.exe
17:39:28.0500 3396 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:39:28.0500 3396 ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:39:28.0687 3396 ati2mtag (067fca861588b18399555412a456de12) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:39:28.0750 3396 ati2mtag - ok
17:39:28.0828 3396 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:39:28.0890 3396 Atmarpc - ok
17:39:28.0921 3396 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:39:29.0000 3396 AudioSrv - ok
17:39:29.0015 3396 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:39:29.0078 3396 audstub - ok
17:39:29.0156 3396 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:39:29.0171 3396 BBSvc - ok
17:39:29.0203 3396 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:39:29.0218 3396 BBUpdate - ok
17:39:29.0250 3396 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:39:29.0312 3396 Beep - ok
17:39:29.0343 3396 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:39:29.0421 3396 BITS - ok
17:39:29.0437 3396 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:39:29.0515 3396 Browser - ok
17:39:29.0515 3396 catchme - ok
17:39:29.0531 3396 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:39:29.0609 3396 cbidf2k - ok
17:39:29.0609 3396 cd20xrnt - ok
17:39:29.0625 3396 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:39:29.0703 3396 Cdaudio - ok
17:39:29.0703 3396 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:39:29.0781 3396 Cdfs - ok
17:39:29.0796 3396 CdmDrvNt (21c0133490fc6afb1fbdc7ed9ee32312) C:\WINDOWS\system32\Drivers\CdmDrvNt.sys
17:39:29.0796 3396 CdmDrvNt - ok
17:39:29.0812 3396 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:39:29.0875 3396 Cdrom - ok
17:39:29.0890 3396 Changer - ok
17:39:29.0890 3396 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:39:29.0968 3396 CiSvc - ok
17:39:29.0968 3396 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:39:30.0046 3396 ClipSrv - ok
17:39:30.0078 3396 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:30.0093 3396 clr_optimization_v2.0.50727_32 - ok
17:39:30.0093 3396 CmdIde - ok
17:39:30.0109 3396 COMSysApp - ok
17:39:30.0109 3396 Cpqarray - ok
17:39:30.0125 3396 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:39:30.0187 3396 CryptSvc - ok
17:39:30.0187 3396 dac2w2k - ok
17:39:30.0203 3396 dac960nt - ok
17:39:30.0234 3396 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:39:30.0250 3396 DcomLaunch - ok
17:39:30.0281 3396 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:39:30.0343 3396 Dhcp - ok
17:39:30.0343 3396 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:39:30.0421 3396 Disk - ok
17:39:30.0421 3396 dmadmin - ok
17:39:30.0468 3396 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:39:30.0562 3396 dmboot - ok
17:39:30.0562 3396 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:39:30.0640 3396 dmio - ok
17:39:30.0656 3396 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:39:30.0718 3396 dmload - ok
17:39:30.0718 3396 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:39:30.0796 3396 dmserver - ok
17:39:30.0828 3396 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:39:30.0890 3396 DMusic - ok
17:39:30.0906 3396 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:39:30.0906 3396 Dnscache - ok
17:39:30.0921 3396 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:39:31.0000 3396 Dot3svc - ok
17:39:31.0000 3396 dpti2o - ok
17:39:31.0015 3396 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:39:31.0078 3396 drmkaud - ok
17:39:31.0109 3396 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:39:31.0109 3396 dtsoftbus01 - ok
17:39:31.0125 3396 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:39:31.0187 3396 EapHost - ok
17:39:31.0203 3396 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:39:31.0265 3396 ERSvc - ok
17:39:31.0296 3396 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:39:31.0296 3396 Eventlog - ok
17:39:31.0328 3396 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:39:31.0343 3396 EventSystem - ok
17:39:31.0343 3396 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:39:31.0421 3396 Fastfat - ok
17:39:31.0453 3396 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:39:31.0453 3396 FastUserSwitchingCompatibility - ok
17:39:31.0468 3396 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:39:31.0546 3396 Fdc - ok
17:39:31.0546 3396 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:39:31.0609 3396 Fips - ok
17:39:31.0625 3396 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:39:31.0687 3396 Flpydisk - ok
17:39:31.0734 3396 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:39:31.0812 3396 FltMgr - ok
17:39:31.0890 3396 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:39:31.0890 3396 FontCache3.0.0.0 - ok
17:39:31.0906 3396 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:39:31.0984 3396 Fs_Rec - ok
17:39:32.0000 3396 FTDIBUS (d6e3667f5e2bc6afc50308b480de2999) C:\WINDOWS\system32\drivers\ftdibus.sys
17:39:32.0015 3396 FTDIBUS - ok
17:39:32.0031 3396 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:39:32.0093 3396 Ftdisk - ok
17:39:32.0109 3396 FTSER2K (e4cf4c1f9e3d57a66850f484c08e9ecf) C:\WINDOWS\system32\drivers\ftser2k.sys
17:39:32.0109 3396 FTSER2K - ok
17:39:32.0125 3396 gdrv (ad6bd6bdc97bede8a5507ee01220c00f) C:\WINDOWS\gdrv.sys
17:39:32.0140 3396 gdrv - ok
17:39:32.0156 3396 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:39:32.0218 3396 Gpc - ok
17:39:32.0250 3396 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:39:32.0328 3396 HDAudBus - ok
17:39:32.0359 3396 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:39:32.0437 3396 helpsvc - ok
17:39:32.0453 3396 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:39:32.0515 3396 HidServ - ok
17:39:32.0531 3396 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:39:32.0609 3396 hidusb - ok
17:39:32.0625 3396 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:39:32.0687 3396 hkmsvc - ok
17:39:32.0687 3396 hpn - ok
17:39:32.0734 3396 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:39:32.0734 3396 HTTP - ok
17:39:32.0765 3396 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:39:32.0828 3396 HTTPFilter - ok
17:39:32.0828 3396 i2omgmt - ok
17:39:32.0843 3396 i2omp - ok
17:39:32.0921 3396 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:39:32.0968 3396 idsvc - ok
17:39:33.0000 3396 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:39:33.0078 3396 Imapi - ok
17:39:33.0109 3396 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:39:33.0171 3396 ImapiService - ok
17:39:33.0171 3396 ini910u - ok
17:39:33.0406 3396 IntcAzAudAddService (6f336c2d18ba1e7ce8d0f31541c87a1d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:39:33.0531 3396 IntcAzAudAddService - ok
17:39:33.0593 3396 IntelIde - ok
17:39:33.0609 3396 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:39:33.0687 3396 intelppm - ok
17:39:33.0687 3396 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:39:33.0765 3396 Ip6Fw - ok
17:39:33.0781 3396 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:39:33.0859 3396 IpFilterDriver - ok
17:39:33.0859 3396 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:39:33.0921 3396 IpInIp - ok
17:39:33.0953 3396 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:39:34.0015 3396 IpNat - ok
17:39:34.0046 3396 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:39:34.0125 3396 IPSec - ok
17:39:34.0140 3396 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:39:34.0171 3396 IRENUM - ok
17:39:34.0203 3396 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:39:34.0265 3396 isapnp - ok
17:39:34.0296 3396 JRSUKD25 (813ecde501d8970645360b4151ecb5b9) C:\WINDOWS\system32\JRSUKD25.SYS
17:39:34.0296 3396 JRSUKD25 - ok
17:39:34.0312 3396 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:39:34.0375 3396 Kbdclass - ok
17:39:34.0390 3396 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:39:34.0453 3396 kbdhid - ok
17:39:34.0468 3396 kcrtx86 (cbbc332b9a94d9eb16e3328b50760587) C:\WINDOWS\system32\kcrtx86.sys
17:39:34.0484 3396 kcrtx86 - ok
17:39:34.0515 3396 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:39:34.0578 3396 kmixer - ok
17:39:34.0593 3396 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:39:34.0609 3396 KSecDD - ok
17:39:34.0625 3396 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:39:34.0640 3396 LanmanServer - ok
17:39:34.0656 3396 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:39:34.0671 3396 lanmanworkstation - ok
17:39:34.0671 3396 lbrtfdc - ok
17:39:34.0687 3396 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:39:34.0750 3396 LmHosts - ok
17:39:34.0828 3396 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
17:39:34.0843 3396 McComponentHostService - ok
17:39:34.0859 3396 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:39:34.0937 3396 Messenger - ok
17:39:35.0000 3396 MfFWEnt (5a60a55f6b8af51a6b7642b8981fd834) C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfFWEnt.sys
17:39:35.0015 3396 MfFWEnt - ok
17:39:35.0031 3396 MfIPSEnt (99c7209b747e4d25afaf241a140e4be5) C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfIPSEnt.sys
17:39:35.0031 3396 MfIPSEnt - ok
17:39:35.0078 3396 Microsoft SharePoint Workspace Audit Service - ok
17:39:35.0093 3396 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:39:35.0171 3396 mnmdd - ok
17:39:35.0187 3396 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:39:35.0265 3396 mnmsrvc - ok
17:39:35.0265 3396 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:39:35.0343 3396 Modem - ok
17:39:35.0359 3396 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:39:35.0453 3396 Mouclass - ok
17:39:35.0453 3396 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:39:35.0531 3396 mouhid - ok
17:39:35.0531 3396 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:39:35.0593 3396 MountMgr - ok
17:39:35.0625 3396 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:39:35.0625 3396 MpFilter - ok
17:39:35.0640 3396 mraid35x - ok
17:39:35.0640 3396 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:39:35.0718 3396 MRxDAV - ok
17:39:35.0750 3396 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:39:35.0765 3396 MRxSmb - ok
17:39:35.0781 3396 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:39:35.0859 3396 MSDTC - ok
17:39:35.0859 3396 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:39:35.0937 3396 Msfs - ok
17:39:35.0937 3396 MSIServer - ok
17:39:35.0953 3396 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:39:36.0031 3396 MSKSSRV - ok
17:39:36.0062 3396 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:39:36.0078 3396 MsMpSvc - ok
17:39:36.0078 3396 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:39:36.0140 3396 MSPCLOCK - ok
17:39:36.0140 3396 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:39:36.0218 3396 MSPQM - ok
17:39:36.0218 3396 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:39:36.0281 3396 mssmbios - ok
17:39:36.0343 3396 MSSQL$SQLEXPRESS - ok
17:39:36.0390 3396 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:39:36.0390 3396 MSSQLServerADHelper - ok
17:39:36.0593 3396 msvsmon90 (70e994d23895df6b1ee1e70145299fcf) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
17:39:36.0703 3396 msvsmon90 - ok
17:39:36.0781 3396 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:39:36.0796 3396 Mup - ok
17:39:36.0812 3396 NA2USB (63214ad48ba99a2d0f0c77b3a4369bb0) C:\WINDOWS\system32\Drivers\UsbFpDrv.sys
17:39:36.0828 3396 NA2USB - ok
17:39:36.0843 3396 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:39:36.0921 3396 napagent - ok
17:39:36.0937 3396 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:39:37.0015 3396 NDIS - ok
17:39:37.0031 3396 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:39:37.0046 3396 NdisTapi - ok
17:39:37.0062 3396 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:39:37.0140 3396 Ndisuio - ok
17:39:37.0140 3396 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:39:37.0218 3396 NdisWan - ok
17:39:37.0234 3396 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:39:37.0234 3396 NDProxy - ok
17:39:37.0250 3396 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:39:37.0312 3396 NetBIOS - ok
17:39:37.0328 3396 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:39:37.0406 3396 NetBT - ok
17:39:37.0421 3396 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:39:37.0484 3396 NetDDE - ok
17:39:37.0500 3396 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:39:37.0562 3396 NetDDEdsdm - ok
17:39:37.0578 3396 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:39:37.0640 3396 Netlogon - ok
17:39:37.0671 3396 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:39:37.0734 3396 Netman - ok
17:39:37.0812 3396 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:39:37.0828 3396 NetTcpPortSharing - ok
17:39:37.0843 3396 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:39:37.0921 3396 NIC1394 - ok
17:39:37.0953 3396 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:39:37.0953 3396 Nla - ok
17:39:37.0968 3396 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:39:38.0031 3396 Npfs - ok
17:39:38.0062 3396 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:39:38.0140 3396 Ntfs - ok
17:39:38.0140 3396 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:39:38.0203 3396 NtLmSsp - ok
17:39:38.0234 3396 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:39:38.0312 3396 NtmsSvc - ok
17:39:38.0328 3396 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:39:38.0390 3396 Null - ok
17:39:38.0421 3396 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:39:38.0484 3396 NwlnkFlt - ok
17:39:38.0500 3396 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:39:38.0562 3396 NwlnkFwd - ok
17:39:38.0578 3396 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:39:38.0640 3396 ohci1394 - ok
17:39:38.0703 3396 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:38.0718 3396 ose - ok
17:39:38.0906 3396 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:39.0078 3396 osppsvc - ok
17:39:39.0171 3396 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:39:39.0234 3396 Parport - ok
17:39:39.0234 3396 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:39:39.0312 3396 PartMgr - ok
17:39:39.0328 3396 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:39:39.0390 3396 ParVdm - ok
17:39:39.0406 3396 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:39:39.0468 3396 PCI - ok
17:39:39.0468 3396 PCIDump - ok
17:39:39.0468 3396 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:39:39.0546 3396 PCIIde - ok
17:39:39.0578 3396 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:39:39.0640 3396 Pcmcia - ok
17:39:39.0703 3396 PCToolsSSDMonitorSvc (c98cd9ee0012df72206bd519db9780d4) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:39:39.0718 3396 PCToolsSSDMonitorSvc - ok
17:39:39.0718 3396 PDCOMP - ok
17:39:39.0718 3396 PDFRAME - ok
17:39:39.0734 3396 PDRELI - ok
17:39:39.0734 3396 PDRFRAME - ok
17:39:39.0734 3396 perc2 - ok
17:39:39.0734 3396 perc2hib - ok
17:39:39.0765 3396 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:39:39.0781 3396 PlugPlay - ok
17:39:39.0781 3396 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:39:39.0843 3396 PolicyAgent - ok
17:39:39.0843 3396 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:39:39.0921 3396 PptpMiniport - ok
17:39:39.0921 3396 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:39:39.0984 3396 ProtectedStorage - ok
17:39:40.0000 3396 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:39:40.0062 3396 PSched - ok
17:39:40.0062 3396 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:39:40.0140 3396 Ptilink - ok
17:39:40.0140 3396 ql1080 - ok
17:39:40.0140 3396 Ql10wnt - ok
17:39:40.0140 3396 ql12160 - ok
17:39:40.0140 3396 ql1240 - ok
17:39:40.0140 3396 ql1280 - ok
17:39:40.0156 3396 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:39:40.0234 3396 RasAcd - ok
17:39:40.0250 3396 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:39:40.0312 3396 RasAuto - ok
17:39:40.0312 3396 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:39:40.0390 3396 Rasl2tp - ok
17:39:40.0406 3396 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:39:40.0500 3396 RasMan - ok
17:39:40.0500 3396 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:39:40.0562 3396 RasPppoe - ok
17:39:40.0578 3396 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:39:40.0640 3396 Raspti - ok
17:39:40.0656 3396 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:39:40.0734 3396 Rdbss - ok
17:39:40.0734 3396 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:39:40.0796 3396 RDPCDD - ok
17:39:40.0828 3396 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:39:40.0906 3396 rdpdr - ok
17:39:40.0937 3396 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
17:39:40.0953 3396 RDPWD - ok
17:39:40.0968 3396 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:39:41.0046 3396 RDSessMgr - ok
17:39:41.0062 3396 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:39:41.0140 3396 redbook - ok
17:39:41.0156 3396 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:39:41.0218 3396 RemoteAccess - ok
17:39:41.0250 3396 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:39:41.0312 3396 RemoteRegistry - ok
17:39:41.0328 3396 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:39:41.0406 3396 RpcLocator - ok
17:39:41.0421 3396 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
17:39:41.0437 3396 RpcSs - ok
17:39:41.0453 3396 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:39:41.0515 3396 RSVP - ok
17:39:41.0531 3396 RTLE8023xp (185641ad7e80bfce0aa545d3ec79d557) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:39:41.0546 3396 RTLE8023xp - ok
17:39:41.0562 3396 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:39:41.0625 3396 SamSs - ok
17:39:41.0640 3396 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:39:41.0718 3396 SCardSvr - ok
17:39:41.0734 3396 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:39:41.0812 3396 Schedule - ok
17:39:41.0812 3396 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:39:41.0843 3396 Secdrv - ok
17:39:41.0843 3396 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:39:41.0921 3396 seclogon - ok
17:39:41.0921 3396 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:39:42.0000 3396 SENS - ok
17:39:42.0000 3396 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:39:42.0062 3396 serenum - ok
17:39:42.0078 3396 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:39:42.0140 3396 Serial - ok
17:39:42.0171 3396 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:39:42.0234 3396 Sfloppy - ok
17:39:42.0265 3396 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:39:42.0343 3396 SharedAccess - ok
17:39:42.0359 3396 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:39:42.0375 3396 ShellHWDetection - ok
17:39:42.0375 3396 Simbad - ok
17:39:42.0375 3396 Sparrow - ok
17:39:42.0375 3396 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:39:42.0453 3396 splitter - ok
17:39:42.0468 3396 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:39:42.0484 3396 Spooler - ok
17:39:42.0578 3396 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:39:42.0578 3396 SQLBrowser - ok
17:39:42.0609 3396 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:39:42.0609 3396 SQLWriter - ok
17:39:42.0640 3396 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:39:42.0687 3396 sr - ok
17:39:42.0687 3396 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:39:42.0718 3396 srservice - ok
17:39:42.0750 3396 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:39:42.0781 3396 Srv - ok
17:39:42.0781 3396 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:39:42.0828 3396 SSDPSRV - ok
17:39:42.0843 3396 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
17:39:42.0921 3396 StillCam - ok
17:39:42.0937 3396 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:39:43.0015 3396 stisvc - ok
17:39:43.0046 3396 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:39:43.0125 3396 swenum - ok
17:39:43.0125 3396 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:39:43.0203 3396 swmidi - ok
17:39:43.0203 3396 SwPrv - ok
17:39:43.0203 3396 symc810 - ok
17:39:43.0218 3396 symc8xx - ok
17:39:43.0218 3396 sym_hi - ok
17:39:43.0218 3396 sym_u3 - ok
17:39:43.0218 3396 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:39:43.0296 3396 sysaudio - ok
17:39:43.0312 3396 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:39:43.0375 3396 SysmonLog - ok
17:39:43.0406 3396 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:39:43.0468 3396 TapiSrv - ok
17:39:43.0515 3396 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:39:43.0515 3396 Tcpip - ok
17:39:43.0546 3396 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:39:43.0625 3396 TDPIPE - ok
17:39:43.0640 3396 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:39:43.0718 3396 TDTCP - ok
17:39:43.0734 3396 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:39:43.0796 3396 TermDD - ok
17:39:43.0828 3396 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:39:43.0906 3396 TermService - ok
17:39:43.0921 3396 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:39:43.0937 3396 Themes - ok
17:39:43.0953 3396 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
17:39:43.0984 3396 TlntSvr - ok
17:39:44.0000 3396 TosIde - ok
17:39:44.0015 3396 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:39:44.0093 3396 TrkWks - ok
17:39:44.0109 3396 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:39:44.0203 3396 Udfs - ok
17:39:44.0203 3396 ultra - ok
17:39:44.0234 3396 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:39:44.0312 3396 Update - ok
17:39:44.0343 3396 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:39:44.0375 3396 upnphost - ok
17:39:44.0390 3396 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:39:44.0468 3396 UPS - ok
17:39:44.0468 3396 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:39:44.0546 3396 usbccgp - ok
17:39:44.0562 3396 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:39:44.0625 3396 usbehci - ok
17:39:44.0625 3396 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:39:44.0703 3396 usbhub - ok
17:39:44.0734 3396 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:39:44.0796 3396 USBSTOR - ok
17:39:44.0812 3396 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:39:44.0875 3396 usbuhci - ok
17:39:44.0906 3396 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:39:44.0984 3396 VgaSave - ok
17:39:44.0984 3396 ViaIde - ok
17:39:45.0000 3396 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:39:45.0062 3396 VolSnap - ok
17:39:45.0109 3396 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:39:45.0156 3396 VSS - ok
17:39:45.0187 3396 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:39:45.0250 3396 W32Time - ok
17:39:45.0265 3396 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:39:45.0328 3396 Wanarp - ok
17:39:45.0375 3396 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:39:45.0390 3396 Wdf01000 - ok
17:39:45.0390 3396 WDICA - ok
17:39:45.0421 3396 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:39:45.0500 3396 wdmaud - ok
17:39:45.0515 3396 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:39:45.0593 3396 WebClient - ok
17:39:45.0656 3396 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:39:45.0734 3396 winmgmt - ok
17:39:45.0750 3396 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\winusb.sys
17:39:45.0765 3396 WinUSB - ok
17:39:45.0921 3396 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:39:45.0968 3396 wlidsvc - ok
17:39:46.0031 3396 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
17:39:46.0109 3396 WmdmPmSN - ok
17:39:46.0156 3396 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:39:46.0187 3396 Wmi - ok
17:39:46.0234 3396 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:39:46.0312 3396 WmiApSrv - ok
17:39:46.0328 3396 WmUsbIce (a654186474c38764ba82e5b47976193f) C:\WINDOWS\system32\Drivers\WmUsbIce.sys
17:39:46.0328 3396 WmUsbIce ( UnsignedFile.Multi.Generic ) - warning
17:39:46.0328 3396 WmUsbIce - detected UnsignedFile.Multi.Generic (1)
17:39:46.0343 3396 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:39:46.0421 3396 WS2IFSL - ok
17:39:46.0437 3396 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
17:39:46.0515 3396 wscsvc - ok
17:39:46.0531 3396 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:39:46.0609 3396 wuauserv - ok
17:39:46.0625 3396 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:39:46.0718 3396 WZCSVC - ok
17:39:46.0750 3396 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:39:46.0812 3396 xmlprov - ok
17:39:46.0828 3396 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:39:47.0203 3396 \Device\Harddisk0\DR0 - ok
17:39:47.0203 3396 Boot (0x1200) (ff7914e8cc132e0d992fcd15312d7f66) \Device\Harddisk0\DR0\Partition0
17:39:47.0203 3396 \Device\Harddisk0\DR0\Partition0 - ok
17:39:47.0218 3396 Boot (0x1200) (e200ec1dc2803bc4494a845f6e6bb182) \Device\Harddisk0\DR0\Partition1
17:39:47.0218 3396 \Device\Harddisk0\DR0\Partition1 - ok
17:39:47.0218 3396 ============================================================
17:39:47.0218 3396 Scan finished
17:39:47.0218 3396 ============================================================
17:39:47.0218 3584 Detected object count: 2
17:39:47.0218 3584 Actual detected object count: 2
17:40:55.0187 3584 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:55.0187 3584 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:55.0187 3584 WmUsbIce ( UnsignedFile.Multi.Generic ) - skipped by user
17:40:55.0187 3584 WmUsbIce ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:40:58.0250 2072 Deinitialize success
OTL 2 logs
Extras.txt
OTL Extras logfile created on: 8/13/2012 5:48:19 PM - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 81.20% Memory free
5.09 Gb Paging File | 4.56 Gb Available in Paging File | 89.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195.31 Gb Total Space | 165.24 Gb Free Space | 84.60% Space Free | Partition Type: NTFS
Drive D: | 400.86 Gb Total Space | 400.78 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
Computer Name: MANISHA | User Name: Manisha_ibkr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\ImageJ\jre\bin\javaw.exe" = C:\Program Files\ImageJ\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator -- (Hewlett-Packard Co.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E15D21-B68B-D7C4-574B-636E2D1ECEBE}" = Catalyst Control Center HydraVision Full
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05EC21B8-4593-3037-A781-A6B5AFFCB19D}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}" = Visual C++ 2008 x64 Runtime - (v9.0.30729)
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01" = Visual C++ 2008 x64 Runtime - v9.0.30729.01
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1170F665-2359-E439-5BC5-932B87423EF1}" = ccc-utility
"{13D324E9-9DB1-478D-944C-28BBE1BB80DC}" = HP Officejet Pro 8500 A910 Help
"{22E23C71-C27A-3F30-8849-BB6129E50679}" = Visual C++ 2008 IA64 Runtime - (v9.0.30729)
"{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01" = Visual C++ 2008 IA64 Runtime - v9.0.30729.01
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39D74E81-5DED-C7EE-8807-91A8800212FA}" = ccc-core-preinstall
"{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)
"{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}.vc_x86runtime_30729_6161" = Visual C++ 2008 x86 Runtime - v9.0.30729.6161
"{41C01225-45FD-7BCE-1EDA-F7E50945ADD7}" = Catalyst Control Center Core Implementation
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5E8E1294-7951-6DA9-10F1-C877871346F3}" = Skins
"{64c5b887-b5ee-42b8-8596-78905a6b5f1f}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148" = Visual C++ 2008 x86 Runtime - v9.0.30729.4148
"{826F3B4F-C597-AF1D-4CB1-2F441BE8E2BF}" = ccc-core-static
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{869D453C-53E8-4DE0-92EA-F574A22E82AE}" = HP Officejet Pro 8500 A910 Basic Device Software
"{87B20692-9E9D-FAE0-76C7-E75E3CC7B0D1}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-00B4-0409-0000-0000000FF1CE}_Office14.PRJPROR_{18A0C151-8F8A-4B68-A960-60C464B94329}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B268E9A1-04A9-40D0-9866-846BE2B74BA7}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.02
"{B32E7732-B2FB-3FD0-81AC-6025B1104C66}" = Microsoft Device Emulator version 3.0 - ENU
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C29769BE-BEDF-DC9E-67A9-5E7AEFF039CF}" = CCC Help English
"{C740289B-FC90-D938-8317-1FFEBF7C04DB}" = Catalyst Control Center Graphics Previews Common
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Tools
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{E3624DFE-B0AB-410A-9BDC-5D1681E5E388}" = HP Officejet Pro 8500 A910 Product Improvement Study
"{E3C79593-DC72-4B99-A627-F40826F000B6}" = IBScanUltimateSDK
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F30A8BF7-288C-57C0-357E-6D67BB694682}" = Catalyst Control Center Graphics Full New
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F54543CF-EC73-D847-1780-84A6420EA229}" = Catalyst Control Center Graphics Light
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Shortcuts
"1DE53D4BF1BBEB711DE2B1DC550DA4C5436EF788" = Windows Driver Package - Integrated Biometrics LLC (NA2USB) Biometric (06/03/2009 2.0.2.00)
"63EE9E433F535724C200FCA239B6A78A732E2483" = Windows Driver Package - Integrated Biometrics LLC (WinUSB) Biometric (11/30/2011 1.0.0.01)
"ABC Amber PDF Converter" = ABC Amber PDF Converter
"ABC Amber Text Converter" = ABC Amber Text Converter
"AhnLab Online Security" = AhnLab Online Security
"All ATI Software" = ATI - Software Uninstall Utility
"ALZip_is1" = ALZip
"ATI Display Driver" = ATI Display Driver
"CMake 2.8.9" = CMake 2.8, a cross-platform, open-source build system
"DAEMON Tools Pro" = DAEMON Tools Pro
"HTML Help Workshop" = HTML Help Workshop
"ie8" = Windows Internet Explorer 8
"ImageJ_is1" = ImageJ 1.44p
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PDF2CHM 2012_is1" = PDF2CHM 2012
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualDSP_{56BBC5BD-684A-4B70-8B78-BF6A1F9A66AD}" = VisualDSP++ 5.0 Update 10 (C:\Program Files\Analog Devices\VisualDSP 5.0)
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"winusb0200" = Microsoft WinUsb 2.0
"XecureCK" = ClientKeeper KeyPro with E2E for 32bit
"XecureWeb Control" = XecureWeb Control
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 3/9/2020 2:37:10 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:10 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:10 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:10 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:11 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:11 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:11 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:11 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 3/9/2020 2:37:11 AM | Computer Name = MANISHA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 8/13/2012 4:15:49 AM | Computer Name = MANISHA | Source = Microsoft Security Client | ID = 5000
Description =
[ System Events ]
Error - 6/13/2012 12:34:26 AM | Computer Name = MANISHA | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.150 for the Network Card with network
address 001FD0A11314 has been denied by the DHCP server 192.168.123.254 (The DHCP
Server sent a DHCPNACK message).
< End of report >
OTL.txt
OTL logfile created on: 8/13/2012 5:48:19 PM - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 81.20% Memory free
5.09 Gb Paging File | 4.56 Gb Available in Paging File | 89.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195.31 Gb Total Space | 165.24 Gb Free Space | 84.60% Space Free | Partition Type: NTFS
Drive D: | 400.86 Gb Total Space | 400.78 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
Computer Name: MANISHA | User Name: Manisha_ibkr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/08/13 17:42:09 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Manisha_ibkr\Desktop\aswMBR.exe
PRC - [2012/08/13 13:43:24 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Manisha_ibkr\My Documents\Downloads\OTL.exe
PRC - [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/04/26 21:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2011/06/18 02:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011/01/28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2008/04/14 21:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ========== MOD - [2012/08/07 15:43:40 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/07 15:43:37 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012/08/07 15:42:09 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012/08/07 15:42:08 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012/08/07 15:42:07 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2012/06/15 03:09:23 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/15 03:05:50 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/15 03:05:41 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/15 03:04:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/05/12 03:09:08 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/12 03:08:41 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/12 03:06:56 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/12 03:05:41 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/12 03:05:24 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/05/07 13:42:49 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3223.36990__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2012/05/07 13:42:49 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3223.36982__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2012/05/07 13:42:49 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3223.36981__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2012/05/07 13:42:49 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3223.36987__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2012/05/07 13:42:49 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3223.36982__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2012/05/07 13:42:48 | 001,691,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3223.36856__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:48 | 000,278,528 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3223.36839__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:48 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3223.36858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3223.36852__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3223.36846__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:47 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3223.36925__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:47 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3223.36961__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3223.36942__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:47 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3223.36962__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:47 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3223.36857__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:47 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3223.36936__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:47 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3223.36846__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:47 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3223.36912__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:47 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3223.36895__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:47 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3223.36856__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:46 | 000,356,352 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3223.36919__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:46 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3223.36919__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:46 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3223.36918__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:45 | 000,671,744 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3223.36980__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:44 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3223.36979__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:43 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3223.36930__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012/05/07 13:42:42 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3223.36897__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:42 | 000,720,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3223.36848__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:42 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3223.36859__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:42 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3223.36858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:42 | 000,122,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3223.36909__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:42 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3223.36896__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3223.36862__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3223.36908__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:41 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3223.36937__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:41 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3223.36891__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:41 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3223.36910__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:40 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3223.36913__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:40 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3223.36896__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012/05/07 13:42:40 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3223.36895__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3223.36896__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012/05/07 13:42:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012/05/07 13:42:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3184.27491__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012/05/07 13:42:40 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3184.27506__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012/05/07 13:42:40 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012/05/07 13:42:40 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3184.27509__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012/05/07 13:42:40 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012/05/07 13:42:39 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012/05/07 13:42:38 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3184.27483__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012/05/07 13:42:38 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3184.27484__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012/05/07 13:42:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3184.27511__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012/05/07 13:42:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3184.27510__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012/05/07 13:42:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3184.27511__90ba9c70f846762e\DEM.OS.dll
MOD - [2012/05/07 13:42:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012/05/07 13:42:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3184.27485__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012/05/07 13:42:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012/05/07 13:42:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3184.27567__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012/05/07 13:42:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2012/05/07 13:42:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3184.27503__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012/05/07 13:42:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3184.27499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012/05/07 13:42:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3184.27492__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012/05/07 13:42:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3184.27512__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012/05/07 13:42:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012/05/07 13:42:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3184.27498__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012/05/07 13:42:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3184.27515__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012/05/07 13:42:36 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3184.27501__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012/05/07 13:42:36 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012/05/07 13:42:36 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3184.27528__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012/05/07 13:42:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3184.27516__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2012/05/07 13:42:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012/05/07 13:42:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3184.27534__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2012/05/07 13:42:35 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3184.27517__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3184.27509__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3184.27516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3184.27519__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012/05/07 13:42:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3184.27514__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012/05/07 13:42:33 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012/05/07 13:42:33 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3184.27510__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012/05/07 13:42:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3184.27508__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012/05/07 13:42:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012/05/07 13:42:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012/05/07 13:42:32 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3223.36983__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012/05/07 13:42:31 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3223.36973__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012/05/07 13:42:31 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3223.36836__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012/05/07 13:42:30 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3223.36953__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012/05/07 13:42:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012/05/07 13:42:30 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012/05/07 13:42:30 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012/05/07 13:42:29 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3223.36951__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012/05/07 13:42:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3184.27493__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012/05/07 13:42:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3184.27510__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012/05/07 13:42:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012/05/07 13:42:28 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012/05/07 13:42:25 | 000,536,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3223.36947__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012/05/07 13:42:25 | 000,397,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3223.36851__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012/05/07 13:42:25 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3223.36838__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012/05/07 13:42:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3184.27505__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012/05/07 13:42:24 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3223.36837__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012/05/07 13:42:23 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012/05/07 13:42:21 | 001,077,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3223.36843__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012/05/07 13:42:18 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3184.27496__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012/05/07 13:42:17 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3184.27521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012/05/07 13:42:16 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3223.36837__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012/05/07 13:42:16 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012/05/07 13:42:16 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3223.36953__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012/05/07 13:42:15 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3223.36835__90ba9c70f846762e\APM.Server.dll
MOD - [2012/05/07 13:42:15 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3223.36836__90ba9c70f846762e\AEM.Server.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2008/10/30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
========== Win32 Services (SafeList) ========== SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/18 02:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/01/28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2008/07/29 13:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\MANISH~1\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\MANISH~1\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/06/29 15:56:07 | 000,126,048 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\kcrtx86.sys -- (kcrtx86)
DRV - [2012/05/30 17:59:52 | 000,019,496 | R--- | M] (Soft Security Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\JRSUKD25.SYS -- (JRSUKD25)
DRV - [2012/05/07 09:48:06 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012/05/02 20:18:04 | 000,014,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012/04/13 10:05:20 | 000,062,216 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2012/04/13 10:05:06 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2011/11/29 22:12:38 | 000,022,128 | ---- | M] (Integrated Biometrics LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UsbFpDrv.sys -- (NA2USB)
DRV - [2011/08/17 23:23:14 | 000,016,896 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmUsbIce.sys -- (WmUsbIce)
DRV - [2011/05/27 01:23:00 | 000,096,200 | ---- | M] (AhnLab, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmonTDNt.sys -- (AMonTDnt)
DRV - [2010/06/28 16:54:00 | 000,121,536 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mfipsent.sys -- (MfIPSEnt)
DRV - [2010/06/28 16:54:00 | 000,101,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mffwent.sys -- (MfFWEnt)
DRV - [2009/07/21 10:13:00 | 000,019,616 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CdmDrvNt.sys -- (CdmDrvNt)
DRV - [2009/07/13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/10/29 12:10:58 | 003,341,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/10/02 19:01:46 | 004,878,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/09/25 21:51:42 | 000,115,328 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...Box&Form=IE8SRCIE - HKCU\..\SearchScopes\{750E287F-D083-4D3F-AACC-1DF37DF188F8}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npKeyPro: C:\WINDOWS\system32\npKeyPro.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins: C:\Program Files\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll (SoftForum)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins_file: C:\Program Files\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ========== CHR - homepage:
http://www.google.com/CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://www.google.com/CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/08/13 17:28:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38}
https://ck.softforum...Pro3026_32k.cab (XecureCKKB Class)
O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404}
https://ubi.wooriban.../xw_install.cab (XecureWeb 4.0 Client Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.126.63.1 168.126.63.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2147C126-EA1E-484B-9D18-D332BEDCB799}: DhcpNameServer = 168.126.63.1 168.126.63.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/05/02 20:01:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2020/03/09 15:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Analog Devices
[2020/03/09 15:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2012/08/13 17:41:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Manisha_ibkr\Desktop\aswMBR.exe
[2012/08/13 17:35:36 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Manisha_ibkr\Desktop\tdsskiller.exe
[2012/08/13 17:31:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/08/13 17:22:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/08/13 17:21:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/08/13 17:21:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/08/13 17:21:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/08/13 17:21:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/08/13 17:21:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/13 17:21:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Manisha_ibkr\My Documents\My Videos
[2012/08/13 17:21:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Manisha_ibkr\Start Menu\Programs\Administrative Tools
[2012/08/13 17:21:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/08/13 17:18:02 | 004,729,547 | R--- | C] (Swearware) -- C:\Documents and Settings\Manisha_ibkr\Desktop\ComboFix.exe
[2012/08/13 17:03:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/13 15:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manisha_ibkr\Start Menu\Programs\HTML Help Workshop
[2012/08/13 15:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\ABC Amber PDF Converter
[2012/08/13 15:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manisha_ibkr\Start Menu\Programs\ProcessText Group
[2012/08/13 15:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\ABC Amber Text Converter
[2012/08/13 14:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\CMake 2.8
[2012/08/13 14:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manisha_ibkr\Application Data\DawningSoft
[2012/08/13 14:24:47 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Itcc.dll
[2012/08/13 14:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DawningSoft
[2012/08/13 14:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\DawningSoft
[2012/08/13 09:59:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/08/09 19:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Manisha_ibkr\Application Data\Registry Mechanic
[2012/05/30 17:26:00 | 003,259,699 | ---- | C] (ESTsoft Corp. ) -- C:\Program Files\ALZip_eng_632.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/08/13 17:47:14 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\MBR.dat
[2012/08/13 17:42:09 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Manisha_ibkr\Desktop\aswMBR.exe
[2012/08/13 17:37:50 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/08/13 17:37:46 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/08/13 17:36:17 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Manisha_ibkr\Desktop\tdsskiller.exe
[2012/08/13 17:32:17 | 000,482,734 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/13 17:32:17 | 000,086,438 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/13 17:28:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/08/13 17:28:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/13 17:27:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/13 17:27:43 | 000,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012/08/13 17:22:51 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/08/13 17:18:19 | 004,729,547 | R--- | M] (Swearware) -- C:\Documents and Settings\Manisha_ibkr\Desktop\ComboFix.exe
[2012/08/13 15:36:59 | 000,004,540 | ---- | M] () -- C:\WINDOWS\flash.fpr
[2012/08/13 15:20:06 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\ABC Amber PDF Converter.lnk
[2012/08/13 15:19:21 | 001,855,131 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\abcpdf.zip
[2012/08/13 15:15:40 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\ABC Amber Text Converter.lnk
[2012/08/13 15:15:00 | 001,784,264 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\abctext.zip
[2012/08/13 14:24:47 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Application Data\Microsoft\Internet Explorer\Quick Launch\PDF2CHM 2012.lnk
[2012/08/13 14:24:47 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\PDF2CHM 2012.lnk
[2012/08/13 13:21:16 | 002,117,108 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\tdsskiller.zip
[2012/08/13 13:14:04 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_thinning.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_postprocessing.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_period.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_original.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_orientation.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_localnormalization.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_gabor.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_cuthistogram.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_binary.bmp
[2012/08/10 16:08:39 | 000,123,958 | ---- | M] () -- C:\1_background.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_thinning.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_postprocessing.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_period.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_original.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_orientation.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_localnormalization.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_gabor.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_cuthistogram.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_binary.bmp
[2012/08/10 16:08:13 | 000,123,958 | ---- | M] () -- C:\0_background.bmp
[2012/08/10 09:02:52 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\Google Chrome.lnk
[2012/08/10 09:02:52 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\Manisha_ibkr\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/07 12:14:05 | 000,101,376 | ---- | M] () -- C:\VignettingBuf.raw
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/08/13 17:47:14 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\MBR.dat
[2012/08/13 17:25:02 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/08/13 17:24:59 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/08/13 17:22:51 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/08/13 17:22:48 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/08/13 17:21:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/08/13 17:21:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/08/13 17:21:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/08/13 17:21:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/08/13 17:21:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/08/13 15:36:59 | 000,004,540 | ---- | C] () -- C:\WINDOWS\flash.fpr
[2012/08/13 15:20:06 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\ABC Amber PDF Converter.lnk
[2012/08/13 15:19:16 | 001,855,131 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\abcpdf.zip
[2012/08/13 15:15:40 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\ABC Amber Text Converter.lnk
[2012/08/13 15:14:54 | 001,784,264 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\abctext.zip
[2012/08/13 14:24:47 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Application Data\Microsoft\Internet Explorer\Quick Launch\PDF2CHM 2012.lnk
[2012/08/13 14:24:47 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\PDF2CHM 2012.lnk
[2012/08/13 13:20:59 | 002,117,108 | ---- | C] () -- C:\Documents and Settings\Manisha_ibkr\Desktop\tdsskiller.zip
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_thinning.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_postprocessing.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_period.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_original.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_orientation.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_localnormalization.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_gabor.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_cuthistogram.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_binary.bmp
[2012/08/10 15:10:03 | 000,123,958 | ---- | C] () -- C:\1_background.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_thinning.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_postprocessing.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_period.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_original.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_orientation.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_localnormalization.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_gabor.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_cuthistogram.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_binary.bmp
[2012/08/10 15:09:14 | 000,123,958 | ---- | C] () -- C:\0_background.bmp
[2012/06/04 16:23:00 | 003,071,288 | ---- | C] () -- C:\Program Files\TBN2xx Driver.zip
[2012/05/25 12:36:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\aosbackv.INI
[2012/05/25 12:36:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AosLogVw.INI
[2012/05/07 10:07:52 | 000,000,172 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/05/07 09:48:41 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2012/05/05 03:02:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/03 04:50:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/05/03 04:49:31 | 000,276,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/02 20:11:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/05/02 20:09:14 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/05/02 20:03:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/05/02 19:58:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/01/19 18:39:58 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2012/01/19 18:39:58 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012/01/19 18:39:58 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012/01/19 18:39:57 | 000,176,214 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/01/19 18:39:57 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2012/01/19 18:39:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
========== Custom Scans ========== ========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: WDC WD6400AAKS-00A7B0
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 195.00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 401.00GB
Starting Offset: 209711738880
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe > < %systemroot%\assembly\GAC_32\*.ini > < %systemroot%\assembly\GAC_64\*.ini > < %SYSTEMDRIVE%\*.exe > < %ALLUSERSPROFILE%\Application Data\*.exe > < %APPDATA%\*. >[2012/05/11 15:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\Adobe
[2012/05/25 12:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\AhnLab
[2012/05/07 13:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\ATI
[2012/05/30 18:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\ClientKeeper
[2012/05/07 09:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\DAEMON Tools Pro
[2012/08/13 14:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\DawningSoft
[2012/05/30 17:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\ESTsoft
[2012/05/22 09:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\HpUpdate
[2012/05/02 20:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\Identities
[2012/05/04 10:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\Macromedia
[2012/06/26 09:22:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\Microsoft
[2012/05/07 09:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\OpenCandy
[2012/08/09 19:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Manisha_ibkr\Application Data\Registry Mechanic
< MD5 for: ATAPI.SYS >[2008/04/14 21:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 21:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008/04/14 21:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CSRSS.EXE >[2008/04/14 21:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2008/04/14 21:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >[2008/04/14 21:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/14 21:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 21:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: MSWSOCK.DLL >[2008/06/21 01:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\erdnt\cache\mswsock.dll
[2008/06/21 01:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/21 01:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/14 21:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/21 02:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
< MD5 for: NWPROVAU.DLL >[2008/04/14 21:00:00 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2008/04/14 21:00:00 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\nwprovau.dll
< MD5 for: PNRPNSP.DLL >[2008/04/14 21:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2008/04/14 21:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\pnrpnsp.dll
< MD5 for: SERVICES.EXE >[2009/02/06 20:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 21:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/06 20:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\erdnt\cache\services.exe
[2009/02/06 20:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 20:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 21:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/14 21:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 21:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2008/04/14 21:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/14 21:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 21:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2008/04/14 21:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/14 21:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 21:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINRNR.DLL >[2008/04/14 21:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2008/04/14 21:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\winrnr.dll
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 20:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 20:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 20:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Manisha_ibkr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/08/07 15:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/05/11 20:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/05/11 20:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/05/11 20:38:19 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles >< End of report >
Thank you,
Manisha