Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer hangs and window pop-ups keep appearing


  • This topic is locked This topic is locked

#16
Lady_Rocker

Lady_Rocker

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 168 posts
18:58:38.0847 3856 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:58:39.0986 3856 ============================================================
18:58:39.0986 3856 Current date / time: 2013/05/14 18:58:39.0986
18:58:39.0986 3856 SystemInfo:
18:58:39.0986 3856
18:58:39.0986 3856 OS Version: 6.1.7601 ServicePack: 1.0
18:58:39.0986 3856 Product type: Workstation
18:58:39.0986 3856 ComputerName: NARCIS-HP
18:58:39.0986 3856 UserName: Narcis
18:58:39.0986 3856 Windows directory: C:\Windows
18:58:39.0986 3856 System windows directory: C:\Windows
18:58:39.0986 3856 Running under WOW64
18:58:39.0986 3856 Processor architecture: Intel x64
18:58:39.0986 3856 Number of processors: 2
18:58:39.0986 3856 Page size: 0x1000
18:58:39.0986 3856 Boot type: Normal boot
18:58:39.0986 3856 ============================================================
18:58:42.0591 3856 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:58:42.0591 3856 ============================================================
18:58:42.0591 3856 \Device\Harddisk0\DR0:
18:58:42.0591 3856 MBR partitions:
18:58:42.0591 3856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:58:42.0591 3856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38968000
18:58:42.0591 3856 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3899A800, BlocksNum 0x19EB000
18:58:42.0591 3856 ============================================================
18:58:42.0716 3856 C: <-> \Device\Harddisk0\DR0\Partition2
18:58:42.0794 3856 D: <-> \Device\Harddisk0\DR0\Partition3
18:58:42.0794 3856 ============================================================
18:58:42.0794 3856 Initialize success
18:58:42.0794 3856 ============================================================
19:01:53.0022 4936 ============================================================
19:01:53.0022 4936 Scan started
19:01:53.0022 4936 Mode: Manual; SigCheck; TDLFS;
19:01:53.0022 4936 ============================================================
19:01:59.0855 4936 ================ Scan system memory ========================
19:01:59.0855 4936 System memory - ok
19:01:59.0855 4936 ================ Scan services =============================
19:02:00.0697 4936 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:02:00.0884 4936 1394ohci - ok
19:02:00.0931 4936 39072231 - ok
19:02:01.0071 4936 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:02:01.0103 4936 ACPI - ok
19:02:01.0103 4936 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:02:01.0181 4936 AcpiPmi - ok
19:02:01.0212 4936 [ DE7E8D852A806BE6091983838BF9697F ] ACPIService C:\Windows\system32\DRIVERS\OSDACPI.SYS
19:02:01.0259 4936 ACPIService - ok
19:02:01.0477 4936 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
19:02:01.0508 4936 AdobeActiveFileMonitor6.0 - ok
19:02:01.0664 4936 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:02:01.0680 4936 AdobeARMservice - ok
19:02:01.0742 4936 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:02:01.0773 4936 adp94xx - ok
19:02:01.0836 4936 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:02:01.0867 4936 adpahci - ok
19:02:01.0883 4936 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:02:01.0898 4936 adpu320 - ok
19:02:01.0929 4936 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:02:02.0054 4936 AeLookupSvc - ok
19:02:02.0117 4936 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
19:02:02.0148 4936 AERTFilters - ok
19:02:02.0195 4936 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:02:02.0288 4936 AFD - ok
19:02:02.0335 4936 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:02:02.0351 4936 agp440 - ok
19:02:02.0663 4936 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
19:02:02.0663 4936 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
19:02:02.0663 4936 Akamai ( HiddenFile.Multi.Generic ) - warning
19:02:02.0663 4936 Akamai - detected HiddenFile.Multi.Generic (1)
19:02:02.0709 4936 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:02:02.0772 4936 ALG - ok
19:02:02.0787 4936 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:02:02.0803 4936 aliide - ok
19:02:02.0834 4936 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:02:02.0912 4936 AMD External Events Utility - ok
19:02:02.0943 4936 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:02:02.0975 4936 amdide - ok
19:02:02.0990 4936 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:02:03.0037 4936 AmdK8 - ok
19:02:03.0552 4936 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:02:03.0801 4936 amdkmdag - ok
19:02:03.0864 4936 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:02:03.0911 4936 amdkmdap - ok
19:02:03.0989 4936 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:02:04.0035 4936 AmdPPM - ok
19:02:04.0082 4936 [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:02:04.0113 4936 amdsata - ok
19:02:04.0160 4936 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:02:04.0176 4936 amdsbs - ok
19:02:04.0207 4936 [ 2946D695E158615BAAA16248E63C7ADB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:02:04.0223 4936 amdxata - ok
19:02:04.0285 4936 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:02:04.0472 4936 AppID - ok
19:02:04.0503 4936 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:02:04.0581 4936 AppIDSvc - ok
19:02:04.0628 4936 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:02:04.0737 4936 Appinfo - ok
19:02:04.0862 4936 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:02:04.0893 4936 Apple Mobile Device - ok
19:02:04.0909 4936 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:02:04.0925 4936 arc - ok
19:02:04.0940 4936 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:02:04.0956 4936 arcsas - ok
19:02:05.0159 4936 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:02:05.0190 4936 aspnet_state - ok
19:02:05.0221 4936 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:02:05.0283 4936 AsyncMac - ok
19:02:05.0330 4936 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:02:05.0346 4936 atapi - ok
19:02:05.0377 4936 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:02:05.0377 4936 AtiPcie - ok
19:02:05.0439 4936 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:02:05.0502 4936 AudioEndpointBuilder - ok
19:02:05.0517 4936 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:02:05.0564 4936 AudioSrv - ok
19:02:05.0611 4936 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:02:05.0705 4936 AxInstSV - ok
19:02:05.0767 4936 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:02:05.0829 4936 b06bdrv - ok
19:02:05.0876 4936 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:02:05.0939 4936 b57nd60a - ok
19:02:06.0001 4936 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:02:06.0095 4936 BDESVC - ok
19:02:06.0126 4936 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:02:06.0219 4936 Beep - ok
19:02:06.0360 4936 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:02:06.0422 4936 BFE - ok
19:02:06.0516 4936 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:02:06.0609 4936 BITS - ok
19:02:06.0703 4936 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:02:06.0719 4936 blbdrive - ok
19:02:06.0812 4936 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:02:06.0828 4936 Bonjour Service - ok
19:02:06.0859 4936 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:02:06.0890 4936 bowser - ok
19:02:06.0921 4936 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:02:06.0953 4936 BrFiltLo - ok
19:02:06.0968 4936 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:02:06.0984 4936 BrFiltUp - ok
19:02:07.0062 4936 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:02:07.0140 4936 Browser - ok
19:02:07.0187 4936 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:02:07.0358 4936 Brserid - ok
19:02:07.0389 4936 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:02:07.0421 4936 BrSerWdm - ok
19:02:07.0452 4936 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:02:07.0483 4936 BrUsbMdm - ok
19:02:07.0499 4936 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:02:07.0561 4936 BrUsbSer - ok
19:02:07.0592 4936 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:02:07.0655 4936 BTHMODEM - ok
19:02:07.0686 4936 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:02:07.0733 4936 bthserv - ok
19:02:07.0779 4936 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:02:07.0904 4936 cdfs - ok
19:02:07.0951 4936 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:02:07.0998 4936 cdrom - ok
19:02:08.0045 4936 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:02:08.0123 4936 CertPropSvc - ok
19:02:08.0185 4936 [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
19:02:08.0216 4936 CinemaNow Service - ok
19:02:08.0232 4936 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:02:08.0263 4936 circlass - ok
19:02:08.0279 4936 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:02:08.0294 4936 CLFS - ok
19:02:08.0481 4936 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:02:08.0528 4936 clr_optimization_v2.0.50727_32 - ok
19:02:08.0622 4936 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:02:08.0653 4936 clr_optimization_v2.0.50727_64 - ok
19:02:08.0747 4936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:02:08.0918 4936 clr_optimization_v4.0.30319_32 - ok
19:02:08.0934 4936 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:02:08.0949 4936 clr_optimization_v4.0.30319_64 - ok
19:02:08.0996 4936 [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
19:02:09.0012 4936 clwvd - ok
19:02:09.0043 4936 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:02:09.0090 4936 CmBatt - ok
19:02:09.0121 4936 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:02:09.0152 4936 cmdide - ok
19:02:09.0277 4936 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:02:09.0339 4936 CNG - ok
19:02:09.0355 4936 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:02:09.0386 4936 Compbatt - ok
19:02:09.0449 4936 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:02:09.0511 4936 CompositeBus - ok
19:02:09.0527 4936 COMSysApp - ok
19:02:09.0542 4936 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:02:09.0558 4936 crcdisk - ok
19:02:09.0651 4936 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:02:09.0792 4936 CryptSvc - ok
19:02:09.0948 4936 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:02:10.0041 4936 DcomLaunch - ok
19:02:10.0166 4936 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:02:10.0260 4936 defragsvc - ok
19:02:10.0307 4936 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:02:10.0385 4936 DfsC - ok
19:02:10.0416 4936 [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:02:10.0431 4936 dg_ssudbus - ok
19:02:10.0478 4936 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:02:10.0556 4936 Dhcp - ok
19:02:10.0587 4936 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:02:10.0697 4936 discache - ok
19:02:10.0728 4936 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:02:10.0743 4936 Disk - ok
19:02:10.0806 4936 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:02:10.0884 4936 Dnscache - ok
19:02:10.0946 4936 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:02:11.0024 4936 dot3svc - ok
19:02:11.0040 4936 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:02:11.0118 4936 DPS - ok
19:02:11.0149 4936 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:02:11.0180 4936 drmkaud - ok
19:02:11.0227 4936 [ B1A72A497951217AE862117E8304F4E8 ] DTSRVC C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
19:02:11.0258 4936 DTSRVC - ok
19:02:11.0274 4936 dump_wmimmc - ok
19:02:11.0414 4936 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:02:11.0461 4936 DXGKrnl - ok
19:02:11.0477 4936 EagleX64 - ok
19:02:11.0492 4936 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:02:11.0555 4936 EapHost - ok
19:02:11.0664 4936 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:02:11.0789 4936 ebdrv - ok
19:02:11.0820 4936 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:02:11.0867 4936 EFS - ok
19:02:11.0929 4936 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:02:12.0007 4936 ehRecvr - ok
19:02:12.0023 4936 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:02:12.0038 4936 ehSched - ok
19:02:12.0085 4936 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:02:12.0132 4936 elxstor - ok
19:02:12.0194 4936 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:02:12.0272 4936 ErrDev - ok
19:02:12.0350 4936 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:02:12.0428 4936 EventSystem - ok
19:02:12.0459 4936 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:02:12.0522 4936 exfat - ok
19:02:12.0584 4936 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:02:12.0709 4936 fastfat - ok
19:02:12.0725 4936 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:02:12.0803 4936 fdc - ok
19:02:12.0834 4936 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:02:12.0896 4936 fdPHost - ok
19:02:12.0912 4936 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:02:12.0974 4936 FDResPub - ok
19:02:12.0990 4936 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:02:13.0021 4936 FileInfo - ok
19:02:13.0037 4936 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:02:13.0099 4936 Filetrace - ok
19:02:13.0193 4936 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:02:13.0239 4936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:02:13.0239 4936 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:02:13.0255 4936 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:02:13.0271 4936 flpydisk - ok
19:02:13.0333 4936 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:02:13.0380 4936 FltMgr - ok
19:02:13.0442 4936 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:02:13.0505 4936 FontCache - ok
19:02:13.0567 4936 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:02:13.0583 4936 FontCache3.0.0.0 - ok
19:02:13.0614 4936 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:02:13.0629 4936 FsDepends - ok
19:02:13.0676 4936 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:02:13.0707 4936 Fs_Rec - ok
19:02:13.0754 4936 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:02:13.0801 4936 fvevol - ok
19:02:13.0848 4936 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:02:13.0879 4936 gagp30kx - ok
19:02:13.0941 4936 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:02:13.0957 4936 GamesAppService - ok
19:02:14.0004 4936 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:02:14.0019 4936 GEARAspiWDM - ok
19:02:14.0144 4936 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:02:14.0253 4936 gpsvc - ok
19:02:14.0441 4936 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:14.0441 4936 gupdate - ok
19:02:14.0519 4936 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:14.0534 4936 gupdatem - ok
19:02:14.0690 4936 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:02:14.0753 4936 gusvc - ok
19:02:14.0799 4936 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:02:14.0862 4936 hcw85cir - ok
19:02:14.0955 4936 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:02:15.0049 4936 HdAudAddService - ok
19:02:15.0080 4936 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:02:15.0127 4936 HDAudBus - ok
19:02:15.0143 4936 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:02:15.0158 4936 HidBatt - ok
19:02:15.0174 4936 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:02:15.0205 4936 HidBth - ok
19:02:15.0221 4936 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:02:15.0252 4936 HidIr - ok
19:02:15.0283 4936 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:02:15.0377 4936 hidserv - ok
19:02:15.0408 4936 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:02:15.0423 4936 HidUsb - ok
19:02:15.0455 4936 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:02:15.0517 4936 hkmsvc - ok
19:02:15.0626 4936 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:02:15.0704 4936 HomeGroupListener - ok
19:02:15.0751 4936 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:02:15.0798 4936 HomeGroupProvider - ok
19:02:15.0954 4936 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:02:15.0985 4936 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
19:02:15.0985 4936 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
19:02:16.0235 4936 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:02:16.0281 4936 hpqwmiex - ok
19:02:16.0344 4936 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:02:16.0391 4936 HpSAMD - ok
19:02:16.0453 4936 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:02:16.0531 4936 HTTP - ok
19:02:16.0562 4936 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:02:16.0578 4936 hwpolicy - ok
19:02:16.0718 4936 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:02:16.0749 4936 i8042prt - ok
19:02:16.0812 4936 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:02:16.0843 4936 iaStorV - ok
19:02:17.0015 4936 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:02:17.0061 4936 idsvc - ok
19:02:17.0093 4936 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:02:17.0108 4936 iirsp - ok
19:02:17.0124 4936 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:02:17.0202 4936 IKEEXT - ok
19:02:17.0280 4936 [ 1C11E5D258BC374E7FBD598D75E49B75 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:02:17.0358 4936 IntcAzAudAddService - ok
19:02:17.0405 4936 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:02:17.0451 4936 intelide - ok
19:02:17.0467 4936 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:02:17.0498 4936 intelppm - ok
19:02:17.0529 4936 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:02:17.0576 4936 IPBusEnum - ok
19:02:17.0623 4936 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:02:17.0732 4936 IpFilterDriver - ok
19:02:17.0763 4936 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:02:17.0810 4936 iphlpsvc - ok
19:02:17.0857 4936 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:02:17.0904 4936 IPMIDRV - ok
19:02:17.0935 4936 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:02:17.0997 4936 IPNAT - ok
19:02:18.0091 4936 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:02:18.0122 4936 iPod Service - ok
19:02:18.0153 4936 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:02:18.0169 4936 IRENUM - ok
19:02:18.0200 4936 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:02:18.0216 4936 isapnp - ok
19:02:18.0341 4936 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:02:18.0372 4936 iScsiPrt - ok
19:02:18.0403 4936 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
19:02:18.0419 4936 ivusb - ok
19:02:18.0450 4936 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:02:18.0465 4936 kbdclass - ok
19:02:18.0497 4936 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:02:18.0559 4936 kbdhid - ok
19:02:18.0590 4936 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:02:18.0606 4936 KeyIso - ok
19:02:18.0668 4936 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:02:18.0699 4936 KSecDD - ok
19:02:18.0715 4936 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:02:18.0731 4936 KSecPkg - ok
19:02:18.0731 4936 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:02:18.0793 4936 ksthunk - ok
19:02:18.0902 4936 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:02:18.0980 4936 KtmRm - ok
19:02:19.0027 4936 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:02:19.0136 4936 LanmanServer - ok
19:02:19.0167 4936 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:02:19.0230 4936 LanmanWorkstation - ok
19:02:19.0401 4936 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:02:19.0448 4936 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:02:19.0448 4936 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:02:19.0479 4936 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:02:19.0557 4936 lltdio - ok
19:02:19.0620 4936 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:02:19.0698 4936 lltdsvc - ok
19:02:19.0713 4936 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:02:19.0823 4936 lmhosts - ok
19:02:19.0854 4936 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:02:19.0869 4936 LSI_FC - ok
19:02:19.0869 4936 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:02:19.0901 4936 LSI_SAS - ok
19:02:19.0901 4936 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:02:19.0916 4936 LSI_SAS2 - ok
19:02:20.0010 4936 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:02:20.0041 4936 LSI_SCSI - ok
19:02:20.0057 4936 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:02:20.0119 4936 luafv - ok
19:02:20.0135 4936 lxcz_device - ok
19:02:20.0166 4936 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:02:20.0181 4936 MBAMProtector - ok
19:02:20.0322 4936 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:02:20.0353 4936 MBAMScheduler - ok
19:02:20.0384 4936 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:02:20.0415 4936 MBAMService - ok
19:02:20.0462 4936 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:02:20.0509 4936 Mcx2Svc - ok
19:02:20.0540 4936 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:02:20.0587 4936 megasas - ok
19:02:20.0618 4936 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:02:20.0634 4936 MegaSR - ok
19:02:20.0743 4936 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:02:20.0790 4936 Microsoft Office Groove Audit Service - ok
19:02:20.0821 4936 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:02:20.0868 4936 MMCSS - ok
19:02:20.0883 4936 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:02:20.0961 4936 Modem - ok
19:02:21.0039 4936 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:02:21.0086 4936 monitor - ok
19:02:21.0117 4936 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:02:21.0133 4936 mouclass - ok
19:02:21.0164 4936 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:02:21.0195 4936 mouhid - ok
19:02:21.0227 4936 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:02:21.0242 4936 mountmgr - ok
19:02:21.0258 4936 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:02:21.0289 4936 mpio - ok
19:02:21.0289 4936 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:02:21.0336 4936 mpsdrv - ok
19:02:21.0632 4936 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:02:21.0726 4936 MpsSvc - ok
19:02:21.0788 4936 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:02:21.0851 4936 MRxDAV - ok
19:02:21.0882 4936 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:02:21.0929 4936 mrxsmb - ok
19:02:21.0975 4936 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:02:22.0007 4936 mrxsmb10 - ok
19:02:22.0038 4936 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:02:22.0069 4936 mrxsmb20 - ok
19:02:22.0100 4936 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:02:22.0116 4936 msahci - ok
19:02:22.0194 4936 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:02:22.0209 4936 msdsm - ok
19:02:22.0225 4936 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:02:22.0272 4936 MSDTC - ok
19:02:22.0303 4936 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:02:22.0350 4936 Msfs - ok
19:02:22.0381 4936 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:02:22.0428 4936 mshidkmdf - ok
19:02:22.0459 4936 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:02:22.0490 4936 msisadrv - ok
19:02:22.0521 4936 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:02:22.0584 4936 MSiSCSI - ok
19:02:22.0584 4936 msiserver - ok
19:02:22.0677 4936 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:02:22.0740 4936 MSKSSRV - ok
19:02:22.0802 4936 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:02:22.0865 4936 MSPCLOCK - ok
19:02:22.0880 4936 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:02:22.0927 4936 MSPQM - ok
19:02:22.0974 4936 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:02:23.0021 4936 MsRPC - ok
19:02:23.0052 4936 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:02:23.0052 4936 mssmbios - ok
19:02:23.0067 4936 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:02:23.0130 4936 MSTEE - ok
19:02:23.0145 4936 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:02:23.0177 4936 MTConfig - ok
19:02:23.0192 4936 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:02:23.0208 4936 Mup - ok
19:02:23.0613 4936 [ C2B5B6D9AF274E85DE29D719CF5BC3D6 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
19:02:23.0629 4936 NanoServiceMain - ok
19:02:23.0785 4936 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:02:23.0863 4936 napagent - ok
19:02:23.0941 4936 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:02:24.0019 4936 NativeWifiP - ok
19:02:24.0081 4936 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:02:24.0113 4936 NDIS - ok
19:02:24.0128 4936 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:02:24.0175 4936 NdisCap - ok
19:02:24.0206 4936 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:02:24.0253 4936 NdisTapi - ok
19:02:24.0300 4936 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:02:24.0362 4936 Ndisuio - ok
19:02:24.0409 4936 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:02:24.0487 4936 NdisWan - ok
19:02:24.0518 4936 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:02:24.0612 4936 NDProxy - ok
19:02:24.0674 4936 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
19:02:24.0721 4936 Netaapl - ok
19:02:24.0768 4936 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:02:24.0846 4936 NetBIOS - ok
19:02:24.0877 4936 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:02:24.0939 4936 NetBT - ok
19:02:24.0955 4936 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:02:24.0971 4936 Netlogon - ok
19:02:25.0064 4936 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:02:25.0142 4936 Netman - ok
19:02:25.0236 4936 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:25.0283 4936 NetMsmqActivator - ok
19:02:25.0298 4936 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:25.0298 4936 NetPipeActivator - ok
19:02:25.0423 4936 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:02:25.0485 4936 netprofm - ok
19:02:25.0673 4936 [ 064AB63C9A588D2611306AE16D017E7E ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:02:25.0704 4936 netr28x - ok
19:02:25.0719 4936 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:25.0719 4936 NetTcpActivator - ok
19:02:25.0766 4936 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:25.0766 4936 NetTcpPortSharing - ok
19:02:25.0797 4936 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:02:25.0813 4936 nfrd960 - ok
19:02:25.0969 4936 [ 385A3F3346669DB51644CFF0EA40E345 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
19:02:25.0985 4936 NitroDriverReadSpool2 - ok
19:02:26.0016 4936 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:02:26.0063 4936 NlaSvc - ok
19:02:26.0593 4936 [ 139BF6BF53985DA698D57874E02C0E2E ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
19:02:26.0609 4936 nlsX86cc - ok
19:02:26.0671 4936 [ 87F8298487F4210D04A38C487C2F5359 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
19:02:26.0702 4936 NNSALPC - ok
19:02:26.0780 4936 [ 41FEE67AD7BE51EA9E5A0B4117D6B5D6 ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
19:02:26.0796 4936 NNSHTTP - ok
19:02:26.0827 4936 [ 7D4C70A6702177405E959CB4F4C25A29 ] NNSHTTPS C:\Windows\system32\DRIVERS\NNSHttps.sys
19:02:26.0843 4936 NNSHTTPS - ok
19:02:26.0858 4936 [ 3F70928E3768A90BF9EB045B187D63E9 ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
19:02:26.0858 4936 NNSIDS - ok
19:02:26.0889 4936 [ 0DCF0AF0ABBF324928B6DC7B022155D6 ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
19:02:26.0905 4936 NNSNAHSL - ok
19:02:26.0936 4936 [ CAD7013B6F412410FC24F05EE407DDD1 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
19:02:26.0952 4936 NNSPICC - ok
19:02:26.0967 4936 [ F4F6ED88A6B6B35B190379E0E2DAB20A ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
19:02:26.0983 4936 NNSPIHSW - ok
19:02:27.0014 4936 [ C6FDEFB1782D45F0DB61E3B452A0F44F ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
19:02:27.0061 4936 NNSPOP3 - ok
19:02:27.0108 4936 [ BC0528473288AA09038885B246635F6C ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
19:02:27.0123 4936 NNSPROT - ok
19:02:27.0139 4936 [ 19B03363DB7DB49303DD4030C89A443C ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
19:02:27.0155 4936 NNSPRV - ok
19:02:27.0170 4936 [ CE3492308030C9636463043DBAF7363B ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
19:02:27.0186 4936 NNSSMTP - ok
19:02:27.0217 4936 [ 7FC75CA8BE069260BD58DD4347B93814 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
19:02:27.0233 4936 NNSSTRM - ok
19:02:27.0264 4936 [ 16C98D2003BA60713C97D764C8ED4BE0 ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
19:02:27.0279 4936 NNSTLSC - ok
19:02:27.0311 4936 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:02:27.0373 4936 Npfs - ok
19:02:27.0435 4936 npggsvc - ok
19:02:27.0435 4936 NPPTNT2 - ok
19:02:27.0482 4936 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:02:27.0545 4936 nsi - ok
19:02:27.0560 4936 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:02:27.0623 4936 nsiproxy - ok
19:02:27.0747 4936 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:02:27.0794 4936 Ntfs - ok
19:02:27.0888 4936 [ A23E6B28095F026C0B2BDC2650459423 ] NTI BackupNowEZSvr C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
19:02:27.0935 4936 NTI BackupNowEZSvr - ok
19:02:27.0966 4936 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
19:02:28.0028 4936 NTIDrvr - ok
19:02:28.0044 4936 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:02:28.0106 4936 Null - ok
19:02:28.0137 4936 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:02:28.0153 4936 nvraid - ok
19:02:28.0169 4936 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:02:28.0200 4936 nvstor - ok
19:02:28.0231 4936 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:02:28.0247 4936 nv_agp - ok
19:02:28.0465 4936 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:02:28.0512 4936 odserv - ok
19:02:28.0559 4936 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:02:28.0574 4936 ohci1394 - ok
19:02:28.0668 4936 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:02:28.0699 4936 ose - ok
19:02:28.0855 4936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:02:28.0964 4936 p2pimsvc - ok
19:02:28.0980 4936 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:02:29.0011 4936 p2psvc - ok
19:02:29.0058 4936 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:02:29.0089 4936 Parport - ok
19:02:29.0120 4936 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:02:29.0136 4936 partmgr - ok
19:02:29.0151 4936 pavboot - ok
19:02:29.0167 4936 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:02:29.0198 4936 PcaSvc - ok
19:02:29.0292 4936 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:02:29.0339 4936 pci - ok
19:02:29.0370 4936 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:02:29.0385 4936 pciide - ok
19:02:29.0401 4936 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:02:29.0432 4936 pcmcia - ok
19:02:29.0432 4936 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:02:29.0448 4936 pcw - ok
19:02:29.0526 4936 [ 0A098DF98EC8FACAA30BD7DB4C7AEA06 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
19:02:29.0573 4936 PdiService - ok
19:02:29.0604 4936 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:02:29.0666 4936 PEAUTH - ok
19:02:29.0713 4936 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:02:29.0775 4936 PerfHost - ok
19:02:30.0072 4936 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:02:30.0165 4936 pla - ok
19:02:30.0259 4936 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:02:30.0337 4936 PlugPlay - ok
19:02:30.0353 4936 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:02:30.0384 4936 PNRPAutoReg - ok
19:02:30.0415 4936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:02:30.0431 4936 PNRPsvc - ok
19:02:30.0477 4936 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:02:30.0555 4936 PolicyAgent - ok
19:02:30.0587 4936 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:02:30.0649 4936 Power - ok
19:02:30.0711 4936 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:02:30.0774 4936 PptpMiniport - ok
19:02:30.0805 4936 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:02:30.0852 4936 Processor - ok
19:02:30.0899 4936 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:02:31.0008 4936 ProfSvc - ok
19:02:31.0023 4936 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:02:31.0039 4936 ProtectedStorage - ok
19:02:31.0070 4936 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:02:31.0117 4936 Psched - ok
19:02:31.0195 4936 [ 061E8188D41E24E094F941199E725531 ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
19:02:31.0226 4936 PSINAflt - ok
19:02:31.0257 4936 [ 98A6F5515BB8E84BF3D8097D71358FAF ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
19:02:31.0273 4936 PSINFile - ok
19:02:31.0289 4936 [ 836EEBF961B44FF5A394A6D118B606BA ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
19:02:31.0320 4936 PSINKNC - ok
19:02:31.0320 4936 [ 5DD7B2CC193DB76E8F913866AA75A74B ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
19:02:31.0335 4936 PSINProc - ok
19:02:31.0367 4936 [ 6324C85D8CAB05333DCDF3DA09BE7724 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
19:02:31.0382 4936 PSINProt - ok
19:02:31.0445 4936 [ B3D55D17538F0FE4373206E82600D612 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
19:02:31.0460 4936 PSKMAD - ok
19:02:31.0601 4936 [ 650F1D071C4420FD2B8FA465027510A8 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
19:02:31.0616 4936 PSUAService - ok
19:02:31.0679 4936 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:02:31.0710 4936 PxHlpa64 - ok
19:02:31.0897 4936 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:02:31.0959 4936 ql2300 - ok
19:02:31.0975 4936 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:02:32.0006 4936 ql40xx - ok
19:02:32.0022 4936 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:02:32.0053 4936 QWAVE - ok
19:02:32.0069 4936 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:02:32.0100 4936 QWAVEdrv - ok
19:02:32.0131 4936 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:02:32.0193 4936 RasAcd - ok
19:02:32.0240 4936 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:02:32.0271 4936 RasAgileVpn - ok
19:02:32.0318 4936 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:02:32.0396 4936 RasAuto - ok
19:02:32.0427 4936 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:02:32.0474 4936 Rasl2tp - ok
19:02:32.0537 4936 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:02:32.0583 4936 RasMan - ok
19:02:32.0599 4936 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:02:32.0661 4936 RasPppoe - ok
19:02:32.0693 4936 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:02:32.0771 4936 RasSstp - ok
19:02:32.0864 4936 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:02:32.0942 4936 rdbss - ok
19:02:32.0958 4936 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:02:32.0989 4936 rdpbus - ok
19:02:32.0989 4936 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:02:33.0036 4936 RDPCDD - ok
19:02:33.0083 4936 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:02:33.0129 4936 RDPENCDD - ok
19:02:33.0161 4936 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:02:33.0207 4936 RDPREFMP - ok
19:02:33.0254 4936 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:02:33.0285 4936 RDPWD - ok
19:02:33.0301 4936 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:02:33.0317 4936 rdyboost - ok
19:02:33.0473 4936 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
19:02:33.0551 4936 RealNetworks Downloader Resolver Service - ok
19:02:33.0597 4936 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:02:33.0660 4936 RemoteAccess - ok
19:02:33.0785 4936 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:02:33.0863 4936 RemoteRegistry - ok
19:02:33.0909 4936 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:02:33.0956 4936 RimUsb - ok
19:02:33.0987 4936 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:02:34.0034 4936 RpcEptMapper - ok
19:02:34.0128 4936 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:02:34.0175 4936 RpcLocator - ok
19:02:34.0331 4936 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:02:34.0377 4936 RpcSs - ok
19:02:34.0424 4936 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:02:34.0471 4936 rspndr - ok
19:02:34.0502 4936 [ BA3E57C89E6F63808D3F2B11E1A2AD3C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:02:34.0518 4936 RTL8167 - ok
19:02:34.0533 4936 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:02:34.0549 4936 SamSs - ok
19:02:34.0611 4936 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:02:34.0643 4936 sbp2port - ok
19:02:34.0861 4936 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:02:34.0908 4936 SBSDWSCService - ok
19:02:35.0017 4936 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:02:35.0079 4936 SCardSvr - ok
19:02:35.0126 4936 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:02:35.0189 4936 scfilter - ok
19:02:35.0360 4936 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:02:35.0438 4936 Schedule - ok
19:02:35.0469 4936 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:02:35.0516 4936 SCPolicySvc - ok
19:02:35.0625 4936 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:02:35.0703 4936 SDRSVC - ok
19:02:35.0735 4936 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:02:35.0797 4936 secdrv - ok
19:02:35.0844 4936 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:02:35.0937 4936 seclogon - ok
19:02:35.0969 4936 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:02:36.0031 4936 SENS - ok
19:02:36.0062 4936 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:02:36.0093 4936 SensrSvc - ok
19:02:36.0109 4936 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:02:36.0140 4936 Serenum - ok
19:02:36.0156 4936 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:02:36.0171 4936 Serial - ok
19:02:36.0218 4936 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:02:36.0265 4936 sermouse - ok
19:02:36.0312 4936 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:02:36.0374 4936 SessionEnv - ok
19:02:36.0437 4936 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:02:36.0499 4936 sffdisk - ok
19:02:36.0515 4936 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:02:36.0577 4936 sffp_mmc - ok
19:02:36.0639 4936 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:02:36.0671 4936 sffp_sd - ok
19:02:36.0702 4936 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:02:36.0717 4936 sfloppy - ok
19:02:36.0780 4936 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:02:36.0873 4936 SharedAccess - ok
19:02:36.0967 4936 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:02:37.0107 4936 ShellHWDetection - ok
19:02:37.0154 4936 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:02:37.0185 4936 SiSRaid2 - ok
19:02:37.0248 4936 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:02:37.0310 4936 SiSRaid4 - ok
19:02:37.0404 4936 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:02:37.0435 4936 SkypeUpdate - ok
19:02:37.0466 4936 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:02:37.0544 4936 Smb - ok
19:02:37.0575 4936 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:02:37.0700 4936 SNMPTRAP - ok
19:02:37.0716 4936 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:02:37.0747 4936 spldr - ok
19:02:37.0809 4936 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:02:37.0872 4936 Spooler - ok
19:02:37.0981 4936 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:02:38.0106 4936 sppsvc - ok
19:02:38.0121 4936 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:02:38.0184 4936 sppuinotify - ok
19:02:38.0324 4936 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:02:38.0402 4936 srv - ok
19:02:38.0480 4936 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:02:38.0527 4936 srv2 - ok
19:02:38.0558 4936 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:02:38.0589 4936 srvnet - ok
19:02:38.0652 4936 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:02:38.0745 4936 SSDPSRV - ok
19:02:38.0761 4936 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:02:38.0823 4936 SstpSvc - ok
19:02:38.0870 4936 [ B4C983DA20E2970E21893BF0E4EE2AD8 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:02:38.0886 4936 ssudmdm - ok
19:02:38.0917 4936 Steam Client Service - ok
19:02:38.0964 4936 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:02:38.0979 4936 stexstor - ok
19:02:39.0073 4936 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:02:39.0120 4936 stisvc - ok
19:02:39.0151 4936 [ 63B2818651F111B08288B8AB7D2DEBF6 ] StMp3Recx64 C:\Windows\system32\Drivers\StMp3Recx64.sys
19:02:39.0182 4936 StMp3Recx64 - ok
19:02:39.0213 4936 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:02:39.0245 4936 swenum - ok
19:02:39.0260 4936 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:02:39.0338 4936 swprv - ok
19:02:39.0619 4936 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:02:39.0697 4936 SysMain - ok
19:02:39.0728 4936 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:02:39.0759 4936 TabletInputService - ok
19:02:39.0869 4936 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:02:39.0962 4936 TapiSrv - ok
19:02:39.0993 4936 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:02:40.0040 4936 TBS - ok
19:02:40.0321 4936 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:02:40.0383 4936 Tcpip - ok
19:02:40.0415 4936 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:02:40.0477 4936 TCPIP6 - ok
19:02:40.0524 4936 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:02:40.0571 4936 tcpipreg - ok
19:02:40.0680 4936 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:02:40.0742 4936 TDPIPE - ok
19:02:40.0789 4936 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:02:40.0820 4936 TDTCP - ok
19:02:40.0867 4936 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:02:40.0929 4936 tdx - ok
19:02:40.0976 4936 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:02:40.0992 4936 TermDD - ok
19:02:41.0085 4936 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:02:41.0148 4936 TermService - ok
19:02:41.0179 4936 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:02:41.0241 4936 Themes - ok
19:02:41.0273 4936 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:02:41.0319 4936 THREADORDER - ok
19:02:41.0366 4936 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:02:41.0429 4936 TrkWks - ok
19:02:41.0491 4936 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:02:41.0600 4936 TrustedInstaller - ok
19:02:41.0647 4936 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:02:41.0725 4936 tssecsrv - ok
19:02:41.0741 4936 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:02:41.0772 4936 TsUsbFlt - ok
19:02:41.0787 4936 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:02:41.0834 4936 tunnel - ok
19:02:41.0865 4936 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:02:41.0897 4936 uagp35 - ok
19:02:41.0928 4936 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
19:02:41.0959 4936 UBHelper - ok
19:02:42.0006 4936 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:02:42.0084 4936 udfs - ok
19:02:42.0115 4936 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:02:42.0162 4936 UI0Detect - ok
19:02:42.0177 4936 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:02:42.0193 4936 uliagpkx - ok
19:02:42.0224 4936 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:02:42.0271 4936 umbus - ok
19:02:42.0287 4936 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:02:42.0365 4936 UmPass - ok
19:02:42.0396 4936 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:02:42.0443 4936 upnphost - ok
19:02:42.0489 4936 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:02:42.0536 4936 USBAAPL64 - ok
19:02:42.0567 4936 usbbus - ok
19:02:42.0614 4936 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:02:42.0677 4936 usbccgp - ok
19:02:42.0692 4936 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:02:42.0708 4936 usbcir - ok
19:02:42.0723 4936 UsbDiag - ok
19:02:42.0755 4936 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:02:42.0786 4936 usbehci - ok
19:02:42.0801 4936 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:02:42.0817 4936 usbfilter - ok
19:02:42.0942 4936 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:02:42.0973 4936 usbhub - ok
19:02:42.0989 4936 USBModem - ok
19:02:43.0004 4936 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:02:43.0020 4936 usbohci - ok
19:02:43.0051 4936 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:02:43.0082 4936 usbprint - ok
19:02:43.0113 4936 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:02:43.0129 4936 usbscan - ok
19:02:43.0160 4936 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:02:43.0238 4936 USBSTOR - ok
19:02:43.0254 4936 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:02:43.0285 4936 usbuhci - ok
19:02:43.0347 4936 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:02:43.0410 4936 usbvideo - ok
19:02:43.0425 4936 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:02:43.0488 4936 UxSms - ok
19:02:43.0503 4936 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:02:43.0519 4936 VaultSvc - ok
19:02:43.0550 4936 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:02:43.0566 4936 vdrvroot - ok
19:02:43.0613 4936 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:02:43.0706 4936 vds - ok
19:02:43.0722 4936 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:02:43.0737 4936 vga - ok
19:02:43.0753 4936 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:02:43.0815 4936 VgaSave - ok
19:02:43.0862 4936 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:02:43.0893 4936 vhdmp - ok
19:02:43.0925 4936 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:02:43.0940 4936 viaide - ok
19:02:43.0956 4936 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:02:43.0971 4936 volmgr - ok
19:02:44.0018 4936 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:02:44.0034 4936 volmgrx - ok
19:02:44.0049 4936 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:02:44.0065 4936 volsnap - ok
19:02:44.0112 4936 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:02:44.0127 4936 vsmraid - ok
19:02:44.0237 4936 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:02:44.0315 4936 VSS - ok
19:02:44.0330 4936 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:02:44.0361 4936 vwifibus - ok
19:02:44.0393 4936 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:02:44.0424 4936 vwififlt - ok
19:02:44.0455 4936 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:02:44.0471 4936 vwifimp - ok
19:02:44.0642 4936 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:02:44.0705 4936 W32Time - ok
19:02:44.0736 4936 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:02:44.0798 4936 WacomPen - ok
19:02:44.0829 4936 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:02:44.0892 4936 WANARP - ok
19:02:44.0892 4936 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:02:44.0939 4936 Wanarpv6 - ok
19:02:45.0001 4936 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:02:45.0048 4936 WatAdminSvc - ok
19:02:45.0297 4936 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:02:45.0375 4936 wbengine - ok
19:02:45.0407 4936 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:02:45.0438 4936 WbioSrvc - ok
19:02:45.0547 4936 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:02:45.0609 4936 wcncsvc - ok
19:02:45.0625 4936 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:02:45.0719 4936 WcsPlugInService - ok
19:02:45.0750 4936 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:02:45.0781 4936 Wd - ok
19:02:45.0921 4936 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:02:45.0984 4936 Wdf01000 - ok
19:02:45.0984 4936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:02:46.0093 4936 WdiServiceHost - ok
19:02:46.0093 4936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:02:46.0109 4936 WdiSystemHost - ok
19:02:46.0140 4936 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:02:46.0187 4936 WebClient - ok
19:02:46.0202 4936 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:02:46.0265 4936 Wecsvc - ok
19:02:46.0311 4936 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:02:46.0358 4936 wercplsupport - ok
19:02:46.0389 4936 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:02:46.0436 4936 WerSvc - ok
19:02:46.0452 4936 WerSvc32 - ok
19:02:46.0467 4936 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:02:46.0499 4936 WfpLwf - ok
19:02:46.0514 4936 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:02:46.0530 4936 WIMMount - ok
19:02:46.0545 4936 WinDefend - ok
19:02:46.0561 4936 WinHttpAutoProxySvc - ok
19:02:46.0608 4936 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:02:46.0655 4936 Winmgmt - ok
19:02:46.0967 4936 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:02:47.0060 4936 WinRM - ok
19:02:47.0107 4936 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:02:47.0185 4936 WinUsb - ok
19:02:47.0357 4936 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:02:47.0419 4936 Wlansvc - ok
19:02:47.0637 4936 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:02:47.0731 4936 wlidsvc - ok
19:02:47.0793 4936 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:02:47.0840 4936 WmiAcpi - ok
19:02:47.0918 4936 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:02:47.0965 4936 wmiApSrv - ok
19:02:47.0996 4936 WMPNetworkSvc - ok
19:02:48.0027 4936 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:02:48.0090 4936 WPCSvc - ok
19:02:48.0121 4936 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:02:48.0152 4936 WPDBusEnum - ok
19:02:48.0168 4936 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:02:48.0246 4936 ws2ifsl - ok
19:02:48.0277 4936 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:02:48.0355 4936 wscsvc - ok
19:02:48.0355 4936 WSearch - ok
19:02:48.0651 4936 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:02:48.0729 4936 wuauserv - ok
19:02:48.0776 4936 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:02:48.0870 4936 WudfPf - ok
19:02:48.0885 4936 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:02:48.0917 4936 WUDFRd - ok
19:02:48.0948 4936 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:02:48.0979 4936 wudfsvc - ok
19:02:49.0010 4936 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:02:49.0041 4936 WwanSvc - ok
19:02:49.0291 4936 X6va005 - ok
19:02:49.0338 4936 ================ Scan global ===============================
19:02:49.0353 4936 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:02:49.0385 4936 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:02:49.0416 4936 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:02:49.0431 4936 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:02:49.0463 4936 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:02:49.0478 4936 [Global] - ok
19:02:49.0478 4936 ================ Scan MBR ==================================
19:02:49.0509 4936 [ 62D495ED67B264F5410E0DCB25B02ADF ] \Device\Harddisk0\DR0
19:02:49.0853 4936 \Device\Harddisk0\DR0 - ok
19:02:49.0853 4936 ================ Scan VBR ==================================
19:02:49.0853 4936 [ 0EB463D6FBF370166E8962291C5C915D ] \Device\Harddisk0\DR0\Partition1
19:02:49.0868 4936 \Device\Harddisk0\DR0\Partition1 - ok
19:02:49.0884 4936 [ 30862C04F9035EC9474489EDDD9980FB ] \Device\Harddisk0\DR0\Partition2
19:02:49.0915 4936 \Device\Harddisk0\DR0\Partition2 - ok
19:02:49.0946 4936 [ 710949B8894E600B17850773A600548D ] \Device\Harddisk0\DR0\Partition3
19:02:49.0946 4936 \Device\Harddisk0\DR0\Partition3 - ok
19:02:49.0946 4936 ================ Scan active images ========================
19:02:49.0946 4936 ============================================================
19:02:49.0946 4936 Scan finished
19:02:49.0946 4936 ============================================================
19:02:49.0962 4752 Detected object count: 4
19:02:49.0962 4752 Actual detected object count: 4
19:02:56.0297 4752 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:02:56.0297 4752 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:02:56.0312 4752 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:56.0312 4752 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:56.0312 4752 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:56.0312 4752 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:56.0312 4752 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:56.0312 4752 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:03:12.0645 3612 Deinitialize success
  • 0

Advertisements


#17
Lady_Rocker

Lady_Rocker

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 168 posts
ComboFix 13-05-13.01 - Narcis 05/14/2013 19:16:15.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1593 [GMT 10:00]
Running from: c:\users\Narcis\Downloads\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Enabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\TotalRecipeSearch_14
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14auxstb.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14datact.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14dlghk.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14dyn.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14feedmg.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14highin.exe
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14hkstub.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14htmlmu.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14httpct.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14idle.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14ieovr.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14impipe.exe
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14medint.exe
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14mlbtn.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14msg.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14Plugin.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14radio.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14regfft.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14reghk.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14regiet.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14script.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14skin.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14sknlcr.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14skplay.exe
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14tpinst.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\14uabtn.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\BOOTSTRAP.JS
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\CHROME.MANIFEST
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\chrome\14ffxtbr.jar
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\CREXT.DLL
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\CrExtP14.exe
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\INSTALL.RDF
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\installKeys.js
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\LOGO.BMP
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\T8EXTEX.DLL
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\T8EXTPEX.DLL
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\T8HTML.DLL
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\T8RES.DLL
c:\program files (x86)\TotalRecipeSearch_14\bar\1.bin\T8TICKER.DLL
c:\program files (x86)\TotalRecipeSearch_14\bar\gen1\COMMON.T8S
c:\program files (x86)\TotalRecipeSearch_14\bar\IE9Mesg\COMMON.T8S
c:\program files (x86)\TotalRecipeSearch_14\bar\Message\COMMON.T8S
c:\program files (x86)\TotalRecipeSearch_14\bar\Settings\s_pid.dat
c:\programdata\unrar.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ACPIService
.
.
((((((((((((((((((((((((( Files Created from 2013-04-14 to 2013-05-14 )))))))))))))))))))))))))))))))
.
.
2013-05-14 08:55 . 2012-11-06 23:00 58360 -c--a-w- c:\windows\system32\drivers\PSKMAD.sys
2013-05-10 08:32 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D13D4559-E171-4F2F-BBE6-1601C62B79D9}\mpengine.dll
2013-04-27 04:49 . 2013-04-27 04:49 -------- dc----w- c:\program files\WinRAR
2013-04-24 07:56 . 2013-04-24 17:02 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-20 10:16 . 2013-04-21 11:24 -------- dc----w- c:\users\Narcis\AppData\Roaming\FamilyTreeMaker
2013-04-20 09:41 . 2013-04-20 09:41 -------- dc----w- c:\users\Narcis\AppData\Local\Ancestry.com
2013-04-20 08:59 . 2013-04-20 22:55 -------- dc----w- c:\program files (x86)\Family Tree Maker 2012
2013-04-20 08:59 . 2013-04-20 08:59 -------- dc----w- c:\program files (x86)\BCL Technologies
2013-04-20 08:57 . 2013-04-20 08:57 -------- dc----w- c:\program files (x86)\Windows Media Components
2013-04-20 08:54 . 2013-04-20 09:01 -------- d--h--w- c:\programdata\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
2013-04-20 04:22 . 2013-04-20 04:22 -------- dc----w- c:\users\Narcis\AppData\Local\panda4_0dn
2013-04-20 04:08 . 2013-04-21 08:28 -------- dc----w- c:\program files (x86)\pandasecuritytb
2013-04-18 09:18 . 2013-04-18 09:18 -------- dc----w- c:\program files (x86)\Common Files\Java
2013-04-18 09:17 . 2013-04-03 19:35 95648 -c--a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-12 05:21 . 2010-06-24 01:33 22240 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 16:06 . 2010-12-05 09:27 278800 -c----w- c:\windows\system32\MpSigStub.exe
2013-04-10 21:22 . 2013-04-10 19:11 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 21:22 . 2013-04-10 19:11 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 21:22 . 2013-04-10 19:11 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 21:22 . 2013-04-10 19:11 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 21:22 . 2013-04-10 19:11 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 21:22 . 2013-04-10 19:11 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 21:06 . 2010-12-03 06:03 72702784 -c--a-w- c:\windows\system32\MRT.exe
2013-04-10 21:06 . 2013-04-10 19:11 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 21:04 . 2013-04-10 21:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-04-10 21:04 . 2013-04-10 21:03 248320 ----a-w- c:\windows\system32\ieui.dll
2013-04-10 21:04 . 2013-04-10 21:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-10 21:04 . 2013-04-10 21:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-04-10 21:04 . 2013-04-10 21:03 2312704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-10 21:04 . 2013-04-10 21:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-10 21:04 . 2013-04-10 21:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-04-10 21:04 . 2013-04-10 21:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2013-04-10 21:04 . 2013-04-10 21:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-04-10 21:04 . 2013-04-10 21:03 816640 ----a-w- c:\windows\system32\jscript.dll
2013-04-10 21:04 . 2013-04-10 21:03 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-04-10 21:04 . 2013-04-10 21:03 17817088 ----a-w- c:\windows\system32\mshtml.dll
2013-04-10 21:04 . 2013-04-10 21:03 10925568 ----a-w- c:\windows\system32\ieframe.dll
2013-04-10 21:04 . 2013-04-10 21:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-04-10 21:04 . 2013-04-10 21:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-04-10 21:04 . 2013-04-10 21:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-04-10 21:04 . 2013-04-10 21:03 237056 ----a-w- c:\windows\system32\url.dll
2013-04-10 21:04 . 2013-04-10 21:03 1346560 ----a-w- c:\windows\system32\urlmon.dll
2013-04-10 21:04 . 2013-04-10 21:03 729088 ----a-w- c:\windows\system32\msfeeds.dll
2013-04-10 21:04 . 2013-04-10 21:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2013-04-10 21:04 . 2013-04-10 21:03 599040 ----a-w- c:\windows\system32\vbscript.dll
2013-04-10 21:04 . 2013-04-10 21:03 2147840 ----a-w- c:\windows\system32\iertutil.dll
2013-04-10 21:03 . 2013-04-10 19:07 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 21:02 . 2013-04-10 19:07 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 21:02 . 2013-04-10 19:07 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 21:02 . 2013-04-10 19:07 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 21:02 . 2013-04-10 19:07 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 21:02 . 2013-04-10 19:07 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 21:02 . 2013-04-10 19:07 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-04 04:50 . 2010-12-10 21:00 25928 -c--a-w- c:\windows\system32\drivers\mbam.sys
2013-04-02 14:09 . 2013-04-02 14:09 4550656 -c--a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-26 17:04 . 2013-03-26 08:18 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-15 21:20 . 2008-01-20 11:51 273408 -c--a-w- c:\windows\system32\wmpband.dll
2013-03-14 17:08 . 2013-03-13 22:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-14 17:08 . 2013-03-13 22:48 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-03-14 17:08 . 2013-03-13 22:48 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-03-14 17:08 . 2013-03-13 22:48 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-03-14 17:08 . 2013-03-13 22:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-03-14 17:08 . 2013-03-13 22:48 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-03-06 12:52 . 2012-07-01 06:52 861088 -c--a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-06 12:52 . 2010-12-03 05:57 782240 -c--a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-27 09:39 . 2013-02-27 09:37 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-02-27 09:39 . 2013-02-27 09:37 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-02-27 09:39 . 2013-02-27 09:37 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-27 09:39 . 2013-02-27 09:37 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-02-27 09:39 . 2013-02-27 09:37 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-27 09:39 . 2013-02-27 09:37 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-02-27 09:39 . 2013-02-27 09:37 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-27 09:39 . 2013-02-27 09:37 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-02-27 09:39 . 2013-02-27 09:37 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-27 09:39 . 2013-02-27 09:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-27 09:39 . 2013-02-27 09:37 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-02-27 09:39 . 2013-02-27 09:37 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-27 09:39 . 2013-02-27 09:37 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-02-27 09:39 . 2013-02-27 09:37 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-27 09:39 . 2013-02-27 09:37 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-02-27 09:39 . 2013-02-27 09:37 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-02-27 09:39 . 2013-02-27 09:37 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-02-27 09:39 . 2013-02-27 09:37 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-02-27 09:39 . 2013-02-27 09:37 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-02-27 09:39 . 2013-02-27 09:37 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-02-27 09:39 . 2013-02-27 09:37 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-02-27 09:39 . 2013-02-27 09:37 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-02-27 09:39 . 2013-02-27 09:37 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-02-27 09:39 . 2013-02-27 09:37 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-02-27 09:39 . 2013-02-27 09:37 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-02-27 09:39 . 2013-02-27 09:37 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-02-27 09:39 . 2013-02-27 09:37 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-02-27 09:39 . 2013-02-27 09:37 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-02-27 09:39 . 2013-02-27 09:37 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2013-01-08 15:56 87768 -c--a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-09-28 1715768]
"GGWallpaper"="c:\program files (x86)\LivingEarthDesktop\Living-Earth-Desktop.exe" [2011-12-12 923136]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-04-11 235072]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"BackupNowEZtray"="c:\program files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe" [2010-09-17 577792]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn" [X]
"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn" [X]
"panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn" [X]
"panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R0 39072231;39072231;c:\windows\system32\drivers\59292768.sys [x]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 WerSvc32;Windows Error Reporting Service ;c:\windows\system32\mswdat1032.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-05 102936]
R3 dump_wmimmc;dump_wmimmc;c:\aeriagames\MetalAssault\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 29720]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-09 22528]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-05 203544]
R3 StMp3Recx64;Player Recovery Device Control Driver;c:\windows\system32\Drivers\StMp3Recx64.sys [2007-01-11 26112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-03-10 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-03 1255736]
R3 X6va005;X6va005;c:\users\Narcis\AppData\Local\Temp\005729C.tmp [x]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-17 98208]
R4 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-11-26 89640]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-11-26 114728]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2013-01-09 95712]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-11-26 114216]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-10-22 33320]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-11-26 94248]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-11-28 69160]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-11-26 118312]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-11-26 306216]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-11-26 116776]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-11-26 114216]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-11-28 232488]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-11-26 105000]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-11-09 204328]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-12 203264]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-01-27 140512]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-09-05 216072]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-09-05 69640]
S2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe [2010-09-17 45312]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-11-09 167976]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-11-09 119848]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-11-09 123944]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-11-09 133160]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-01-27 37088]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-06-25 32880]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2012-11-06 58360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-03 331880]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-09 19:18 1642448 -c--a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-02 05:47]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-02 05:47]
.
2013-05-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1492978049-1898015326-2695977172-1001Core.job
- c:\users\Narcis\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-11 05:04]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1492978049-1898015326-2695977172-1001UA.job
- c:\users\Narcis\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-11 05:04]
.
2013-04-29 c:\windows\Tasks\HPCeeScheduleForNarcis.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 12:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.allgameshome.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;?r?r?r?r?r?r?r?r?r?r?r?r???;??;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Narcis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 202.151.64.110 202.151.64.130
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-39072231.sys
ShellIconOverlayIdentifiers-{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} - c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL
ShellIconOverlayIdentifiers-{9AE343CB-BA45-4618-AF6A-0230EE6FC793} - c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL
AddRemove-Adobe Photoshop_is1 - c:\program files (x86)\Adobe Photoshop Setup\unins000.exe
AddRemove-Batch DOCX to DOC Converter - c:\users\Narcis\AppData\Local\Batchwork\Doc-2-Doc\uninstall.exe
AddRemove-Batch PPTX to PPT Converter - c:\users\Narcis\AppData\Local\Batchwork\Ppt-2-Ppt\uninstall.exe
AddRemove-Batch XLSX to XLS Converter - c:\users\Narcis\AppData\Local\Batchwork\Xls-2-Xls\uninstall.exe
AddRemove-BFG-Wedding Dash - Ready, Aim, Love - c:\program files (x86)\Wedding Dash - Ready
AddRemove-Imikimi Plugin - c:\program files (x86)\Imikimi\uninstall.exe
AddRemove-{03A15A67-4372-4AE8-A803-0B50D8427891} - c:\progra~3\INSTAL~1\{03A15~1\Setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Narcis\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Narcis\AppData\Local\Temp\005729C.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{71576546-354D-41C9-AAE8-31F2EC22BF0D}"=hex:51,66,7a,6c,4c,1d,38,12,28,66,44,
75,7f,7b,a7,04,d5,fe,72,b2,e9,7c,fb,19
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"=hex:51,66,7a,6c,4c,1d,38,12,0e,bc,32,
bc,1f,12,85,04,ed,ca,7d,0c,c8,64,66,f0
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}"=hex:51,66,7a,6c,4c,1d,38,12,24,e7,33,
cd,4a,31,0a,0b,c2,c1,e6,30,23,b9,ba,a3
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0e,01,9d,fa,35,0a,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,0e,1e,e6,e7,1e,ad,4f,9b,26,14,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,0e,1e,e6,e7,1e,ad,4f,9b,26,14,\
.
[HKEY_USERS\S-1-5-21-1492978049-1898015326-2695977172-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1492978049-1898015326-2695977172-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1492978049-1898015326-2695977172-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2013-05-14 19:48:45 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-14 09:48
.
Pre-Run: 195,457,396,736 bytes free
Post-Run: 194,547,896,320 bytes free
.
- - End Of File - - E53CF51FB6BB78E3125B0374A511D085
  • 0

#18
Lady_Rocker

Lady_Rocker

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 168 posts
FYI, that annoying pop-up still continues (note the time compared to the reports)
I followed your instructions

Attached Thumbnails

  • GeeksToGo - annoying pop-up 05-14-13.png

  • 0

#19
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts
Download the enclosed file. Attached File  CFScript.txt   319bytes   44 downloads

Save it next to Combofix.

Posted Image

Once saved, referring to the picture above, drag CFScript.txt into ComboFix.exe, and post back the resulting report.
  • 0

#20
Lady_Rocker

Lady_Rocker

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 168 posts
ComboFix 13-05-16.01 - Narcis 05/16/2013 19:21:46.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1455 [GMT 10:00]
Running from: c:\users\Narcis\Downloads\ComboFix.exe
Command switches used :: c:\users\Narcis\Downloads\CFScript.txt
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Enabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
Overlay aborted ... Please run ComboFix once more
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Narcis\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Narcis\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAGLEX64
-------\Legacy_X6VA005
-------\Service_dump_wmimmc
-------\Service_EagleX64
-------\Service_npggsvc
-------\Service_WerSvc32
-------\Service_X6va005
.
.
((((((((((((((((((((((((( Files Created from 2013-04-16 to 2013-05-16 )))))))))))))))))))))))))))))))
.
.
2013-05-16 09:38 . 2013-05-16 09:53 -------- dc----w- c:\users\Narcis\AppData\Local\temp
2013-05-16 09:38 . 2013-05-16 09:38 -------- dc----w- c:\users\Default\AppData\Local\temp
2013-05-16 08:01 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6EA0BE7D-ECCC-4403-B4D7-D593EA7AF1EB}\mpengine.dll
2013-05-15 17:06 . 2013-05-15 17:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 17:06 . 2013-05-15 17:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 17:06 . 2013-05-15 17:06 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 12:55 . 2013-05-15 17:32 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 12:55 . 2013-05-15 17:32 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 12:55 . 2013-05-15 17:32 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 12:55 . 2013-05-15 17:30 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 12:54 . 2013-05-15 17:30 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 12:54 . 2013-05-15 17:30 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 12:54 . 2013-05-15 17:30 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 12:54 . 2013-05-15 17:30 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 12:54 . 2013-05-15 17:30 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 12:54 . 2013-05-15 17:30 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 12:54 . 2013-05-15 17:30 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 12:54 . 2013-05-15 17:29 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-14 09:52 . 2012-11-06 23:00 58360 -c--a-w- c:\windows\system32\drivers\PSKMAD.sys
2013-04-27 04:49 . 2013-04-27 04:49 -------- dc----w- c:\program files\WinRAR
2013-04-24 07:56 . 2013-04-24 17:02 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-20 10:16 . 2013-04-21 11:24 -------- dc----w- c:\users\Narcis\AppData\Roaming\FamilyTreeMaker
2013-04-20 09:41 . 2013-04-20 09:41 -------- dc----w- c:\users\Narcis\AppData\Local\Ancestry.com
2013-04-20 08:59 . 2013-04-20 22:55 -------- dc----w- c:\program files (x86)\Family Tree Maker 2012
2013-04-20 08:59 . 2013-04-20 08:59 -------- dc----w- c:\program files (x86)\BCL Technologies
2013-04-20 08:57 . 2013-04-20 08:57 -------- dc----w- c:\program files (x86)\Windows Media Components
2013-04-20 08:54 . 2013-04-20 09:01 -------- d--h--w- c:\programdata\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
2013-04-20 04:22 . 2013-04-20 04:22 -------- dc----w- c:\users\Narcis\AppData\Local\panda4_0dn
2013-04-20 04:08 . 2013-04-21 08:28 -------- dc----w- c:\program files (x86)\pandasecuritytb
2013-04-18 09:18 . 2013-04-18 09:18 -------- dc----w- c:\program files (x86)\Common Files\Java
2013-04-18 09:17 . 2013-04-03 19:35 95648 -c--a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 17:32 . 2013-05-15 12:55 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-05-15 17:32 . 2013-05-15 12:55 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-05-15 17:32 . 2013-05-15 12:55 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-05-15 17:32 . 2013-05-15 12:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-05-15 17:32 . 2013-05-15 12:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-05-15 17:32 . 2013-05-15 12:55 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-05-15 17:12 . 2010-12-03 06:03 75016696 -c--a-w- c:\windows\system32\MRT.exe
2013-05-12 05:21 . 2010-06-24 01:33 22240 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 16:06 . 2010-12-05 09:27 278800 -c----w- c:\windows\system32\MpSigStub.exe
2013-04-10 21:22 . 2013-04-10 19:11 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 21:22 . 2013-04-10 19:11 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 21:22 . 2013-04-10 19:11 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 21:22 . 2013-04-10 19:11 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 21:22 . 2013-04-10 19:11 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 21:22 . 2013-04-10 19:11 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 21:03 . 2013-04-10 19:07 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 21:02 . 2013-04-10 19:07 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 21:02 . 2013-04-10 19:07 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 21:02 . 2013-04-10 19:07 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 21:02 . 2013-04-10 19:07 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 21:02 . 2013-04-10 19:07 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 21:02 . 2013-04-10 19:07 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-04 04:50 . 2010-12-10 21:00 25928 -c--a-w- c:\windows\system32\drivers\mbam.sys
2013-04-02 14:09 . 2013-04-02 14:09 4550656 -c--a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-26 17:04 . 2013-03-26 08:18 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-15 21:20 . 2008-01-20 11:51 273408 -c--a-w- c:\windows\system32\wmpband.dll
2013-03-06 12:52 . 2012-07-01 06:52 861088 -c--a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-06 12:52 . 2010-12-03 05:57 782240 -c--a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-27 09:39 . 2013-02-27 09:37 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-02-27 09:39 . 2013-02-27 09:37 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-02-27 09:39 . 2013-02-27 09:37 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-27 09:39 . 2013-02-27 09:37 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-02-27 09:39 . 2013-02-27 09:37 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-27 09:39 . 2013-02-27 09:37 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-02-27 09:39 . 2013-02-27 09:37 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-27 09:39 . 2013-02-27 09:37 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-02-27 09:39 . 2013-02-27 09:37 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-27 09:39 . 2013-02-27 09:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-27 09:39 . 2013-02-27 09:37 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-02-27 09:39 . 2013-02-27 09:37 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-27 09:39 . 2013-02-27 09:37 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-02-27 09:39 . 2013-02-27 09:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 09:39 . 2013-02-27 09:37 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-02-27 09:39 . 2013-02-27 09:37 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-27 09:39 . 2013-02-27 09:37 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-02-27 09:39 . 2013-02-27 09:37 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-02-27 09:39 . 2013-02-27 09:37 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-02-27 09:39 . 2013-02-27 09:37 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-02-27 09:39 . 2013-02-27 09:37 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-02-27 09:39 . 2013-02-27 09:37 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-02-27 09:39 . 2013-02-27 09:37 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-02-27 09:39 . 2013-02-27 09:37 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-02-27 09:39 . 2013-02-27 09:37 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-02-27 09:39 . 2013-02-27 09:37 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-02-27 09:39 . 2013-02-27 09:37 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-02-27 09:39 . 2013-02-27 09:37 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-02-27 09:39 . 2013-02-27 09:37 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-02-27 09:39 . 2013-02-27 09:37 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-02-27 09:39 . 2013-02-27 09:37 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-02-27 09:39 . 2013-02-27 09:37 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-02-27 09:39 . 2013-02-27 09:37 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-02-27 09:39 . 2013-02-27 09:37 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-02-27 09:39 . 2013-02-27 09:37 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2013-01-08 15:56 87768 -c--a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-09-28 1715768]
"GGWallpaper"="c:\program files (x86)\LivingEarthDesktop\Living-Earth-Desktop.exe" [2011-12-12 923136]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-03-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-04-11 235072]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R0 39072231;39072231;c:\windows\system32\drivers\59292768.sys [x]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-05 102936]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 29720]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-09 22528]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-05 203544]
R3 StMp3Recx64;Player Recovery Device Control Driver;c:\windows\system32\Drivers\StMp3Recx64.sys [2007-01-11 26112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2011-03-10 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-03 1255736]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-17 98208]
R4 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-11-26 89640]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-11-26 114728]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2013-01-09 95712]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-11-26 114216]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-10-22 33320]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-11-26 94248]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-11-28 69160]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-11-26 118312]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-11-26 306216]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-11-26 116776]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-11-26 114216]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-11-28 232488]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-11-26 105000]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-11-09 204328]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-12 203264]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-01-27 140512]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-09-05 216072]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-09-05 69640]
S2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe [2010-09-17 45312]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-11-09 167976]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-11-09 119848]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-11-09 123944]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-11-09 133160]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-01-27 37088]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-06-25 32880]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2012-11-06 58360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-03 331880]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-09 19:18 1642448 -c--a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-02 05:47]
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-02 05:47]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1492978049-1898015326-2695977172-1001Core.job
- c:\users\Narcis\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-11 05:04]
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1492978049-1898015326-2695977172-1001UA.job
- c:\users\Narcis\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-11 05:04]
.
2013-04-29 c:\windows\Tasks\HPCeeScheduleForNarcis.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 12:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 -c--a-w- c:\users\Narcis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.allgameshome.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;?r?r?r?r?r?r?r?r?r?r?r?r???;??;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Narcis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 202.151.64.110 202.151.64.130
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Photoshop_is1 - c:\program files (x86)\Adobe Photoshop Setup\unins000.exe
AddRemove-Batch DOCX to DOC Converter - c:\users\Narcis\AppData\Local\Batchwork\Doc-2-Doc\uninstall.exe
AddRemove-Batch PPTX to PPT Converter - c:\users\Narcis\AppData\Local\Batchwork\Ppt-2-Ppt\uninstall.exe
AddRemove-Batch XLSX to XLS Converter - c:\users\Narcis\AppData\Local\Batchwork\Xls-2-Xls\uninstall.exe
AddRemove-BFG-Wedding Dash - Ready, Aim, Love - c:\program files (x86)\Wedding Dash - Ready
AddRemove-Imikimi Plugin - c:\program files (x86)\Imikimi\uninstall.exe
AddRemove-{03A15A67-4372-4AE8-A803-0B50D8427891} - c:\progra~3\INSTAL~1\{03A15~1\Setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{71576546-354D-41C9-AAE8-31F2EC22BF0D}"=hex:51,66,7a,6c,4c,1d,38,12,28,66,44,
75,7f,7b,a7,04,d5,fe,72,b2,e9,7c,fb,19
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"=hex:51,66,7a,6c,4c,1d,38,12,0e,bc,32,
bc,1f,12,85,04,ed,ca,7d,0c,c8,64,66,f0
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}"=hex:51,66,7a,6c,4c,1d,38,12,24,e7,33,
cd,4a,31,0a,0b,c2,c1,e6,30,23,b9,ba,a3
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0e,01,9d,fa,35,0a,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,0e,1e,e6,e7,1e,ad,4f,9b,26,14,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,0e,1e,e6,e7,1e,ad,4f,9b,26,14,\
.
[HKEY_USERS\S-1-5-21-1492978049-1898015326-2695977172-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1492978049-1898015326-2695977172-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1492978049-1898015326-2695977172-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2013-05-16 20:02:28 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-16 10:02
ComboFix2.txt 2013-05-14 09:48
.
Pre-Run: 194,669,080,576 bytes free
Post-Run: 194,961,342,464 bytes free
.
- - End Of File - - C9C7466BEE0ABCADFB5450E8B1E09479
  • 0

#21
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts
Any improvement?
  • 0

#22
Lady_Rocker

Lady_Rocker

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 168 posts
Been on my computer for over 2 hours.. and ... so far so good!! :thumbsup:

Wow, can you interpret the problem? So that I can "try" to avoid it...

Kinda hard with pre-teens using the family computer for homework.. haha :whistling:
  • 0

#23
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts
There were a few suspicious services. But lets give it another day or so, and let me know how it goes. Make sure your security is ON.
  • 0

#24
Lady_Rocker

Lady_Rocker

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 168 posts
Yes, Panda, Malwarebytes and SpyBot as well as standard Windows security are all turned on

Will let you know in about 2 days!

THANKS AGAIN!! You're such a patient wiz! :)
  • 0

#25
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,961 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP