Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help - I think someone is spying on me

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help - I think someone is spying on me

Unread postby hplerr » April 24th, 2013, 4:42 am

Hello, I was wondering if anyone could help me figure out if I have malware/spyware on my computer that allows someone to spy on me. Someone who isn't supposed to have access to my computer somehow is able to quote really specific things I've written in paper assignments, knows things I've said in private messages, and I suspect they might have access to my mic as well since they knew something I said in a telephone conversation I had while browsing internet. I'm not sure if the DDS software can detect things like keyloggers or remote viewing software, but any insight into the logs or advice on what to do to protect myself would be helpful. Thanks in advance!

also, I did a system recovery on my computer earlier, so basically all my old files and added software has been erased.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476
Run by ash at 3:21:22 on 2013-04-24
#Option Extended Search is enabled.
#Option Whitelisting is disabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.3809 [GMT -7:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
uLocal Page = C:\Windows\System32\blank.htm
uSearch Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
mStart Page = hxxp://g.msn.com/HPNOT/1
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mDefault_Page_URL = hxxp://g.msn.com/HPNOT/1
mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uURLSearchHooks: Microsoft Url Search Hook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
mWinlogon: Shell = explorer.exe
mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:1
mPolicies-System: EnableLUA = dword:1
mPolicies-System: EnableSecureUIAPaths = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:1
mPolicies-System: ValidateAdminCodeSignatures = dword:0
mPolicies-System: dontdisplaylastusername = dword:0
mPolicies-System: scforceoption = dword:0
mPolicies-System: shutdownwithoutlogon = dword:1
mPolicies-System: undockwithoutlogon = dword:1
mPolicies-System: FilterAdministratorToken = dword:0
mPolicies-System: DisableRegistryTools = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
LSP: %SystemRoot%\system32\mswsock.dll
TCP: NameServer = 66.90.132.162 66.90.130.101 192.168.1.1
TCP: Interfaces\{1CA1F376-BA39-4BFB-9F97-4114EC96B4F5} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{1CA1F376-BA39-4BFB-9F97-4114EC96B4F5} : DHCPNameServer = 66.90.132.162 66.90.130.101 192.168.1.1
TCP: Interfaces\{A40A3BA1-962E-471F-B789-090787BD6047} : NameServer = 8.26.56.26,156.154.70.22
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
AppInit_DLLs= C:\Windows\SysWOW64\guard32.dll
SSODL: WebCheck - <orphaned>
SecurityProviders: SecurityProviders = credssp.dll
LSA: Authentication Packages = msv1_0
LSA: Notification Packages = scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 winsrv:ConServerDllInitialization,2 sxssrv,4
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
x64-mStart Page = hxxp://g.msn.com/HPNOT/1
x64-mLocal Page = C:\Windows\System32\blank.htm
x64-mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
x64-mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mSearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
x64-mCustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
x64-mWinlogon: Shell = Explorer.exe
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
x64-mWinlogon: SFCDisable = dword:0
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll
x64-Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - <orphaned>
x64-Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
x64-Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - <orphaned>
x64-Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
x64-mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
x64-mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
x64-mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
x64-mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
x64-mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 ACPI;Microsoft ACPI Driver;C:\Windows\System32\drivers\acpi.sys [2010-11-20 334208]
R0 amdxata;amdxata;C:\Windows\System32\drivers\amdxata.sys [2011-10-29 27008]
R0 atapi;IDE Channel;C:\Windows\System32\drivers\atapi.sys [2009-7-13 24128]
R0 CLFS;Common Log (CLFS);C:\Windows\System32\clfs.sys [2009-7-13 367696]
R0 CNG;CNG;C:\Windows\System32\drivers\cng.sys [2013-4-23 458704]
R0 Compbatt;Microsoft Composite Battery Driver;C:\Windows\System32\drivers\compbatt.sys [2009-7-13 21584]
R0 Disk;Disk Driver;C:\Windows\System32\drivers\disk.sys [2009-7-13 73280]
R0 FileInfo;File Information FS MiniFilter;C:\Windows\System32\drivers\fileinfo.sys [2009-7-13 70224]
R0 FltMgr;FltMgr;C:\Windows\System32\drivers\fltMgr.sys [2010-11-20 289664]
R0 fvevol;Bitlocker Drive Encryption Filter Driver;C:\Windows\System32\drivers\fvevol.sys [2013-4-23 223752]
R0 hwpolicy;Hardware Policy Driver;C:\Windows\System32\drivers\hwpolicy.sys [2010-11-20 14720]
R0 iaStor;Intel AHCI Controller;C:\Windows\System32\drivers\iaStor.sys [2011-12-12 557848]
R0 KSecDD;KSecDD;C:\Windows\System32\drivers\ksecdd.sys [2013-4-23 95600]
R0 KSecPkg;KSecPkg;C:\Windows\System32\drivers\ksecpkg.sys [2013-4-23 151920]
R0 mountmgr;Mount Point Manager;C:\Windows\System32\drivers\mountmgr.sys [2010-11-20 94592]
R0 msahci;msahci;C:\Windows\System32\drivers\msahci.sys [2010-11-20 31104]
R0 msisadrv;msisadrv;C:\Windows\System32\drivers\msisadrv.sys [2009-7-13 15424]
R0 Mup;Mup;C:\Windows\System32\drivers\mup.sys [2009-7-13 60496]
R0 NDIS;NDIS System Driver;C:\Windows\System32\drivers\ndis.sys [2013-4-23 950128]
R0 partmgr;Partition Manager;C:\Windows\System32\drivers\partmgr.sys [2013-4-23 75120]
R0 pci;PCI Bus Driver;C:\Windows\System32\drivers\pci.sys [2010-11-20 184704]
R0 pcw;Performance Counters for Windows Driver;C:\Windows\System32\drivers\pcw.sys [2009-7-13 50768]
R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 spldr;Security Processor Loader Driver;C:\Windows\System32\drivers\spldr.sys [2009-7-13 19008]
R0 Tcpip;TCP/IP Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2013-4-23 1913192]
R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;C:\Windows\System32\drivers\vdrvroot.sys [2009-7-13 36432]
R0 volmgr;Volume Manager Driver;C:\Windows\System32\drivers\volmgr.sys [2010-11-20 71552]
R0 volmgrx;Dynamic Volume Manager;C:\Windows\System32\drivers\volmgrx.sys [2010-11-20 363392]
R0 volsnap;Storage volumes;C:\Windows\System32\drivers\volsnap.sys [2011-10-29 296320]
R0 Wdf01000;Kernel Mode Driver Frameworks service;C:\Windows\System32\drivers\Wdf01000.sys [2013-4-23 785512]
R1 AFD;Ancillary Function Driver for Winsock;C:\Windows\System32\drivers\afd.sys [2013-4-23 498688]
R1 Beep;Beep;C:\Windows\System32\drivers\beep.sys [2009-7-13 6656]
R1 blbdrive;blbdrive;C:\Windows\System32\drivers\blbdrive.sys [2009-7-13 45056]
R1 cdrom;CD-ROM Driver;C:\Windows\System32\drivers\cdrom.sys [2010-11-20 147456]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2012-11-7 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2012-11-7 38144]
R1 DfsC;DFS Namespace Client Driver;C:\Windows\System32\drivers\dfsc.sys [2010-11-20 102400]
R1 discache;System Attribute Cache;C:\Windows\System32\drivers\discache.sys [2009-7-13 40448]
R1 inspect;COMODO Internet Security Firewall Driver;C:\Windows\System32\drivers\inspect.sys [2012-11-7 94288]
R1 Msfs;Msfs;C:\Windows\System32\drivers\msfs.sys [2009-7-13 26112]
R1 mssmbios;Microsoft System Management BIOS Driver;C:\Windows\System32\drivers\mssmbios.sys [2009-7-13 32320]
R1 NetBIOS;NetBIOS Interface;C:\Windows\System32\drivers\netbios.sys [2009-7-13 44544]
R1 NetBT;NetBT;C:\Windows\System32\drivers\netbt.sys [2010-11-20 261632]
R1 Npfs;Npfs;C:\Windows\System32\drivers\npfs.sys [2009-7-13 44032]
R1 nsiproxy;NSI proxy service driver.;C:\Windows\System32\drivers\nsiproxy.sys [2009-7-13 24576]
R1 Null;Null;C:\Windows\System32\drivers\null.sys [2009-7-13 6144]
R1 Psched;QoS Packet Scheduler;C:\Windows\System32\drivers\pacer.sys [2010-11-20 131584]
R1 rdbss;Redirected Buffering Sub Sysytem;C:\Windows\System32\drivers\rdbss.sys [2010-11-20 309248]
R1 RDPCDD;RDPCDD;C:\Windows\System32\drivers\RDPCDD.sys [2009-7-13 7680]
R1 RDPENCDD;RDP Encoder Mirror Driver;C:\Windows\System32\drivers\RDPENCDD.sys [2009-7-13 7680]
R1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;C:\Windows\System32\drivers\RDPREFMP.sys [2009-7-13 8192]
R1 tdx;NetIO Legacy TDI Support Driver;C:\Windows\System32\drivers\tdx.sys [2010-11-20 119296]
R1 TermDD;Terminal Device Driver;C:\Windows\System32\drivers\termdd.sys [2010-11-20 63360]
R1 VgaSave;VgaSave;C:\Windows\System32\drivers\vga.sys [2009-7-13 29184]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;C:\Windows\System32\drivers\wanarp.sys [2010-11-20 88576]
R1 WfpLwf;WFP Lightweight Filter;C:\Windows\System32\drivers\wfplwf.sys [2009-7-13 12800]
R1 ws2ifsl;Winsock IFS Driver;C:\Windows\System32\drivers\ws2ifsl.sys [2009-7-13 21504]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 AudioSrv;Windows Audio;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 BFE;Base Filtering Engine;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-4-17 70344]
R2 cmdAgent;COMODO Internet Security Helper Service;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-7 2828408]
R2 CryptSvc;Cryptographic Services;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 DcomLaunch;DCOM Server Process Launcher;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 Dhcp;DHCP Client;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 Dnscache;DNS Client;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 DPS;Diagnostic Policy Service;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-4-19 2074760]
R2 eventlog;Windows Event Log;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 EventSystem;COM+ Event System;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 FDResPub;Function Discovery Resource Publication;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-8-19 260424]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-4-17 1851088]
R2 gpsvc;Group Policy Client;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-12 227896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-12 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-12 2425960]
R2 IKEEXT;IKE and AuthIP IPsec Keying Modules;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 iphlpsvc;IP Helper;C:\Windows\System32\svchost.exe -k NetSvcs [2009-7-13 27136]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 LanmanServer;Server;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 LanmanWorkstation;Workstation;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\Windows\System32\drivers\lltdio.sys [2009-7-13 60928]
R2 lmhosts;TCP/IP NetBIOS Helper;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-12 326168]
R2 luafv;UAC File Virtualization;C:\Windows\System32\drivers\luafv.sys [2009-7-13 113152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-23 701512]
R2 MMCSS;Multimedia Class Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 MpsSvc;Windows Firewall;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2011-12-12 138760]
R2 NlaSvc;Network Location Awareness;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 nsi;Network Store Interface Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 PcaSvc;Program Compatibility Assistant Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 PEAUTH;PEAUTH;C:\Windows\System32\drivers\PEAuth.sys [2009-7-13 651264]
R2 PlugPlay;Plug and Play;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 Power;Power;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 ProfSvc;User Profile Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 RpcEptMapper;RPC Endpoint Mapper;C:\Windows\System32\svchost.exe -k RPCSS [2009-7-13 27136]
R2 RpcSs;Remote Procedure Call (RPC);C:\Windows\System32\svchost.exe -k rpcss [2009-7-13 27136]
R2 rspndr;Link-Layer Topology Discovery Responder;C:\Windows\System32\drivers\rspndr.sys [2009-7-13 76800]
R2 SamSs;Security Accounts Manager;C:\Windows\System32\lsass.exe [2013-4-23 31232]
R2 Schedule;Task Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 secdrv;Security Driver;C:\Windows\System32\drivers\secdrv.sys [2009-7-13 23040]
R2 seclogon;Secondary Logon;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 SENS;System Event Notification Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 ShellHWDetection;Shell Hardware Detection;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 Spooler;Print Spooler;C:\Windows\System32\spoolsv.exe [2013-4-23 559104]
R2 STacSV;Audio Service;C:\Program Files\IDT\WDM\stacsv64.exe [2011-12-12 305152]
R2 stisvc;Windows Image Acquisition (WIA);C:\Windows\System32\svchost.exe -k imgsvc [2009-7-13 27136]
R2 SysMain;Superfetch;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\System32\drivers\tcpipreg.sys [2013-4-23 45568]
R2 Themes;Themes;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 TrkWks;Distributed Link Tracking Client;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-12 2656280]
R2 UxSms;Desktop Window Manager Session Manager;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 Winmgmt;Windows Management Instrumentation;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 Wlansvc;WLAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant;C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [2011-3-28 2292096]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service;C:\Program Files\Windows Media Player\wmpnetwk.exe [2010-11-20 1525248]
R2 wscsvc;Security Center;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 WSearch;Windows Search;C:\Windows\System32\SearchIndexer.exe [2011-10-29 591872]
R2 wuauserv;Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 wudfsvc;Windows Driver Foundation - User-mode Driver Framework;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 AeLookupSvc;Application Experience;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 Appinfo;Application Information;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2011-9-20 133672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver;C:\Windows\System32\drivers\BCMWL664.SYS [2011-12-12 4729408]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-4-13 1390680]
R3 BITS;Background Intelligent Transfer Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 bowser;Browser Support Driver;C:\Windows\System32\drivers\bowser.sys [2011-10-29 90624]
R3 Browser;Computer Browser;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 BthEnum;Bluetooth Enumerator Service;C:\Windows\System32\drivers\bthenum.sys [2009-7-13 41984]
R3 BthPan;Bluetooth Device (Personal Area Network);C:\Windows\System32\drivers\bthpan.sys [2009-7-13 118784]
R3 bthserv;Bluetooth Support Service;C:\Windows\System32\svchost.exe -k bthsvcs [2009-7-13 27136]
R3 BTHUSB;Bluetooth Radio USB Driver;C:\Windows\System32\drivers\BTHUSB.SYS [2011-10-29 80384]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1301000.01C\ccSetx64.sys [2011-12-12 167048]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver;C:\Windows\System32\drivers\CmBatt.sys [2009-7-13 17664]
R3 CompositeBus;Composite Bus Enumerator Driver;C:\Windows\System32\drivers\CompositeBus.sys [2010-11-20 38912]
R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\System32\drivers\dxgkrnl.sys [2011-10-29 983936]
R3 EapHost;Extensible Authentication Protocol;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 eeCtrl;Symantec Eraser Control driver;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-4-23 484512]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-4-23 138912]
R3 fastfat;FAT12/16/32 File System Driver;C:\Windows\System32\drivers\fastfat.sys [2009-7-13 204800]
R3 fdPHost;Function Discovery Provider Host;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio;C:\Windows\System32\drivers\hdaudbus.sys [2010-11-20 122368]
R3 HomeGroupListener;HomeGroup Listener;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 HomeGroupProvider;HomeGroup Provider;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R3 hpqwmiex;HP Software Framework Service;C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-9-12 992824]
R3 HTTP;HTTP;C:\Windows\System32\drivers\http.sys [2010-11-20 753664]
R3 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;C:\Windows\System32\drivers\i8042prt.sys [2009-7-13 105472]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130423.001\IDSviA64.sys [2013-4-23 513184]
R3 igfx;igfx;C:\Windows\System32\drivers\igdkmd64.sys [2011-8-26 12289472]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-26 317440]
R3 intelppm;Intel Processor Driver;C:\Windows\System32\drivers\intelppm.sys [2009-7-13 62464]
R3 kbdclass;Keyboard Class Driver;C:\Windows\System32\drivers\kbdclass.sys [2009-7-13 50768]
R3 KeyIso;CNG Key Isolation;C:\Windows\System32\lsass.exe [2013-4-23 31232]
R3 ksthunk;Kernel Streaming Thunks;C:\Windows\System32\drivers\ksthunk.sys [2009-7-13 20992]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-23 25928]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 monitor;Microsoft Monitor Class Function Driver Service;C:\Windows\System32\drivers\monitor.sys [2009-7-13 30208]
R3 mouclass;Mouse Class Driver;C:\Windows\System32\drivers\mouclass.sys [2009-7-13 49216]
R3 mpsdrv;Windows Firewall Authorization Driver;C:\Windows\System32\drivers\mpsdrv.sys [2009-7-13 77312]
R3 mrxsmb;SMB MiniRedirector Wrapper and Engine;C:\Windows\System32\drivers\mrxsmb.sys [2011-10-29 158208]
R3 mrxsmb10;SMB 1.x MiniRedirector;C:\Windows\System32\drivers\mrxsmb10.sys [2011-10-29 288768]
R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\Windows\System32\drivers\mrxsmb20.sys [2011-10-29 128000]
R3 NativeWifiP;NativeWiFi Filter;C:\Windows\System32\drivers\nwifi.sys [2009-7-13 318976]
R3 NAVENG;NAVENG;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130423.021\eng64.sys [2013-4-23 126192]
R3 NAVEX15;NAVEX15;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130423.021\ex64.sys [2013-4-23 2087664]
R3 NdisTapi;Remote Access NDIS TAPI Driver;C:\Windows\System32\drivers\ndistapi.sys [2009-7-13 24064]
R3 Ndisuio;NDIS Usermode I/O Protocol;C:\Windows\System32\drivers\ndisuio.sys [2010-11-20 56832]
R3 NdisWan;Remote Access NDIS WAN Driver;C:\Windows\System32\drivers\ndiswan.sys [2010-11-20 164352]
R3 NDProxy;NDIS Proxy;C:\Windows\System32\drivers\ndproxy.sys [2010-11-20 57856]
R3 Netman;Network Connections;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 netprofm;Network List Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 Ntfs;Ntfs;C:\Windows\System32\drivers\ntfs.sys [2013-4-23 1656680]
R3 p2pimsvc;Peer Networking Identity Manager;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
R3 p2psvc;Peer Networking Grouping;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
R3 PNRPsvc;Peer Name Resolution Protocol;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
R3 PolicyAgent;IPsec Policy Agent;C:\Windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [2009-7-13 27136]
R3 PptpMiniport;WAN Miniport (PPTP);C:\Windows\System32\drivers\raspptp.sys [2010-11-20 111104]
R3 RasAgileVpn;WAN Miniport (IKEv2);C:\Windows\System32\drivers\agilevpn.sys [2009-7-13 60416]
R3 Rasl2tp;WAN Miniport (L2TP);C:\Windows\System32\drivers\rasl2tp.sys [2010-11-20 129536]
R3 RasMan;Remote Access Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 RasPppoe;Remote Access PPPOE Driver;C:\Windows\System32\drivers\raspppoe.sys [2009-7-13 92672]
R3 RasSstp;WAN Miniport (SSTP);C:\Windows\System32\drivers\rassstp.sys [2009-7-13 83968]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI);C:\Windows\System32\drivers\rfcomm.sys [2009-7-13 158720]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-12 565352]
R3 SRTSP;Symantec Real Time Storage Protection x64;C:\Windows\System32\drivers\NISx64\1301000.01C\srtsp64.sys [2011-12-12 729720]
R3 SRTSPX;Symantec Real Time Storage Protection (PEL) x64;C:\Windows\System32\drivers\NISx64\1301000.01C\srtspx64.sys [2011-12-12 37496]
R3 srv;Server SMB 1.xxx Driver;C:\Windows\System32\drivers\srv.sys [2011-10-29 467456]
R3 srv2;Server SMB 2.xxx Driver;C:\Windows\System32\drivers\srv2.sys [2011-10-29 410112]
R3 srvnet;srvnet;C:\Windows\System32\drivers\srvnet.sys [2011-10-29 168448]
R3 SSDPSRV;SSDP Discovery;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 SstpSvc;Secure Socket Tunneling Protocol Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 STHDA;IDT High Definition Audio CODEC;C:\Windows\System32\drivers\stwrt64.sys [2011-12-12 535040]
R3 swenum;Software Bus Driver;C:\Windows\System32\drivers\swenum.sys [2009-7-13 12496]
R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1301000.01C\SymDS64.sys [2011-12-12 451192]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1301000.01C\SymEFA64.sys [2011-12-12 1084536]
R3 SymEvent;SymEvent;C:\Windows\System32\drivers\SYMEVENT64x86.SYS [2011-12-12 174200]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1301000.01C\Ironx64.sys [2011-12-12 189560]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1301000.01C\symnets.sys [2011-12-12 401016]
R3 SynTP;Synaptics TouchPad Driver;C:\Windows\System32\drivers\SynTP.sys [2011-6-9 1451056]
R3 TapiSrv;Telephony;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver;C:\Windows\System32\drivers\tunnel.sys [2010-11-20 125440]
R3 umbus;UMBus Enumerator Driver;C:\Windows\System32\drivers\umbus.sys [2010-11-20 48640]
R3 upnphost;UPnP Device Host;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 usbccgp;Microsoft USB Generic Parent Driver;C:\Windows\System32\drivers\usbccgp.sys [2011-10-29 98816]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\Windows\System32\drivers\usbehci.sys [2011-10-29 52736]
R3 usbhub;Microsoft USB Standard Hub Driver;C:\Windows\System32\drivers\usbhub.sys [2011-10-29 343040]
R3 usbvideo;USB Video Device (WDM);C:\Windows\System32\drivers\usbvideo.sys [2010-11-20 184960]
R3 VaultSvc;Credential Manager;C:\Windows\System32\lsass.exe [2013-4-23 31232]
R3 vwifibus;Virtual WiFi Bus Driver;C:\Windows\System32\drivers\vwifibus.sys [2009-7-13 24576]
R3 WdiServiceHost;Diagnostic Service Host;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 WdiSystemHost;Diagnostic System Host;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\Windows\System32\drivers\wmiacpi.sys [2009-7-13 14336]
R3 WudfPf;User Mode Driver Frameworks Platform Driver;C:\Windows\System32\drivers\WUDFPf.sys [2013-4-23 87040]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-4-23 116648]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
S2 SharedAccess;Internet Connection Sharing (ICS);C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S2 sppsvc;Software Protection;C:\Windows\System32\sppsvc.exe [2010-11-20 3524608]
S3 1394ohci;1394 OHCI Compliant Host Controller;C:\Windows\System32\drivers\1394ohci.sys [2010-11-20 229888]
S3 AcpiPmi;ACPI Power Meter Driver;C:\Windows\System32\drivers\acpipmi.sys [2010-11-20 12800]
S3 adp94xx;adp94xx;C:\Windows\System32\drivers\adp94xx.sys [2009-6-10 491088]
S3 adpahci;adpahci;C:\Windows\System32\drivers\adpahci.sys [2009-7-13 339536]
S3 adpu320;adpu320;C:\Windows\System32\drivers\adpu320.sys [2009-7-13 182864]
S3 agp440;Intel AGP Bus Filter;C:\Windows\System32\drivers\AGP440.sys [2009-7-13 61008]
S3 ALG;Application Layer Gateway Service;C:\Windows\System32\alg.exe [2009-7-13 79360]
S3 aliide;aliide;C:\Windows\System32\drivers\aliide.sys [2009-7-13 15440]
S3 amdide;amdide;C:\Windows\System32\drivers\amdide.sys [2009-7-13 15440]
S3 AmdK8;AMD K8 Processor Driver;C:\Windows\System32\drivers\amdk8.sys [2009-7-13 64512]
S3 AmdPPM;AMD Processor Driver;C:\Windows\System32\drivers\amdppm.sys [2009-7-13 60928]
S3 amdsata;amdsata;C:\Windows\System32\drivers\amdsata.sys [2011-10-29 107904]
S3 amdsbs;amdsbs;C:\Windows\System32\drivers\amdsbs.sys [2009-6-10 194128]
S3 AppID;AppID Driver;C:\Windows\System32\drivers\appid.sys [2010-11-20 61440]
S3 AppIDSvc;Application Identity;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 arc;arc;C:\Windows\System32\drivers\arc.sys [2009-7-13 87632]
S3 arcsas;arcsas;C:\Windows\System32\drivers\arcsas.sys [2009-7-13 97856]
S3 AsyncMac;RAS Asynchronous Media Driver;C:\Windows\System32\drivers\asyncmac.sys [2009-7-13 23040]
S3 AxInstSV;ActiveX Installer (AxInstSV);C:\Windows\System32\svchost.exe -k AxInstSVGroup [2009-7-13 27136]
S3 b06bdrv;Broadcom NetXtreme II VBD;C:\Windows\System32\drivers\bxvbda.sys [2009-6-10 468480]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60a.sys [2009-6-10 270848]
S3 BDESVC;BitLocker Drive Encryption Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\Windows\System32\drivers\BrFiltLo.sys [2009-7-13 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\Windows\System32\drivers\BrFiltUp.sys [2009-7-13 8704]
S3 BridgeMP;MAC Bridge Miniport;C:\Windows\System32\drivers\bridge.sys [2009-7-13 95232]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\Windows\System32\drivers\BrSerId.sys [2009-7-13 286720]
S3 BrSerWdm;Brother WDM Serial driver;C:\Windows\System32\drivers\BrSerWdm.sys [2009-7-13 47104]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\Windows\System32\drivers\BrUsbMdm.sys [2009-7-13 14976]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\Windows\System32\drivers\BrUsbSer.sys [2009-7-13 14720]
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\Windows\System32\drivers\bthmodem.sys [2009-7-13 72192]
S3 BTHPORT;Bluetooth Port Driver;C:\Windows\System32\drivers\bthport.sys [2013-4-23 552960]
S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2011-12-12 89640]
S3 CertPropSvc;Certificate Propagation;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 circlass;Consumer IR Devices;C:\Windows\System32\drivers\circlass.sys [2009-7-13 45568]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86;C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-7-13 66384]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-7-13 89920]
S3 cmdide;cmdide;C:\Windows\System32\drivers\cmdide.sys [2009-7-13 17488]
S3 COMSysApp;COM+ System Application;C:\Windows\System32\dllhost.exe [2009-7-13 9728]
S3 defragsvc;Disk Defragmenter;C:\Windows\System32\svchost.exe -k defragsvc [2009-7-13 27136]
S3 dot3svc;Wired AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 drmkaud;Microsoft Trusted Audio Drivers;C:\Windows\System32\drivers\drmkaud.sys [2009-7-13 5632]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;C:\Windows\System32\drivers\evbda.sys [2009-6-10 3286016]
S3 EFS;Encrypting File System (EFS);C:\Windows\System32\lsass.exe [2013-4-23 31232]
S3 ehRecvr;Windows Media Center Receiver Service;C:\Windows\ehome\ehrecvr.exe [2010-11-20 696832]
S3 ehSched;Windows Media Center Scheduler Service;C:\Windows\ehome\ehsched.exe [2009-7-13 127488]
S3 elxstor;elxstor;C:\Windows\System32\drivers\elxstor.sys [2009-6-10 530496]
S3 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\System32\drivers\errdev.sys [2009-7-13 9728]
S3 exfat;exFAT File System Driver;C:\Windows\System32\drivers\exfat.sys [2009-7-13 195072]
S3 Fax;Fax;C:\Windows\System32\FXSSVC.exe [2010-11-20 689152]
S3 fdc;Floppy Disk Controller Driver;C:\Windows\System32\drivers\fdc.sys [2009-7-13 29696]
S3 Filetrace;Filetrace;C:\Windows\System32\drivers\filetrace.sys [2009-7-13 34304]
S3 flpydisk;Floppy Disk Driver;C:\Windows\System32\drivers\flpydisk.sys [2009-7-13 24576]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2010-11-20 42856]
S3 FsDepends;File System Dependency Minifilter;C:\Windows\System32\drivers\fsdepends.sys [2009-7-13 55376]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\Windows\System32\drivers\GAGP30KX.SYS [2009-7-13 65088]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-4-23 116648]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver;C:\Windows\System32\drivers\hcw85cir.sys [2009-7-13 31232]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\HdAudio.sys [2010-11-20 350208]
S3 HidBatt;HID UPS Battery Driver;C:\Windows\System32\drivers\hidbatt.sys [2009-7-13 26624]
S3 HidBth;Microsoft Bluetooth HID Miniport;C:\Windows\System32\drivers\hidbth.sys [2009-7-13 100864]
S3 HidIr;Microsoft Infrared HID Driver;C:\Windows\System32\drivers\hidir.sys [2009-7-13 46592]
S3 hidserv;Human Interface Device Access;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 HidUsb;Microsoft HID Class Driver;C:\Windows\System32\drivers\hidusb.sys [2010-11-20 30208]
S3 hkmsvc;Health Key and Certificate Management;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 HpSAMD;HpSAMD;C:\Windows\System32\drivers\HpSAMD.sys [2010-11-20 78720]
S3 iaStorV;iaStorV;C:\Windows\System32\drivers\iaStorV.sys [2011-10-29 410496]
S3 idsvc;Windows CardSpace;C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2010-11-20 856400]
S3 iirsp;iirsp;C:\Windows\System32\drivers\iirsp.sys [2009-7-13 44112]
S3 intelide;intelide;C:\Windows\System32\drivers\intelide.sys [2009-7-13 16960]
S3 IPBusEnum;PnP-X IP Bus Enumerator;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 IpFilterDriver;IP Traffic Filter Driver;C:\Windows\System32\drivers\ipfltdrv.sys [2010-11-20 82944]
S3 IPMIDRV;IPMIDRV;C:\Windows\System32\drivers\IPMIDrv.sys [2010-11-20 78848]
S3 IPNAT;IP Network Address Translator;C:\Windows\System32\drivers\ipnat.sys [2009-7-13 116224]
S3 IRENUM;IR Bus Enumerator;C:\Windows\System32\drivers\irenum.sys [2009-7-13 17920]
S3 isapnp;isapnp;C:\Windows\System32\drivers\isapnp.sys [2009-7-13 20544]
S3 iScsiPrt;iScsiPort Driver;C:\Windows\System32\drivers\msiscsi.sys [2010-11-20 273792]
S3 kbdhid;Keyboard HID Driver;C:\Windows\System32\drivers\kbdhid.sys [2010-11-20 33280]
S3 KtmRm;KtmRm for Distributed Transaction Coordinator;C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [2009-7-13 27136]
S3 lltdsvc;Link-Layer Topology Discovery Mapper;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 LSI_FC;LSI_FC;C:\Windows\System32\drivers\lsi_fc.sys [2009-7-13 114752]
S3 LSI_SAS;LSI_SAS;C:\Windows\System32\drivers\lsi_sas.sys [2009-7-13 106560]
S3 LSI_SAS2;LSI_SAS2;C:\Windows\System32\drivers\lsi_sas2.sys [2009-7-13 65600]
S3 LSI_SCSI;LSI_SCSI;C:\Windows\System32\drivers\lsi_scsi.sys [2009-7-13 115776]
S3 megasas;megasas;C:\Windows\System32\drivers\megasas.sys [2009-6-10 35392]
S3 MegaSR;MegaSR;C:\Windows\System32\drivers\MegaSR.sys [2009-7-13 284736]
S3 Modem;Modem;C:\Windows\System32\drivers\modem.sys [2009-7-13 40448]
S3 mouhid;Mouse HID Driver;C:\Windows\System32\drivers\mouhid.sys [2009-7-13 31232]
S3 mpio;mpio;C:\Windows\System32\drivers\mpio.sys [2010-11-20 155008]
S3 MRxDAV;WebDav Client Redirector Driver;C:\Windows\System32\drivers\mrxdav.sys [2010-11-20 140800]
S3 msdsm;msdsm;C:\Windows\System32\drivers\msdsm.sys [2010-11-20 140672]
S3 MSDTC;Distributed Transaction Coordinator;C:\Windows\System32\msdtc.exe [2009-7-13 141824]
S3 mshidkmdf;Pass-through HID to KMDF Filter Driver;C:\Windows\System32\drivers\mshidkmdf.sys [2009-7-13 8192]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 msiserver;Windows Installer;C:\Windows\System32\msiexec.exe [2010-11-20 128000]
S3 MSKSSRV;Microsoft Streaming Service Proxy;C:\Windows\System32\drivers\mskssrv.sys [2009-7-13 11136]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;C:\Windows\System32\drivers\mspclock.sys [2009-7-13 7168]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;C:\Windows\System32\drivers\mspqm.sys [2009-7-13 6784]
S3 MsRPC;MsRPC;C:\Windows\System32\drivers\msrpc.sys [2010-11-20 366976]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;C:\Windows\System32\drivers\mstee.sys [2009-7-13 8064]
S3 MTConfig;Microsoft Input Configuration Driver;C:\Windows\System32\drivers\MTConfig.sys [2009-7-13 15360]
S3 napagent;Network Access Protection Agent;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 NdisCap;NDIS Capture LightWeight Filter;C:\Windows\System32\drivers\ndiscap.sys [2009-7-13 35328]
S3 Netlogon;Netlogon;C:\Windows\System32\lsass.exe [2013-4-23 31232]
S3 nfrd960;nfrd960;C:\Windows\System32\drivers\nfrd960.sys [2009-7-13 51264]
S3 nv_agp;NVIDIA nForce AGP Bus Filter;C:\Windows\System32\drivers\NV_AGP.SYS [2009-7-13 122960]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver;C:\Windows\System32\drivers\nvm62x64.sys [2009-6-10 408960]
S3 nvraid;nvraid;C:\Windows\System32\drivers\nvraid.sys [2011-10-29 148352]
S3 nvstor;nvstor;C:\Windows\System32\drivers\nvstor.sys [2011-10-29 166272]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy);C:\Windows\System32\drivers\ohci1394.sys [2009-7-13 72832]
S3 Parport;Parallel port driver;C:\Windows\System32\drivers\parport.sys [2009-7-13 97280]
S3 pciide;pciide;C:\Windows\System32\drivers\pciide.sys [2009-7-13 12352]
S3 pcmcia;pcmcia;C:\Windows\System32\drivers\pcmcia.sys [2009-7-13 220752]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2009-7-13 20992]
S3 pla;Performance Logs & Alerts;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 Processor;Processor Driver;C:\Windows\System32\drivers\processr.sys [2009-7-13 60416]
S3 ProtectedStorage;Protected Storage;C:\Windows\System32\lsass.exe [2013-4-23 31232]
S3 ql2300;ql2300;C:\Windows\System32\drivers\ql2300.sys [2009-6-10 1524816]
S3 ql40xx;ql40xx;C:\Windows\System32\drivers\ql40xx.sys [2009-7-13 128592]
S3 QWAVE;Quality Windows Audio Video Experience;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 QWAVEdrv;QWAVE driver;C:\Windows\System32\drivers\qwavedrv.sys [2009-7-13 46592]
S3 RasAcd;Remote Access Auto Connection Driver;C:\Windows\System32\drivers\rasacd.sys [2009-7-13 14848]
S3 RasAuto;Remote Access Auto Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;C:\Windows\System32\drivers\rdpbus.sys [2009-7-13 24064]
S3 RDPWD;RDP Winstation Driver;C:\Windows\System32\drivers\rdpwd.sys [2013-4-23 210944]
S3 RemoteRegistry;Remote Registry;C:\Windows\System32\svchost.exe -k regsvc [2009-7-13 27136]
S3 RpcLocator;Remote Procedure Call (RPC) Locator;C:\Windows\System32\Locator.exe [2009-7-13 10240]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-12 339048]
S3 sbp2port;sbp2port;C:\Windows\System32\drivers\sbp2port.sys [2010-11-20 103808]
S3 SCardSvr;Smart Card;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 scfilter;Smart card PnP Class Filter Driver;C:\Windows\System32\drivers\scfilter.sys [2010-11-20 29696]
S3 SCPolicySvc;Smart Card Removal Policy;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 sdbus;sdbus;C:\Windows\System32\drivers\sdbus.sys [2010-11-20 109056]
S3 SDRSVC;Windows Backup;C:\Windows\System32\svchost.exe -k SDRSVC [2009-7-13 27136]
S3 SensrSvc;Adaptive Brightness;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 Serenum;Serenum Filter Driver;C:\Windows\System32\drivers\serenum.sys [2009-7-13 23552]
S3 Serial;Serial;C:\Windows\System32\drivers\serial.sys [2009-7-13 94208]
S3 sermouse;Serial Mouse Driver;C:\Windows\System32\drivers\sermouse.sys [2009-7-13 26624]
S3 SessionEnv;Remote Desktop Configuration;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 sffdisk;SFF Storage Class Driver;C:\Windows\System32\drivers\sffdisk.sys [2009-7-13 14336]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;C:\Windows\System32\drivers\sffp_mmc.sys [2009-7-13 13824]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus;C:\Windows\System32\drivers\sffp_sd.sys [2010-11-20 14336]
S3 sfloppy;High-Capacity Floppy Disk Drive;C:\Windows\System32\drivers\sfloppy.sys [2009-7-13 16896]
S3 SiSRaid2;SiSRaid2;C:\Windows\System32\drivers\sisraid2.sys [2009-6-10 43584]
S3 SiSRaid4;SiSRaid4;C:\Windows\System32\drivers\sisraid4.sys [2009-7-13 80464]
S3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);C:\Windows\System32\drivers\smb.sys [2009-7-13 93184]
S3 SNMPTRAP;SNMP Trap;C:\Windows\System32\snmptrap.exe [2009-7-13 14336]
S3 sppuinotify;SPP Notification Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 stexstor;stexstor;C:\Windows\System32\drivers\stexstor.sys [2009-7-13 24656]
S3 swprv;Microsoft Software Shadow Copy Provider;C:\Windows\System32\svchost.exe -k swprv [2009-7-13 27136]
S3 TabletInputService;Tablet PC Input Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TBS;TPM Base Services;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 TCPIP6;Microsoft IPv6 Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2013-4-23 1913192]
S3 TDPIPE;TDPIPE;C:\Windows\System32\drivers\tdpipe.sys [2009-7-13 15872]
S3 TDTCP;TDTCP;C:\Windows\System32\drivers\tdtcp.sys [2013-4-23 23552]
S3 TermService;Remote Desktop Services;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 THREADORDER;Thread Ordering Server;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 TrustedInstaller;Windows Modules Installer;C:\Windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
S3 tssecsrv;Remote Desktop Services Security Filter Driver;C:\Windows\System32\drivers\tssecsrv.sys [2010-11-20 39424]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 uagp35;Microsoft AGPv3.5 Filter;C:\Windows\System32\drivers\UAGP35.SYS [2009-7-13 64080]
S3 UI0Detect;Interactive Services Detection;C:\Windows\System32\UI0Detect.exe [2009-7-13 40960]
S3 uliagpkx;Uli AGP Bus Filter;C:\Windows\System32\drivers\ULIAGPKX.SYS [2009-7-13 64592]
S3 UmPass;Microsoft UMPass Driver;C:\Windows\System32\drivers\umpass.sys [2009-7-13 9728]
S3 usbcir;eHome Infrared Receiver (USBCIR);C:\Windows\System32\drivers\usbcir.sys [2009-7-13 100352]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver;C:\Windows\System32\drivers\usbohci.sys [2011-10-29 25600]
S3 usbprint;Microsoft USB PRINTER Class;C:\Windows\System32\drivers\usbprint.sys [2009-7-13 25088]
S3 USBSTOR;USB Mass Storage Driver;C:\Windows\System32\drivers\USBSTOR.SYS [2011-10-29 91648]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\Windows\System32\drivers\usbuhci.sys [2011-10-29 30720]
S3 vds;Virtual Disk;C:\Windows\System32\vds.exe [2010-11-20 533504]
S3 vga;vga;C:\Windows\System32\drivers\vgapnp.sys [2009-7-13 29184]
S3 vhdmp;vhdmp;C:\Windows\System32\drivers\vhdmp.sys [2010-11-20 215936]
S3 viaide;viaide;C:\Windows\System32\drivers\viaide.sys [2009-7-13 17488]
S3 vsmraid;vsmraid;C:\Windows\System32\drivers\vsmraid.sys [2009-6-10 161872]
S3 VSS;Volume Shadow Copy;C:\Windows\System32\VSSVC.exe [2010-11-20 1600512]
S3 W32Time;Windows Time;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\System32\drivers\wacompen.sys [2009-7-13 27776]
S3 WANARP;Remote Access IP ARP Driver;C:\Windows\System32\drivers\wanarp.sys [2010-11-20 88576]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-24 1255736]
S3 wbengine;Block Level Backup Engine Service;C:\Windows\System32\wbengine.exe [2010-11-20 1504256]
S3 WbioSrvc;Windows Biometric Service;C:\Windows\System32\svchost.exe -k WbioSvcGroup [2009-7-13 27136]
S3 wcncsvc;Windows Connect Now - Config Registrar;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 WcsPlugInService;Windows Color System;C:\Windows\System32\svchost.exe -k wcssvc [2009-7-13 27136]
S3 Wd;Wd;C:\Windows\System32\drivers\wd.sys [2009-7-13 21056]
S3 WebClient;WebClient;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 Wecsvc;Windows Event Collector;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 WerSvc;Windows Error Reporting Service;C:\Windows\System32\svchost.exe -k WerSvcGroup [2009-7-13 27136]
S3 WIMMount;WIMMount;C:\Windows\System32\drivers\wimmount.sys [2009-7-13 22096]
S3 WinDefend;Windows Defender;C:\Windows\System32\svchost.exe -k secsvcs [2009-7-13 27136]
S3 WinRM;Windows Remote Management (WS-Management);C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 WinUsb;WinUsb;C:\Windows\System32\drivers\winusb.sys [2010-11-20 41984]
S3 wmiApSrv;WMI Performance Adapter;C:\Windows\System32\wbem\WmiApSrv.exe [2009-7-13 203264]
S3 WPCSvc;Parental Controls;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
S3 WPDBusEnum;Portable Device Enumerator Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 WUDFRd;WUDFRd;C:\Windows\System32\drivers\WUDFRd.sys [2013-4-23 198656]
S3 WwanSvc;WWAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
S4 cdfs;CD/DVD File System Reader;C:\Windows\System32\drivers\cdfs.sys [2009-7-13 92160]
S4 crcdisk;Crcdisk Filter Driver;C:\Windows\System32\drivers\crcdisk.sys [2009-7-13 24144]
S4 Mcx2Svc;Media Center Extender Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-7-13 116560]
S4 RemoteAccess;Routing and Remote Access;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S4 udfs;udfs;C:\Windows\System32\drivers\udfs.sys [2010-11-20 328192]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .bat: batfile="%1" %*
FileExt: .cmd: cmdfile="%1" %*
FileExt: .com: ComFile="%1" %*
FileExt: .exe: exefile="%1" %*
FileExt: .pif: piffile="%1" %*
FileExt: .scr: scrfile="%1" /S
FileExt: .reg: regfile=regedit.exe "%1"
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1
FileExt: .ini: inifile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: AcroRD32.exe: Read="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "%1"
ShellExec: ehshell.exe: open="C:\Windows\eHome\ehshell.exe" "%1"
ShellExec: iexplore.exe: open="C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
ShellExec: MovieMaker.exe: Open="C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
ShellExec: mspaint.exe: edit="C:\Windows\System32\mspaint.exe" "%1"
ShellExec: notepad.exe: edit=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: notepad.exe: open=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: photoviewer.dll: open=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: photoviewer.dll: print=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: WLXPhotoViewer.dll: open="C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
ShellExec: wmplayer.exe: open="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "%L"
ShellExec: wmplayer.exe: play="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play "%L"
ShellExec: wordpad.exe: open="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1"
.
=============== Created Last 60 ================
.
2013-04-24 10:01:34 -------- d-----w- C:\69ad8c8b5345dc69af84
2013-04-24 10:01:28 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-04-24 10:01:21 -------- d-----w- C:\cbc49c493bfcf97ea011c97d
2013-04-24 10:00:58 -------- d-----w- C:\Windows\SysWow64\Wat
2013-04-24 10:00:58 -------- d-----w- C:\Windows\System32\Wat
2013-04-24 07:01:36 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO
2013-04-24 07:01:27 -------- d-----w- C:\ProgramData\CPA_VA
2013-04-24 06:14:23 -------- d-----w- C:\ProgramData\Comodo
2013-04-24 06:14:20 -------- d-----w- C:\Program Files\COMODO
2013-04-24 06:14:14 -------- d-----w- C:\Users\ash\AppData\Local\Comodo
2013-04-24 06:14:11 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-04-24 06:14:11 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-04-24 06:14:05 -------- d-----w- C:\Program Files (x86)\Comodo
2013-04-24 06:14:03 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2013-04-24 05:43:22 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-04-24 05:27:04 72702784 ----a-w- C:\Windows\System32\MRT.exe
2013-04-24 05:20:38 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-04-24 05:20:38 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-04-24 05:20:38 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-04-24 05:20:38 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-04-24 05:11:37 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2013-04-24 05:11:37 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-24 05:11:37 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-24 05:11:36 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-24 05:11:36 768512 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-24 05:11:36 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2013-04-24 05:11:36 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-04-24 05:11:36 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-04-24 05:11:36 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-04-24 05:11:36 182896 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-04-24 05:11:36 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2013-04-24 05:11:36 149616 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-04-24 05:11:35 763520 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-04-24 05:11:35 757376 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-04-24 05:11:35 248320 ----a-w- C:\Windows\System32\ieui.dll
2013-04-24 05:11:35 237056 ----a-w- C:\Windows\System32\url.dll
2013-04-24 05:11:35 231936 ----a-w- C:\Windows\SysWow64\url.dll
2013-04-24 05:11:35 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-24 05:11:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-04-24 05:11:35 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-04-24 05:11:35 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-04-24 05:11:35 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-04-24 05:11:35 1346560 ----a-w- C:\Windows\System32\urlmon.dll
2013-04-24 05:11:35 1104384 ----a-w- C:\Windows\SysWow64\urlmon.dll
2013-04-24 05:11:34 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2013-04-24 05:11:34 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2013-04-24 05:11:34 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2013-04-24 05:11:34 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2013-04-24 05:11:34 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-04-24 05:11:34 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-04-24 05:11:34 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-24 05:11:33 816640 ----a-w- C:\Windows\System32\jscript.dll
2013-04-24 05:11:33 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2013-04-24 05:11:33 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2013-04-24 05:11:33 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2013-04-24 05:11:33 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-04-24 05:11:33 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2013-04-24 05:11:33 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2013-04-24 05:11:33 2147840 ----a-w- C:\Windows\System32\iertutil.dll
2013-04-24 05:11:33 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-24 05:11:33 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll
2013-04-24 05:11:32 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2013-04-24 05:11:31 17817088 ----a-w- C:\Windows\System32\mshtml.dll
2013-04-24 05:11:31 12324352 ----a-w- C:\Windows\SysWow64\mshtml.dll
2013-04-24 05:11:30 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2013-04-24 05:11:29 9738752 ----a-w- C:\Windows\SysWow64\ieframe.dll
2013-04-24 05:10:34 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-04-24 05:10:34 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-04-24 05:10:34 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-04-24 05:10:34 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-04-24 05:10:05 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-04-24 05:10:05 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-04-24 05:10:05 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-04-24 05:10:05 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-04-24 05:10:04 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-04-24 05:10:04 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-04-24 05:10:04 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-04-24 05:09:18 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-04-24 05:09:18 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-04-24 05:09:18 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-04-24 05:09:18 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-04-24 05:09:18 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-04-24 04:45:43 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-04-24 04:45:43 46592 ----a-w- C:\Windows\System32\fpb.rs
2013-04-24 04:45:43 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs
2013-04-24 04:45:43 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2013-04-24 04:45:43 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs
2013-04-24 04:45:43 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2013-04-24 04:45:43 441856 ----a-w- C:\Windows\System32\Wpc.dll
2013-04-24 04:45:43 43520 ----a-w- C:\Windows\SysWow64\csrr.rs
2013-04-24 04:45:43 43520 ----a-w- C:\Windows\System32\csrr.rs
2013-04-24 04:45:43 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs
2013-04-24 04:45:43 40960 ----a-w- C:\Windows\System32\cob-au.rs
2013-04-24 04:45:43 30720 ----a-w- C:\Windows\SysWow64\usk.rs
2013-04-24 04:45:43 30720 ----a-w- C:\Windows\System32\usk.rs
2013-04-24 04:45:43 2746368 ----a-w- C:\Windows\System32\gameux.dll
2013-04-24 04:45:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2013-04-24 04:45:43 21504 ----a-w- C:\Windows\SysWow64\grb.rs
2013-04-24 04:45:43 21504 ----a-w- C:\Windows\System32\grb.rs
2013-04-24 04:45:43 20480 ----a-w- C:\Windows\SysWow64\pegi.rs
2013-04-24 04:45:43 20480 ----a-w- C:\Windows\SysWow64\pegi-pt.rs
2013-04-24 04:45:43 20480 ----a-w- C:\Windows\System32\pegi.rs
2013-04-24 04:45:43 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2013-04-24 04:45:43 15360 ----a-w- C:\Windows\SysWow64\djctq.rs
2013-04-24 04:45:43 15360 ----a-w- C:\Windows\System32\djctq.rs
2013-04-24 04:45:43 -------- d-sh--w- C:\System Volume Information
2013-04-24 04:45:42 55296 ----a-w- C:\Windows\SysWow64\cero.rs
2013-04-24 04:45:42 55296 ----a-w- C:\Windows\System32\cero.rs
2013-04-24 04:45:42 51712 ----a-w- C:\Windows\SysWow64\esrb.rs
2013-04-24 04:45:42 51712 ----a-w- C:\Windows\System32\esrb.rs
2013-04-24 04:45:42 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2013-04-24 04:45:42 23552 ----a-w- C:\Windows\SysWow64\oflc.rs
2013-04-24 04:45:42 23552 ----a-w- C:\Windows\System32\oflc.rs
2013-04-24 04:45:42 20480 ----a-w- C:\Windows\SysWow64\pegi-fi.rs
2013-04-24 04:45:42 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2013-04-24 04:44:45 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-04-24 04:44:45 5120 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-04-24 04:44:45 5120 ---ha-w- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-04-24 04:44:45 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-24 04:44:45 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-24 04:44:45 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-24 04:44:45 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-24 04:44:45 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-04-24 04:44:45 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-24 04:44:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-24 04:44:45 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-04-24 04:44:45 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-24 04:44:45 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-24 04:44:45 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-04-24 04:44:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-04-24 04:44:45 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-04-24 04:44:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-04-24 04:44:45 1161216 ----a-w- C:\Windows\System32\kernel32.dll
2013-04-24 04:44:45 1114112 ----a-w- C:\Windows\SysWow64\kernel32.dll
2013-04-24 04:44:44 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-04-24 04:44:44 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-04-24 04:44:44 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-04-24 04:44:44 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-04-24 04:44:44 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-04-24 04:44:44 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-24 04:44:44 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-04-24 04:42:44 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-04-24 04:42:44 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-04-24 04:42:04 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP
2013-04-24 04:39:57 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2013-04-24 04:39:57 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2013-04-24 04:39:57 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2013-04-24 04:39:57 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2013-04-24 04:39:57 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2013-04-24 04:39:57 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2013-04-24 04:39:57 216576 ----a-w- C:\Windows\System32\ncsi.dll
2013-04-24 04:39:57 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2013-04-24 04:39:57 18944 ----a-w- C:\Windows\System32\netevent.dll
2013-04-24 04:39:57 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2013-04-24 04:39:57 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2013-04-24 04:39:41 14172672 ----a-w- C:\Windows\System32\shell32.dll
2013-04-24 04:39:40 12873728 ----a-w- C:\Windows\SysWow64\shell32.dll
2013-04-24 04:38:57 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-04-24 04:38:57 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2013-04-24 04:38:56 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-24 04:38:56 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-24 04:38:56 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-24 04:38:56 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-24 04:38:56 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-24 04:38:56 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-24 04:38:49 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-04-24 04:38:49 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2013-04-24 04:38:40 715776 ----a-w- C:\Windows\System32\kerberos.dll
2013-04-24 04:38:40 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2013-04-24 04:37:56 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-04-24 04:37:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-04-24 04:37:56 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-04-24 04:37:56 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-04-24 04:37:56 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-04-24 04:37:55 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-04-24 04:37:36 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-04-24 04:37:36 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-04-24 04:37:36 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-04-24 04:37:22 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-04-24 04:37:04 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-24 04:37:04 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-24 04:37:03 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-24 04:37:03 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-24 04:37:03 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-24 04:37:03 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-24 04:36:55 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-04-24 04:36:55 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-04-24 04:36:47 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-24 04:36:35 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-04-24 04:36:35 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-04-24 04:36:30 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-24 04:36:15 395776 ----a-w- C:\Windows\System32\webio.dll
2013-04-24 04:36:15 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2013-04-24 04:35:31 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-04-24 04:35:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-04-24 04:35:31 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-04-24 04:35:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-04-24 04:35:25 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2013-04-24 04:35:25 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2013-04-24 04:35:25 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2013-04-24 04:35:25 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2013-04-24 04:35:25 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2013-04-24 04:35:25 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2013-04-24 04:35:25 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2013-04-24 04:35:25 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2013-04-24 04:35:25 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2013-04-24 04:35:25 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2013-04-24 04:35:25 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2013-04-24 04:35:25 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2013-04-24 04:35:25 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2013-04-24 04:35:23 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-04-24 04:35:23 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-04-24 04:35:23 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-04-24 04:35:23 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-04-24 04:35:22 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-04-24 04:35:22 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-04-24 04:35:05 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-04-24 04:35:05 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-04-24 04:34:16 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-04-24 04:34:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-04-24 04:34:16 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-04-24 04:34:16 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-04-24 04:34:16 31232 ----a-w- C:\Windows\System32\lsass.exe
2013-04-24 04:34:16 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2013-04-24 04:34:16 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-04-24 04:34:16 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-04-24 04:34:16 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-04-24 04:34:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-04-24 04:34:16 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-04-24 04:34:16 136192 ----a-w- C:\Windows\System32\sspicli.dll
2013-04-24 04:34:08 3216384 ----a-w- C:\Windows\System32\msi.dll
2013-04-24 04:34:08 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2013-04-24 04:33:29 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2013-04-24 04:33:29 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2013-04-24 04:33:29 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2013-04-24 04:33:29 209920 ----a-w- C:\Windows\System32\profsvc.dll
2013-04-24 04:33:29 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2013-04-24 04:33:25 220160 ----a-w- C:\Windows\System32\wintrust.dll
2013-04-24 04:33:25 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-04-24 04:33:14 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2013-04-24 04:33:14 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-04-24 04:33:12 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-04-24 04:33:09 515584 ----a-w- C:\Windows\System32\timedate.cpl
2013-04-24 04:33:09 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-04-24 04:33:09 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2013-04-24 04:33:09 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-04-24 04:33:09 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-04-24 04:33:08 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-04-24 04:33:08 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-04-24 04:33:07 956928 ----a-w- C:\Windows\System32\localspl.dll
2013-04-24 04:33:03 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-04-24 04:33:03 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-04-24 04:33:03 1572864 ----a-w- C:\Windows\System32\quartz.dll
2013-04-24 04:33:03 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2013-04-24 04:33:00 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2013-04-24 04:32:59 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2013-04-24 04:32:59 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-04-24 04:32:58 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-04-24 04:32:58 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-04-24 04:32:58 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-04-24 04:32:58 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-04-24 04:32:43 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2013-04-24 04:32:43 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2013-04-24 04:32:42 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-04-24 04:32:37 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2013-04-24 04:32:37 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2013-04-24 04:32:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2013-04-24 04:32:34 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-04-24 04:32:34 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2013-04-24 04:32:33 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-24 04:32:33 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-24 04:32:19 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-04-24 04:32:19 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-04-24 04:32:11 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2013-04-24 04:32:11 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2013-04-24 04:31:51 73216 ----a-w- C:\Windows\System32\netapi32.dll
2013-04-24 04:31:51 59392 ----a-w- C:\Windows\System32\browcli.dll
2013-04-24 04:31:51 57344 ----a-w- C:\Windows\SysWow64\netapi32.dll
2013-04-24 04:31:51 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2013-04-24 04:31:51 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-24 04:31:51 136704 ----a-w- C:\Windows\System32\browser.dll
2013-04-24 04:31:44 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2013-04-24 04:31:44 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-04-24 04:31:44 331776 ----a-w- C:\Windows\System32\oleacc.dll
2013-04-24 04:31:44 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2013-04-24 04:30:21 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-04-24 04:30:21 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-04-24 04:30:21 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-04-24 04:30:21 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2013-04-24 04:30:21 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-04-24 04:30:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-04-24 04:30:15 67072 ----a-w- C:\Windows\splwow64.exe
2013-04-24 04:30:15 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-04-24 04:29:54 77312 ----a-w- C:\Windows\System32\packager.dll
2013-04-24 04:29:54 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-04-24 04:04:44 -------- d-sh--w- C:\$RECYCLE.BIN
2013-04-24 03:56:45 -------- d-----w- C:\Users\ash\AppData\Roaming\Malwarebytes
2013-04-24 03:56:41 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-24 03:56:40 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-24 03:56:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-24 03:56:22 -------- d-----w- C:\Users\ash\AppData\Local\Programs
2013-04-24 03:50:57 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-04-24 03:50:57 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-04-24 03:50:57 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-04-24 03:49:47 57880 ----a-w- C:\Windows\System32\wuauclt.exe
2013-04-24 03:49:47 44056 ----a-w- C:\Windows\System32\wups2.dll
2013-04-24 03:49:47 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-04-24 03:49:47 2428952 ----a-w- C:\Windows\System32\wuaueng.dll
2013-04-24 03:49:41 -------- d-----w- C:\Users\ash\AppData\Roaming\Symantec
2013-04-24 03:49:39 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-04-24 03:49:39 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-04-24 03:49:23 -------- d-----w- C:\Users\ash\AppData\Local\VirtualStore
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\Templates
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\Start Menu
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\SendTo
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\Recent
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\PrintHood
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\NetHood
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\My Documents
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\Local Settings
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\Cookies
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\Application Data
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\AppData\Local\Temporary Internet Files
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\AppData\Local\History
2013-04-24 03:48:48 -------- d-sh--we C:\Users\ash\AppData\Local\Application Data
2013-04-24 03:48:48 -------- d-s---w- C:\Users\ash\AppData\Roaming\Microsoft
2013-04-24 03:48:48 -------- d--h--w- C:\Users\ash\AppData
2013-04-24 03:48:48 -------- d-----w- C:\Users\ash\AppData\Roaming\Media Center Programs
2013-04-24 03:48:48 -------- d-----w- C:\Users\ash\AppData\Local\Temp
2013-04-24 03:48:48 -------- d-----w- C:\Users\ash\AppData\Local\Microsoft
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Videos
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Saved Games
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Pictures
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Music
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Links
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Favorites
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Downloads
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Documents
2013-04-24 03:48:48 -------- d-----r- C:\Users\ash\Desktop
2013-04-24 03:20:55 -------- d-----w- C:\Windows\temp
2013-04-24 03:14:47 98816 ----a-w- C:\Windows\sed.exe
2013-04-24 03:14:47 80412 ----a-w- C:\Windows\grep.exe
2013-04-24 03:14:47 68096 ----a-w- C:\Windows\zip.exe
2013-04-24 03:14:47 60416 ----a-w- C:\Windows\NIRCMD.exe
2013-04-24 03:14:47 518144 ----a-w- C:\Windows\SWREG.exe
2013-04-24 03:14:47 406528 ----a-w- C:\Windows\SWSC.exe
2013-04-24 03:14:47 256000 ----a-w- C:\Windows\PEV.exe
2013-04-24 03:14:47 208896 ----a-w- C:\Windows\MBR.exe
2013-04-24 03:14:40 -------- d-----w- C:\Qoobox
2013-04-24 03:14:20 -------- d-----w- C:\Windows\erdnt
2013-04-24 02:30:18 -------- d-----w- C:\Users\ash\AppData\Local\Max Secure Software
2013-04-24 02:27:35 -------- d-----w- C:\Users\ash\AppData\Roaming\GetRightToGo
2013-04-24 02:01:37 8795216 ----a-w- C:\ProgramData\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-04-24 01:55:30 -------- d-----w- C:\Program Files (x86)\Google
2013-04-24 01:55:24 -------- d-----w- C:\Users\ash\AppData\Local\Google
2013-04-24 01:54:51 -------- d-----w- C:\Users\ash\AppData\Local\Deployment
2013-04-24 01:54:51 -------- d-----w- C:\Users\ash\AppData\Local\Apps
2013-04-24 01:52:56 -------- d-----w- C:\Users\ash\AppData\Roaming\Macromedia
2013-04-24 01:52:49 -------- d-----w- C:\Users\ash\AppData\Roaming\Adobe
2013-04-24 01:52:30 -------- d-----w- C:\Users\ash\AppData\Roaming\Synaptics
2013-04-24 01:52:09 -------- d-----r- C:\Users\ash\Searches
2013-04-24 01:52:01 -------- d-----w- C:\Users\ash\AppData\Roaming\Identities
2013-04-24 01:51:59 -------- d-----r- C:\Users\ash\Contacts
2013-04-24 01:51:47 -------- d-----w- C:\Users\ash\AppData\Roaming\Hewlett-Packard
2013-04-24 01:51:02 -------- d-----w- C:\Users\ash\AppData\Roaming\hpqlog
2013-04-24 01:50:59 -------- d-----w- C:\Users\ash\AppData\Local\Hewlett-Packard
2013-04-24 01:50:38 -------- d-----w- C:\Users\ash\AppData\Local\AuthenTec
2013-04-24 01:50:23 -------- d-----w- C:\Users\ash\AppData\Local\RemEngine
2013-04-24 01:50:22 -------- d-----w- C:\Users\ash\AppData\Local\Hewlett-Packard_Company
.
==================== Find6M ====================
.
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-11-08 06:38:02 94288 ----a-w- C:\Windows\System32\drivers\inspect.sys
2012-11-08 06:38:02 38144 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-11-08 06:38:00 584056 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2012-11-08 06:37:58 22736 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2012-11-08 06:37:38 41240 ----a-w- C:\Windows\System32\cmdcsr.dll
2012-11-08 06:37:36 301264 ----a-w- C:\Windows\SysWow64\guard32.dll
2012-11-08 06:37:32 390392 ----a-w- C:\Windows\System32\guard64.dll
.
============= FINISH: 3:24:08.25 ===============
Last edited by hplerr on April 24th, 2013, 5:29 am, edited 1 time in total.
hplerr
Active Member
 
Posts: 3
Joined: April 23rd, 2013, 11:42 pm
Advertisement
Register to Remove

Re: Help - I think someone is spying on me

Unread postby hplerr » April 24th, 2013, 4:53 am

here are the logs for my ComboFix scan:
ComboFix 13-04-23.02 - ash 04/23/2013 20:15:37.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.3796 [GMT -7:00]
Running from: c:\users\ash\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-03-24 to 2013-04-24 )))))))))))))))))))))))))))))))
.
.
2013-04-24 04:42 . 2013-04-24 04:42 425345024 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP
2013-04-24 03:49 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-04-24 03:49 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-04-24 03:49 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-04-24 03:49 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-04-24 03:49 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-04-24 03:49 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-04-24 03:48 . 2013-04-24 01:52 -------- d-----w- c:\users\ash
2013-04-24 03:19 . 2013-04-24 03:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-24 02:01 . 2013-04-24 02:13 8795216 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-04-24 01:55 . 2013-04-24 02:09 -------- d-----w- c:\program files (x86)\Google
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-24 01:50 . 2011-03-29 01:36 20808 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-10-08 169528]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-9-20 1338144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-19 260424]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-13 227896]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-09-01 2425960]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2011-08-10 138760]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2011-09-21 133672]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [2011-08-19 1151096]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-09-21 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-09-21 89640]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-21 39976]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [2011-08-08 167048]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [2011-07-20 488568]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-26 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [2011-07-25 451192]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [2011-07-28 1084536]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [2011-07-25 189560]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [2011-07-25 401016]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - BHDRVX64
*NewlyCreated* - CCSET_NIS
*NewlyCreated* - IDSVIA64
*NewlyCreated* - NAVENG
*NewlyCreated* - NAVEX15
*NewlyCreated* - SRTSP
*NewlyCreated* - SRTSPX
*NewlyCreated* - SYMDS
*NewlyCreated* - SYMEFA
*NewlyCreated* - SYMEVENT
*NewlyCreated* - SYMIRON
*NewlyCreated* - SYMNETS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-24 02:09 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 01:55]
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 01:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-26 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-26 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-26 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-09-08 1424896]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-09-30 43320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 66.90.132.162 66.90.130.101 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-23 20:20:54
ComboFix-quarantined-files.txt 2013-04-24 03:20
.
Pre-Run: 576,031,526,912 bytes free
Post-Run: 576,100,118,528 bytes free
.
- - End Of File - - ADD02D1051982E8E80B2E9C4D9814850
hplerr
Active Member
 
Posts: 3
Joined: April 23rd, 2013, 11:42 pm

Re: Help - I think someone is spying on me

Unread postby deltalima » April 24th, 2013, 5:38 pm

Bumping or Replying to Your Own Topic

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to or try to bump your topic.
Please submit a new log and wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 55 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware