SFX099
Posts: 22 +0
Hey guys I've been having a problem with this one file that likes to hide itself and disable all attempts of removal. Can anyone help me get rid of it?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Steve (administrator) on STEVE-BAPC on 05-05-2015 13:48:14
Running from C:\Documents and Settings\Steve\Desktop
Loaded Profiles: Steve (Available profiles: Steve & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (All) =========================
(Microsoft Corporation) C:\WINDOWS\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS\system32\csrss.exe
(Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS\system32\services.exe
(Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
() C:\Documents and Settings\All Users\nvxasync\cvxasync.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
() C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
(Microsoft Corporation) C:\WINDOWS\system32\alg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\WINDOWS\explorer.exe
(SteelWerX) C:\ComboFix\swreg.3XE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
() C:\Program Files\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\WINDOWS\system32\ctfmon.exe
() C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Documents and Settings\Steve\Desktop\FRST.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprvse.exe
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [MSIAfterburner] => C:\Program Files\MSI Afterburner\MSIAfterburner.exe [565760 2014-12-06] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe, [26112 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [1033728 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2015-05-01] (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll [2013-10-07] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [nvxasync] => C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe [153822720 2015-05-03] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll (Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet (All) ===========================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
URLSearchHook: HKU\S-1-5-21-790525478-2000478354-725345543-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-25] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2014-02-24] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-14] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll [2011-10-10] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll [2008-04-14] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896 2006-02-28] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-01]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-05-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.surfvox.com/
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
CHR DefaultSearchKeyword: Default -> surfvox.com
CHR DefaultSearchURL: Default -> http://www.google.com/?cx=partner-p...}&sa=Search&siteurl=www.surfvox.com/&ref=&ss=
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05]
CHR Extension: (Google Drive) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05]
CHR Extension: (Google Search) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-05-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-05]
CHR Extension: (Norton Security Toolbar) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-05-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2015-05-05]
StartMenuInternet: chrome.exe - "C:\Program Files\Google\Chrome\Application\chrome.exe"
==================== Services (All) ========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S4 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2015-05-01] (ATI Technologies Inc.)
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software)
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-05-05] (Google Inc.)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-05-05] (Google Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [293144 2014-03-24] (Logitech, Inc.)
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S4 MSI_LiveUpdate_Service; C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2006-02-28] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
S3 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation)
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{CE4EC343-54DB-4CCD-8EA9-1016188C584F}
==================== Drivers (All) ==========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2006-02-28] (Microsoft Corporation)
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [50888 2014-09-19] (Advanced Micro Devices)
R3 asmthub3; C:\WINDOWS\System32\DRIVERS\asmthub3.sys [110808 2015-01-05] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\DRIVERS\asmtxhci.sys [343768 2015-01-05] (ASMedia Technology Inc)
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2015-05-01] (ATI Technologies Inc.)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2015-05-01] (Advanced Micro Devices)
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2006-02-28] (Microsoft Corporation)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx86.sys [1172184 2015-05-01] (Symantec Corporation)
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2006-02-28] (Microsoft Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1506000.020\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2006-02-28] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2006-02-28] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-05-04] (Symantec Corporation)
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2006-02-28] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2006-02-28] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
R3 IDSxpx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSxpx86.sys [478352 2015-05-01] (Symantec Corporation)
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [5630168 2013-12-10] (Realtek Semiconductor Corp.)
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2006-02-28] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
R2 LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [10136 2014-03-18] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidFilt; C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys [43800 2014-03-18] (Logitech, Inc.)
R3 LMouFilt; C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys [37528 2014-03-18] (Logitech, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-05] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2006-02-28] (Microsoft Corporation)
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2006-02-28] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation)
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.037\NAVENG.SYS [95704 2015-05-04] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.037\NAVEX15.SYS [1636696 2015-05-04] (Symantec Corporation)
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2006-02-28] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2006-02-28] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2006-02-28] (Microsoft Corporation)
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80128 2008-04-14] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2006-02-28] (Microsoft Corporation)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2006-02-28] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [35840 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2006-02-28] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2006-02-28] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2006-02-28] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2006-02-28] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)
R3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2013-03-10] () [File not signed]
R3 RTLE8023xp; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [427992 2014-06-05] (Realtek Semiconductor Corporation )
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1506000.020\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1506000.020\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1506000.020\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1506000.020\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2015-05-05] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1506000.020\SYMTDI.SYS [423256 2014-08-25] (Symantec Corporation)
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [35712 2010-11-28] (Advanced Micro Devices)
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
R1 WmiAcpi; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2006-02-28] (Microsoft Corporation)
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
U3 TlntSvr; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Steve (administrator) on STEVE-BAPC on 05-05-2015 13:48:14
Running from C:\Documents and Settings\Steve\Desktop
Loaded Profiles: Steve (Available profiles: Steve & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (All) =========================
(Microsoft Corporation) C:\WINDOWS\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS\system32\csrss.exe
(Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS\system32\services.exe
(Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
() C:\Documents and Settings\All Users\nvxasync\cvxasync.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
() C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
(Microsoft Corporation) C:\WINDOWS\system32\alg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\WINDOWS\explorer.exe
(SteelWerX) C:\ComboFix\swreg.3XE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
() C:\Program Files\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\WINDOWS\system32\ctfmon.exe
() C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Documents and Settings\Steve\Desktop\FRST.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprvse.exe
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [MSIAfterburner] => C:\Program Files\MSI Afterburner\MSIAfterburner.exe [565760 2014-12-06] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe, [26112 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [1033728 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2015-05-01] (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll [2013-10-07] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [nvxasync] => C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe [153822720 2015-05-03] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll (Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet (All) ===========================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
URLSearchHook: HKU\S-1-5-21-790525478-2000478354-725345543-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-25] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2014-02-24] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-14] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll [2011-10-10] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll [2008-04-14] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896 2006-02-28] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-01]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-05-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.surfvox.com/
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
CHR DefaultSearchKeyword: Default -> surfvox.com
CHR DefaultSearchURL: Default -> http://www.google.com/?cx=partner-p...}&sa=Search&siteurl=www.surfvox.com/&ref=&ss=
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05]
CHR Extension: (Google Drive) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05]
CHR Extension: (Google Search) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-05-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-05]
CHR Extension: (Norton Security Toolbar) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-05-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2015-05-05]
StartMenuInternet: chrome.exe - "C:\Program Files\Google\Chrome\Application\chrome.exe"
==================== Services (All) ========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S4 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2015-05-01] (ATI Technologies Inc.)
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software)
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-05-05] (Google Inc.)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-05-05] (Google Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [293144 2014-03-24] (Logitech, Inc.)
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S4 MSI_LiveUpdate_Service; C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2006-02-28] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
S3 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation)
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{CE4EC343-54DB-4CCD-8EA9-1016188C584F}
==================== Drivers (All) ==========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2006-02-28] (Microsoft Corporation)
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [50888 2014-09-19] (Advanced Micro Devices)
R3 asmthub3; C:\WINDOWS\System32\DRIVERS\asmthub3.sys [110808 2015-01-05] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\DRIVERS\asmtxhci.sys [343768 2015-01-05] (ASMedia Technology Inc)
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2015-05-01] (ATI Technologies Inc.)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2015-05-01] (Advanced Micro Devices)
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2006-02-28] (Microsoft Corporation)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx86.sys [1172184 2015-05-01] (Symantec Corporation)
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2006-02-28] (Microsoft Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1506000.020\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2006-02-28] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2006-02-28] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-05-04] (Symantec Corporation)
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2006-02-28] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2006-02-28] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
R3 IDSxpx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSxpx86.sys [478352 2015-05-01] (Symantec Corporation)
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [5630168 2013-12-10] (Realtek Semiconductor Corp.)
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2006-02-28] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
R2 LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [10136 2014-03-18] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidFilt; C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys [43800 2014-03-18] (Logitech, Inc.)
R3 LMouFilt; C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys [37528 2014-03-18] (Logitech, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-05] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2006-02-28] (Microsoft Corporation)
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2006-02-28] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation)
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.037\NAVENG.SYS [95704 2015-05-04] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.037\NAVEX15.SYS [1636696 2015-05-04] (Symantec Corporation)
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2006-02-28] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2006-02-28] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2006-02-28] (Microsoft Corporation)
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80128 2008-04-14] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2006-02-28] (Microsoft Corporation)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2006-02-28] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [35840 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2006-02-28] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2006-02-28] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2006-02-28] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2006-02-28] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)
R3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2013-03-10] () [File not signed]
R3 RTLE8023xp; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [427992 2014-06-05] (Realtek Semiconductor Corporation )
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1506000.020\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1506000.020\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1506000.020\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1506000.020\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2015-05-05] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1506000.020\SYMTDI.SYS [423256 2014-08-25] (Symantec Corporation)
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [35712 2010-11-28] (Advanced Micro Devices)
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
R1 WmiAcpi; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2006-02-28] (Microsoft Corporation)
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
U3 TlntSvr; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)