Very Strange issues please help long discription


  1. Posts : 4
    Windows 32 bit Home Premium
       #1

    Very Strange issues please help long discription


    So I am really not sure where to start with this but I Have tried everything and this still keeps happening The computers I am talking about consistists of 5 pc desktop computers 2 PC laptops 4 mac minis (2 newer versions 2 power PC Mac minis) 2 time capsules with built in airports and one Western Digital My book live{ that crashed right around when this happened} 1 mac book pro and one powerbook g4. About two months ago some strange things started happening on my computers. It all started with small changes like files or folders going missing or not where i placed/saved them, locked out of user accounts screen resoultion changes when it feels like something is taking over my computer. Computers acting up all the time like not responding like they they have a mind of there own. Then things started to get ever more wierd like files that were on one computer were all of a sudden on another computer that they should not be on. Strange remote disks on the Mac side that is locked. Files/folders that were once ?unlock are now locked and cannot access them. Computers crashing all the time. I even tried to fix this problem by going out and buying new computers for the business and over night what was once a fresh brand new computer had a full hard drive (500GB) of data over night out of no where! only one kind of data and would not let you open it. Everything was a shortcut instead of a direct path and files are being downloaded as binanry files. Weird folders from 1970. Times and dates constantly changing all the time. folder paths are using \ instead of /. Lots of folders-files in ALL CAPS . New bluetooth connections Bluetooth Pan and bluetooth Dun which i dont even know what they are used for. PLEASE HELP I have spent countless hours trying to figure out what this may be even hired 3 different IT people to come out and fix this problem for me. They come and do there job and say everything is ok ..... which it is for a few hours and then it all starts to happen again! This is very frusturating and i think i am on the verge of going crazy!!! {{{ My I phone started asking for a sim card for a while i am not sure if that has to do with anything but i didnt think that it was supposed to. I have another phone that has never been activated and has no sim card i only used it for wifi and it has singal bars like it is activated which is wierd}}} It is so hard to try and run a business like this let alone that not only is it happening at work but the same thing is happening at home I have done so much research and wasted the whole summer trying to figure out what is going on Can someone HELP ME please for my own sanitity!! I would just like to get my life back and enjoy it and what little is left of this nice weather ..... Thanks in advance !!
      My Computer


  2. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #2

    Mmm. Thats an interesting problem. What intrigues me is that its happening across Windows and Mac machines which are all networked together, correct?

    The behaviour might be explained by malware, but in order for that to be the case it would need to be a cross-platform one to affect both Windows and Mac in this manner. The only possibility I can think of is that you have a very recent example of cross-platform malware....but I can't be sure.

    I don't think it would hurt to test this theory : one one of your Windows 7 PC's, please run Windows Offline Defender by referring to this tutorial:

    Windows Defender Offline

    Post back the detail of what it finds, and then lets take it from there. It might not be malware related at all, but lets check first.

    Regards,
    Golden
      My Computer


  3. Posts : 4
    Windows 32 bit Home Premium
    Thread Starter
       #3

    Yes i am using both PC and mac. I could not run that program so i ran hijack this ....

    Code:
    StartupList report, 8/30/2012, 6:17:00 PM
    StartupList version: 1.52.2
    Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
    Detected: Unknown Windows (WinNT 6.01.3504)
    Detected: Internet Explorer v8.00 (8.00.7600.16385)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================
    
    Running processes:
    
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
    C:\Program Files\GFI Software\VIPRE\SBAMTray.exe
    C:\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\epm0.exe
    C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\Main.exe
    C:\Windows\System32\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\spawn.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\defrag.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    --------------------------------------------------
    
    Listing of startup folders:
    
    Shell folders Startup:
    [C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
    *No files*
    
    Shell folders AltStartup:
    *Folder not found*
    
    User shell folders Startup:
    *Folder not found*
    
    User shell folders AltStartup:
    *Folder not found*
    
    Shell folders Common Startup:
    [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
    WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    
    Shell folders Common AltStartup:
    *Folder not found*
    
    User shell folders Common Startup:
    *Folder not found*
    
    User shell folders Alternate Common Startup:
    *Folder not found*
    
    --------------------------------------------------
    
    Checking Windows NT UserInit:
    
    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\Windows\system32\userinit.exe,
    
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*
    
    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*
    
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    
    Bdagent = C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
    SBAMTray = "C:\Program Files\GFI Software\VIPRE\SBAMTray.exe"
    avgnt = "C:\Avira\AntiVir Desktop\avgnt.exe" /min
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    
    *No values found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    
    *No values found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*
    
    --------------------------------------------------
    
    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command
    
    (Default) = "%1" /S
    
    --------------------------------------------------
    
    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command
    
    (Default) = C:\Windows\System32\mshta.exe "%1" %*
    
    --------------------------------------------------
    
    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command
    
    (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
    
    --------------------------------------------------
    
    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)
    
    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = C:\Windows\System32\ie4uinit.exe -UserIconConfig
    
    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
    StubPath = "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    
    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    
    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    
    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll
    
    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = C:\Windows\System32\ie4uinit.exe -BaseSettings
    
    [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
    StubPath = C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    
    --------------------------------------------------
    
    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Load/Run keys from C:\Windows\WIN.INI:
    
    load=*INI section not found*
    run=*INI section not found*
    
    Load/Run keys from Registry:
    
    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=
    HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
    
    --------------------------------------------------
    
    Shell & screensaver key from C:\Windows\SYSTEM.INI:
    
    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*
    
    Shell & screensaver key from Registry:
    
    Shell=explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*
    
    Policies Shell key:
    
    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*
    
    --------------------------------------------------
    
    Checking for EXPLORER.EXE instances:
    
    C:\Windows\Explorer.exe: PRESENT!
    
    C:\Explorer.exe: not present
    C:\Windows\Explorer\Explorer.exe: not present
    C:\Windows\System\Explorer.exe: not present
    C:\Windows\System32\Explorer.exe: not present
    C:\Windows\Command\Explorer.exe: not present
    C:\Windows\Fonts\Explorer.exe: not present
    
    --------------------------------------------------
    
    Checking for superhidden extensions:
    
    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: *Registry key not found*
    .shb: *Registry key not found*
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden
    
    --------------------------------------------------
    
    Verifying REGEDIT.EXE integrity:
    
    - Regedit.exe found in C:\Windows
    - .reg open command is normal (regedit.exe %1)
    - Company name OK: 'Microsoft Corporation'
    - Original filename NOT OK: 'REGEDIT.EXE.MUI'
    - File description: 'Registry Editor'
    
    Registry check failed!
    
    --------------------------------------------------
    
    Enumerating Browser Helper Objects:
    
    *No BHO's found*
    
    --------------------------------------------------
    
    Enumerating Task Scheduler jobs:
    
    *No jobs found*
    
    --------------------------------------------------
    
    Enumerating Winsock LSP files:
    
    NameSpace #1: C:\Windows\system32\NLAapi.dll
    NameSpace #2: C:\Windows\System32\mswsock.dll
    NameSpace #3: C:\Windows\System32\winrnr.dll
    NameSpace #4: C:\Windows\system32\napinsp.dll
    NameSpace #5: C:\Windows\system32\pnrpnsp.dll
    NameSpace #6: C:\Windows\system32\pnrpnsp.dll
    Protocol #1: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #2: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #3: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #4: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #5: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #6: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #7: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #8: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #9: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #10: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    Protocol #11: C:\Windows\system32\mswsock.dll
    Protocol #12: C:\Windows\system32\mswsock.dll
    Protocol #13: C:\Windows\system32\mswsock.dll
    Protocol #14: C:\Windows\system32\mswsock.dll
    Protocol #15: C:\Windows\system32\mswsock.dll
    Protocol #16: C:\Windows\system32\mswsock.dll
    Protocol #17: C:\Windows\system32\mswsock.dll
    Protocol #18: C:\Windows\system32\mswsock.dll
    Protocol #19: C:\Windows\system32\mswsock.dll
    Protocol #20: C:\Windows\system32\mswsock.dll
    Protocol #21: C:\Windows\system32\mswsock.dll
    Protocol #22: C:\Windows\system32\mswsock.dll
    Protocol #23: C:\Windows\system32\mswsock.dll
    Protocol #24: C:\Windows\system32\mswsock.dll
    Protocol #25: C:\Windows\system32\mswsock.dll
    Protocol #26: C:\Windows\system32\mswsock.dll
    Protocol #27: C:\Windows\system32\mswsock.dll
    Protocol #28: C:\Windows\system32\mswsock.dll
    Protocol #29: C:\Windows\system32\mswsock.dll
    Protocol #30: C:\Windows\system32\mswsock.dll
    Protocol #31: C:\Windows\system32\mswsock.dll
    Protocol #32: C:\Windows\system32\mswsock.dll
    Protocol #33: C:\Windows\system32\mswsock.dll
    Protocol #34: C:\Windows\system32\mswsock.dll
    Protocol #35: C:\Windows\system32\mswsock.dll
    Protocol #36: C:\Windows\system32\mswsock.dll
    Protocol #37: C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll
    
    --------------------------------------------------
    
    Enumerating Windows NT/2000/XP services
    
    1394 OHCI Compliant Host Controller: system32\DRIVERS\1394ohci.sys (manual start)
    Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
    ACPI Power Meter Driver: \SystemRoot\system32\DRIVERS\acpipmi.sys (manual start)
    adp94xx: \SystemRoot\system32\DRIVERS\adp94xx.sys (manual start)
    adpahci: \SystemRoot\system32\DRIVERS\adpahci.sys (manual start)
    adpu320: \SystemRoot\system32\DRIVERS\adpu320.sys (manual start)
    @%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
    @%systemroot%\system32\drivers\afd.sys,-1000: \SystemRoot\system32\drivers\afd.sys (system)
    Intel AGP Bus Filter: \SystemRoot\system32\DRIVERS\agp440.sys (manual start)
    aic78xx: \SystemRoot\system32\DRIVERS\djsvs.sys (manual start)
    @%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start)
    aliide: \SystemRoot\system32\DRIVERS\aliide.sys (manual start)
    AMD AGP Bus Filter Driver: \SystemRoot\system32\DRIVERS\amdagp.sys (manual start)
    amdide: \SystemRoot\system32\DRIVERS\amdide.sys (manual start)
    AMD K8 Processor Driver: \SystemRoot\system32\DRIVERS\amdk8.sys (manual start)
    AMD Processor Driver: \SystemRoot\system32\DRIVERS\amdppm.sys (manual start)
    amdsata: \SystemRoot\system32\DRIVERS\amdsata.sys (manual start)
    amdsbs: \SystemRoot\system32\DRIVERS\amdsbs.sys (manual start)
    amdxata: system32\DRIVERS\amdxata.sys (system)
    Avira Scheduler: "C:\Avira\AntiVir Desktop\sched.exe" (autostart)
    Avira Realtime Protection: "C:\Avira\AntiVir Desktop\avguard.exe" (autostart)
    @%windir%\system32\inetsrv\iisres.dll,-30011: %windir%\system32\svchost.exe -k apphost (autostart)
    @%systemroot%\system32\appidsvc.dll,-102: \SystemRoot\system32\drivers\appid.sys (manual start)
    @%systemroot%\system32\appidsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    arc: \SystemRoot\system32\DRIVERS\arc.sys (manual start)
    arcsas: \SystemRoot\system32\DRIVERS\arcsas.sys (manual start)
    @%systemroot%\system32\rascfg.dll,-32000: system32\DRIVERS\asyncmac.sys (manual start)
    IDE Channel: system32\DRIVERS\atapi.sys (system)
    @%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
    @%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
    avc3: system32\DRIVERS\avc3.sys (system)
    avchv Function Driver: system32\DRIVERS\avchv.sys (manual start)
    avckf: system32\DRIVERS\avckf.sys (manual start)
    avgntflt: system32\DRIVERS\avgntflt.sys (autostart)
    avipbb: system32\DRIVERS\avipbb.sys (system)
    avkmgr: system32\DRIVERS\avkmgr.sys (system)
    @%SystemRoot%\system32\AxInstSV.dll,-103: %SystemRoot%\system32\svchost.exe -k AxInstSVGroup (manual start)
    Broadcom NetXtreme II VBD: \SystemRoot\system32\DRIVERS\bxvbdx.sys (manual start)
    Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0: system32\DRIVERS\b57nd60x.sys (manual start)
    Bitdefender Desktop Parental Control: C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe (autostart)
    @%SystemRoot%\system32\bdesvc.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    BitDefender Firewall NDIS 6 Filter Driver: \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys (system)
    bdfwfpf: \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (system)
    BDSandBox: \??\C:\Windows\system32\drivers\bdsandbox.sys (manual start)
    bdselfpr: \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys (system)
    BDVEDISK: system32\DRIVERS\bdvedisk.sys (system)
    @%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
    @%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    blbdrive: system32\DRIVERS\blbdrive.sys (system)
    @%systemroot%\system32\browser.dll,-102: system32\DRIVERS\bowser.sys (manual start)
    Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\DRIVERS\BrFiltLo.sys (manual start)
    Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\DRIVERS\BrFiltUp.sys (manual start)
    @%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\System32\Drivers\Brserid.sys (manual start)
    Brother WDM Serial driver: \SystemRoot\System32\Drivers\BrSerWdm.sys (manual start)
    Brother MFC USB Fax Only Modem: \SystemRoot\System32\Drivers\BrUsbMdm.sys (manual start)
    Brother MFC USB Serial WDM Driver: \SystemRoot\System32\Drivers\BrUsbSer.sys (manual start)
    Bluetooth Serial Communications Driver: \SystemRoot\system32\DRIVERS\bthmodem.sys (manual start)
    @%SystemRoot%\System32\bthserv.dll,-101: %SystemRoot%\system32\svchost.exe -k bthsvcs (manual start)
    CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled)
    CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
    @%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    Consumer IR Devices: \SystemRoot\system32\DRIVERS\circlass.sys (manual start)
    @%SystemRoot%\system32\clfs.sys,-100: System32\CLFS.sys (system)
    Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
    Microsoft ACPI Control Method Battery Driver: system32\DRIVERS\CmBatt.sys (manual start)
    cmdide: \SystemRoot\system32\DRIVERS\cmdide.sys (manual start)
    : System32\Drivers\cng.sys (system)
    Microsoft Composite Battery Driver: system32\DRIVERS\compbatt.sys (system)
    Composite Bus Enumerator Driver: system32\DRIVERS\CompositeBus.sys (manual start)
    @comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    Crcdisk Filter Driver: \SystemRoot\system32\DRIVERS\crcdisk.sys (disabled)
    @%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
    @oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
    @%SystemRoot%\system32\defragsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k defragsvc (manual start)
    @%systemroot%\system32\drivers\dfsc.sys,-101: System32\Drivers\dfsc.sys (system)
    @%SystemRoot%\system32\dhcpcore.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
    @%systemroot%\system32\drivers\discache.sys,-102: System32\drivers\discache.sys (system)
    Disk Driver: system32\DRIVERS\disk.sys (system)
    @%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
    @%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    @%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
    Microsoft Trusted Audio Drivers: system32\drivers\drmkaud.sys (manual start)
    LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start)
    Intel(R) PRO Adapter Driver: system32\DRIVERS\e100b325.sys (manual start)
    @%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Broadcom NetXtreme II 10 GigE VBD: \SystemRoot\system32\DRIVERS\evbdx.sys (manual start)
    @%SystemRoot%\system32\efssvc.dll,-100: %SystemRoot%\System32\lsass.exe (autostart)
    elxstor: \SystemRoot\system32\DRIVERS\elxstor.sys (manual start)
    epmntdrv: \??\C:\Windows\system32\epmntdrv.sys (manual start)
    Microsoft Hardware Error Device Driver: \SystemRoot\system32\DRIVERS\errdev.sys (manual start)
    EuGdiDrv: \??\C:\Windows\system32\EuGdiDrv.sys (manual start)
    @%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
    @comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
    Floppy Disk Controller Driver: \SystemRoot\system32\DRIVERS\fdc.sys (manual start)
    @%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    @%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%SystemRoot%\system32\drivers\fileinfo.sys,-100: system32\drivers\fileinfo.sys (system)
    @%SystemRoot%\system32\drivers\filetrace.sys,-10001: system32\drivers\filetrace.sys (manual start)
    Floppy Disk Driver: \SystemRoot\system32\DRIVERS\flpydisk.sys (manual start)
    @%SystemRoot%\system32\drivers\fltmgr.sys,-10001: system32\drivers\fltmgr.sys (system)
    @%systemroot%\system32\FntCache.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%SystemRoot%\system32\drivers\fsdepends.sys,-10001: System32\drivers\FsDepends.sys (manual start)
    @%SystemRoot%\system32\drivers\fvevol.sys,-100: System32\DRIVERS\fvevol.sys (system)
    Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\DRIVERS\gagp30kx.sys (manual start)
    @gpapi.dll,-112: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    gzflt: system32\DRIVERS\gzflt.sys (system)
    Hauppauge Consumer Infrared Receiver: \SystemRoot\system32\drivers\hcw85cir.sys (manual start)
    Microsoft 1.1 UAA Function Driver for High Definition Audio Service: system32\drivers\HdAudio.sys (manual start)
    Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
    HID UPS Battery Driver: \SystemRoot\system32\DRIVERS\HidBatt.sys (manual start)
    Microsoft Bluetooth HID Miniport: \SystemRoot\system32\DRIVERS\hidbth.sys (manual start)
    Microsoft Infrared HID Driver: \SystemRoot\system32\DRIVERS\hidir.sys (manual start)
    @%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    Microsoft HID Class Driver: \SystemRoot\system32\DRIVERS\hidusb.sys (manual start)
    @%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    @%SystemRoot%\System32\ListSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    @%SystemRoot%\System32\provsvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
    HpSAMD: \SystemRoot\system32\DRIVERS\HpSAMD.sys (manual start)
    @%SystemRoot%\system32\drivers\http.sys,-1: system32\drivers\HTTP.sys (manual start)
    @%systemroot%\system32\drivers\hwpolicy.sys,-101: System32\drivers\hwpolicy.sys (system)
    i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (manual start)
    iaStorV: \SystemRoot\system32\DRIVERS\iaStorV.sys (manual start)
    igfx: system32\DRIVERS\igdkmd32.sys (manual start)
    iirsp: \SystemRoot\system32\DRIVERS\iirsp.sys (manual start)
    @%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    intelide: system32\DRIVERS\intelide.sys (system)
    Intel Processor Driver: system32\DRIVERS\intelppm.sys (manual start)
    @%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    @%systemroot%\system32\rascfg.dll,-32013: system32\DRIVERS\ipfltdrv.sys (manual start)
    @%SystemRoot%\system32\iphlpsvc.dll,-500: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
    IPMIDRV: \SystemRoot\system32\DRIVERS\IPMIDrv.sys (manual start)
    IP Network Address Translator: System32\drivers\ipnat.sys (manual start)
    @%SystemRoot%\system32\drivers\irenum.sys,-100: system32\drivers\irenum.sys (manual start)
    isapnp: \SystemRoot\system32\DRIVERS\isapnp.sys (manual start)
    iScsiPort Driver: \SystemRoot\system32\DRIVERS\msiscsi.sys (manual start)
    Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (manual start)
    Keyboard HID Driver: \SystemRoot\system32\DRIVERS\kbdhid.sys (manual start)
    @keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start)
    : System32\Drivers\ksecdd.sys (system)
    : System32\Drivers\ksecpkg.sys (system)
    @comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation (manual start)
    @%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    @%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
    @%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    @%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
    LSI_FC: \SystemRoot\system32\DRIVERS\lsi_fc.sys (manual start)
    LSI_SAS: \SystemRoot\system32\DRIVERS\lsi_sas.sys (manual start)
    LSI_SAS2: \SystemRoot\system32\DRIVERS\lsi_sas2.sys (manual start)
    LSI_SCSI: \SystemRoot\system32\DRIVERS\lsi_scsi.sys (manual start)
    @%systemroot%\system32\drivers\luafv.sys,-100: \SystemRoot\system32\drivers\luafv.sys (autostart)
    megasas: \SystemRoot\system32\DRIVERS\megasas.sys (manual start)
    MegaSR: \SystemRoot\system32\DRIVERS\MegaSR.sys (manual start)
    @%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    : system32\drivers\modem.sys (manual start)
    Microsoft Monitor Class Function Driver Service: system32\DRIVERS\monitor.sys (manual start)
    Mouse Class Driver: system32\DRIVERS\mouclass.sys (manual start)
    Mouse HID Driver: \SystemRoot\system32\DRIVERS\mouhid.sys (manual start)
    @%SystemRoot%\system32\drivers\mountmgr.sys,-100: System32\drivers\mountmgr.sys (system)
    Mozilla Maintenance Service: "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" (manual start)
    mpio: \SystemRoot\system32\DRIVERS\mpio.sys (manual start)
    @%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start)
    @%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
    @%systemroot%\system32\webclnt.dll,-104: \SystemRoot\system32\drivers\mrxdav.sys (manual start)
    @%systemroot%\system32\wkssvc.dll,-1002: system32\DRIVERS\mrxsmb.sys (manual start)
    @%systemroot%\system32\wkssvc.dll,-1004: system32\DRIVERS\mrxsmb10.sys (manual start)
    @%systemroot%\system32\wkssvc.dll,-1006: system32\DRIVERS\mrxsmb20.sys (manual start)
    msahci: system32\DRIVERS\msahci.sys (system)
    msdsm: \SystemRoot\system32\DRIVERS\msdsm.sys (manual start)
    @comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start)
    @%SystemRoot%\system32\drivers\mshidkmdf.sys,-100: \SystemRoot\System32\drivers\mshidkmdf.sys (manual start)
    msisadrv: system32\DRIVERS\msisadrv.sys (system)
    @%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
    @%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec.exe /V (manual start)
    Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (system)
    Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
    Microsoft Input Configuration Driver: \SystemRoot\system32\DRIVERS\MTConfig.sys (manual start)
    @%systemroot%\system32\drivers\mup.sys,-101: System32\Drivers\mup.sys (system)
    @%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
    NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start)
    @%SystemRoot%\system32\drivers\ndis.sys,-200: system32\drivers\ndis.sys (system)
    NDIS Capture LightWeight Filter: system32\DRIVERS\ndiscap.sys (manual start)
    @%systemroot%\system32\rascfg.dll,-32001: system32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
    @%systemroot%\system32\rascfg.dll,-32002: system32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
    @%SystemRoot%\system32\drivers\netbt.sys,-2: System32\DRIVERS\netbt.sys (system)
    @%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start)
    @%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    @%SystemRoot%\system32\netprofm.dll,-202: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit: system32\DRIVERS\netw5v32.sys (manual start)
    nfrd960: \SystemRoot\system32\DRIVERS\nfrd960.sys (manual start)
    @%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    @%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
    @%SystemRoot%\system32\drivers\nsiproxy.sys,-2: system32\drivers\nsiproxy.sys (system)
    nvraid: \SystemRoot\system32\DRIVERS\nvraid.sys (manual start)
    nvstor: \SystemRoot\system32\DRIVERS\nvstor.sys (manual start)
    NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\DRIVERS\nv_agp.sys (manual start)
    1394 OHCI Compliant Host Controller (Legacy): \SystemRoot\system32\DRIVERS\ohci1394.sys (manual start)
    @%SystemRoot%\system32\pnrpsvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
    @%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
    Parallel port driver: \SystemRoot\system32\DRIVERS\parport.sys (manual start)
    @%SystemRoot%\system32\drivers\partmgr.sys,-100: System32\drivers\partmgr.sys (system)
    Parvdm: \SystemRoot\system32\DRIVERS\parvdm.sys (autostart)
    @%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    PCI Bus Driver: system32\DRIVERS\pci.sys (system)
    pciide: \SystemRoot\system32\DRIVERS\pciide.sys (manual start)
    pcmcia: \SystemRoot\system32\DRIVERS\pcmcia.sys (manual start)
    Performance Counters for Windows Driver: System32\drivers\pcw.sys (system)
    PEAUTH: system32\drivers\peauth.sys (autostart)
    @%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start)
    @%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
    @%SystemRoot%\system32\pnrpauto.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
    @%SystemRoot%\system32\pnrpsvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
    @%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (manual start)
    @%SystemRoot%\system32\umpo.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
    @%systemroot%\system32\rascfg.dll,-32006: system32\DRIVERS\raspptp.sys (manual start)
    Processor Driver: \SystemRoot\system32\DRIVERS\processr.sys (manual start)
    @%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    @%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start)
    @%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system)
    ql2300: \SystemRoot\system32\DRIVERS\ql2300.sys (manual start)
    ql40xx: \SystemRoot\system32\DRIVERS\ql40xx.sys (manual start)
    @%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start)
    Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (manual start)
    WAN Miniport (IKEv2): system32\DRIVERS\AgileVpn.sys (manual start)
    @%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    @%systemroot%\system32\rascfg.dll,-32005: system32\DRIVERS\rasl2tp.sys (manual start)
    @%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    @%systemroot%\system32\rascfg.dll,-32007: system32\DRIVERS\raspppoe.sys (manual start)
    @%systemroot%\system32\sstpsvc.dll,-202: system32\DRIVERS\rassstp.sys (manual start)
    @%systemroot%\system32\wkssvc.dll,-1000: system32\DRIVERS\rdbss.sys (system)
    Remote Desktop Device Redirector Bus Driver: \SystemRoot\system32\DRIVERS\rdpbus.sys (manual start)
    @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100: System32\DRIVERS\RDPCDD.sys (system)
    @%systemroot%\system32\drivers\RDPENCDD.sys,-101: system32\drivers\rdpencdd.sys (system)
    @%systemroot%\system32\drivers\RdpRefMp.sys,-101: system32\drivers\rdprefmp.sys (system)
    ReadyBoost: System32\drivers\rdyboost.sys (system)
    @%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    @regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start)
    Ricoh xD-Picture Card Driver: system32\DRIVERS\rixdptsk.sys (autostart)
    @%windir%\system32\RpcEpMap.dll,-1001: %SystemRoot%\system32\svchost.exe -k RPCSS (autostart)
    @%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start)
    @oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
    Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
    SafeBox: C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (autostart)
    @%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
    VIPRE Internet Security: "C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe" (autostart)
    sbapifs: system32\DRIVERS\sbapifs.sys (autostart)
    SbFw: system32\drivers\SbFw.sys (system)
    GFI Software Firewall NDIS IM Filter Service: system32\DRIVERS\sbfwim.sys (manual start)
    GFI Software Firewall NDIS IM Filter Miniport: system32\DRIVERS\SBFWIM.sys (manual start)
    sbhips: system32\drivers\sbhips.sys (manual start)
    sbp2port: \SystemRoot\system32\DRIVERS\sbp2port.sys (manual start)
    SB Recovery Service: "C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe" (autostart)
    SBRE: \??\C:\Windows\system32\drivers\SBREdrv.sys (system)
    sbwtis: system32\DRIVERS\sbwtis.sys (manual start)
    @%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%SystemRoot%\System32\drivers\scfilter.sys,-11: System32\DRIVERS\scfilter.sys (manual start)
    @%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    @%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    sdbus: system32\DRIVERS\sdbus.sys (manual start)
    @%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start)
    @%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (manual start)
    @%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    @%SystemRoot%\System32\sensrsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    Serenum Filter Driver: \SystemRoot\system32\DRIVERS\serenum.sys (manual start)
    Serial Port Driver: \SystemRoot\system32\DRIVERS\serial.sys (manual start)
    Serial Mouse Driver: \SystemRoot\system32\DRIVERS\sermouse.sys (manual start)
    @%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    SFF Storage Class Driver: \SystemRoot\system32\DRIVERS\sffdisk.sys (manual start)
    SFF Storage Protocol Driver for MMC: \SystemRoot\system32\DRIVERS\sffp_mmc.sys (manual start)
    SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\DRIVERS\sffp_sd.sys (manual start)
    High-Capacity Floppy Disk Drive: \SystemRoot\system32\DRIVERS\sfloppy.sys (manual start)
    @%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    @%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SIS AGP Bus Filter: \SystemRoot\system32\DRIVERS\sisagp.sys (manual start)
    SiSRaid2: \SystemRoot\system32\DRIVERS\SiSRaid2.sys (manual start)
    SiSRaid4: \SystemRoot\system32\DRIVERS\sisraid4.sys (manual start)
    @%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (manual start)
    @%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start)
    @%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart)
    @%SystemRoot%\system32\sppsvc.exe,-101: %SystemRoot%\system32\sppsvc.exe (autostart)
    @%SystemRoot%\system32\sppuinotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    @%systemroot%\system32\srvsvc.dll,-102: System32\DRIVERS\srv.sys (manual start)
    @%systemroot%\system32\srvsvc.dll,-104: System32\DRIVERS\srv2.sys (manual start)
    SrvHsfHDA: system32\DRIVERS\VSTAZL3.SYS (manual start)
    SrvHsfV92: system32\DRIVERS\VSTDPV3.SYS (manual start)
    SrvHsfWinac: system32\DRIVERS\VSTCNXT3.SYS (manual start)
    : System32\DRIVERS\srvnet.sys (manual start)
    @%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    ssmdrv: system32\DRIVERS\ssmdrv.sys (system)
    @%SystemRoot%\system32\sstpsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    stexstor: \SystemRoot\system32\DRIVERS\stexstor.sys (manual start)
    @%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (manual start)
    Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
    @%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start)
    @%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
    @%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    @%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
    @%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system)
    Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start)
    TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
    TDPIPE: system32\drivers\tdpipe.sys (manual start)
    TDTCP: system32\drivers\tdtcp.sys (manual start)
    @%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system)
    Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
    @%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
    @%SystemRoot%\System32\themeservice.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    @%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    @%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
    trufos: system32\DRIVERS\trufos.sys (system)
    @%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start)
    @%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101: System32\DRIVERS\tssecsrv.sys (manual start)
    Microsoft Tunnel Miniport Adapter Driver: system32\DRIVERS\tunnel.sys (manual start)
    Microsoft AGPv3.5 Filter: \SystemRoot\system32\DRIVERS\uagp35.sys (manual start)
    udfs: system32\DRIVERS\udfs.sys (disabled)
    @%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start)
    Uli AGP Bus Filter: \SystemRoot\system32\DRIVERS\uliagpkx.sys (manual start)
    UMBus Enumerator Driver: system32\DRIVERS\umbus.sys (manual start)
    Microsoft UMPass Driver: \SystemRoot\system32\DRIVERS\umpass.sys (manual start)
    Bitdefender Desktop Update Service: "C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe" /service (autostart)
    @%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    Microsoft USB Generic Parent Driver: \SystemRoot\system32\DRIVERS\usbccgp.sys (manual start)
    eHome Infrared Receiver (USBCIR): \SystemRoot\system32\DRIVERS\usbcir.sys (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
    Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB Open Host Controller Miniport Driver: \SystemRoot\system32\DRIVERS\usbohci.sys (manual start)
    Microsoft USB PRINTER Class: \SystemRoot\system32\DRIVERS\usbprint.sys (manual start)
    USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
    Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
    @%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
    @%SystemRoot%\system32\vaultsvc.dll,-1003: %SystemRoot%\system32\lsass.exe (manual start)
    Microsoft Virtual Drive Enumerator Driver: system32\DRIVERS\vdrvroot.sys (system)
    @%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start)
    vga: system32\DRIVERS\vgapnp.sys (manual start)
    : \SystemRoot\System32\drivers\vga.sys (system)
    vhdmp: \SystemRoot\system32\DRIVERS\vhdmp.sys (manual start)
    VIA AGP Bus Filter: \SystemRoot\system32\DRIVERS\viaagp.sys (manual start)
    VIA C7 Processor Driver: \SystemRoot\system32\DRIVERS\viac7.sys (manual start)
    viaide: \SystemRoot\system32\DRIVERS\viaide.sys (manual start)
    Volume Manager Driver: system32\DRIVERS\volmgr.sys (system)
    @%SystemRoot%\system32\drivers\volmgrx.sys,-100: System32\drivers\volmgrx.sys (system)
    Storage volumes: system32\DRIVERS\volsnap.sys (system)
    vsmraid: \SystemRoot\system32\DRIVERS\vsmraid.sys (manual start)
    @%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start)
    Bitdefender Virus Shield: "C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe" /service (autostart)
    @%SystemRoot%\System32\drivers\vwifibus.sys,-257: \SystemRoot\System32\drivers\vwifibus.sys (manual start)
    @%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    @%windir%\system32\inetsrv\iisres.dll,-30003: %windir%\system32\svchost.exe -k iissvcs (autostart)
    Wacom Serial Pen HID Driver: \SystemRoot\system32\DRIVERS\wacompen.sys (manual start)
    @%systemroot%\system32\rascfg.dll,-32011: system32\DRIVERS\wanarp.sys (manual start)
    @%systemroot%\system32\rascfg.dll,-32012: system32\DRIVERS\wanarp.sys (system)
    @%windir%\system32\inetsrv\iisres.dll,-30001: %windir%\system32\svchost.exe -k iissvcs (manual start)
    @%SystemRoot%\system32\Wat\WatUX.exe,-601: %SystemRoot%\system32\Wat\WatAdminSvc.exe (manual start)
    @%systemroot%\system32\wbengine.exe,-104: "%systemroot%\system32\wbengine.exe" (manual start)
    @%systemroot%\system32\wbiosrvc.dll,-100: %SystemRoot%\system32\svchost.exe -k WbioSvcGroup (manual start)
    @%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
    @%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start)
    Wd: \SystemRoot\system32\DRIVERS\wd.sys (manual start)
    WDDMService: "C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe" (autostart)
    Kernel Mode Driver Frameworks service: system32\drivers\Wdf01000.sys (system)
    @%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    @%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    @%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    @%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start)
    @%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    @%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (manual start)
    WFP Lightweight Filter: system32\DRIVERS\wfplwf.sys (system)
    WIMMount: system32\drivers\wimmount.sys (manual start)
    @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (manual start)
    @%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    @%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    @%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
    @%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
    Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (manual start)
    @%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start)
    @%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
    @%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
    Windows Socket 2.0 Non-IFS Service Provider Support Environment: \SystemRoot\system32\drivers\ws2ifsl.sys (system)
    @%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
    @%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
    @%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    User Mode Driver Frameworks Platform Driver: system32\drivers\WudfPf.sys (manual start)
    WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start)
    @%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
    @%SystemRoot%\System32\wwansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (manual start)
    
    
    --------------------------------------------------
    
    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*
    
    Windows NT checkdisk command:
    BootExecute = autocheck autochk *
    
    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: *Registry value not found*
    
    --------------------------------------------------
    
    Enumerating ShellServiceObjectDelayLoad items:
    
    WebCheck: *Registry key not found*
    
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
    
    *Registry key not found*
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
    
    *Registry key not found*
    
    --------------------------------------------------
    
    End of report, 51,273 bytes
    Report generated in 0.452 seconds
    
    Command line options:
       /verbose  - to add additional info on each section
       /complete - to include empty sections and unsuspicious data
       /full     - to include several rarely-important sections
       /force9x  - to include Win9x-only startups even if running on WinNT
       /forcent  - to include WinNT-only startups even if running on Win9x
       /forceall - to include all Win9x and WinNT startups, regardless of platform
       /history  - to list version history only
      My Computer


  4. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #4

    Hi,

    I notice you have BitDefender, Avira and Vipre anti-virus software installed - is that all resident in memory??? Have you scanned with any of these recently?

    What error do you get when you try to run Windows Offline Defender? You need to get that running if possible.

    Regards,
    Golden
      My Computer


  5. Posts : 4
    Windows 32 bit Home Premium
    Thread Starter
       #5

    What do you mean in the term "resident in memory"
      My Computer


  6. Posts : 279
    Windows 7 Home Premium x64
       #6

    "Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Bdagent = C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe SBAMTray = "C:\Program Files\GFI Software\VIPRE\SBAMTray.exe" avgnt = "C:\Avira\AntiVir Desktop\avgnt.exe" /min"

    You have two too many "actively--resident in memory" in charge of providing the same anti-virus protection. It doesn't mean you have three times the protection. It means when a suspect shows up, the three will fight each other for jurisdiction.
      My Computer


  7. Posts : 4
    Windows 32 bit Home Premium
    Thread Starter
       #7

    Ok so I should have one ill correct it thanks for the tip .... tan windows defender off line and it came back with nothing any other ideas maybe on what is causing all these conputers to go nuts
      My Computer


  8. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #8

    See if the problem persists with just Vipre resident in memory.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:50.
Find Us