13 replies to this topic

[MCas86]

I've acquired the Sirefef trojan. Couldn't start Security Essentials. Uninstalled Security Essentials. Reinstalled Security Essentials. It kept detecting and restarting. I have since then removed it again until I can get a true fix.
Thanks!

[MCas86]

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by mcasciano at 20:38:10 on 2012-07-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8118.3866 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe
C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\DellTPad\Apoint.exe
-netsvcs
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\sqlservr.exe
C:\app\mcasciano\product\11.2.0\client_1\bin\omtsreco.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\SysWOW64\vmnat.exe
c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdhost.exe
C:\Windows\system32\conhost.exe
c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} - mscoree.dll
EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\mcasciano\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
StartupFolder: C:\Users\MCASCI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\mcasciano\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\MCASCI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Open with XmlPad - C:\Program Files (x86)\WMHelp Software\WMHelp XmlPad\WmhASPP.dll/101
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
LSP: %SystemRoot%\system32\vsocklib.dll
Trusted Zone: arkesystems.com
Trusted Zone: arkesystems.com\portal
Trusted Zone: microsoftonline.com
Trusted Zone: microsoftonline.com\login
Trusted Zone: sharepoint.com\arkesystems1
Trusted Zone: sharepoint.com\arkesystems1-admin
Trusted Zone: sharepoint.com\arkesystems1-my
Trusted Zone: xrmlive.com\gsga
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://my.magmutual.com/vdesk/terminal/f5tunsrv.cab#version=6031,2010,617,2013
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - C:\Users\MCASCI~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab
DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} - hxxp://gfg-nor-crm01.gfg.local/Reserved.ReportViewerWebControl.axd?ReportSession=45ds42551dfqhi453j0h1v55&Culture=1033&CultureOverrides=True&UICulture=1033&UICultureOverrides=True&ReportStack=1&ControlID=d7fe4076b23d4682b7b08a1ec3c31fd6&OpType=PrintCab&Arch=X86
DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574}
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://my.magmutual.com/vdesk/terminal/urxhost.cab#version=6031,2010,617,2005
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC}\1427B6563597374756D637 : DhcpNameServer = 192.168.1.56 192.168.1.57
TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC}\2457666616C6F6121312 : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wmh - {A1428E78-2D00-4590-A071-0CC9700A7768} - C:\Program Files (x86)\WMHelp Software\WMHelp XmlPad\WmhASPP.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
EB-X64: {3142c289-f319-47f5-a594-a827028714c9} - No File
EB-X64: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - No File
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\mcasciano\AppData\Roaming\Mozilla\Firefox\Profiles\xas03yjw.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Users\mcasciano\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\Firefox\Profiles\xas03yjw.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\Firefox\Profiles\xas03yjw.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 NEOFLTR_650_17883;Juniper Networks TDI Filter Driver (NEOFLTR_650_17883);\??\C:\Windows\system32\Drivers\NEOFLTR_650_17883.SYS --> C:\Windows\system32\Drivers\NEOFLTR_650_17883.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-4-30 104872]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-4-30 123816]
R2 CrmSqlStartupSvc;SQL Server (CRM) On-Demand Shutdown;C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe [2012-4-26 24168]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-9-26 375208]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2011-6-17 210784]
R2 MsDtsServer110;SQL Server Integration Services 11.0;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [2012-2-11 218200]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2011-9-28 2078112]
R2 MSOLAP$MSSQL2012;SQL Server Analysis Services (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\bin\msmdsrv.exe [2012-2-11 61538904]
R2 MSOLAP$SQLSERVER08;SQL Server Analysis Services (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\bin\msmdsrv.exe [2011-6-17 54791520]
R2 MSSQL$MSSQL2012;SQL Server (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe [2012-2-11 191064]
R2 MSSQL$SQLSERVER08;SQL Server (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\sqlservr.exe [2011-6-17 62111072]
R2 ReportServer$MSSQL2012;SQL Server Reporting Services (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2012-2-11 2348632]
R2 ReportServer$SQLSERVER08;SQL Server Reporting Services (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-6-17 2180960]
R2 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-5-18 127488]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-12 2984832]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-4-23 478672]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
R3 MSSQLFDLauncher$MSSQL2012;SQL Full-text Filter Daemon Launcher (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe [2012-2-11 49752]
R3 MSSQLFDLauncher$SQLSERVER08;SQL Full-text Filter Daemon Launcher (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe [2010-4-3 32096]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 haycmkae;haycmkae;\??\C:\Windows\system32\drivers\haycmkae.sys --> C:\Windows\system32\drivers\haycmkae.sys [?]
S1 rfdedaei;rfdedaei;\??\C:\Windows\system32\drivers\rfdedaei.sys --> C:\Windows\system32\drivers\rfdedaei.sys [?]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
S2 MSCRMAsyncService$client;Microsoft CRM Asynchronous Processing Service (client);C:\Program Files (x86)\Microsoft Dynamics CRM Data Migration Manager\DMClient\bin\CrmAsyncService.exe [2009-1-31 165728]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S2 vtigercrmMysql530;vtigercrmMysql530;"C:\Program Files (x86)\vtigercrm-5.3.0\mysql\bin\mysqld-nt" "--defaults-file=C:\Program Files (x86)\vtigercrm-5.3.0\mysql\my.ini" vtigercrmMysql530 --> C:\Program Files (x86)\vtigercrm-5.3.0\mysql\bin\mysqld-nt [?]
S3 acsock;acsock;C:\Windows\system32\DRIVERS\acsock64.sys --> C:\Windows\system32\DRIVERS\acsock64.sys [?]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2011-12-9 15768]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service;C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-5-18 139776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 113120]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 SQLAgent$MSSQL2012;SQL Server Agent (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\SQLAGENT.EXE [2012-2-11 597080]
S3 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
S3 SQLAgent$SQLSERVER08;SQL Server Agent (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\SQLAGENT.EXE [2011-6-17 431456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-1-18 68440]
S3 VSPerfDrv110;Performance Tools Driver 11.0;C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2012-4-1 71960]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WMSVC;Web Management Service;C:\Windows\system32\inetsrv\wmsvc.exe --> C:\Windows\system32\inetsrv\wmsvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]
S4 RsFx0151;RsFx0151 Driver;C:\Windows\system32\DRIVERS\RsFx0151.sys --> C:\Windows\system32\DRIVERS\RsFx0151.sys [?]
S4 RsFx0200;RsFx0200 Driver;C:\Windows\system32\DRIVERS\RsFx0200.sys --> C:\Windows\system32\DRIVERS\RsFx0200.sys [?]
SUnknown aygclmzm;aygclmzm; [x]
SUnknown ghbmoeel;ghbmoeel; [x]
.
=============== Created Last 30 ================
.
2012-07-29 00:00:47 50392 ----a-w- C:\Windows\System32\drivers\haycmkae.sys
2012-07-29 00:00:35 50392 ----a-w- C:\Windows\System32\drivers\rfdedaei.sys
2012-07-28 23:53:38 50392 ----a-w- C:\Windows\System32\drivers\zcmgxigb.sys
2012-07-28 23:53:38 328704 ----a-w- C:\Windows\System32\services.exe.56C209A3DD986DD9
2012-07-28 23:45:20 328704 ----a-w- C:\Windows\System32\services.exe.2A92AD4B0F3DDB43
2012-07-28 23:37:43 328704 ----a-w- C:\Windows\System32\services.exe.E42FC75A3C369E50
2012-07-28 23:30:47 328704 ----a-w- C:\Windows\System32\services.exe.26430573A87966B9
2012-07-28 23:23:34 328704 ----a-w- C:\Windows\System32\services.exe.7FCF0B494E963437
2012-07-28 23:16:31 328704 ----a-w- C:\Windows\System32\services.exe.1999BE9AE75136EE
2012-07-28 23:08:17 328704 ----a-w- C:\Windows\System32\services.exe.1E1F619D2908A1A4
2012-07-28 23:01:16 328704 ----a-w- C:\Windows\System32\services.exe.C4E23341788E07BB
2012-07-28 22:54:15 328704 ----a-w- C:\Windows\System32\services.exe.05725DB954EA9E95
2012-07-28 22:45:02 328704 ----a-w- C:\Windows\System32\services.exe.EE2B73359C35E472
2012-07-28 22:32:20 328704 ----a-w- C:\Windows\System32\services.exe.818C7ACFB9B77717
2012-07-28 22:22:25 328704 ----a-w- C:\Windows\System32\services.exe.17CD3B4823F34B15
2012-07-28 22:10:14 328704 ----a-w- C:\Windows\System32\services.exe.A588D620D3432E31
2012-07-28 21:57:42 328704 ----a-w- C:\Windows\System32\services.exe.5EC65854F93167D7
2012-07-28 21:44:09 20480 ------w- C:\Windows\svchost.exe
2012-07-28 09:44:02 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-26 21:52:46 -------- d-----w- C:\Users\mcasciano\AppData\Roaming\Malwarebytes
2012-07-26 21:52:20 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-26 21:52:17 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-26 21:52:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-26 12:54:02 10240 ----a-w- C:\SharePointFarmSolutionExtractor.exe
2012-07-24 19:33:09 -------- d-----w- C:\Program Files (x86)\Microsoft Web Tooling Extensions
2012-07-24 19:22:57 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-07-24 19:22:25 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2012-07-24 19:22:14 -------- d-----w- C:\Program Files (x86)\WPF Toolkit
2012-07-24 19:15:29 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2012-07-24 19:15:29 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2012-07-24 19:15:29 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll
2012-07-24 19:15:29 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2012-07-24 19:15:28 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll
2012-07-24 19:15:27 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll
2012-07-24 19:14:05 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2012-07-24 19:14:05 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-07-24 19:13:43 -------- d-----w- C:\Windows\SysWow64\xlive
2012-07-24 19:13:41 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-07-24 19:13:16 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2012-07-24 19:08:43 204224 ----a-w- C:\ProgramData\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2012-07-24 19:02:57 -------- d-----w- C:\Program Files (x86)\Microsoft XDE
2012-07-24 19:02:47 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-07-24 19:02:47 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-07-24 19:02:22 2582888 ----a-w- C:\Windows\System32\D3DCompiler_42.dll
2012-07-24 19:02:22 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2012-07-24 14:09:29 -------- d-----w- C:\Users\mcasciano\AppData\Roaming\ElectricMobileSim
2012-07-24 14:08:50 94208 ----a-w- C:\Windows\SysWow64\eSellerateControl365.dll
2012-07-24 14:08:50 360580 --s-a-w- C:\Windows\SysWow64\eSellerateEngine.dll
2012-07-24 14:08:44 -------- d-----w- C:\Program Files (x86)\Electric Plum
2012-07-24 13:34:12 -------- d-----w- C:\Users\mcasciano\net
2012-07-24 13:30:25 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion
2012-07-24 13:29:24 -------- d-----w- C:\Program Files (x86)\Research In Motion
2012-07-24 13:01:19 -------- d-----w- C:\Users\mcasciano\AppData\Local\VMware
2012-07-23 19:25:30 31384 ----a-w- C:\Windows\System32\drivers\VMparport.sys
2012-07-23 19:25:29 63128 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2012-07-23 19:24:54 354456 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2012-07-23 19:24:52 433816 ----a-w- C:\Windows\SysWow64\vmnat.exe
2012-07-23 19:24:51 30360 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2012-07-23 19:24:45 942744 ----a-w- C:\Windows\System32\vnetlib64.dll
2012-07-23 19:24:42 32920 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2012-07-23 19:24:40 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys
2012-07-23 19:23:49 -------- d-----w- C:\Program Files\Common Files\VMware
2012-07-11 07:08:51 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 05:30:10 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-11 05:29:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-07-10 20:22:47 -------- d--h--w- C:\Users\mcasciano\InstallAnywhere
2012-06-29 02:26:42 396432 ----a-w- C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\Web\Microsoft.Web.Publishing.Tasks.dll
.
==================== Find3M ====================
.
2012-07-12 17:24:23 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-07-12 17:24:23 80800 ----a-w- C:\Windows\System32\LMIinit.dll
2012-07-12 17:24:23 34720 ----a-w- C:\Windows\System32\LMIport.dll
2012-06-21 20:12:26 60304 ----a-w- C:\Users\mcasciano\g2mdlhlpx.exe
2012-06-09 04:29:42 252056 ----a-w- C:\Windows\SysWow64\vmnc.dll
2012-06-09 03:52:20 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll
2012-06-09 03:52:20 48752 ----a-w- C:\Windows\System32\vnetinst.dll
2012-06-09 03:52:20 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2012-06-09 03:52:20 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2012-06-09 03:52:20 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-05-21 22:14:50 685968 ----a-w- C:\Windows\System32\vsjitdebugger.exe
2012-05-19 01:47:20 98752 ----a-w- C:\Windows\SysWow64\vfrdvcompat.dll
2012-05-19 01:47:20 164168 ----a-w- C:\Windows\SysWow64\vrfcore.dll
2012-05-19 01:47:16 87312 ----a-w- C:\Windows\SysWow64\vfcompat.dll
2012-05-19 01:47:16 81560 ----a-w- C:\Windows\SysWow64\vfnet.dll
2012-05-19 01:47:16 40120 ----a-w- C:\Windows\SysWow64\vfntlmless.dll
2012-05-19 01:47:16 367360 ----a-w- C:\Windows\SysWow64\vfprintpthelper.dll
2012-05-19 01:47:16 351248 ----a-w- C:\Windows\SysWow64\vfbasics.dll
2012-05-19 01:47:16 306552 ----a-w- C:\Windows\SysWow64\vfprint.dll
2012-05-19 01:47:16 242736 ----a-w- C:\Windows\SysWow64\vfluapriv.dll
2012-05-19 01:47:16 21432 ----a-w- C:\Windows\SysWow64\cuzzapi.dll
2012-05-19 01:47:14 61352 ----a-w- C:\Windows\SysWow64\vfnws.dll
2012-05-19 01:47:14 52016 ----a-w- C:\Windows\SysWow64\vfcuzz.dll
2012-05-19 01:47:14 173504 ----a-w- C:\Windows\SysWow64\appverif.exe
2012-05-19 01:42:00 59304 ----a-w- C:\Windows\SysWow64\VSD3DRefDebug.dll
2012-05-19 01:41:48 712616 ----a-w- C:\Windows\SysWow64\d3d11_1sdklayers.dll
2012-05-19 01:41:48 608680 ----a-w- C:\Windows\SysWow64\d3d11ref.dll
2012-05-19 01:41:48 590248 ----a-w- C:\Windows\SysWow64\d3d11sdklayers.dll
2012-05-19 01:41:48 461224 ----a-w- C:\Windows\SysWow64\d3d10sdklayers.dll
2012-05-19 01:41:48 383912 ----a-w- C:\Windows\SysWow64\d3dref9.dll
2012-05-19 01:41:48 365480 ----a-w- C:\Windows\SysWow64\d3d10ref.dll
2012-05-19 01:41:48 276904 ----a-w- C:\Windows\SysWow64\d2d1debug1.dll
2012-05-19 01:41:48 270248 ----a-w- C:\Windows\SysWow64\dxcpl.exe
2012-05-19 01:41:48 101800 ----a-w- C:\Windows\SysWow64\dxgidebug.dll
2012-05-19 01:18:54 78760 ----a-w- C:\Windows\System32\VSD3DRefDebug.dll
2012-05-19 01:18:40 886184 ----a-w- C:\Windows\System32\d3d11_1sdklayers.dll
2012-05-19 01:18:40 748456 ----a-w- C:\Windows\System32\d3d11ref.dll
2012-05-19 01:18:40 713128 ----a-w- C:\Windows\System32\d3d11sdklayers.dll
2012-05-19 01:18:40 597416 ----a-w- C:\Windows\System32\d3d10sdklayers.dll
2012-05-19 01:18:40 461224 ----a-w- C:\Windows\System32\d3d10ref.dll
2012-05-19 01:18:40 446376 ----a-w- C:\Windows\System32\d3dref9.dll
2012-05-19 01:18:40 340904 ----a-w- C:\Windows\System32\d2d1debug1.dll
2012-05-19 01:18:40 287144 ----a-w- C:\Windows\System32\dxcpl.exe
2012-05-19 01:18:40 126376 ----a-w- C:\Windows\System32\dxgidebug.dll
2012-05-19 01:17:32 29096 ----a-w- C:\Windows\System32\microsoft.windows.softwarelogo.showdesktop.exe
2012-05-17 16:48:38 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-30 22:17:40 860064 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2012-04-30 22:17:40 503200 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2012-04-30 22:17:40 27544 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2012-04-30 22:17:40 17280 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2012-04-30 21:14:54 862104 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2012-04-30 21:14:54 617368 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2012-04-30 21:14:54 29592 ----a-w- C:\Windows\System32\aspnet_counters.dll
2012-04-30 21:14:54 17280 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
.
============= FINISH: 20:41:23.54 ===============

[MCas86]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 10/10/2011 8:34:15 AM
System Uptime: 7/28/2012 7:54:39 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0667CC
Processor: Intel® Core™ i5 CPU M 520 @ 2.40GHz | CPU 1 | 2400/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 232 GiB total, 48.515 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is Removable
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\SMO8800\1
Manufacturer:
Name:
PNP Device ID: ACPI\SMO8800\1
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter for 64-bit Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter for 64-bit Windows
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0001
Manufacturer: Cisco Systems
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0001
Service: vpnva
.
Class GUID:
Description: Broadcom USH
Device ID: USB\VID_0A5C&PID_5800&MI_00\7&66DE6C9&0&0000
Manufacturer:
Name: Broadcom USH
PNP Device ID: USB\VID_0A5C&PID_5800&MI_00\7&66DE6C9&0&0000
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet1
Device ID: ROOT\VMWARE\0000
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet1
PNP Device ID: ROOT\VMWARE\0000
Service: VMnetAdapter
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet8
Device ID: ROOT\VMWARE\0001
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet8
PNP Device ID: ROOT\VMWARE\0001
Service: VMnetAdapter
.
==== System Restore Points ===================
.
RP231: 7/21/2012 4:40:18 AM - Windows Update
RP232: 7/24/2012 6:10:26 AM - Windows Update
RP233: 7/24/2012 9:28:54 AM - Installed BlackBerry Smartphone Simulators 6.0.0.431 (9650-Verizon)
RP234: 7/24/2012 3:02:02 PM - Installed DirectX
RP235: 7/24/2012 3:02:30 PM - Installed DirectX
RP236: 7/24/2012 3:13:47 PM - Installed DirectX
RP237: 7/24/2012 3:15:05 PM - Installed DirectX
RP238: 7/24/2012 3:22:38 PM - Installed DirectX
RP239: 7/26/2012 5:43:35 PM - Removed Microsoft Lync 2010
RP240: 7/27/2012 6:42:44 PM - Windows Update
.
==== Installed Programs ======================
.
.
Tools for .Net 3.5
A-PDF Restrictions Remover 1.6
Adobe AIR
Adobe Reader X (10.1.3)
Advanced XML Converter 2.33
AnkhSVN 2.3.10509.1073
Apple Application Support
Apple Software Update
Aptana Studio 3
BlackBerry Smartphone Simulators 6.0.0.431 (9650-Verizon)
Blend for Visual Studio
Blend for Visual Studio ENU resources
CamStudio
Cisco AnyConnect Diagnostics and Reporting Tool
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Start Before Login Module
Crystal Reports for Visual Studio
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dotfuscator and Analytics Community Edition
Dotfuscator Software Services - Community Edition
Dropbox
DVD Shrink 3.2
Electric Mobile Simulator Lite version v1.4a
Fiddler Syntax-Highlighting Addons
Fiddler2
FileZilla Client 3.5.1
Flashpoint
GIMP 2.6.12-2
Google Chrome
Google Talk Plugin
GoToMeeting 5.2.0.952
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2522890)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2581019)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2591016)
Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2635973)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Java Auto Updater
Java™ 7 Update 4
JavaFX 2.1.0
join.me
Juniper Networks Network Connect 7.1.0
Juniper Networks Secure Application Manager
Juniper Networks, Inc. Setup Client
Juniper Networks, Inc. Setup Client Activex Control
LocalESPC
LocalESPCui for en-us
LogMeIn
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 RC Multi-Targeting Pack
Microsoft .NET Framework 4.5 RC SDK
Microsoft Advertising SDK for Windows Phone - ENU
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft ASP.NET MVC 3
Microsoft ASP.NET MVC 3 - Visual Studio 11 Tools Update
Microsoft ASP.NET MVC 3 - Visual Studio 2010 Tools Update
Microsoft ASP.NET MVC 4
Microsoft ASP.NET MVC 4 - Visual Studio 11 Tools
Microsoft ASP.NET MVC 4 - Visual Studio 2010 Tools
Microsoft ASP.NET MVC 4 Runtime
Microsoft ASP.NET Web Pages
Microsoft ASP.NET Web Pages - Visual Studio 11 Tools
Microsoft ASP.NET Web Pages - Visual Studio 2010 Tools
Microsoft ASP.NET Web Pages 2 - Visual Studio 11 Tools
Microsoft ASP.NET Web Pages 2 - Visual Studio 2010 Tools
Microsoft ASP.NET Web Pages 2 Runtime
Microsoft Dynamics CRM 2011 English (United States) Language Pack
Microsoft Dynamics CRM 2011 for Microsoft Office Outlook
Microsoft Dynamics CRM Data Migration Manager
Microsoft Dynamics CRM Report Authoring Extension
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend 4 Add-in for Adobe FXG Import
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Blend SDK for Windows Phone 7
Microsoft Expression Blend SDK for Windows Phone OS 7.1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 2.0 RC
Microsoft LightSwitch for Visual Studio 2012 RC Core
Microsoft LightSwitch for Visual Studio 2012 RC CoreRes - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Online Services Sign In
Microsoft Portable Library Multi-Targeting Pack
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
Microsoft Report Viewer 2012 Runtime
Microsoft Report Viewer Add-On for Visual Studio 2012
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft ReportViewer 2010 Redistributable
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight 5 SDK
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Books Online (English)
Microsoft SQL Server 2005 Notification Services
Microsoft SQL Server 2005 Tools
Microsoft SQL Server 2008 R2 Books Online
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2012 Data-Tier App Framework
Microsoft SQL Server 2012 Management Objects
Microsoft SQL Server 2012 Policies
Microsoft SQL Server 2012 T-SQL Language Service
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server Data Tools - enu (11.1.20425.00)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20425.00)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft Sync Framework SDK v1.0 SP1
Microsoft System CLR Types for SQL Server 2012
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50522
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50522
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50522
Microsoft Visual C++ Compilers 2012
Microsoft Visual C++ Compilers 2012 - ENU Resources
Microsoft Visual C++ Core Libraries 2012
Microsoft Visual C++ Extended Libraries 2012
Microsoft Visual C++ Microsoft Foundation Class Libraries 2012
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2005 Premier Partner Edition - ENU
Microsoft Visual Studio 2005 Premier Partner Edition - ENU Service Pack 1 (KB926601)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU
Microsoft Visual Studio 2010 Premium - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Shell (Isolated) - ENU
Microsoft Visual Studio 2012 Devenv
Microsoft Visual Studio 2012 Devenv Resources
Microsoft Visual Studio 2012 IntelliTrace Core x86
Microsoft Visual Studio 2012 IntelliTrace Front End x86
Microsoft Visual Studio 2012 RC Preparation
Microsoft Visual Studio 2012 SharePoint Developer Tools RC
Microsoft Visual Studio 2012 SharePoint Developer Tools RC enu Language Pack
Microsoft Visual Studio 2012 Shell (Minimum)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2012 Shell (Minimum) Resources
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 RC ENU
Microsoft Visual Studio Macro Tools
Microsoft Visual Studio Premium 2012 RC
Microsoft Visual Studio Premium 2012 RC - ENU
Microsoft Visual Studio Professional 2012 RC
Microsoft Visual Studio Professional 2012 RC - ENU
Microsoft Visual Studio Team Foundation Server 2012 RC Team Explorer
Microsoft Visual Studio Team Foundation Server 2012 RC Team Explorer Language Pack - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications Design-Time 3.0
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0
Microsoft Visual Studio Ultimate 2012 RC
Microsoft Visual Studio Ultimate 2012 RC - ENU
Microsoft Visual Studio Ultimate 2012 RC XAML UI Designer Core
Microsoft Visual Studio Ultimate 2012 RC XAML UI Designer enu Resources
Microsoft Web Deploy dbSqlPackage Provider - enu
Microsoft Web Tooling Extensions - Visual Studio 11
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Refresh
Microsoft XNA Game Studio 4.0 Refresh (ARP entry)
Microsoft XNA Game Studio 4.0 Refresh (Redists)
Microsoft XNA Game Studio 4.0 Refresh (Shared Components)
Microsoft XNA Game Studio 4.0 Refresh (Visual Studio)
Microsoft XNA Game Studio Platform Tools
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySQL Workbench 5.2 CE
No-IP DUC
Notepad++
NuGet
ODAC Documentation for Visual Studio 2008
ODAC Documentation for Visual Studio 2010
OpenOffice.org 3.4
Pidgin
PreEmptive Analytics Visual Studio Components
Prerequisites for SSDT
QuickTime
Safari
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio 2010 (KB2553374) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Security Update for Microsoft Visual Studio 2005 Premier Partner Edition - ENU (KB2251481)
Security Update for Microsoft Visual Studio 2010 Premium - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Service Pack 2 for SQL Server Database Services 2005 ENU (KB921896)
Service Pack 2 for SQL Server Notification Services 2005 ENU (KB921896)
Service Pack 2 for SQL Server Tools and Workstation Components 2005 ENU (KB921896)
Sitecore 6.4.1 rev. 110720 - Onco
Skype™ 5.8
SQL Server Browser for SQL Server 2012
SQL Server Data Framework Tools - enu
Team Development for Sitecore (VS2010)
TeamViewer 7
TotalExcelConverter
TreeSize Free V2.7
Update for Microsoft Dynamics CRM for Outlook (KB2645912)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Visual Studio 2005 Premier Partner Edition - ENU (KB932232)
Update Rollup 6 for Microsoft Dynamics CRM for Outlook (KB2600640)
Update Rollup 6 for Microsoft Dynamics CRM Report Authoring Extension (KB2600640)
Update Rollup 7 for Microsoft Dynamics CRM for Outlook (KB2600643)
Update Rollup 7 for Microsoft Dynamics CRM Report Authoring Extension (KB2600643)
Update Rollup 8 for Microsoft Dynamics CRM for Outlook (KB2600644)
Update Rollup 8 for Microsoft Dynamics CRM Report Authoring Extension (KB2600644)
Visual Linq query builder
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio Extensions for Windows Library for JavaScript
VLC media player 1.1.11
VMware Player
VMware Remote Console Plug-in
WampServer 2.2
WCF Data Services 5.0 (for OData v3) Metro Support
WCF Data Services 5.0 (for OData v3) Primary Components
WCF Data Services SDK for Windows Phone
WCF Data Services Tools for Visual Studio 11
WCF RIA Services V1.0 SP2
Windows App Certification Kit x64
Windows Azure Tools for Microsoft Visual Studio 2010 - November 2011
Windows Azure Tools for Microsoft Visual Studio 2010 1.6
Windows Azure Tools for Microsoft Visual Studio 2010 Core
Windows Phone SDK 7.1 - ENU
Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU
Windows Phone SDK 7.1 Assemblies
Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0
Windows Runtime Intellisense Content - en-us
Windows Software Development Kit
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit for Metro style Apps
Windows Software Development Kit for Metro style Apps DirectX x86 Remote
WinRAR 4.01 (32-bit)
WMHelp XmlPad
Wondershare Video Converter Ultimate(Build 5.7.1.1)
WPF Toolkit February 2010 (Version 3.5.50211.1)
.
==== Event Viewer Messages From Past Week ========
.
7/28/2012 8:18:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
7/28/2012 7:59:59 PM, Error: Service Control Manager [7000] - The vtigercrmMysql530 service failed to start due to the following error: The system cannot find the file specified.
7/28/2012 7:59:28 PM, Error: Service Control Manager [7001] - The SQL Server Agent (MSSQLSERVER) service depends on the SQL Server (MSSQLSERVER) service which failed to start because of the following error: The service did not start due to a logon failure.
7/28/2012 7:59:03 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
7/28/2012 7:58:38 PM, Error: Service Control Manager [7038] - The MSSQLSERVER service was unable to log on as ARKESYSTEMS\mcasciano with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/28/2012 7:58:38 PM, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.
7/28/2012 7:57:26 PM, Error: Service Control Manager [7038] - The msftesql service was unable to log on as ARKESYSTEMS\mcasciano with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/28/2012 7:57:26 PM, Error: Service Control Manager [7000] - The SQL Server FullText Search (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.
7/28/2012 7:56:47 PM, Error: Service Control Manager [7038] - The MSCRMAsyncService$client service was unable to log on as ARKESYSTEMS\mcasciano with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/28/2012 7:56:47 PM, Error: Service Control Manager [7000] - The Microsoft CRM Asynchronous Processing Service (client) service failed to start due to the following error: The service did not start due to a logon failure.
7/28/2012 7:56:40 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
7/28/2012 7:56:30 PM, Error: Microsoft-Windows-GroupPolicy [1053] - The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
7/28/2012 7:56:15 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
7/28/2012 7:56:14 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/28/2012 7:56:13 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain ARKESYSTEMS due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
7/28/2012 7:42:45 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/28/2012 6:37:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the OracleMTSRecoveryService service to connect.
7/28/2012 6:37:28 PM, Error: Service Control Manager [7000] - The OracleMTSRecoveryService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2012 6:26:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server Integration Services 10.0 service to connect.
7/28/2012 6:26:06 PM, Error: Service Control Manager [7000] - The SQL Server Integration Services 10.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2012 6:22:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/28/2012 6:17:49 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/28/2012 6:17:49 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.
7/28/2012 6:17:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
7/28/2012 5:50:09 PM, Error: Microsoft Antimalware [2001] -
7/28/2012 4:57:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002c737ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072812-72961-01.
7/25/2012 12:50:50 PM, Error: Microsoft-Windows-GroupPolicy [1058] - The processing of Group Policy failed. Windows attempted to read the file \\arkesystems.com\SysVol\arkesystems.com\Policies\{97B8B7F3-9F31-4CCF-89E8-15D4F4356D6A}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled.
7/25/2012 12:17:42 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
7/23/2012 3:25:02 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{9AC75C0C-956C-4A56-A698-105BCFDBB719} because another computer on the network has the same name. The server could not start.
7/23/2012 1:45:59 PM, Error: Schannel [36888] - The following fatal alert was generated: 48. The internal error state is 552.
7/23/2012 1:45:59 PM, Error: Schannel [36882] - The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.
.
==== End Of File ===========================

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[MCas86]

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: mcasciano [Admin rights]
Mode: Scan -- Date: 07/28/2012 20:59:40

¤¤¤ Bad processes: 1 ¤¤¤
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 12 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : c:\windows\installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\@ --> FOUND
[ZeroAccess][FOLDER] U : c:\windows\installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\windows\installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L --> FOUND
[ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_32\desktop.ini --> FOUND
[ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_64\desktop.ini --> FOUND

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEKT-75A25T0 +++++
--- User ---
[MBR] e13f048914289d0eb39df0f753698a37
[BSP] acbff0650422c537e769a078b5148611 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 321536 | Size: 750 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1857536 | Size: 237567 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] b7a66cae2edd678732226ecfcd339a16
[BSP] acbff0650422c537e769a078b5148611 : Windows 7 MBR Code
Partition table:
1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 321536 | Size: 750 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1857536 | Size: 237567 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] b7a66cae2edd678732226ecfcd339a16
[BSP] acbff0650422c537e769a078b5148611 : Windows 7 MBR Code
Partition table:
1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 321536 | Size: 750 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1857536 | Size: 237567 Mo

Finished : << RKreport[1].txt >>
RKreport[1].txt

[MrCharlie]

Your computer is infected with a nasty rootkit. Please read the following information first.

Quote

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall
http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

Please make sure system restore is running and create a new restore point before continuing!

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
  
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  
• Use the arrow keys to select the Repair your computer menu item.
  
• Select US as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
  
• Restart your computer.
  
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  
• Click Repair your computer.
  
• Select US as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

• 
  
  Startup Repair
  System Restore
  Windows Complete PC Restore
  Windows Memory Diagnostic Tool
  Command Prompt
• Select Command Prompt
  
• In the command window type in notepad and press Enter.
  
• The notepad opens. Under File menu select Open.
  
• Select "Computer" and find your flash drive letter and close the notepad.
  
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
  
• The tool will start to run.
  
• When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:
  services.exe
  
• Now press the Search button
  
• When the search is complete, search.txt will also be written to your USB
  
• Type exit and reboot the computer normally
  
• Please copy and paste both logs in your reply.(FRST.txt and Search.txt)

MrC

[MCas86]

Scan result of Farbar Recovery Scan Tool Version: 25-07-2012 01
Ran by SYSTEM at 28-07-2012 21:36:52
Running from G:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167704 2011-10-21] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392472 2011-10-21] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [416024 2011-10-21] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [522704 2012-04-23] (Cisco Systems, Inc.)
HKU\mcasciano\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [4910912 2011-08-01] (DT Soft Ltd)
HKU\mcasciano\...\Run: [Google Update] "C:\Users\mcasciano\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-08] (Google Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Startup: C:\Users\All Users\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\mcasciano\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\mcasciano\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ======

3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
2 CrmSqlStartupSvc; "C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe" [24168 2012-04-26] (Microsoft Corporation)
2 CVPND; "C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe" [1528616 2010-03-23] (Cisco Systems, Inc.)
3 fussvc; "C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe" [139776 2012-05-18] (Microsoft Corporation)
2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375208 2012-07-12] (LogMeIn, Inc.)
2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147368 2012-07-12] (LogMeIn, Inc.)
2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2011-09-16] (LogMeIn, Inc.)
2 MSCRMAsyncService$client; "C:\Program Files (x86)\Microsoft Dynamics CRM Data Migration Manager\DMClient\bin\CrmAsyncService.exe" MSCRMAsyncService$client [165728 2009-01-30] (Microsoft Corporation)
2 MsDtsServer100; "C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe" [210784 2011-06-17] (Microsoft Corporation)
2 MsDtsServer110; "C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe" [218200 2012-02-11] (Microsoft Corporation)
2 msoidsvc; "C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE" [2078112 2011-09-28] (Microsoft Corp.)
2 MSSQL$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe" -sMSSQL2012 [191064 2012-02-11] (Microsoft Corporation)
2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [58345832 2011-09-22] (Microsoft Corporation)
2 MSSQL$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\sqlservr.exe" -sSQLSERVER08 [62111072 2011-06-17] (Microsoft Corporation)
2 MSSQLSERVER; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER [29178224 2007-02-10] (Microsoft Corporation)
2 OracleMTSRecoveryService; C:\app\mcasciano\product\11.2.0\client_1\bin\omtsreco.exe "OracleMTSRecoveryService" [69632 2011-09-28] (Oracle Corporation)
2 ReportServer$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe" [2348632 2012-02-11] (Microsoft Corporation)
2 ReportServer$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe" [2180960 2011-06-17] (Microsoft Corporation)
3 SQLAgent$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\SQLAGENT.EXE" -i MSSQL2012 [597080 2012-02-11] (Microsoft Corporation)
3 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [431464 2011-09-22] (Microsoft Corporation)
3 SQLAgent$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\SQLAGENT.EXE" -i SQLSERVER08 [431456 2011-06-17] (Microsoft Corporation)
2 SQLSERVERAGENT; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i MSSQLSERVER [344944 2007-02-10] (Microsoft Corporation)
2 Te.Service; "C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe" [127488 2012-05-18] (Microsoft Corporation)
2 vpnagent; "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe" [478672 2012-04-23] (Cisco Systems, Inc.)
2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
2 W3SVC; C:\Windows\SysWow64\inetsrv\iisw3adm.dll [397824 2010-11-20] (Microsoft Corporation)
2 wampapache; "C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" -k runservice [21504 2011-09-26] (Apache Software Foundation)
3 wampmysqld; C:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe wampmysqld [9665536 2011-09-26] ()
3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
2 msftesql; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:MSSQLSERVER [x]
2 MSOLAP$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\Config" [x]
2 MSOLAP$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\Config" [x]
3 MSSQLFDLauncher$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.MSSQL2012 [x]
3 MSSQLFDLauncher$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe" -s MSSQL10_50.SQLSERVER08 [x]

========================== Drivers (Whitelisted) =============

3 acsock; C:\Windows\System32\DRIVERS\acsock64.sys [107432 2012-04-23] (Cisco Systems, Inc.)
3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA64.sys [14992 2010-02-08] (Cisco Systems, Inc.)
3 CVPNDRVA; C:\Windows\System32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
3 DNE; C:\Windows\System32\DRIVERS\dne64x.sys [157968 2008-11-16] (Deterministic Networks, Inc.)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [270912 2011-10-10] (DT Soft Ltd)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [293552 2009-11-05] (Intel Corporation)
1 haycmkae; C:\Windows\System32\Drivers\haycmkae.sys [50392 2012-07-28] (Microsoft Corporation)
2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2011-09-16] (LogMeIn, Inc.)
3 lmimirr; C:\Windows\System32\Drivers\lmimirr.sys [11552 2011-09-16] (LogMeIn, Inc.)
2 LMIRfsDriver; C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216 2011-09-16] (LogMeIn, Inc.)
1 NEOFLTR_650_17883; C:\Windows\System32\Drivers\NEOFLTR_650_17883.sys [100472 2011-03-10] (Juniper Networks)
1 rfdedaei; C:\Windows\System32\Drivers\rfdedaei.sys [50392 2012-07-28] (Microsoft Corporation)
4 RsFx0151; C:\Windows\System32\Drivers\RsFx0151.sys [313696 2011-06-17] (Microsoft Corporation)
4 RsFx0200; C:\Windows\System32\Drivers\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
2 VMparport; C:\Windows\System32\Drivers\VMparport.sys [31384 2012-06-08] (VMware, Inc.)
3 VSPerfDrv110; \??\C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [71960 2012-04-01] (Microsoft Corporation)
1 bcrnbbuu; \??\C:\Windows\system32\drivers\bcrnbbuu.sys [x]
4 LMIRfsClientNP; [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
2 vtigercrmMysql530; "C:\Program Files (x86)\vtigercrm-5.3.0\mysql\bin\mysqld-nt" "--defaults-file=C:\Program Files (x86)\vtigercrm-5.3.0\mysql\my.ini" vtigercrmMysql530 [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-28 17:08 - 2012-07-28 17:08 - 01438391 ____A (Farbar) C:\Users\mcasciano\Downloads\FRST64.exe
2012-07-28 16:59 - 2012-07-28 16:59 - 00003209 ____A C:\Users\mcasciano\Desktop\RKreport[1].txt
2012-07-28 16:59 - 2012-07-28 16:59 - 00000000 ____D C:\Users\mcasciano\Desktop\RK_Quarantine
2012-07-28 16:58 - 2012-07-28 16:58 - 01552384 ____A C:\Users\mcasciano\Downloads\RogueKiller.exe
2012-07-28 16:47 - 2012-07-28 16:47 - 00034802 ____A C:\Users\mcasciano\Desktop\DDS.txt
2012-07-28 16:47 - 2012-07-28 16:47 - 00028189 ____A C:\Users\mcasciano\Desktop\Attach.txt
2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____R (Swearware) C:\Users\mcasciano\Downloads\dds.com
2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____A (Swearware) C:\Users\mcasciano\Downloads\dds.scr
2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfdedaei.sys
2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\haycmkae.sys
2012-07-28 15:53 - 2012-07-28 15:53 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.56C209A3DD986DD9
2012-07-28 15:53 - 2012-07-28 15:53 - 00050392 ____A C:\Windows\System32\Drivers\zcmgxigb.sys
2012-07-28 15:45 - 2012-07-28 15:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.2A92AD4B0F3DDB43
2012-07-28 15:37 - 2012-07-28 15:37 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.E42FC75A3C369E50
2012-07-28 15:30 - 2012-07-28 15:30 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.26430573A87966B9
2012-07-28 15:23 - 2012-07-28 15:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7FCF0B494E963437
2012-07-28 15:16 - 2012-07-28 15:16 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1999BE9AE75136EE
2012-07-28 15:08 - 2012-07-28 15:08 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1E1F619D2908A1A4
2012-07-28 15:01 - 2012-07-28 15:01 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.C4E23341788E07BB
2012-07-28 14:54 - 2012-07-28 14:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.05725DB954EA9E95
2012-07-28 14:45 - 2012-07-28 14:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.EE2B73359C35E472
2012-07-28 14:32 - 2012-07-28 14:32 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.818C7ACFB9B77717
2012-07-28 14:22 - 2012-07-28 14:22 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.17CD3B4823F34B15
2012-07-28 14:10 - 2012-07-28 14:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A588D620D3432E31
2012-07-28 13:57 - 2012-07-28 13:57 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.5EC65854F93167D7
2012-07-28 13:44 - 2009-07-13 17:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2012-07-28 13:34 - 2012-07-28 13:34 - 12621696 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\mseinstall.exe
2012-07-28 12:56 - 2012-07-28 12:57 - 00262144 ____A C:\Windows\Minidump\072812-72961-01.dmp
2012-07-28 01:44 - 2012-07-28 01:44 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-07-27 17:12 - 2012-07-27 17:12 - 00723658 ____A C:\Users\mcasciano\Downloads\NAMB_Traj_07-27-12.zip
2012-07-27 08:27 - 2012-07-27 08:27 - 00432898 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27(1).xml
2012-07-27 07:05 - 2012-07-27 07:05 - 00016055 ____A C:\Users\mcasciano\Downloads\cctm_site.cctm.json
2012-07-27 06:04 - 2012-07-27 06:05 - 02964790 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27.xml
2012-07-26 13:52 - 2012-07-26 13:52 - 00000000 ____D C:\Users\mcasciano\AppData\Roaming\Malwarebytes
2012-07-26 13:52 - 2012-07-26 13:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-07-26 13:52 - 2012-07-26 13:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-26 13:52 - 2012-07-03 09:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-26 13:51 - 2012-07-26 13:51 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\mcasciano\Downloads\mbam-setup-1.62.0.1300.exe
2012-07-26 10:47 - 2012-07-26 10:47 - 00329345 ____A C:\Users\mcasciano\Downloads\GFG_1_2_managed.zip
2012-07-26 04:54 - 2009-09-14 12:36 - 00010240 ____A (MS) C:\SharePointFarmSolutionExtractor.exe
2012-07-26 04:51 - 2012-07-24 08:30 - 00034498 ____A C:\GFG Sales Reporting Web Part.wsp
2012-07-25 03:44 - 2012-07-27 07:22 - 00000000 ____D C:\Users\mcasciano\Desktop\ReadyGAFiles
2012-07-24 11:33 - 2012-07-24 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tooling Extensions
2012-07-24 11:27 - 2012-07-24 11:27 - 00104672 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\WebToolsExtensionVS2012.3f.3f.3fnew.exe
2012-07-24 11:22 - 2012-07-24 11:22 - 00000000 ____D C:\Program Files (x86)\WPF Toolkit
2012-07-24 11:22 - 2012-07-24 11:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression
2012-07-24 11:22 - 2008-07-12 04:18 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2012-07-24 11:15 - 2010-02-04 06:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2012-07-24 11:15 - 2010-02-04 06:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2012-07-24 11:15 - 2010-02-04 06:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-07-24 11:15 - 2010-02-04 06:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-07-24 11:15 - 2009-03-09 11:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2012-07-24 11:15 - 2007-03-12 12:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2012-07-24 11:14 - 2009-09-04 13:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2012-07-24 11:14 - 2007-04-04 14:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2012-07-24 11:13 - 2012-07-24 11:13 - 00000000 ____D C:\Windows\SysWOW64\xlive
2012-07-24 11:13 - 2012-07-24 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2012-07-24 11:13 - 2012-07-24 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-07-24 11:02 - 2012-07-24 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2012-07-24 11:02 - 2009-09-04 13:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2012-07-24 11:02 - 2009-09-04 13:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-07-24 11:02 - 2009-09-04 13:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2012-07-24 11:02 - 2009-09-04 13:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2012-07-24 08:32 - 2012-07-24 08:32 - 00000000 ____D C:\Users\mcasciano\Desktop\GFG Sales Reporting Web Part
2012-07-24 06:09 - 2012-07-24 06:09 - 00000000 ____D C:\Users\mcasciano\AppData\Roaming\ElectricMobileSim
2012-07-24 06:08 - 2012-07-24 06:08 - 00000000 ____D C:\Users\mcasciano\Downloads\electric_simulator_lite_4a
2012-07-24 06:08 - 2012-07-24 06:08 - 00000000 ____D C:\Program Files (x86)\Electric Plum
2012-07-24 06:08 - 2010-09-29 16:29 - 00360580 ___AS (eSellerate Inc.) C:\Windows\SysWOW64\eSellerateEngine.dll
2012-07-24 06:08 - 2010-09-29 16:29 - 00094208 ____A (eSellerate Inc.) C:\Windows\SysWOW64\eSellerateControl365.dll
2012-07-24 06:07 - 2012-01-11 04:26 - 15465628 ____A (Electric Plum, LLC ) C:\Users\mcasciano\Downloads\setup.exe
2012-07-24 06:06 - 2012-07-24 06:06 - 15443507 ____A C:\Users\mcasciano\Downloads\electric_simulator_lite_4a.zip
2012-07-24 05:34 - 2012-07-24 05:34 - 00000000 ____D C:\Users\mcasciano\net
2012-07-24 05:29 - 2012-07-24 05:29 - 00000000 ____D C:\Program Files (x86)\Research In Motion
2012-07-24 05:22 - 2012-07-24 05:25 - 181825357 ____A (Research In Motion) C:\Users\mcasciano\Downloads\BlackBerry_Simulators_6.0.0.431_9650-Verizon.exe
2012-07-24 05:01 - 2012-07-24 05:13 - 00000000 ____D C:\Users\mcasciano\AppData\Local\VMware
2012-07-24 04:31 - 2012-07-24 04:31 - 00021694 ____A C:\Users\mcasciano\Downloads\customizations (2).zip
2012-07-23 11:25 - 2012-06-08 22:37 - 00063128 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys
2012-07-23 11:25 - 2012-06-08 22:37 - 00031384 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMparport.sys
2012-07-23 11:24 - 2012-06-08 22:37 - 00942744 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll
2012-07-23 11:24 - 2012-06-08 22:37 - 00433816 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2012-07-23 11:24 - 2012-06-08 22:36 - 00354456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2012-07-23 11:24 - 2012-06-08 22:36 - 00032920 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMkbd.sys
2012-07-23 11:24 - 2012-06-08 22:35 - 00030360 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys
2012-07-23 11:24 - 2011-08-29 19:11 - 00039024 ____A (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys
2012-07-23 11:23 - 2012-07-23 11:23 - 00000000 ____D C:\Program Files\Common Files\VMware
2012-07-23 11:10 - 2012-07-23 11:13 - 122064248 ____A (VMware, Inc.) C:\Users\mcasciano\Downloads\VMware-player-4.0.4-744019.exe
2012-07-21 12:13 - 2012-07-21 12:13 - 00005250 ____A C:\Users\mcasciano\Desktop\Applebees_Free_Coupon.html
2012-07-21 12:10 - 2012-07-21 12:11 - 00004958 ____A C:\Users\mcasciano\Desktop\Applebees_10_Coupon.html
2012-07-19 07:39 - 2012-07-19 07:42 - 80400424 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\CRM2011-Server-KB2600640-ENU-amd64.exe
2012-07-18 09:36 - 2012-07-18 09:37 - 00000000 ____D C:\Users\mcasciano\Desktop\extract
2012-07-18 05:20 - 2012-07-18 12:10 - 1447546368 ____A C:\crm.bak
2012-07-11 06:58 - 2012-07-11 06:58 - 00000000 ____D C:\Users\mcasciano\Desktop\NAMB Trajectory
2012-07-10 23:08 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-10 23:02 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-10 23:02 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-10 23:02 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-10 23:02 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-10 23:02 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-10 23:02 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-10 23:02 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-10 23:02 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-10 23:02 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-10 23:02 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-10 23:01 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-10 23:01 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-10 23:01 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-10 23:01 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-10 23:01 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-10 23:01 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-10 23:01 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-10 23:01 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-10 23:01 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-10 23:01 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-10 23:01 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-10 23:01 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-10 23:01 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-10 23:01 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-10 23:01 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-10 23:01 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-10 23:01 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-10 23:01 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-10 21:30 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-10 21:30 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-10 21:30 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-10 21:30 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-10 21:30 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-10 21:30 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-10 21:30 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-10 21:30 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-10 21:30 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-10 21:30 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-10 21:30 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-10 21:30 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-10 21:30 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-10 21:30 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-10 21:30 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-10 21:29 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-10 21:29 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-10 21:29 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-10 21:29 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-10 12:23 - 2012-07-10 12:23 - 00000000 ____D C:\Users\mcasciano\Documents\Blackberry
2012-07-10 12:22 - 2012-07-10 12:22 - 00000000 ___HD C:\Users\mcasciano\InstallAnywhere
2012-07-10 12:14 - 2012-07-10 12:17 - 353224366 ____A (Flexera Software) C:\Users\mcasciano\Downloads\BlackBerry10Simulator-Installer-BB10_0_04-195-Win-201204262359.exe
2012-07-10 10:39 - 2012-07-19 10:34 - 00003931 ____A C:\Users\mcasciano\Downloads\customizations (1).zip
2012-07-10 06:51 - 2012-07-10 06:51 - 00890027 ____A C:\Users\mcasciano\Downloads\wapple-architect.4.1.zip
2012-07-09 13:13 - 2012-07-09 13:13 - 00116725 ____A C:\Users\mcasciano\Downloads\customizations.zip
2012-07-09 06:46 - 2012-07-09 06:46 - 00680361 ____A C:\Users\mcasciano\Downloads\adminimize.1.7.27.zip
2012-07-09 06:25 - 2012-07-09 06:25 - 00381330 ____A C:\Users\mcasciano\Downloads\user-access-manager.1.2.2.zip
2012-07-06 04:05 - 2012-07-06 04:07 - 00000000 ____D C:\Users\mcasciano\Downloads\CRMPluginTestingTools-0.8
2012-07-06 04:05 - 2012-07-06 04:05 - 00137537 ____A C:\Users\mcasciano\Downloads\CRMPluginTestingTools-0.8.zip
2012-07-05 09:12 - 2012-07-05 09:12 - 92955868 ____A C:\Users\mcasciano\Desktop\GFG.NewRenewalOnDeactivation.zip
2012-07-05 08:42 - 2012-07-05 08:42 - 00000000 ____D C:\Users\mcasciano\Desktop\Plugin Registration
2012-07-05 05:17 - 2012-07-05 05:20 - 77021032 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\MicrosoftDynamicsCRM2011SDK(1).exe
2012-07-04 16:09 - 2012-07-04 16:20 - 386541568 ____A C:\ACT_OF_VALOR.ISO
2012-07-02 05:37 - 2012-07-02 05:37 - 00012495 ____A C:\Users\mcasciano\Downloads\MSCRM Plug-in.zip
2012-07-02 05:37 - 2012-07-02 05:37 - 00000000 ____D C:\Users\mcasciano\Downloads\MSCRM Plug-in
2012-07-02 05:37 - 2008-10-17 13:13 - 00005962 ____A C:\Users\mcasciano\Downloads\plugin.cs
2012-07-02 05:37 - 2008-10-17 13:13 - 00003189 ____A C:\Users\mcasciano\Downloads\MSCRM Plug-in.csproj
2012-07-02 05:37 - 2008-10-17 13:13 - 00001139 ____A C:\Users\mcasciano\Downloads\MyTemplate.vstemplate
2012-07-02 05:37 - 2008-10-17 13:13 - 00000000 ____D C:\Users\mcasciano\Downloads\Properties
2012-07-02 04:08 - 2012-07-02 04:08 - 00000000 ____D C:\Users\mcasciano\Downloads\CRM2Maps_2-0
2012-07-02 04:07 - 2012-07-02 04:07 - 00000000 ____D C:\Users\mcasciano\Downloads\WebResources
2012-07-02 04:07 - 2011-08-25 13:33 - 00070900 ____N C:\Users\mcasciano\Downloads\customizations.xml
2012-07-02 04:07 - 2011-08-25 13:33 - 00004448 ____N C:\Users\mcasciano\Downloads\solution.xml
2012-07-02 04:07 - 2011-08-25 13:33 - 00000726 ____N C:\Users\mcasciano\Downloads\[Content_Types].xml
2012-06-29 11:00 - 2012-07-27 07:22 - 00000000 ____D C:\Users\mcasciano\Desktop\ReadyGA
2012-06-28 09:50 - 2012-06-28 09:51 - 00000000 ____D C:\Users\mcasciano\Desktop\AaronsStoreLocatorPlugin
2012-06-28 09:50 - 2012-06-28 09:50 - 00000000 ____D C:\Users\mcasciano\AppData\Roaming\NuGet


============ 3 Months Modified Files ========================

2012-07-28 17:29 - 2009-07-13 20:45 - 00014816 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-28 17:29 - 2009-07-13 20:45 - 00014816 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-28 17:25 - 2011-10-10 07:33 - 01685369 ____A C:\Windows\WindowsUpdate.log
2012-07-28 17:13 - 2009-07-13 21:13 - 01502276 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-28 17:08 - 2012-07-28 17:08 - 01438391 ____A (Farbar) C:\Users\mcasciano\Downloads\FRST64.exe
2012-07-28 16:59 - 2012-07-28 16:59 - 00003209 ____A C:\Users\mcasciano\Desktop\RKreport[1].txt
2012-07-28 16:58 - 2012-07-28 16:58 - 01552384 ____A C:\Users\mcasciano\Downloads\RogueKiller.exe
2012-07-28 16:52 - 2011-12-08 06:31 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-543643520-1619288963-483190240-4152UA.job
2012-07-28 16:47 - 2012-07-28 16:47 - 00034802 ____A C:\Users\mcasciano\Desktop\DDS.txt
2012-07-28 16:47 - 2012-07-28 16:47 - 00028189 ____A C:\Users\mcasciano\Desktop\Attach.txt
2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____R (Swearware) C:\Users\mcasciano\Downloads\dds.com
2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____A (Swearware) C:\Users\mcasciano\Downloads\dds.scr
2012-07-28 16:01 - 2011-12-06 06:41 - 00001945 ____A C:\Windows\epplauncher.mif
2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfdedaei.sys
2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\haycmkae.sys
2012-07-28 15:56 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-28 15:55 - 2009-07-13 20:51 - 00077726 ____A C:\Windows\setupact.log
2012-07-28 15:53 - 2012-07-28 15:53 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.56C209A3DD986DD9
2012-07-28 15:53 - 2012-07-28 15:53 - 00050392 ____A C:\Windows\System32\Drivers\zcmgxigb.sys
2012-07-28 15:45 - 2012-07-28 15:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.2A92AD4B0F3DDB43
2012-07-28 15:37 - 2012-07-28 15:37 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.E42FC75A3C369E50
2012-07-28 15:30 - 2012-07-28 15:30 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.26430573A87966B9
2012-07-28 15:23 - 2012-07-28 15:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7FCF0B494E963437
2012-07-28 15:16 - 2012-07-28 15:16 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1999BE9AE75136EE
2012-07-28 15:08 - 2012-07-28 15:08 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1E1F619D2908A1A4
2012-07-28 15:01 - 2012-07-28 15:01 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.C4E23341788E07BB
2012-07-28 14:54 - 2012-07-28 14:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.05725DB954EA9E95
2012-07-28 14:45 - 2012-07-28 14:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.EE2B73359C35E472
2012-07-28 14:32 - 2012-07-28 14:32 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.818C7ACFB9B77717
2012-07-28 14:22 - 2012-07-28 14:22 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.17CD3B4823F34B15
2012-07-28 14:10 - 2012-07-28 14:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A588D620D3432E31
2012-07-28 13:57 - 2012-07-28 13:57 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.5EC65854F93167D7
2012-07-28 13:49 - 2011-10-24 10:16 - 01524612 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-07-28 13:42 - 2011-10-10 15:03 - 00529976 ____A C:\Windows\PFRO.log
2012-07-28 13:34 - 2012-07-28 13:34 - 12621696 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\mseinstall.exe
2012-07-28 13:34 - 2011-10-11 11:07 - 00002048 ___AH C:\Users\mcasciano\Documents\Default.rdp
2012-07-28 12:57 - 2012-07-28 12:56 - 00262144 ____A C:\Windows\Minidump\072812-72961-01.dmp
2012-07-28 12:56 - 2011-11-29 04:29 - 986676100 ____A C:\Windows\MEMORY.DMP
2012-07-28 06:52 - 2011-12-08 06:31 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-543643520-1619288963-483190240-4152Core.job
2012-07-27 17:12 - 2012-07-27 17:12 - 00723658 ____A C:\Users\mcasciano\Downloads\NAMB_Traj_07-27-12.zip
2012-07-27 10:55 - 2011-10-10 05:58 - 00000921 ____A C:\Users\mcasciano\Desktop\today.txt
2012-07-27 10:17 - 2011-10-10 05:23 - 00000136 ____A C:\Windows\System32\config\netlogon.ftl
2012-07-27 08:27 - 2012-07-27 08:27 - 00432898 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27(1).xml
2012-07-27 07:05 - 2012-07-27 07:05 - 00016055 ____A C:\Users\mcasciano\Downloads\cctm_site.cctm.json
2012-07-27 06:05 - 2012-07-27 06:04 - 02964790 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27.xml
2012-07-26 13:51 - 2012-07-26 13:51 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\mcasciano\Downloads\mbam-setup-1.62.0.1300.exe
2012-07-26 10:47 - 2012-07-26 10:47 - 00329345 ____A C:\Users\mcasciano\Downloads\GFG_1_2_managed.zip
2012-07-25 11:20 - 2011-11-01 11:46 - 00219980 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-07-24 12:19 - 2009-07-13 20:45 - 00487920 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-24 11:27 - 2012-07-24 11:27 - 00104672 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\WebToolsExtensionVS2012.3f.3f.3fnew.exe
2012-07-24 11:25 - 2011-10-10 06:47 - 00128208 ____A C:\Users\mcasciano\AppData\Local\GDIPFONTCACHEV1.DAT
2012-07-24 08:30 - 2012-07-26 04:51 - 00034498 ____A C:\GFG Sales Reporting Web Part.wsp
2012-07-24 06:06 - 2012-07-24 06:06 - 15443507 ____A C:\Users\mcasciano\Downloads\electric_simulator_lite_4a.zip
2012-07-24 05:25 - 2012-07-24 05:22 - 181825357 ____A (Research In Motion) C:\Users\mcasciano\Downloads\BlackBerry_Simulators_6.0.0.431_9650-Verizon.exe
2012-07-24 04:31 - 2012-07-24 04:31 - 00021694 ____A C:\Users\mcasciano\Downloads\customizations (2).zip
2012-07-23 11:13 - 2012-07-23 11:10 - 122064248 ____A (VMware, Inc.) C:\Users\mcasciano\Downloads\VMware-player-4.0.4-744019.exe
2012-07-23 06:19 - 2011-11-22 11:37 - 00000600 ____A C:\Users\mcasciano\AppData\Local\PUTTY.RND
2012-07-21 12:13 - 2012-07-21 12:13 - 00005250 ____A C:\Users\mcasciano\Desktop\Applebees_Free_Coupon.html
2012-07-21 12:11 - 2012-07-21 12:10 - 00004958 ____A C:\Users\mcasciano\Desktop\Applebees_10_Coupon.html
2012-07-19 10:34 - 2012-07-10 10:39 - 00003931 ____A C:\Users\mcasciano\Downloads\customizations (1).zip
2012-07-19 07:42 - 2012-07-19 07:39 - 80400424 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\CRM2011-Server-KB2600640-ENU-amd64.exe
2012-07-18 12:10 - 2012-07-18 05:20 - 1447546368 ____A C:\crm.bak
2012-07-12 09:24 - 2011-10-10 16:06 - 00087488 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll
2012-07-12 09:24 - 2011-10-10 16:06 - 00080800 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll
2012-07-12 09:24 - 2011-10-10 16:06 - 00034720 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll
2012-07-10 23:03 - 2011-10-10 06:36 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-10 12:17 - 2012-07-10 12:14 - 353224366 ____A (Flexera Software) C:\Users\mcasciano\Downloads\BlackBerry10Simulator-Installer-BB10_0_04-195-Win-201204262359.exe
2012-07-10 06:51 - 2012-07-10 06:51 - 00890027 ____A C:\Users\mcasciano\Downloads\wapple-architect.4.1.zip
2012-07-09 13:13 - 2012-07-09 13:13 - 00116725 ____A C:\Users\mcasciano\Downloads\customizations.zip
2012-07-09 06:46 - 2012-07-09 06:46 - 00680361 ____A C:\Users\mcasciano\Downloads\adminimize.1.7.27.zip
2012-07-09 06:25 - 2012-07-09 06:25 - 00381330 ____A C:\Users\mcasciano\Downloads\user-access-manager.1.2.2.zip
2012-07-06 04:05 - 2012-07-06 04:05 - 00137537 ____A C:\Users\mcasciano\Downloads\CRMPluginTestingTools-0.8.zip
2012-07-05 09:12 - 2012-07-05 09:12 - 92955868 ____A C:\Users\mcasciano\Desktop\GFG.NewRenewalOnDeactivation.zip
2012-07-05 05:20 - 2012-07-05 05:17 - 77021032 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\MicrosoftDynamicsCRM2011SDK(1).exe
2012-07-04 16:20 - 2012-07-04 16:09 - 386541568 ____A C:\ACT_OF_VALOR.ISO
2012-07-03 09:46 - 2012-07-26 13:52 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-02 05:37 - 2012-07-02 05:37 - 00012495 ____A C:\Users\mcasciano\Downloads\MSCRM Plug-in.zip
2012-06-27 12:13 - 2012-06-27 12:12 - 00001964 ____A C:\Users\mcasciano\Downloads\Opportunities by Sales Stage.xml
2012-06-27 11:41 - 2012-06-27 11:41 - 00028335 ____A C:\Users\mcasciano\Downloads\shiba-media-library.zip
2012-06-27 06:07 - 2012-06-27 06:07 - 02941604 ____A C:\Users\mcasciano\Downloads\LINQPad4.zip
2012-06-27 04:44 - 2012-06-27 04:44 - 02247680 ____A C:\Users\mcasciano\Downloads\VLinqSetup.msi
2012-06-26 10:05 - 2012-06-26 10:05 - 00121032 ____A C:\Users\mcasciano\Downloads\gridthemeresponsive.zip
2012-06-26 09:57 - 2012-06-26 09:57 - 00352636 ____A C:\Users\mcasciano\Downloads\responsive.1.6.7.zip
2012-06-23 18:02 - 2012-06-23 18:02 - 00000020 ___SH C:\Users\ReportServer$MSSQL2012\ntuser.ini
2012-06-23 18:02 - 2012-06-23 18:02 - 00000020 ___SH C:\Users\MSOLAP$MSSQL2012\ntuser.ini
2012-06-23 18:01 - 2012-06-23 18:01 - 00000020 ___SH C:\Users\MSSQLFDLauncher$MSSQL2012\ntuser.ini
2012-06-23 18:01 - 2012-06-23 18:01 - 00000020 ___SH C:\Users\MSSQL$MSSQL2012\ntuser.ini
2012-06-23 18:01 - 2012-06-23 18:01 - 00000020 ___SH C:\Users\MsDtsServer110\ntuser.ini
2012-06-23 15:50 - 2012-06-23 15:03 - 214679552 ____A C:\Users\mcasciano\Downloads\SQLFULL_ENU.iso
2012-06-22 16:21 - 2012-06-22 12:56 - 97489160 ____A C:\Users\mcasciano\Downloads\Windows8-ReleasePreview-32bit-English.iso
2012-06-22 12:05 - 2012-06-22 10:12 - 2305174756 ____A C:\Users\mcasciano\Downloads\Windows8-ReleasePreview-32bit-English.iso.part
2012-06-22 09:50 - 2012-06-22 09:50 - 00269191 ____A C:\Users\mcasciano\Downloads\growmap-anti-spambot-plugin.1.1.1.zip
2012-06-22 09:22 - 2012-06-22 09:22 - 01283336 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\vs_ultimate.exe
2012-06-21 17:17 - 2012-06-21 17:17 - 01031885 ____A C:\Users\mcasciano\Downloads\customizations (4).zip
2012-06-21 12:45 - 2012-06-21 12:45 - 00327376 ____A C:\Users\mcasciano\Downloads\GFG_1_19_managed.zip
2012-06-21 12:12 - 2012-06-21 12:12 - 00060304 ____A C:\Users\mcasciano\g2mdlhlpx.exe
2012-06-19 03:50 - 2012-06-19 03:50 - 00104672 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\mvc4vs2010.3f.3f.3fnew.exe
2012-06-15 07:39 - 2012-06-15 07:39 - 00001099 ____A C:\Users\eric\Desktop\Flashpoint Audio.lnk
2012-06-15 07:39 - 2012-06-15 07:39 - 00001069 ____A C:\Users\eric\Desktop\Flashpoint.lnk
2012-06-13 05:36 - 2012-06-13 05:34 - 111850720 ____A C:\Users\mcasciano\Downloads\PhpStorm-4.0.2.exe
2012-06-11 19:08 - 2012-07-10 23:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-11 07:22 - 2012-06-11 07:22 - 00174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-11 07:22 - 2012-06-11 07:22 - 00174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-08 22:37 - 2012-07-23 11:25 - 00063128 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys
2012-06-08 22:37 - 2012-07-23 11:25 - 00031384 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMparport.sys
2012-06-08 22:37 - 2012-07-23 11:24 - 00942744 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll
2012-06-08 22:37 - 2012-07-23 11:24 - 00433816 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2012-06-08 22:36 - 2012-07-23 11:24 - 00354456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2012-06-08 22:36 - 2012-07-23 11:24 - 00032920 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMkbd.sys
2012-06-08 22:35 - 2012-07-23 11:24 - 00030360 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys
2012-06-08 21:43 - 2012-07-10 21:30 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-10 21:30 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-08 20:29 - 2012-06-08 20:29 - 00252056 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnc.dll
2012-06-08 19:52 - 2012-06-08 19:52 - 00062064 ____A (VMware, Inc.) C:\Windows\System32\vmnetbridge.dll
2012-06-08 19:52 - 2012-06-08 19:52 - 00048752 ____A (VMware, Inc.) C:\Windows\System32\vnetinst.dll
2012-06-08 19:52 - 2012-06-08 19:52 - 00045680 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetbridge.sys
2012-06-08 19:52 - 2012-06-08 19:52 - 00024176 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnet.sys
2012-06-08 19:52 - 2012-06-08 19:52 - 00020080 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetadapter.sys
2012-06-05 22:06 - 2012-07-10 21:30 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-10 21:30 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-10 21:29 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-10 21:30 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-10 21:30 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-10 21:29 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-06-21 03:02 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 03:02 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 03:02 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 03:01 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 03:01 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-21 03:02 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-21 03:01 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-21 03:01 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-21 03:01 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 04:49 - 2012-07-10 23:01 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-10 23:01 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-10 23:01 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-10 23:02 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:05 - 2012-07-10 23:01 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:04 - 2012-07-10 23:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:04 - 2012-07-10 23:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:03 - 2012-07-10 23:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-10 23:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-10 23:01 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-10 23:02 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-10 23:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-10 23:02 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-10 23:01 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-10 23:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-10 23:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-10 23:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-10 23:02 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-10 23:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-10 23:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-10 23:02 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-10 23:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-10 23:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-10 23:02 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-10 23:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-10 23:02 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-10 23:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-10 23:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-10 21:30 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-10 21:30 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-10 21:30 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-10 21:30 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-10 21:30 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-10 21:30 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-10 21:29 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-10 21:30 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-10 21:29 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-06-01 19:16 - 2012-06-01 19:15 - 00686932 ____A ( ) C:\Users\mcasciano\Downloads\CodecTweakTool_534.exe
2012-06-01 19:10 - 2012-06-01 19:10 - 01117491 ____A (DVD Shrink ) C:\Users\mcasciano\Documents\dvdshrink32setup.exe
2012-06-01 18:55 - 2012-06-01 18:54 - 01094021 ____A C:\Users\mcasciano\Downloads\dvdshrink32setup1.zip
2012-05-31 17:14 - 2012-05-31 17:14 - 00009565 ____A C:\Users\mcasciano\Documents\bills.xlsx
2012-05-25 10:05 - 2012-05-25 11:28 - 00331470 ___AT C:\Users\mcasciano\Documents\CopyofChurchPlanterGrowthProjectorFINALBLANK.html
2012-05-24 23:04 - 2011-12-09 13:37 - 00001566 ____A C:\Windows\CrmClient.mif
2012-05-24 07:56 - 2012-05-24 07:56 - 00037410 ____N C:\Users\mcasciano\Documents\Church Planter Growth Projector BLANK.xlsx
2012-05-24 06:13 - 2012-05-24 06:13 - 01020511 ____A C:\Users\mcasciano\Downloads\CRM2Maps_2-0.zip
2012-05-23 04:12 - 2012-05-23 04:10 - 151801119 ____A C:\Users\mcasciano\Downloads\Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe
2012-05-21 17:17 - 2012-05-21 17:17 - 08355192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110ud.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 08284024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 04495728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 04445560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110u.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 01995168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsHelper.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 01691520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00864120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00806784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcamp110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00797560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00689040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00656272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsjitdebugger.exe
2012-05-21 17:17 - 2012-05-21 17:17 - 00500600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00319872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcamp110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00240008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00219008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VSPerf110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00174976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VSCover110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00156024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\atl110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00145792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcomp110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00116608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcomp110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00113016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110d.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00112512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110ud.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00084344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110u.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00084344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00074112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110deu.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00074104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110fra.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00073088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110esn.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00072064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110ita.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00070016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110rus.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00064384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110enu.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00053120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110jpn.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00052608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110kor.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00045440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110cht.dll
2012-05-21 17:17 - 2012-05-21 17:17 - 00045440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110chs.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 11080576 ____A (Microsoft Corporation) C:\Windows\System32\mfc110ud.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 11006840 ____A (Microsoft Corporation) C:\Windows\System32\mfc110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 05705080 ____A (Microsoft Corporation) C:\Windows\System32\mfc110u.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 05677424 ____A (Microsoft Corporation) C:\Windows\System32\mfc110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 01957248 ____A (Microsoft Corporation) C:\Windows\System32\msvcr110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 01072512 ____A (Microsoft Corporation) C:\Windows\System32\msvcp110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 01032064 ____A (Microsoft Corporation) C:\Windows\System32\vcamp110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00933256 ____A (Microsoft Corporation) C:\Windows\System32\vccorlib110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00852856 ____A (Microsoft Corporation) C:\Windows\System32\msvcr110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00685968 ____A (Microsoft Corporation) C:\Windows\System32\vsjitdebugger.exe
2012-05-21 14:14 - 2012-05-21 14:14 - 00612728 ____A (Microsoft Corporation) C:\Windows\System32\msvcp110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00380792 ____A (Microsoft Corporation) C:\Windows\System32\vcamp110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00322440 ____A (Microsoft Corporation) C:\Windows\System32\vccorlib110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00251776 ____A (Microsoft Corporation) C:\Windows\System32\VSPerf110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\VSCover110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00179568 ____A (Microsoft Corporation) C:\Windows\System32\atl110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00153984 ____A (Microsoft Corporation) C:\Windows\System32\vcomp110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00125312 ____A (Microsoft Corporation) C:\Windows\System32\vcomp110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00123256 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110d.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00122240 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110ud.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00092032 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110u.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00092024 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\mfc110fra.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\mfc110deu.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00073088 ____A (Microsoft Corporation) C:\Windows\System32\mfc110esn.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00072064 ____A (Microsoft Corporation) C:\Windows\System32\mfc110ita.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00070016 ____A (Microsoft Corporation) C:\Windows\System32\mfc110rus.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00064384 ____A (Microsoft Corporation) C:\Windows\System32\mfc110enu.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\mfc110jpn.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00052608 ____A (Microsoft Corporation) C:\Windows\System32\mfc110kor.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00045440 ____A (Microsoft Corporation) C:\Windows\System32\mfc110cht.dll
2012-05-21 14:14 - 2012-05-21 14:14 - 00045440 ____A (Microsoft Corporation) C:\Windows\System32\mfc110chs.dll
2012-05-21 07:30 - 2012-05-21 07:29 - 38494576 ____A (Apple Inc.) C:\Users\mcasciano\Downloads\SafariSetup.exe
2012-05-18 17:47 - 2012-05-18 17:47 - 00367360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfprintpthelper.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00351248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfbasics.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00306552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfprint.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00242736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfluapriv.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00173504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appverif.exe
2012-05-18 17:47 - 2012-05-18 17:47 - 00164168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vrfcore.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00098752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfrdvcompat.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00087312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfcompat.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00081560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfnet.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00061352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfnws.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00052016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfcuzz.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00040120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfntlmless.dll
2012-05-18 17:47 - 2012-05-18 17:47 - 00021432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cuzzapi.dll
2012-05-18 17:42 - 2012-05-18 17:42 - 00059304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DRefDebug.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00712616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11_1sdklayers.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00608680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11ref.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00590248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11sdklayers.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00461224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10sdklayers.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00383912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dref9.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00365480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10ref.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00276904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1debug1.dll
2012-05-18 17:41 - 2012-05-18 17:41 - 00270248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxcpl.exe
2012-05-18 17:41 - 2012-05-18 17:41 - 00101800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgidebug.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00711280 ____A (Microsoft Corporation) C:\Windows\System32\vfprintpthelper.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00433344 ____A (Microsoft Corporation) C:\Windows\System32\vfprint.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00404760 ____A (Microsoft Corporation) C:\Windows\System32\vfbasics.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00281616 ____A (Microsoft Corporation) C:\Windows\System32\vfluapriv.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00216776 ____A (Microsoft Corporation) C:\Windows\System32\appverif.exe
2012-05-18 17:24 - 2012-05-18 17:24 - 00183528 ____A (Microsoft Corporation) C:\Windows\System32\vrfcore.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00109688 ____A (Microsoft Corporation) C:\Windows\System32\vfrdvcompat.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00105016 ____A (Microsoft Corporation) C:\Windows\System32\vfnet.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00090440 ____A (Microsoft Corporation) C:\Windows\System32\vfcompat.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00083216 ____A (Microsoft Corporation) C:\Windows\System32\vfnws.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00048944 ____A (Microsoft Corporation) C:\Windows\System32\vfcuzz.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00045296 ____A (Microsoft Corporation) C:\Windows\System32\vfntlmless.dll
2012-05-18 17:24 - 2012-05-18 17:24 - 00023032 ____A (Microsoft Corporation) C:\Windows\System32\cuzzapi.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00886184 ____A (Microsoft Corporation) C:\Windows\System32\d3d11_1sdklayers.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00748456 ____A (Microsoft Corporation) C:\Windows\System32\d3d11ref.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00713128 ____A (Microsoft Corporation) C:\Windows\System32\d3d11sdklayers.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00597416 ____A (Microsoft Corporation) C:\Windows\System32\d3d10sdklayers.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00461224 ____A (Microsoft Corporation) C:\Windows\System32\d3d10ref.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00446376 ____A (Microsoft Corporation) C:\Windows\System32\d3dref9.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00340904 ____A (Microsoft Corporation) C:\Windows\System32\d2d1debug1.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00287144 ____A (Microsoft Corporation) C:\Windows\System32\dxcpl.exe
2012-05-18 17:18 - 2012-05-18 17:18 - 00126376 ____A (Microsoft Corporation) C:\Windows\System32\dxgidebug.dll
2012-05-18 17:18 - 2012-05-18 17:18 - 00078760 ____A (Microsoft Corporation) C:\Windows\System32\VSD3DRefDebug.dll
2012-05-18 17:17 - 2012-05-18 17:17 - 00029096 ____A (Microsoft Corporation) C:\Windows\System32\microsoft.windows.softwarelogo.showdesktop.exe
2012-05-17 15:38 - 2011-10-10 16:06 - 00001024 ____A C:\.rnd
2012-05-17 15:33 - 2012-05-17 15:26 - 532150008 ____A (VMware, Inc.) C:\Users\mcasciano\Downloads\VMware-server-2.0.1-156745.exe
2012-05-17 08:48 - 2011-10-10 16:06 - 00087456 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2012-05-04 03:06 - 2012-06-12 20:24 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-06-12 20:24 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-12 20:24 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-30 21:40 - 2012-06-12 20:24 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-30 14:17 - 2012-04-30 14:17 - 00860064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2012-04-30 14:17 - 2012-04-30 14:17 - 00503200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2012-04-30 14:17 - 2012-04-30 14:17 - 00027544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2012-04-30 14:17 - 2012-04-30 14:17 - 00017280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2012-04-30 14:05 - 2012-04-30 14:05 - 00000068 ____A C:\Users\mcasciano\Downloads\A5nK3y7t.part
2012-04-30 13:14 - 2012-04-30 13:14 - 00862104 ____A (Microsoft Corporation) C:\Windows\System32\msvcr110_clr0400.dll
2012-04-30 13:14 - 2012-04-30 13:14 - 00617368 ____A (Microsoft Corporation) C:\Windows\System32\msvcp110_clr0400.dll
2012-04-30 13:14 - 2012-04-30 13:14 - 00029592 ____A (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll
2012-04-30 13:14 - 2012-04-30 13:14 - 00017280 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2012-04-30 04:06 - 2012-04-30 04:06 - 00000165 ___AH C:\Users\mcasciano\Desktop\~$Church Plant Growth Projector.xlsx

ZeroAccess:
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L\00000004.@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L\201d3dde
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\00000004.@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\00000008.@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\000000cb.@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\80000000.@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\80000032.@
C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Possible partition infection:
C:\Windows\svchost.exe

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 11%
Total physical RAM: 8117.83 MB
Available physical RAM: 7163.74 MB
Total Pagefile: 8115.98 MB
Available Pagefile: 7157.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:232 GB) (Free:49.45 GB) NTFS
3 Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive g: (Cruzer) (Removable) (Total:3.74 GB) (Free:2.92 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (RECOVERY) (Fixed) (Total:0.73 GB) (Free:0.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 3835 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 156 MB 31 KB
Partition 2 Primary 750 MB 157 MB
Partition 3 Primary 231 GB 907 MB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 FAT Partition 156 MB Healthy Hidden

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y RECOVERY NTFS Partition 750 MB Healthy

==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 231 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3827 MB 19 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G Cruzer FAT32 Removable 3827 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-07-28 05:17

======================= End Of Log ==========================

Farbar Recovery Scan Tool Version: 25-07-2012 01
Ran by SYSTEM at 2012-07-28 21:38:41
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

[MrCharlie]

OK, here you go......Please carefully carry out this procedure!!!!!!

Open notepad. Make sure "word wrap" under Format is unchecked! Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

MrC

[MCas86]

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 25-07-2012 01
Ran by SYSTEM at 2012-07-28 22:15:08 Run:1
Running from G:\

==============================================

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

[MrCharlie]

Please make sure system restore is running and create a new restore point before continuing.
XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.



-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue




----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[MCas86]

11:08:46.0996 2084 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:08:48.0316 2084 ============================================================
11:08:48.0316 2084 Current date / time: 2012/07/29 11:08:48.0316
11:08:48.0316 2084 SystemInfo:
11:08:48.0316 2084
11:08:48.0316 2084 OS Version: 6.1.7601 ServicePack: 1.0
11:08:48.0316 2084 Product type: Workstation
11:08:48.0316 2084 ComputerName: CASCIANO
11:08:48.0316 2084 UserName: mcasciano
11:08:48.0316 2084 Windows directory: C:\Windows
11:08:48.0316 2084 System windows directory: C:\Windows
11:08:48.0316 2084 Running under WOW64
11:08:48.0316 2084 Processor architecture: Intel x64
11:08:48.0316 2084 Number of processors: 4
11:08:48.0316 2084 Page size: 0x1000
11:08:48.0316 2084 Boot type: Normal boot
11:08:48.0316 2084 ============================================================
11:08:49.0541 2084 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:08:49.0545 2084 Drive \Device\Harddisk1\DR1 - Size: 0xEFBFFE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:08:49.0547 2084 ============================================================
11:08:49.0547 2084 \Device\Harddisk0\DR0:
11:08:49.0547 2084 MBR partitions:
11:08:49.0547 2084 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x4E800, BlocksNum 0x177000
11:08:49.0547 2084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C5800, BlocksNum 0x1CFFF800
11:08:49.0547 2084 \Device\Harddisk1\DR1:
11:08:49.0548 2084 MBR partitions:
11:08:49.0548 2084 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
11:08:49.0548 2084 ============================================================
11:08:49.0573 2084 C: <-> \Device\Harddisk0\DR0\Partition1
11:08:49.0573 2084 ============================================================
11:08:49.0573 2084 Initialize success
11:08:49.0573 2084 ============================================================
11:09:21.0350 6604 ============================================================
11:09:21.0350 6604 Scan started
11:09:21.0350 6604 Mode: Manual; SigCheck; TDLFS;
11:09:21.0350 6604 ============================================================
11:09:27.0310 6604 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:09:27.0395 6604 1394ohci - ok
11:09:27.0425 6604 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:09:27.0448 6604 ACPI - ok
11:09:27.0470 6604 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:09:27.0542 6604 AcpiPmi - ok
11:09:27.0616 6604 acsock (e5568164c070a4988bd79c896920b3c6) C:\Windows\system32\DRIVERS\acsock64.sys
11:09:27.0676 6604 acsock - ok
11:09:27.0778 6604 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:09:27.0785 6604 AdobeARMservice - ok
11:09:27.0835 6604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:09:27.0863 6604 adp94xx - ok
11:09:27.0892 6604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:09:27.0918 6604 adpahci - ok
11:09:27.0942 6604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:09:27.0963 6604 adpu320 - ok
11:09:27.0999 6604 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:09:28.0136 6604 AeLookupSvc - ok
11:09:28.0216 6604 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:09:28.0273 6604 AFD - ok
11:09:28.0288 6604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:09:28.0301 6604 agp440 - ok
11:09:28.0320 6604 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:09:28.0378 6604 ALG - ok
11:09:28.0390 6604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:09:28.0404 6604 aliide - ok
11:09:28.0409 6604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:09:28.0423 6604 amdide - ok
11:09:28.0439 6604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:09:28.0510 6604 AmdK8 - ok
11:09:28.0527 6604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:09:28.0556 6604 AmdPPM - ok
11:09:28.0772 6604 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:09:28.0799 6604 amdsata - ok
11:09:28.0832 6604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:09:28.0848 6604 amdsbs - ok
11:09:28.0889 6604 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:09:28.0902 6604 amdxata - ok
11:09:28.0953 6604 ApfiltrService (8655a2983a86d6675135b1ff6892055d) C:\Windows\system32\DRIVERS\Apfiltr.sys
11:09:28.0968 6604 ApfiltrService - ok
11:09:29.0055 6604 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll
11:09:29.0091 6604 AppHostSvc - ok
11:09:29.0125 6604 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:09:29.0273 6604 AppID - ok
11:09:29.0302 6604 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:09:29.0371 6604 AppIDSvc - ok
11:09:29.0440 6604 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:09:29.0494 6604 Appinfo - ok
11:09:29.0578 6604 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
11:09:29.0655 6604 AppMgmt - ok
11:09:29.0688 6604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:09:29.0702 6604 arc - ok
11:09:29.0751 6604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:09:29.0763 6604 arcsas - ok
11:09:29.0915 6604 aspnet_state (b3fc1e4760175cc9d0deff38aef96e99) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:09:29.0928 6604 aspnet_state - ok
11:09:29.0958 6604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:09:30.0006 6604 AsyncMac - ok
11:09:30.0065 6604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:09:30.0075 6604 atapi - ok
11:09:30.0131 6604 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:09:30.0245 6604 AudioEndpointBuilder - ok
11:09:30.0252 6604 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:09:30.0304 6604 AudioSrv - ok
11:09:30.0344 6604 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:09:30.0410 6604 AxInstSV - ok
11:09:30.0459 6604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:09:30.0499 6604 b06bdrv - ok
11:09:30.0535 6604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:09:30.0574 6604 b57nd60a - ok
11:09:30.0651 6604 bcrnbbuu - ok
11:09:30.0674 6604 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:09:30.0716 6604 BDESVC - ok
11:09:30.0731 6604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:09:30.0810 6604 Beep - ok
11:09:30.0852 6604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:09:30.0885 6604 blbdrive - ok
11:09:30.0914 6604 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:09:30.0941 6604 bowser - ok
11:09:30.0955 6604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:09:31.0020 6604 BrFiltLo - ok
11:09:31.0080 6604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:09:31.0099 6604 BrFiltUp - ok
11:09:31.0131 6604 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:09:31.0206 6604 Browser - ok
11:09:31.0240 6604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:09:31.0282 6604 Brserid - ok
11:09:31.0303 6604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:09:31.0325 6604 BrSerWdm - ok
11:09:31.0337 6604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:09:31.0362 6604 BrUsbMdm - ok
11:09:31.0373 6604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:09:31.0395 6604 BrUsbSer - ok
11:09:31.0413 6604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:09:31.0451 6604 BTHMODEM - ok
11:09:31.0470 6604 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:09:31.0539 6604 bthserv - ok
11:09:31.0607 6604 c2wts - ok
11:09:31.0618 6604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:09:31.0678 6604 cdfs - ok
11:09:31.0720 6604 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
11:09:31.0753 6604 cdrom - ok
11:09:31.0789 6604 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:09:31.0850 6604 CertPropSvc - ok
11:09:31.0867 6604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:09:31.0886 6604 circlass - ok
11:09:31.0919 6604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:09:31.0937 6604 CLFS - ok
11:09:31.0993 6604 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:09:32.0003 6604 clr_optimization_v2.0.50727_32 - ok
11:09:32.0060 6604 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:09:32.0070 6604 clr_optimization_v2.0.50727_64 - ok
11:09:32.0153 6604 clr_optimization_v4.0.30319_32 (1ebe1854d94b704d1c0eefaef4711151) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:09:32.0169 6604 clr_optimization_v4.0.30319_32 - ok
11:09:32.0193 6604 clr_optimization_v4.0.30319_64 (f44a20931fdd77ebfc36b263fd795959) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:09:32.0210 6604 clr_optimization_v4.0.30319_64 - ok
11:09:32.0263 6604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:09:32.0317 6604 CmBatt - ok
11:09:32.0378 6604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:09:32.0420 6604 cmdide - ok
11:09:32.0498 6604 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:09:32.0535 6604 CNG - ok
11:09:32.0566 6604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:09:32.0577 6604 Compbatt - ok
11:09:32.0851 6604 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:09:32.0898 6604 CompositeBus - ok
11:09:32.0913 6604 COMSysApp - ok
11:09:32.0931 6604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:09:32.0946 6604 crcdisk - ok
11:09:33.0094 6604 CrmSqlStartupSvc (02769c8eff729afea7db14ae04394741) C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe
11:09:33.0104 6604 CrmSqlStartupSvc - ok
11:09:33.0153 6604 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:09:33.0191 6604 CryptSvc - ok
11:09:33.0242 6604 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
11:09:33.0325 6604 CSC - ok
11:09:33.0378 6604 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
11:09:33.0430 6604 CscService - ok
11:09:33.0462 6604 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
11:09:33.0469 6604 CVirtA - ok
11:09:33.0597 6604 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
11:09:33.0651 6604 CVPND - ok
11:09:33.0792 6604 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys
11:09:33.0808 6604 CVPNDRVA - ok
11:09:33.0901 6604 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:09:33.0972 6604 DcomLaunch - ok
11:09:34.0037 6604 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:09:34.0153 6604 defragsvc - ok
11:09:34.0210 6604 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:09:34.0264 6604 DfsC - ok
11:09:34.0330 6604 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:09:34.0444 6604 Dhcp - ok
11:09:34.0504 6604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:09:34.0552 6604 discache - ok
11:09:34.0875 6604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:09:34.0886 6604 Disk - ok
11:09:34.0950 6604 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
11:09:34.0964 6604 DNE - ok
11:09:35.0002 6604 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:09:35.0038 6604 Dnscache - ok
11:09:35.0087 6604 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:09:35.0131 6604 dot3svc - ok
11:09:35.0166 6604 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:09:35.0211 6604 DPS - ok
11:09:35.0256 6604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:09:35.0300 6604 drmkaud - ok
11:09:35.0341 6604 dsNcAdpt (3eef0b3489edbf725564e17c77cabafd) C:\Windows\system32\DRIVERS\dsNcAdpt.sys
11:09:35.0368 6604 dsNcAdpt - ok
11:09:35.0473 6604 dsNcService (c2845afa59bd29ab8d4a52700abb4017) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
11:09:35.0518 6604 dsNcService - ok
11:09:35.0597 6604 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:09:35.0607 6604 dtsoftbus01 - ok
11:09:35.0731 6604 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:09:35.0754 6604 DXGKrnl - ok
11:09:35.0811 6604 e1kexpress (711405da1fbc40b820db5a2b4dd939f0) C:\Windows\system32\DRIVERS\e1k62x64.sys
11:09:35.0824 6604 e1kexpress - ok
11:09:35.0884 6604 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:09:35.0939 6604 EapHost - ok
11:09:36.0214 6604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:09:36.0310 6604 ebdrv - ok
11:09:36.0439 6604 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:09:36.0484 6604 EFS - ok
11:09:36.0544 6604 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:09:36.0649 6604 ehRecvr - ok
11:09:36.0680 6604 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:09:36.0707 6604 ehSched - ok
11:09:36.0777 6604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:09:36.0799 6604 elxstor - ok
11:09:36.0823 6604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:09:36.0838 6604 ErrDev - ok
11:09:36.0882 6604 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:09:36.0959 6604 EventSystem - ok
11:09:37.0141 6604 EvtEng (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:09:37.0197 6604 EvtEng - ok
11:09:37.0345 6604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:09:37.0396 6604 exfat - ok
11:09:37.0445 6604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:09:37.0499 6604 fastfat - ok
11:09:37.0782 6604 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:09:37.0858 6604 Fax - ok
11:09:37.0876 6604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:09:37.0897 6604 fdc - ok
11:09:37.0930 6604 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:09:37.0965 6604 fdPHost - ok
11:09:37.0972 6604 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:09:38.0018 6604 FDResPub - ok
11:09:38.0034 6604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:09:38.0043 6604 FileInfo - ok
11:09:38.0057 6604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:09:38.0092 6604 Filetrace - ok
11:09:38.0117 6604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:09:38.0127 6604 flpydisk - ok
11:09:38.0160 6604 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:09:38.0184 6604 FltMgr - ok
11:09:38.0273 6604 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:09:38.0319 6604 FontCache - ok
11:09:38.0390 6604 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:09:38.0398 6604 FontCache3.0.0.0 - ok
11:09:38.0428 6604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:09:38.0439 6604 FsDepends - ok
11:09:38.0478 6604 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:09:38.0486 6604 Fs_Rec - ok
11:09:38.0667 6604 fussvc (f5705a48ac81842bb6c1689e365c2af4) C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
11:09:38.0696 6604 fussvc ( UnsignedFile.Multi.Generic ) - warning
11:09:38.0696 6604 fussvc - detected UnsignedFile.Multi.Generic (1)
11:09:38.0752 6604 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:09:38.0767 6604 fvevol - ok
11:09:38.0801 6604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:09:38.0811 6604 gagp30kx - ok
11:09:38.0886 6604 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:09:38.0987 6604 gpsvc - ok
11:09:39.0016 6604 haycmkae - ok
11:09:39.0089 6604 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
11:09:39.0096 6604 hcmon - ok
11:09:39.0125 6604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:09:39.0162 6604 hcw85cir - ok
11:09:39.0208 6604 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:09:39.0228 6604 HdAudAddService - ok
11:09:39.0260 6604 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:09:39.0297 6604 HDAudBus - ok
11:09:39.0350 6604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:09:39.0372 6604 HidBatt - ok
11:09:39.0379 6604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:09:39.0456 6604 HidBth - ok
11:09:39.0460 6604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:09:39.0509 6604 HidIr - ok
11:09:39.0537 6604 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:09:39.0586 6604 hidserv - ok
11:09:39.0629 6604 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:09:39.0643 6604 HidUsb - ok
11:09:39.0677 6604 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:09:39.0737 6604 hkmsvc - ok
11:09:39.0767 6604 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:09:39.0790 6604 HomeGroupListener - ok
11:09:39.0824 6604 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:09:39.0850 6604 HomeGroupProvider - ok
11:09:39.0873 6604 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:09:39.0883 6604 HpSAMD - ok
11:09:39.0946 6604 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:09:40.0014 6604 HTTP - ok
11:09:40.0028 6604 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:09:40.0038 6604 hwpolicy - ok
11:09:40.0051 6604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:09:40.0063 6604 i8042prt - ok
11:09:40.0105 6604 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:09:40.0120 6604 iaStorV - ok
11:09:40.0216 6604 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:09:40.0249 6604 idsvc - ok
11:09:40.0978 6604 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:09:41.0295 6604 igfx - ok
11:09:41.0455 6604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:09:41.0466 6604 iirsp - ok
11:09:41.0515 6604 IISADMIN (ab55b8a9b13130f638546881ce4425f8) C:\Windows\system32\inetsrv\inetinfo.exe
11:09:41.0550 6604 IISADMIN - ok
11:09:41.0624 6604 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:09:41.0728 6604 IKEEXT - ok
11:09:41.0791 6604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:09:41.0800 6604 intelide - ok
11:09:41.0825 6604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:09:41.0844 6604 intelppm - ok
11:09:41.0871 6604 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:09:41.0906 6604 IPBusEnum - ok
11:09:41.0941 6604 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:09:41.0983 6604 IpFilterDriver - ok
11:09:42.0009 6604 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:09:42.0025 6604 IPMIDRV - ok
11:09:42.0045 6604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:09:42.0086 6604 IPNAT - ok
11:09:42.0096 6604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:09:42.0149 6604 IRENUM - ok
11:09:42.0174 6604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:09:42.0186 6604 isapnp - ok
11:09:42.0224 6604 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:09:42.0240 6604 iScsiPrt - ok
11:09:42.0275 6604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:09:42.0284 6604 kbdclass - ok
11:09:42.0316 6604 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:09:42.0342 6604 kbdhid - ok
11:09:42.0382 6604 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:09:42.0393 6604 KeyIso - ok
11:09:42.0434 6604 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:09:42.0447 6604 KSecDD - ok
11:09:42.0498 6604 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:09:42.0510 6604 KSecPkg - ok
11:09:42.0522 6604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:09:42.0570 6604 ksthunk - ok
11:09:42.0697 6604 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:09:42.0782 6604 KtmRm - ok
11:09:43.0087 6604 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:09:43.0140 6604 LanmanServer - ok
11:09:43.0164 6604 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:09:43.0203 6604 LanmanWorkstation - ok
11:09:43.0229 6604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:09:43.0264 6604 lltdio - ok
11:09:44.0397 6604 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:09:44.0462 6604 lltdsvc - ok
11:09:44.0717 6604 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:09:44.0783 6604 lmhosts - ok
11:09:45.0685 6604 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
11:09:45.0723 6604 LMIGuardianSvc - ok
11:09:45.0932 6604 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
11:09:45.0944 6604 LMIInfo - ok
11:09:46.0563 6604 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
11:09:46.0572 6604 LMIMaint - ok
11:09:46.0648 6604 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
11:09:46.0655 6604 lmimirr - ok
11:09:46.0713 6604 LMIRfsClientNP - ok
11:09:46.0742 6604 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
11:09:46.0749 6604 LMIRfsDriver - ok
11:09:46.0805 6604 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
11:09:46.0821 6604 LogMeIn - ok
11:09:46.0865 6604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:09:46.0879 6604 LSI_FC - ok
11:09:46.0907 6604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:09:46.0918 6604 LSI_SAS - ok
11:09:46.0937 6604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:09:46.0950 6604 LSI_SAS2 - ok
11:09:46.0975 6604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:09:46.0988 6604 LSI_SCSI - ok
11:09:47.0021 6604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:09:47.0076 6604 luafv - ok
11:09:47.0108 6604 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:09:47.0122 6604 Mcx2Svc - ok
11:09:47.0150 6604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:09:47.0162 6604 megasas - ok
11:09:47.0201 6604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:09:47.0229 6604 MegaSR - ok
11:09:47.0295 6604 Microsoft SharePoint Workspace Audit Service - ok
11:09:47.0326 6604 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:09:47.0394 6604 MMCSS - ok
11:09:47.0431 6604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:09:47.0472 6604 Modem - ok
11:09:47.0541 6604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:09:47.0565 6604 monitor - ok
11:09:47.0588 6604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:09:47.0597 6604 mouclass - ok
11:09:47.0609 6604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:09:47.0623 6604 mouhid - ok
11:09:47.0692 6604 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:09:47.0704 6604 mountmgr - ok
11:09:47.0798 6604 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:09:47.0809 6604 MozillaMaintenance - ok
11:09:47.0871 6604 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:09:47.0887 6604 mpio - ok
11:09:47.0924 6604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:09:47.0971 6604 mpsdrv - ok
11:09:48.0061 6604 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:09:48.0097 6604 MRxDAV - ok
11:09:48.0163 6604 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:09:48.0232 6604 mrxsmb - ok
11:09:48.0283 6604 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:09:48.0320 6604 mrxsmb10 - ok
11:09:48.0351 6604 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:09:48.0362 6604 mrxsmb20 - ok
11:09:48.0379 6604 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:09:48.0393 6604 msahci - ok
11:09:48.0454 6604 MSCRMAsyncService$client (c35985fd2320d8e8d87ae3760ae1b431) C:\Program Files (x86)\Microsoft Dynamics CRM Data Migration Manager\DMClient\bin\CrmAsyncService.exe
11:09:48.0467 6604 MSCRMAsyncService$client - ok
11:09:48.0491 6604 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:09:48.0508 6604 msdsm - ok
11:09:48.0537 6604 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:09:48.0558 6604 MSDTC - ok
11:09:48.0688 6604 MsDtsServer100 (f7a0ba64036ea2b3dfb569e4dc9986e7) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
11:09:48.0700 6604 MsDtsServer100 - ok
11:09:48.0849 6604 MsDtsServer110 (40be2c09ace1bed16a343662e6fdf241) C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
11:09:48.0869 6604 MsDtsServer110 - ok
11:09:48.0903 6604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:09:48.0938 6604 Msfs - ok
11:09:49.0091 6604 msftesql (f7e0900f9a8e3f71f2c16a932f0e03e0) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
11:09:49.0101 6604 msftesql - ok
11:09:49.0152 6604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:09:49.0188 6604 mshidkmdf - ok
11:09:49.0211 6604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:09:49.0224 6604 msisadrv - ok
11:09:49.0272 6604 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:09:49.0329 6604 MSiSCSI - ok
11:09:49.0333 6604 msiserver - ok
11:09:49.0353 6604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:09:49.0400 6604 MSKSSRV - ok
11:09:49.0563 6604 msoidsvc (3d9df5c79abe835e58df426b14600a33) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
11:09:49.0628 6604 msoidsvc - ok
11:09:49.0733 6604 MSOLAP$MSSQL2012 - ok
11:09:49.0787 6604 MSOLAP$SQLSERVER08 - ok
11:09:49.0886 6604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:09:49.0933 6604 MSPCLOCK - ok
11:09:49.0945 6604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:09:49.0998 6604 MSPQM - ok
11:09:50.0033 6604 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:09:50.0049 6604 MsRPC - ok
11:09:50.0090 6604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:09:50.0102 6604 mssmbios - ok
11:09:50.0170 6604 MSSQL$MSSQL2012 (3ae13c9869b7ce1135bcf21c0aaa68ed) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe
11:09:50.0190 6604 MSSQL$MSSQL2012 - ok
11:09:50.0212 6604 MSSQL$SQLEXPRESS - ok
11:09:50.0241 6604 MSSQL$SQLSERVER08 - ok
11:09:50.0293 6604 MSSQLFDLauncher$MSSQL2012 (f4991c8c070c86082e6f0597f73e02d0) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe
11:09:50.0305 6604 MSSQLFDLauncher$MSSQL2012 - ok
11:09:50.0320 6604 MSSQLFDLauncher$SQLSERVER08 (aa511eb28672011a1d832f73e302f0a0) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe
11:09:50.0330 6604 MSSQLFDLauncher$SQLSERVER08 - ok
11:09:50.0404 6604 MSSQLSERVER - ok
11:09:50.0469 6604 MSSQLServerADHelper (adaf062116b4e6d96e44d26486a87af6) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:09:50.0478 6604 MSSQLServerADHelper - ok
11:09:50.0540 6604 MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
11:09:50.0553 6604 MSSQLServerADHelper100 - ok
11:09:50.0564 6604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:09:50.0642 6604 MSTEE - ok
11:09:50.0696 6604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:09:50.0722 6604 MTConfig - ok
11:09:50.0766 6604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:09:50.0776 6604 Mup - ok
11:09:50.0823 6604 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:09:50.0897 6604 napagent - ok
11:09:50.0947 6604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:09:50.0994 6604 NativeWifiP - ok
11:09:51.0069 6604 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:09:51.0133 6604 NDIS - ok
11:09:51.0151 6604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:09:51.0203 6604 NdisCap - ok
11:09:51.0223 6604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:09:51.0288 6604 NdisTapi - ok
11:09:51.0313 6604 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:09:51.0369 6604 Ndisuio - ok
11:09:51.0393 6604 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:09:51.0453 6604 NdisWan - ok
11:09:51.0477 6604 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:09:51.0527 6604 NDProxy - ok
11:09:51.0583 6604 NEOFLTR_650_17883 (97e32d6f430d49644728f7173aad0ae0) C:\Windows\system32\Drivers\NEOFLTR_650_17883.SYS
11:09:51.0594 6604 NEOFLTR_650_17883 - ok
11:09:51.0609 6604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:09:51.0677 6604 NetBIOS - ok
11:09:51.0723 6604 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:09:51.0777 6604 NetBT - ok
11:09:51.0823 6604 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:09:51.0838 6604 Netlogon - ok
11:09:51.0888 6604 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:09:51.0956 6604 Netman - ok
11:09:52.0058 6604 NetMsmqActivator (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:09:52.0073 6604 NetMsmqActivator - ok
11:09:52.0078 6604 NetPipeActivator (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:09:52.0095 6604 NetPipeActivator - ok
11:09:52.0136 6604 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:09:52.0218 6604 netprofm - ok
11:09:52.0222 6604 NetTcpActivator (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:09:52.0239 6604 NetTcpActivator - ok
11:09:52.0243 6604 NetTcpPortSharing (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:09:52.0259 6604 NetTcpPortSharing - ok
11:09:52.0558 6604 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
11:09:52.0765 6604 NETw5s64 - ok
11:09:53.0134 6604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:09:53.0145 6604 nfrd960 - ok
11:09:53.0574 6604 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:09:53.0637 6604 NlaSvc - ok
11:09:53.0656 6604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:09:53.0706 6604 Npfs - ok
11:09:53.0717 6604 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:09:53.0781 6604 nsi - ok
11:09:53.0799 6604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:09:53.0861 6604 nsiproxy - ok
11:09:53.0962 6604 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:09:54.0031 6604 Ntfs - ok
11:09:54.0094 6604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:09:54.0161 6604 Null - ok
11:09:54.0205 6604 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:09:54.0222 6604 nvraid - ok
11:09:54.0274 6604 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:09:54.0290 6604 nvstor - ok
11:09:54.0326 6604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:09:54.0341 6604 nv_agp - ok
11:09:54.0364 6604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:09:54.0391 6604 ohci1394 - ok
11:09:54.0512 6604 OracleMTSRecoveryService - ok
11:09:54.0584 6604 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:09:54.0598 6604 ose - ok
11:09:54.0831 6604 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:09:54.0976 6604 osppsvc - ok
11:09:55.0090 6604 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:09:55.0129 6604 p2pimsvc - ok
11:09:55.0161 6604 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:09:55.0184 6604 p2psvc - ok
11:09:55.0243 6604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:09:55.0253 6604 Parport - ok
11:09:55.0301 6604 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:09:55.0314 6604 partmgr - ok
11:09:55.0334 6604 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:09:55.0374 6604 PcaSvc - ok
11:09:55.0409 6604 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:09:55.0423 6604 pci - ok
11:09:55.0440 6604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:09:55.0451 6604 pciide - ok
11:09:55.0478 6604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:09:55.0497 6604 pcmcia - ok
11:09:55.0517 6604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:09:55.0528 6604 pcw - ok
11:09:55.0573 6604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:09:55.0624 6604 PEAUTH - ok
11:09:55.0708 6604 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
11:09:55.0764 6604 PeerDistSvc - ok
11:09:55.0826 6604 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:09:55.0847 6604 PerfHost - ok
11:09:55.0986 6604 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:09:56.0052 6604 pla - ok
11:09:56.0090 6604 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:09:56.0129 6604 PlugPlay - ok
11:09:56.0147 6604 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:09:56.0168 6604 PNRPAutoReg - ok
11:09:56.0197 6604 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:09:56.0210 6604 PNRPsvc - ok
11:09:56.0253 6604 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:09:56.0314 6604 PolicyAgent - ok
11:09:56.0343 6604 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:09:56.0392 6604 Power - ok
11:09:56.0436 6604 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:09:56.0487 6604 PptpMiniport - ok
11:09:56.0521 6604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:09:56.0548 6604 Processor - ok
11:09:56.0598 6604 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:09:56.0650 6604 ProfSvc - ok
11:09:56.0697 6604 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:09:56.0710 6604 ProtectedStorage - ok
11:09:56.0741 6604 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:09:56.0796 6604 Psched - ok
11:09:56.0889 6604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:09:56.0951 6604 ql2300 - ok
11:09:57.0026 6604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:09:57.0037 6604 ql40xx - ok
11:09:57.0069 6604 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:09:57.0089 6604 QWAVE - ok
11:09:57.0102 6604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:09:57.0133 6604 QWAVEdrv - ok
11:09:57.0150 6604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:09:57.0191 6604 RasAcd - ok
11:09:57.0227 6604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:09:57.0262 6604 RasAgileVpn - ok
11:09:57.0274 6604 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:09:57.0324 6604 RasAuto - ok
11:09:57.0356 6604 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:09:57.0403 6604 Rasl2tp - ok
11:09:57.0456 6604 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:09:57.0521 6604 RasMan - ok
11:09:57.0532 6604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:09:57.0583 6604 RasPppoe - ok
11:09:57.0600 6604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:09:57.0641 6604 RasSstp - ok
11:09:57.0677 6604 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:09:57.0744 6604 rdbss - ok
11:09:57.0755 6604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:09:57.0778 6604 rdpbus - ok
11:09:57.0794 6604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:09:57.0846 6604 RDPCDD - ok
11:09:57.0881 6604 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
11:09:57.0899 6604 RDPDR - ok
11:09:57.0929 6604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:09:57.0973 6604 RDPENCDD - ok
11:09:57.0993 6604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:09:58.0035 6604 RDPREFMP - ok
11:09:58.0093 6604 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
11:09:58.0133 6604 RdpVideoMiniport - ok
11:09:58.0183 6604 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:09:58.0208 6604 RDPWD - ok
11:09:58.0245 6604 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:09:58.0257 6604 rdyboost - ok
11:09:58.0369 6604 RegSrvc (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:09:58.0392 6604 RegSrvc - ok
11:09:58.0425 6604 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:09:58.0488 6604 RemoteAccess - ok
11:09:58.0528 6604 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:09:58.0592 6604 RemoteRegistry - ok
11:10:00.0337 6604 ReportServer$MSSQL2012 (4a4ff2146140bd6001a60a7ca3a63e47) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe
11:10:00.0470 6604 ReportServer$MSSQL2012 - ok
11:10:00.0808 6604 ReportServer$SQLSERVER08 (b08d6b6785b947fc97f18027a7a88f86) C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe
11:10:00.0898 6604 ReportServer$SQLSERVER08 - ok
11:10:01.0888 6604 rfdedaei - ok
11:10:01.0926 6604 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:10:01.0988 6604 RpcEptMapper - ok
11:10:02.0023 6604 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:10:02.0051 6604 RpcLocator - ok
11:10:02.0102 6604 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:10:02.0146 6604 RpcSs - ok
11:10:02.0214 6604 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
11:10:02.0244 6604 RsFx0105 - ok
11:10:02.0308 6604 RsFx0151 (c606c5f712a3761896ceffa4af6b1268) C:\Windows\system32\DRIVERS\RsFx0151.sys
11:10:02.0321 6604 RsFx0151 - ok
11:10:03.0404 6604 RsFx0200 (5aa85332cb1694871b2f0704e0fc9113) C:\Windows\system32\DRIVERS\RsFx0200.sys
11:10:03.0440 6604 RsFx0200 - ok
11:10:03.0476 6604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:10:03.0511 6604 rspndr - ok
11:10:03.0556 6604 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:10:03.0600 6604 s3cap - ok
11:10:03.0646 6604 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:10:03.0655 6604 SamSs - ok
11:10:03.0984 6604 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:10:04.0293 6604 sbp2port - ok
11:10:04.0323 6604 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:10:04.0392 6604 SCardSvr - ok
11:10:04.0439 6604 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:10:04.0478 6604 scfilter - ok
11:10:04.0580 6604 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:10:04.0656 6604 Schedule - ok
11:10:04.0687 6604 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:10:04.0719 6604 SCPolicySvc - ok
11:10:04.0747 6604 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
11:10:04.0777 6604 sdbus - ok
11:10:04.0810 6604 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:10:04.0848 6604 SDRSVC - ok
11:10:04.0873 6604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:10:04.0923 6604 secdrv - ok
11:10:04.0948 6604 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:10:05.0010 6604 seclogon - ok
11:10:05.0035 6604 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:10:05.0088 6604 SENS - ok
11:10:05.0104 6604 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:10:05.0140 6604 SensrSvc - ok
11:10:05.0567 6604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:10:05.0598 6604 Serenum - ok
11:10:05.0746 6604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:10:05.0758 6604 Serial - ok
11:10:05.0901 6604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:10:05.0920 6604 sermouse - ok
11:10:05.0961 6604 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:10:06.0020 6604 SessionEnv - ok
11:10:06.0032 6604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:10:06.0057 6604 sffdisk - ok
11:10:06.0072 6604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:10:06.0088 6604 sffp_mmc - ok
11:10:06.0091 6604 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:10:06.0114 6604 sffp_sd - ok
11:10:06.0130 6604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:10:06.0142 6604 sfloppy - ok
11:10:06.0196 6604 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:10:06.0312 6604 ShellHWDetection - ok
11:10:06.0337 6604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:10:06.0347 6604 SiSRaid2 - ok
11:10:06.0361 6604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:10:06.0371 6604 SiSRaid4 - ok
11:10:06.0557 6604 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:10:06.0568 6604 SkypeUpdate - ok
11:10:06.0770 6604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:10:06.0840 6604 Smb - ok
11:10:06.0903 6604 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:10:06.0928 6604 SNMPTRAP - ok
11:10:06.0939 6604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:10:06.0951 6604 spldr - ok
11:10:06.0997 6604 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:10:07.0063 6604 Spooler - ok
11:10:07.0296 6604 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:10:07.0419 6604 sppsvc - ok
11:10:07.0658 6604 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:10:07.0723 6604 sppuinotify - ok
11:10:08.0648 6604 SQLAgent$MSSQL2012 (b70faf0c7c5737aa6973e14b45477730) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\SQLAGENT.EXE
11:10:08.0765 6604 SQLAgent$MSSQL2012 - ok
11:10:08.0844 6604 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
11:10:08.0872 6604 SQLAgent$SQLEXPRESS - ok
11:10:08.0949 6604 SQLAgent$SQLSERVER08 (3420e0482ad95120b471b7328a8d7d08) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\SQLAGENT.EXE
11:10:08.0987 6604 SQLAgent$SQLSERVER08 - ok
11:10:09.0163 6604 SQLBrowser (e9254892a2d74e537bad3092f0f8ee40) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:10:09.0188 6604 SQLBrowser - ok
11:10:09.0879 6604 SQLSERVERAGENT (a2b96e2e86e11f9aabf69fb199c28966) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
11:10:09.0962 6604 SQLSERVERAGENT - ok
11:10:10.0040 6604 SQLWriter (ead5300c93946b0250a309e2bf2be4cf) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:10:10.0058 6604 SQLWriter - ok
11:10:10.0674 6604 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:10:10.0724 6604 srv - ok
11:10:10.0757 6604 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:10:10.0797 6604 srv2 - ok
11:10:10.0826 6604 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:10:10.0858 6604 srvnet - ok
11:10:11.0329 6604 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:10:11.0424 6604 SSDPSRV - ok
11:10:11.0508 6604 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:10:11.0562 6604 SstpSvc - ok
11:10:11.0589 6604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:10:11.0599 6604 stexstor - ok
11:10:11.0653 6604 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:10:11.0695 6604 stisvc - ok
11:10:11.0724 6604 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
11:10:11.0733 6604 storflt - ok
11:10:11.0747 6604 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:10:11.0757 6604 storvsc - ok
11:10:11.0772 6604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:10:11.0781 6604 swenum - ok
11:10:11.0813 6604 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:10:11.0874 6604 swprv - ok
11:10:11.0883 6604 Synth3dVsc - ok
11:10:11.0988 6604 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:10:12.0058 6604 SysMain - ok
11:10:12.0158 6604 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:10:12.0176 6604 TabletInputService - ok
11:10:12.0202 6604 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:10:12.0267 6604 TapiSrv - ok
11:10:12.0287 6604 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:10:12.0322 6604 TBS - ok
11:10:12.0766 6604 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:10:12.0829 6604 Tcpip - ok
11:10:13.0021 6604 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:10:13.0066 6604 TCPIP6 - ok
11:10:13.0419 6604 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:10:13.0486 6604 tcpipreg - ok
11:10:13.0675 6604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:10:13.0756 6604 TDPIPE - ok
11:10:13.0952 6604 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:10:14.0015 6604 TDTCP - ok
11:10:14.0039 6604 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:10:14.0075 6604 tdx - ok
11:10:14.0757 6604 Te.Service (f7be59881aebe72722b0ab669ef23bb4) C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
11:10:14.0782 6604 Te.Service ( UnsignedFile.Multi.Generic ) - warning
11:10:14.0782 6604 Te.Service - detected UnsignedFile.Multi.Generic (1)
11:10:15.0285 6604 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:10:15.0359 6604 TeamViewer7 - ok
11:10:15.0795 6604 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:10:15.0805 6604 TermDD - ok
11:10:15.0861 6604 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:10:15.0932 6604 TermService - ok
11:10:15.0975 6604 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:10:16.0004 6604 Themes - ok
11:10:16.0050 6604 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:10:16.0131 6604 THREADORDER - ok
11:10:16.0161 6604 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:10:16.0217 6604 TrkWks - ok
11:10:16.0272 6604 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:10:16.0346 6604 TrustedInstaller - ok
11:10:16.0404 6604 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:10:16.0453 6604 tssecsrv - ok
11:10:16.0867 6604 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:10:17.0018 6604 TsUsbFlt - ok
11:10:17.0023 6604 tsusbhub - ok
11:10:17.0199 6604 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:10:17.0251 6604 tunnel - ok
11:10:17.0279 6604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:10:17.0290 6604 uagp35 - ok
11:10:17.0332 6604 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:10:17.0414 6604 udfs - ok
11:10:17.0444 6604 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:10:17.0456 6604 UI0Detect - ok
11:10:17.0488 6604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:10:17.0498 6604 uliagpkx - ok
11:10:17.0542 6604 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:10:17.0552 6604 umbus - ok
11:10:17.0589 6604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:10:17.0610 6604 UmPass - ok
11:10:17.0643 6604 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
11:10:17.0684 6604 UmRdpService - ok
11:10:17.0718 6604 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:10:17.0775 6604 upnphost - ok
11:10:17.0818 6604 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:10:17.0837 6604 usbccgp - ok
11:10:17.0862 6604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:10:17.0876 6604 usbcir - ok
11:10:17.0895 6604 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:10:17.0918 6604 usbehci - ok
11:10:17.0948 6604 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:10:18.0005 6604 usbhub - ok
11:10:18.0018 6604 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:10:18.0044 6604 usbohci - ok
11:10:18.0058 6604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:10:18.0080 6604 usbprint - ok
11:10:18.0097 6604 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:10:18.0115 6604 USBSTOR - ok
11:10:18.0129 6604 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:10:18.0145 6604 usbuhci - ok
11:10:18.0163 6604 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:10:18.0210 6604 UxSms - ok
11:10:18.0254 6604 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:10:18.0264 6604 VaultSvc - ok
11:10:18.0274 6604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:10:18.0284 6604 vdrvroot - ok
11:10:18.0319 6604 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:10:18.0364 6604 vds - ok
11:10:18.0378 6604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:10:18.0395 6604 vga - ok
11:10:18.0410 6604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:10:18.0447 6604 VgaSave - ok
11:10:18.0476 6604 VGPU - ok
11:10:18.0490 6604 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:10:18.0507 6604 vhdmp - ok
11:10:18.0534 6604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:10:18.0544 6604 viaide - ok
11:10:18.0758 6604 VMAuthdService (1562a089b46c821487aff8d01ee5547e) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
11:10:18.0780 6604 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
11:10:18.0780 6604 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
11:10:18.0804 6604 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
11:10:18.0819 6604 vmbus - ok
11:10:18.0872 6604 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:10:18.0901 6604 VMBusHID - ok
11:10:18.0961 6604 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
11:10:18.0969 6604 vmci - ok
11:10:19.0027 6604 vmkbd (de41918b7abae9056eb1e62540d229d3) C:\Windows\system32\drivers\VMkbd.sys
11:10:19.0033 6604 vmkbd - ok
11:10:19.0106 6604 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys
11:10:19.0117 6604 vmm - ok
11:10:19.0175 6604 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:10:19.0183 6604 VMnetAdapter - ok
11:10:19.0196 6604 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:10:19.0204 6604 VMnetBridge - ok
11:10:19.0218 6604 VMnetDHCP - ok
11:10:19.0229 6604 VMnetuserif (0ab32d9f175c015d97eb712f5e636313) C:\Windows\system32\drivers\vmnetuserif.sys
11:10:19.0235 6604 VMnetuserif - ok
11:10:19.0246 6604 VMparport (e75e68e58c5d3b1ae7ca34526f730a90) C:\Windows\system32\drivers\VMparport.sys
11:10:19.0252 6604 VMparport - ok
11:10:19.0343 6604 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:10:19.0394 6604 VMUSBArbService - ok
11:10:19.0400 6604 VMware NAT Service - ok
11:10:19.0458 6604 vmx86 (840dd8ad9b1e26f82c598242369ea770) C:\Windows\system32\drivers\vmx86.sys
11:10:19.0466 6604 vmx86 - ok
11:10:19.0484 6604 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:10:19.0494 6604 volmgr - ok
11:10:19.0572 6604 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:10:19.0589 6604 volmgrx - ok
11:10:19.0637 6604 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:10:19.0652 6604 volsnap - ok
11:10:19.0713 6604 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
11:10:19.0726 6604 vpcbus - ok
11:10:19.0753 6604 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
11:10:19.0770 6604 vpcnfltr - ok
11:10:19.0787 6604 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
11:10:19.0808 6604 vpcusb - ok
11:10:19.0852 6604 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
11:10:19.0867 6604 vpcvmm - ok
11:10:20.0058 6604 vpnagent (6a1dde20410ce789810408c31929ba15) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:10:20.0073 6604 vpnagent - ok
11:10:20.0115 6604 vpnva (be7fe15ac90b9f02cbe011ae2426dd0f) C:\Windows\system32\DRIVERS\vpnva64.sys
11:10:20.0122 6604 vpnva - ok
11:10:20.0161 6604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:10:20.0175 6604 vsmraid - ok
11:10:20.0327 6604 VSPerfDrv100 (ca64a8838b4674d14bdf88aba2f253ea) C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
11:10:20.0340 6604 VSPerfDrv100 - ok
11:10:20.0657 6604 VSPerfDrv110 (ce5d3c26fd95e3bbd3381c25b9e1a8af) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
11:10:20.0669 6604 VSPerfDrv110 - ok
11:10:20.0808 6604 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:10:20.0896 6604 VSS - ok
11:10:20.0928 6604 vtigercrmMysql530 - ok
11:10:21.0167 6604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:10:21.0192 6604 vwifibus - ok
11:10:21.0215 6604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:10:21.0232 6604 vwififlt - ok
11:10:21.0259 6604 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:10:21.0278 6604 vwifimp - ok
11:10:21.0325 6604 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:10:21.0387 6604 W32Time - ok
11:10:21.0464 6604 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
11:10:21.0520 6604 W3SVC - ok
11:10:21.0543 6604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:10:21.0575 6604 WacomPen - ok
11:10:21.0641 6604 wampapache (5cf6e9a685199445fee02fe8c191c9ba) c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
11:10:21.0662 6604 wampapache ( UnsignedFile.Multi.Generic ) - warning
11:10:21.0662 6604 wampapache - detected UnsignedFile.Multi.Generic (1)
11:10:21.0700 6604 wampmysqld - ok
11:10:21.0753 6604 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:10:21.0805 6604 WANARP - ok
11:10:21.0820 6604 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:10:21.0864 6604 Wanarpv6 - ok
11:10:21.0897 6604 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
11:10:21.0918 6604 WAS - ok
11:10:22.0044 6604 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:10:22.0083 6604 WatAdminSvc - ok
11:10:23.0163 6604 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:10:23.0295 6604 wbengine - ok
11:10:23.0622 6604 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:10:23.0654 6604 WbioSrvc - ok
11:10:23.0728 6604 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:10:23.0814 6604 wcncsvc - ok
11:10:23.0857 6604 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:10:23.0875 6604 WcsPlugInService - ok
11:10:23.0912 6604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:10:23.0922 6604 Wd - ok
11:10:23.0975 6604 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
11:10:23.0994 6604 WDC_SAM - ok
11:10:24.0035 6604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:10:24.0063 6604 Wdf01000 - ok
11:10:24.0102 6604 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:10:24.0168 6604 WdiServiceHost - ok
11:10:24.0172 6604 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:10:24.0202 6604 WdiSystemHost - ok
11:10:24.0269 6604 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:10:24.0346 6604 WebClient - ok
11:10:24.0373 6604 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:10:24.0445 6604 Wecsvc - ok
11:10:24.0465 6604 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:10:24.0532 6604 wercplsupport - ok
11:10:24.0567 6604 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:10:24.0615 6604 WerSvc - ok
11:10:24.0646 6604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:10:24.0705 6604 WfpLwf - ok
11:10:24.0722 6604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:10:24.0734 6604 WIMMount - ok
11:10:24.0745 6604 WinHttpAutoProxySvc - ok
11:10:24.0813 6604 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:10:24.0883 6604 Winmgmt - ok
11:10:25.0029 6604 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:10:25.0137 6604 WinRM - ok
11:10:25.0284 6604 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:10:25.0299 6604 WinUsb - ok
11:10:25.0374 6604 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:10:25.0429 6604 Wlansvc - ok
11:10:25.0666 6604 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:10:25.0751 6604 wlidsvc - ok
11:10:25.0873 6604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:10:25.0904 6604 WmiAcpi - ok
11:10:25.0966 6604 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:10:25.0998 6604 wmiApSrv - ok
11:10:26.0018 6604 WMPNetworkSvc - ok
11:10:26.0069 6604 WMSVC (b5bd872122a2ce82d196abf2d5d8d80a) C:\Windows\system32\inetsrv\wmsvc.exe
11:10:26.0114 6604 WMSVC - ok
11:10:26.0135 6604 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:10:26.0153 6604 WPCSvc - ok
11:10:26.0177 6604 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:10:26.0194 6604 WPDBusEnum - ok
11:10:26.0215 6604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:10:26.0272 6604 ws2ifsl - ok
11:10:26.0322 6604 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:10:26.0348 6604 WSDPrintDevice - ok
11:10:26.0352 6604 WSearch - ok
11:10:26.0389 6604 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:10:26.0459 6604 WudfPf - ok
11:10:26.0476 6604 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:10:26.0536 6604 WUDFRd - ok
11:10:26.0561 6604 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:10:26.0619 6604 wudfsvc - ok
11:10:26.0656 6604 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:10:26.0716 6604 WwanSvc - ok
11:10:26.0815 6604 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:10:26.0874 6604 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:10:26.0874 6604 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:10:26.0931 6604 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:10:26.0931 6604 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:10:26.0937 6604 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
11:10:27.0038 6604 \Device\Harddisk1\DR1 - ok
11:10:27.0041 6604 Boot (0x1200) (1e99f161f2eeba0c378acd530b43af2b) \Device\Harddisk0\DR0\Partition0
11:10:27.0043 6604 \Device\Harddisk0\DR0\Partition0 - ok
11:10:27.0047 6604 Boot (0x1200) (c931212f353caa5bc6354424a6dac290) \Device\Harddisk0\DR0\Partition1
11:10:27.0048 6604 \Device\Harddisk0\DR0\Partition1 - ok
11:10:27.0052 6604 Boot (0x1200) (a3df57b4041395ecfe4ff93e30a6e6db) \Device\Harddisk1\DR1\Partition0
11:10:27.0053 6604 \Device\Harddisk1\DR1\Partition0 - ok
11:10:27.0054 6604 ============================================================
11:10:27.0054 6604 Scan finished
11:10:27.0054 6604 ============================================================
11:10:27.0068 4436 Detected object count: 6
11:10:27.0068 4436 Actual detected object count: 6
11:11:35.0515 4436 fussvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:11:35.0515 4436 fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:11:35.0515 4436 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:11:35.0515 4436 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:11:35.0515 4436 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
11:11:35.0515 4436 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:11:35.0525 4436 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
11:11:35.0525 4436 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:11:36.0215 4436 \Device\Harddisk0\DR0\# - copied to quarantine
11:11:36.0215 4436 \Device\Harddisk0\DR0 - copied to quarantine
11:11:36.0255 4436 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
11:11:36.0255 4436 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
11:11:36.0275 4436 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:11:36.0275 4436 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:11:36.0285 4436 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
11:11:36.0315 4436 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
11:11:36.0315 4436 \Device\Harddisk0\DR0 - ok
11:11:36.0315 4436 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:12:00.0526 7116 Deinitialize success

[MrCharlie]

Run it again and choose Delete for this one only:

Quote

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:12:00.0526 7116 Deinitialize success

---------------------------------

Then.....

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[MrCharlie]

How are we doing??

Do you still need help or can I close this post??

MrC

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!