dann Posted July 9, 2013 ID:700810 Share Posted July 9, 2013 I have got a computer that has been infected with ransomware. I have even tried to book to safe mode but as soon as I boot to safe it auto restarts! I have downloaded FRST64.exe as recommended from previous posts on here but now I need help in how to remove the virus, I can post the 2 logs here... Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 9, 2013 ID:700811 Share Posted July 9, 2013 If you have those logs, go ahead and post them here Link to post Share on other sites More sharing options...
dann Posted July 9, 2013 Author ID:700813 Share Posted July 9, 2013 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013 01Ran by SYSTEM on 09-07-2013 22:18:57Running from H:\Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: RecoveryThe current controlset is ControlSet002ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.==================== Registry (Whitelisted) ==================HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-07-28] (Adobe Systems Incorporated)HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-08-12] (Logitech Inc.)HKLM-x32\...\Run: [Maps4PC_0c Browser Plugin Loader] - C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbrmon.exe [30096 2011-09-28] (VER_COMPANY_NAME)HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [FUFAXRCV] - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [495616 2011-03-08] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [FUFAXSTM] - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [856064 2011-03-08] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [979328 2010-10-12] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-28] (AVG Technologies CZ, s.r.o.)HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)HKU\Les\...\Run: [skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18708224 2013-01-08] (Skype Technologies S.A.)HKU\Les\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7525 Series" [241280 2013-02-23] (SEIKO EPSON CORPORATION)HKU\Les\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2013-04-19] (Google Inc.)HKU\Les\...\Winlogon: [shell] explorer.exe,C:\Users\Les\AppData\Roaming\skype.dat [70144 2011-11-16] () <==== ATTENTIONHKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll [22592 2013-06-22] ()AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL c:\progra~3\browse~2\261339~1.144\{c16c1~1\browse~1.dll C:\PROGRA~2\MUSICT~1\Datamngr\mgrldr.dll [18496 2013-06-22] ()IMEO\audibledownloadhelper.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\bingdesktop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\extendscript toolkit.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\firefox.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\photoshop elements 8.0.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\photoshopelementseditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\photoshopelementsorganizer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"IMEO\rim.desktop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"Startup: C:\ProgramData\Start Menu\Programs\Startup\Audible Download Manager.lnkShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)Startup: C:\Users\Les\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)==================== Services (Whitelisted) =================S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1428472 2013-04-10] (AVG Technologies CZ, s.r.o.)S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-13] (AVG Technologies CZ, s.r.o.)S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-17] (AVG Technologies CZ, s.r.o.)S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()S2 DatamngrCoordinator; C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3179584 2013-06-22] (iMesh Inc.)S2 Maps4PC_0cService; C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe [42504 2011-08-22] (COMPANYVERS_NAME)S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)S4 MyWebSearchService; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320 2011-09-27] (MyWebSearch.com)S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148216 2012-08-23] (AVG)S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)==================== Drivers (Whitelisted) ====================S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-28] (AVG Technologies CZ, s.r.o.)S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-07] (AVG Technologies CZ, s.r.o.)S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-07] (AVG Technologies CZ, s.r.o.)S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-07] (AVG Technologies CZ, s.r.o.)S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-07] (AVG Technologies CZ, s.r.o.)S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-07] (AVG Technologies CZ, s.r.o.)S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-20] (AVG Technologies CZ, s.r.o.)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)S0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-07-18] (Duplex Secure Ltd.)S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-07-09 22:18 - 2013-07-09 22:18 - 00000000 ____D C:\FRST2013-07-08 08:25 - 2013-07-08 11:37 - 00000004 ____A C:\Users\Les\AppData\Roaming\skype.ini2013-07-07 08:32 - 2013-07-07 09:15 - 00000866 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog2013-07-07 08:31 - 2013-07-07 08:31 - 14391552 ____A (PortableApps.com) C:\Users\Les\Desktop\Java_Portable_6_Update_21_online.paf.exe2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\Delta2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\BabSolution2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Local\Wajam2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\ProgramData\BrowserDefender2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Wajam2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Delta2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____A C:\END2013-07-05 01:58 - 2013-07-05 01:58 - 00002360 ____A C:\Users\Les\Desktop\Google Chrome.lnk2013-06-29 14:55 - 2013-06-29 14:55 - 00000000 ____D C:\ProgramData\Browser Manager2013-06-29 12:38 - 2013-06-29 12:39 - 00021504 ____A C:\Users\Les\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2013-06-29 12:36 - 2013-06-29 12:36 - 00000000 ____D C:\Users\Les\AppData\Roaming\MusicNet2013-06-29 12:35 - 2013-06-29 12:35 - 00000000 ____D C:\Users\Les\Documents\My Received Files2013-06-29 12:34 - 2013-06-29 12:34 - 00000000 ____D C:\ProgramData\Wincert2013-06-29 12:33 - 2013-07-08 11:37 - 00000000 ____D C:\ProgramData\Datamngr2013-06-29 12:33 - 2013-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\Music Toolbar2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\Les\AppData\Roaming\AVG20132013-06-29 01:23 - 2013-06-29 01:23 - 00001003 ____A C:\Users\Public\Desktop\AVG 2013.lnk2013-06-29 01:20 - 2013-06-29 01:25 - 00000000 ____D C:\ProgramData\AVG20132013-06-29 01:18 - 2013-06-29 09:44 - 00000000 ____D C:\Users\Les\AppData\Local\Avg20132013-06-29 01:18 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\MFAData2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\Program Files\iTunes2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\Program Files (x86)\iTunes2013-06-28 09:32 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iPod2013-06-28 04:59 - 2013-06-28 04:59 - 02238976 ____N C:\Users\Les\Documents\IBA Manual of Deal Pages.xls2013-06-26 18:06 - 2013-06-26 18:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-06-26 18:06 - 2013-06-26 18:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-06-26 18:06 - 2013-06-26 18:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-06-26 18:06 - 2013-06-26 18:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-06-26 18:06 - 2013-06-26 18:06 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-06-26 18:06 - 2013-06-26 18:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2013-06-26 18:06 - 2013-06-26 18:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat2013-06-26 18:06 - 2013-06-26 18:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec2013-06-26 18:06 - 2013-06-26 18:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-06-26 18:06 - 2013-06-26 18:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx2013-06-26 18:06 - 2013-06-26 18:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-06-26 18:06 - 2013-06-26 18:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-06-26 18:04 - 2013-06-26 18:10 - 00007201 ____A C:\Windows\IE10_main.log2013-06-26 16:01 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll2013-06-26 16:01 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll2013-06-26 16:01 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys2013-06-26 16:01 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll2013-06-26 16:01 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll2013-06-26 15:59 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2013-06-26 15:59 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll2013-06-26 15:58 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll2013-06-26 15:58 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll2013-06-26 15:58 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll2013-06-26 15:58 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll2013-06-26 15:58 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2013-06-26 15:58 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2013-06-26 15:58 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2013-06-26 15:58 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe2013-06-26 15:58 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe2013-06-26 15:58 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll2013-06-26 15:56 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll2013-06-26 15:56 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll==================== One Month Modified Files and Folders =======2013-07-09 22:18 - 2013-07-09 22:18 - 00000000 ____D C:\FRST2013-07-08 11:38 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-07-08 11:38 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-07-08 11:37 - 2013-07-08 08:25 - 00000004 ____A C:\Users\Les\AppData\Roaming\skype.ini2013-07-08 11:37 - 2013-06-29 12:33 - 00000000 ____D C:\ProgramData\Datamngr2013-07-08 11:37 - 2011-05-21 07:12 - 01968896 ____A C:\Windows\WindowsUpdate.log2013-07-08 11:36 - 2011-07-16 02:36 - 00009852 ____A C:\Users\Les\Sti_Trace.log2013-07-08 11:34 - 2013-01-26 17:00 - 00005594 ____A C:\Windows\setupact.log2013-07-08 11:34 - 2012-11-17 19:11 - 00000000 ____D C:\ProgramData\NVIDIA2013-07-08 11:34 - 2011-09-06 07:00 - 00000310 __ASH C:\Windows\Tasks\unzynxnxke.job2013-07-08 11:34 - 2011-05-21 14:20 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-07-08 11:34 - 2011-05-21 07:32 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs2013-07-08 11:34 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT2013-07-08 11:16 - 2011-05-21 14:20 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-07-08 11:14 - 2011-05-21 08:21 - 00000000 ____D C:\ProgramData\MFAData2013-07-08 11:12 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI2013-07-08 11:09 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp2013-07-08 08:41 - 2011-06-06 14:01 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352994947-2355220423-3568772355-1001UA.job2013-07-08 08:28 - 2010-11-20 19:47 - 00189192 ____A C:\Windows\PFRO.log2013-07-08 08:28 - 2009-07-13 21:08 - 00032636 ____A C:\Windows\Tasks\SCHEDLGU.TXT2013-07-08 07:53 - 2011-05-21 08:00 - 00000000 ____D C:\Users\Les\Documents\Outlook Files2013-07-08 07:51 - 2012-07-16 08:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job2013-07-08 05:41 - 2011-06-06 14:01 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352994947-2355220423-3568772355-1001Core.job2013-07-07 09:15 - 2013-07-07 08:32 - 00000866 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog2013-07-07 09:11 - 2011-06-12 10:06 - 00003125 ____A C:\Users\Les\AppData\Roaming\Rim.Desktop.HttpServerSetup.log2013-07-07 08:31 - 2013-07-07 08:31 - 14391552 ____A (PortableApps.com) C:\Users\Les\Desktop\Java_Portable_6_Update_21_online.paf.exe2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\Delta2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\BabSolution2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Local\Wajam2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\ProgramData\BrowserDefender2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Wajam2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Delta2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____A C:\END2013-07-06 04:47 - 2011-05-21 08:05 - 00000000 ____D C:\Users\Les\AppData\Roaming\Skype2013-07-05 01:58 - 2013-07-05 01:58 - 00002360 ____A C:\Users\Les\Desktop\Google Chrome.lnk2013-06-29 14:55 - 2013-06-29 14:55 - 00000000 ____D C:\ProgramData\Browser Manager2013-06-29 12:39 - 2013-06-29 12:38 - 00021504 ____A C:\Users\Les\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2013-06-29 12:36 - 2013-06-29 12:36 - 00000000 ____D C:\Users\Les\AppData\Roaming\MusicNet2013-06-29 12:35 - 2013-06-29 12:35 - 00000000 ____D C:\Users\Les\Documents\My Received Files2013-06-29 12:34 - 2013-06-29 12:34 - 00000000 ____D C:\ProgramData\Wincert2013-06-29 12:33 - 2013-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\Music Toolbar2013-06-29 12:17 - 2013-05-01 12:53 - 00000000 ____D C:\Users\Les\Documents\Mr Ohms Logos2013-06-29 09:44 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\Avg20132013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\Les\AppData\Roaming\AVG20132013-06-29 09:43 - 2011-05-21 08:41 - 00000000 ____D C:\Program Files (x86)\AVG2013-06-29 01:25 - 2013-06-29 01:20 - 00000000 ____D C:\ProgramData\AVG20132013-06-29 01:23 - 2013-06-29 01:23 - 00001003 ____A C:\Users\Public\Desktop\AVG 2013.lnk2013-06-29 01:23 - 2012-10-27 01:07 - 00000000 ____D C:\Users\Les\AppData\Roaming\TuneUp Software2013-06-29 01:22 - 2011-09-24 00:30 - 00000000 ___HD C:\$AVG2013-06-29 01:18 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\MFAData2013-06-28 17:50 - 2011-05-21 08:42 - 00000000 ____D C:\Windows\System32\Drivers\AVG2013-06-28 09:36 - 2011-05-23 03:10 - 00000000 ____D C:\Program Files\Common Files\Apple2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iTunes2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files (x86)\iTunes2013-06-28 09:33 - 2012-11-03 08:42 - 00001821 ____A C:\Users\Public\Desktop\iTunes.lnk2013-06-28 09:32 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iPod2013-06-28 04:59 - 2013-06-28 04:59 - 02238976 ____N C:\Users\Les\Documents\IBA Manual of Deal Pages.xls2013-06-26 23:37 - 2011-05-21 14:20 - 00000000 ____D C:\Users\Les\AppData\Local\Google2013-06-26 19:09 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache2013-06-26 18:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-06-26 18:10 - 2013-06-26 18:04 - 00007201 ____A C:\Windows\IE10_main.log2013-06-26 18:06 - 2013-06-26 18:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-06-26 18:06 - 2013-06-26 18:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-06-26 18:06 - 2013-06-26 18:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-06-26 18:06 - 2013-06-26 18:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-06-26 18:06 - 2013-06-26 18:06 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-06-26 18:06 - 2013-06-26 18:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-06-26 18:06 - 2013-06-26 18:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2013-06-26 18:06 - 2013-06-26 18:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat2013-06-26 18:06 - 2013-06-26 18:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-06-26 18:06 - 2013-06-26 18:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec2013-06-26 18:06 - 2013-06-26 18:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-06-26 18:06 - 2013-06-26 18:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx2013-06-26 18:06 - 2013-06-26 18:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-06-26 18:06 - 2013-06-26 18:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-06-26 18:06 - 2013-06-26 18:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe2013-06-26 18:06 - 2013-06-26 18:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-06-26 18:01 - 2011-06-01 02:55 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-06-26 16:51 - 2012-04-14 17:44 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-06-26 16:51 - 2011-05-21 14:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cplZeroAccess:C:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1Files to move or delete:====================C:\Users\Les\AppData\Roaming\skype.datC:\Users\Les\AppData\Roaming\skype.ini==================== Known DLLs (Whitelisted) ==================================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit==================== EXE ASSOCIATION =====================HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK==================== Restore Points ============================================= Memory info ===========================Percentage of memory in use: 24%Total physical RAM: 2047.18 MBAvailable physical RAM: 1555.31 MBTotal Pagefile: 2047.18 MBAvailable Pagefile: 1543 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.85 MB==================== Drives ================================Drive c: (ACER) (Fixed) (Total:451.11 GB) (Free:350.12 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]Drive d: () (Fixed) (Total:465.76 GB) (Free:278.54 GB) NTFS (Disk=1 Partition=1)Drive e: (PQSERVICE) (Fixed) (Total:14.65 GB) (Free:6.95 GB) NTFS (Disk=0 Partition=1)Drive h: (KINGSTON) (Removable) (Total:7.44 GB) (Free:7.34 GB) FAT32 (Disk=2 Partition=1)Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E04C1E5F)Partition 1: (Not Active) - (Size=15 GB) - (Type=27)Partition 2: (Active) - (Size=451 GB) - (Type=07 NTFS)========================================================Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 7B9C243B)Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)========================================================Disk: 2 (Size: 7 GB) (Disk ID: 65901243)Partition 1: (Active) - (Size=7 GB) - (Type=0B)LastRegBack: 2013-07-02 15:06==================== End Of Log ============================ Farbar Recovery Scan Tool (x64) Version: 09-07-2013 01Ran by SYSTEM at 2013-07-09 22:21:08Running from H:\Boot Mode: Recovery================== Search: "services.exe" ===================C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCBC:\Windows\System32\services.exe[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB====== End Of Search ====== Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 9, 2013 ID:700814 Share Posted July 9, 2013 Hello dann and welcome to Malwarebytes!Please do the following:Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.Right-click in the open notepad and select Paste).Save it on the flashdrive as fixlist.txt C:\Users\Les\AppData\Roaming\skype.datC:\Users\Les\AppData\Roaming\skype.iniC:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1HKU\Les\...\Winlogon: [shell] explorer.exe,C:\Users\Les\AppData\Roaming\skype.dat [70144 2011-11-16] () <==== ATTENTIONNOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemNow please enter System Recovery Options.Run FRST and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply.After that- are you able to boot into normal mode? Let me know when you can as we have more malware to remove.-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Note:Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly" -------> Your topic will be closed if you haven't replied within 3 days! <--------(If I don't respond within 24 hours, please send me a PM)-DFB Link to post Share on other sites More sharing options...
dann Posted July 9, 2013 Author ID:700817 Share Posted July 9, 2013 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-07-2013 01Ran by SYSTEM at 2013-07-09 22:47:48 Run:1Running from H:\Boot Mode: Recovery==============================================C:\Users\Les\AppData\Roaming\skype.dat => Moved successfully.C:\Users\Les\AppData\Roaming\skype.ini => Moved successfully.C:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1 => Moved successfully.HKU\Les\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.==== End of Fixlog ==== Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 9, 2013 ID:700818 Share Posted July 9, 2013 Are you able to boot normally? Link to post Share on other sites More sharing options...
dann Posted July 9, 2013 Author ID:700821 Share Posted July 9, 2013 Excellent! All working fine now... Thank you! Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 9, 2013 ID:700822 Share Posted July 9, 2013 Glad to hear you can boot. Let's start getting rid of the rest of it:----------Step 1----------------Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Double-click on TDSSKiller.exe to run the tool for known TDSS variants.Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.----------Step 2----------------Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt----------Step 3----------------Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix***IMPORTANT: save ComboFix to your Desktop**** Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Please go here to see a list of programs that should be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall** Please include the C:\ComboFix.txt in your next reply for further review.NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.----------Step 4----------------Please download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.----------Step 5----------------In your next reply, please include the following:TDSSKiller's logfileMBAR mbar-log.txt and system-log.txtComboFix's report (C:\ComboFix.txt)Security Check checkup.txtAfter that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. Link to post Share on other sites More sharing options...
dann Posted July 9, 2013 Author ID:700826 Share Posted July 9, 2013 23:02:26.0664 4152 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:1923:02:26.0773 4152 ============================================================23:02:26.0773 4152 Current date / time: 2013/07/09 23:02:26.077323:02:26.0773 4152 SystemInfo:23:02:26.0773 4152 23:02:26.0773 4152 OS Version: 6.1.7601 ServicePack: 1.023:02:26.0773 4152 Product type: Workstation23:02:26.0773 4152 ComputerName: LES-PC23:02:26.0773 4152 UserName: Les23:02:26.0773 4152 Windows directory: C:\Windows23:02:26.0773 4152 System windows directory: C:\Windows23:02:26.0773 4152 Running under WOW6423:02:26.0773 4152 Processor architecture: Intel x6423:02:26.0773 4152 Number of processors: 223:02:26.0773 4152 Page size: 0x100023:02:26.0773 4152 Boot type: Normal boot23:02:26.0773 4152 ============================================================23:02:28.0350 4152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004023:02:28.0366 4152 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004023:02:28.0381 4152 Drive \Device\Harddisk6\DR6 - Size: 0x1DC8D0800 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'23:02:28.0381 4152 ============================================================23:02:28.0381 4152 \Device\Harddisk0\DR0:23:02:28.0381 4152 MBR partitions:23:02:28.0381 4152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4F800, BlocksNum 0x3863600023:02:28.0381 4152 \Device\Harddisk1\DR1:23:02:28.0381 4152 MBR partitions:23:02:28.0381 4152 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A38500023:02:28.0381 4152 \Device\Harddisk6\DR6:23:02:28.0397 4152 MBR partitions:23:02:28.0397 4152 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEE3FA123:02:28.0397 4152 ============================================================23:02:28.0412 4152 C: <-> \Device\Harddisk0\DR0\Partition123:02:28.0444 4152 D: <-> \Device\Harddisk1\DR1\Partition123:02:28.0444 4152 ============================================================23:02:28.0444 4152 Initialize success23:02:28.0444 4152 ============================================================23:03:19.0674 1528 ============================================================23:03:19.0674 1528 Scan started23:03:19.0674 1528 Mode: Manual;23:03:19.0674 1528 ============================================================23:03:20.0251 1528 ================ Scan system memory ========================23:03:20.0251 1528 System memory - ok23:03:20.0251 1528 ================ Scan services =============================23:03:20.0392 1528 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys23:03:20.0392 1528 1394ohci - ok23:03:20.0423 1528 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys23:03:20.0439 1528 ACPI - ok23:03:20.0454 1528 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys23:03:20.0454 1528 AcpiPmi - ok23:03:20.0548 1528 [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe23:03:20.0548 1528 AdobeActiveFileMonitor8.0 - ok23:03:20.0610 1528 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe23:03:20.0610 1528 AdobeActiveFileMonitor9.0 - ok23:03:20.0673 1528 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe23:03:20.0673 1528 AdobeARMservice - ok23:03:20.0766 1528 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe23:03:20.0782 1528 AdobeFlashPlayerUpdateSvc - ok23:03:20.0829 1528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys23:03:20.0844 1528 adp94xx - ok23:03:20.0860 1528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys23:03:20.0860 1528 adpahci - ok23:03:20.0875 1528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys23:03:20.0875 1528 adpu320 - ok23:03:20.0922 1528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll23:03:20.0922 1528 AeLookupSvc - ok23:03:20.0969 1528 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys23:03:20.0985 1528 AFD - ok23:03:21.0000 1528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys23:03:21.0016 1528 agp440 - ok23:03:21.0031 1528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe23:03:21.0031 1528 ALG - ok23:03:21.0047 1528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys23:03:21.0047 1528 aliide - ok23:03:21.0063 1528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys23:03:21.0063 1528 amdide - ok23:03:21.0094 1528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys23:03:21.0094 1528 AmdK8 - ok23:03:21.0094 1528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys23:03:21.0094 1528 AmdPPM - ok23:03:21.0125 1528 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys23:03:21.0141 1528 amdsata - ok23:03:21.0156 1528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys23:03:21.0156 1528 amdsbs - ok23:03:21.0172 1528 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys23:03:21.0172 1528 amdxata - ok23:03:21.0187 1528 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys23:03:21.0187 1528 AppID - ok23:03:21.0219 1528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll23:03:21.0219 1528 AppIDSvc - ok23:03:21.0234 1528 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll23:03:21.0265 1528 Appinfo - ok23:03:21.0375 1528 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe23:03:21.0375 1528 Apple Mobile Device - ok23:03:21.0390 1528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys23:03:21.0390 1528 arc - ok23:03:21.0406 1528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys23:03:21.0406 1528 arcsas - ok23:03:21.0421 1528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys23:03:21.0421 1528 AsyncMac - ok23:03:21.0437 1528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys23:03:21.0437 1528 atapi - ok23:03:21.0468 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll23:03:21.0499 1528 AudioEndpointBuilder - ok23:03:21.0499 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll23:03:21.0515 1528 AudioSrv - ok23:03:21.0546 1528 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys23:03:21.0546 1528 Avgfwfd - ok23:03:21.0624 1528 [ 6D3A517FE33AD047578BF73BB447EEAD ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe23:03:21.0655 1528 avgfws - ok23:03:21.0796 1528 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe23:03:21.0936 1528 AVGIDSAgent - ok23:03:21.0967 1528 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys23:03:21.0967 1528 AVGIDSDriver - ok23:03:22.0014 1528 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys23:03:22.0014 1528 AVGIDSHA - ok23:03:22.0061 1528 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys23:03:22.0061 1528 Avgldx64 - ok23:03:22.0092 1528 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys23:03:22.0092 1528 Avgloga - ok23:03:22.0123 1528 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys23:03:22.0123 1528 Avgmfx64 - ok23:03:22.0139 1528 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys23:03:22.0139 1528 Avgrkx64 - ok23:03:22.0170 1528 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys23:03:22.0170 1528 Avgtdia - ok23:03:22.0201 1528 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe23:03:22.0201 1528 avgwd - ok23:03:22.0233 1528 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll23:03:22.0233 1528 AxInstSV - ok23:03:22.0264 1528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys23:03:22.0279 1528 b06bdrv - ok23:03:22.0311 1528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys23:03:22.0311 1528 b57nd60a - ok23:03:22.0326 1528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll23:03:22.0326 1528 BDESVC - ok23:03:22.0357 1528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys23:03:22.0373 1528 Beep - ok23:03:22.0389 1528 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll23:03:22.0404 1528 BFE - ok23:03:22.0451 1528 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll23:03:22.0467 1528 BITS - ok23:03:22.0467 1528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys23:03:22.0482 1528 blbdrive - ok23:03:22.0576 1528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe23:03:22.0591 1528 Bonjour Service - ok23:03:22.0623 1528 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys23:03:22.0623 1528 bowser - ok23:03:22.0654 1528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys23:03:22.0654 1528 BrFiltLo - ok23:03:22.0669 1528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys23:03:22.0669 1528 BrFiltUp - ok23:03:22.0701 1528 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll23:03:22.0701 1528 Browser - ok23:03:22.0810 1528 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe23:03:22.0857 1528 BrowserDefendert - ok23:03:22.0872 1528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys23:03:22.0888 1528 Brserid - ok23:03:22.0903 1528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys23:03:22.0903 1528 BrSerWdm - ok23:03:22.0919 1528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys23:03:22.0919 1528 BrUsbMdm - ok23:03:22.0935 1528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys23:03:22.0935 1528 BrUsbSer - ok23:03:22.0950 1528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys23:03:22.0950 1528 BTHMODEM - ok23:03:22.0981 1528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll23:03:22.0981 1528 bthserv - ok23:03:22.0997 1528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys23:03:23.0013 1528 cdfs - ok23:03:23.0028 1528 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys23:03:23.0028 1528 cdrom - ok23:03:23.0044 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll23:03:23.0044 1528 CertPropSvc - ok23:03:23.0059 1528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys23:03:23.0059 1528 circlass - ok23:03:23.0137 1528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys23:03:23.0137 1528 CLFS - ok23:03:23.0184 1528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe23:03:23.0184 1528 clr_optimization_v2.0.50727_32 - ok23:03:23.0231 1528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe23:03:23.0247 1528 clr_optimization_v2.0.50727_64 - ok23:03:23.0309 1528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe23:03:23.0309 1528 clr_optimization_v4.0.30319_32 - ok23:03:23.0340 1528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe23:03:23.0340 1528 clr_optimization_v4.0.30319_64 - ok23:03:23.0371 1528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys23:03:23.0371 1528 CmBatt - ok23:03:23.0387 1528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys23:03:23.0387 1528 cmdide - ok23:03:23.0434 1528 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys23:03:23.0449 1528 CNG - ok23:03:23.0465 1528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys23:03:23.0465 1528 Compbatt - ok23:03:23.0481 1528 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys23:03:23.0481 1528 CompositeBus - ok23:03:23.0481 1528 COMSysApp - ok23:03:23.0496 1528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys23:03:23.0496 1528 crcdisk - ok23:03:23.0527 1528 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll23:03:23.0527 1528 CryptSvc - ok23:03:23.0652 1528 [ 63BB35797AAA73236FB85C6363E2F156 ] DatamngrCoordinator C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe23:03:23.0746 1528 DatamngrCoordinator - ok23:03:23.0793 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll23:03:23.0808 1528 DcomLaunch - ok23:03:23.0839 1528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll23:03:23.0839 1528 defragsvc - ok23:03:23.0871 1528 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys23:03:23.0871 1528 DfsC - ok23:03:23.0902 1528 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys23:03:23.0902 1528 dg_ssudbus - ok23:03:23.0933 1528 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll23:03:23.0933 1528 Dhcp - ok23:03:23.0964 1528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys23:03:23.0964 1528 discache - ok23:03:23.0980 1528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys23:03:23.0980 1528 Disk - ok23:03:24.0011 1528 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll23:03:24.0011 1528 Dnscache - ok23:03:24.0042 1528 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll23:03:24.0042 1528 dot3svc - ok23:03:24.0058 1528 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll23:03:24.0058 1528 DPS - ok23:03:24.0089 1528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys23:03:24.0089 1528 drmkaud - ok23:03:24.0136 1528 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys23:03:24.0151 1528 DXGKrnl - ok23:03:24.0183 1528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll23:03:24.0183 1528 EapHost - ok23:03:24.0261 1528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys23:03:24.0323 1528 ebdrv - ok23:03:24.0354 1528 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe23:03:24.0354 1528 EFS - ok23:03:24.0401 1528 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe23:03:24.0417 1528 ehRecvr - ok23:03:24.0432 1528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe23:03:24.0432 1528 ehSched - ok23:03:24.0479 1528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys23:03:24.0495 1528 elxstor - ok23:03:24.0495 1528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys23:03:24.0510 1528 ErrDev - ok23:03:24.0573 1528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll23:03:24.0588 1528 EventSystem - ok23:03:24.0619 1528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys23:03:24.0635 1528 exfat - ok23:03:24.0666 1528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys23:03:24.0682 1528 fastfat - ok23:03:24.0713 1528 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe23:03:24.0729 1528 Fax - ok23:03:24.0744 1528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys23:03:24.0744 1528 fdc - ok23:03:24.0760 1528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll23:03:24.0760 1528 fdPHost - ok23:03:24.0775 1528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll23:03:24.0775 1528 FDResPub - ok23:03:24.0807 1528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys23:03:24.0807 1528 FileInfo - ok23:03:24.0807 1528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys23:03:24.0822 1528 Filetrace - ok23:03:24.0869 1528 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe23:03:24.0885 1528 FLEXnet Licensing Service - ok23:03:24.0900 1528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys23:03:24.0900 1528 flpydisk - ok23:03:24.0916 1528 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys23:03:24.0931 1528 FltMgr - ok23:03:24.0963 1528 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll23:03:24.0994 1528 FontCache - ok23:03:25.0041 1528 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe23:03:25.0041 1528 FontCache3.0.0.0 - ok23:03:25.0056 1528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys23:03:25.0072 1528 FsDepends - ok23:03:25.0119 1528 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys23:03:25.0119 1528 fssfltr - ok23:03:25.0181 1528 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe23:03:25.0228 1528 fsssvc - ok23:03:25.0275 1528 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys23:03:25.0275 1528 Fs_Rec - ok23:03:25.0306 1528 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys23:03:25.0306 1528 fvevol - ok23:03:25.0321 1528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys23:03:25.0321 1528 gagp30kx - ok23:03:25.0353 1528 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys23:03:25.0353 1528 GEARAspiWDM - ok23:03:25.0384 1528 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll23:03:25.0399 1528 gpsvc - ok23:03:25.0493 1528 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe23:03:25.0493 1528 gupdate - ok23:03:25.0493 1528 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe23:03:25.0509 1528 gupdatem - ok23:03:25.0555 1528 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe23:03:25.0571 1528 gusvc - ok23:03:25.0587 1528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys23:03:25.0587 1528 hcw85cir - ok23:03:25.0633 1528 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys23:03:25.0633 1528 HdAudAddService - ok23:03:25.0649 1528 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys23:03:25.0649 1528 HDAudBus - ok23:03:25.0680 1528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys23:03:25.0680 1528 HidBatt - ok23:03:25.0696 1528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys23:03:25.0696 1528 HidBth - ok23:03:25.0711 1528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys23:03:25.0711 1528 HidIr - ok23:03:25.0743 1528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll23:03:25.0743 1528 hidserv - ok23:03:25.0758 1528 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys23:03:25.0758 1528 HidUsb - ok23:03:25.0789 1528 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll23:03:25.0789 1528 hkmsvc - ok23:03:25.0821 1528 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll23:03:25.0821 1528 HomeGroupListener - ok23:03:25.0852 1528 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll23:03:25.0867 1528 HomeGroupProvider - ok23:03:25.0883 1528 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys23:03:25.0883 1528 HpSAMD - ok23:03:25.0914 1528 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys23:03:25.0930 1528 HTTP - ok23:03:25.0945 1528 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys23:03:25.0945 1528 hwpolicy - ok23:03:25.0961 1528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys23:03:25.0961 1528 i8042prt - ok23:03:25.0992 1528 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys23:03:25.0992 1528 iaStorV - ok23:03:26.0086 1528 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe23:03:26.0086 1528 IDriverT - ok23:03:26.0133 1528 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe23:03:26.0148 1528 idsvc - ok23:03:26.0164 1528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys23:03:26.0179 1528 iirsp - ok23:03:26.0211 1528 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll23:03:26.0242 1528 IKEEXT - ok23:03:26.0242 1528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys23:03:26.0257 1528 intelide - ok23:03:26.0273 1528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys23:03:26.0273 1528 intelppm - ok23:03:26.0289 1528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll23:03:26.0289 1528 IPBusEnum - ok23:03:26.0304 1528 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys23:03:26.0304 1528 IpFilterDriver - ok23:03:26.0351 1528 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll23:03:26.0367 1528 iphlpsvc - ok23:03:26.0382 1528 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys23:03:26.0382 1528 IPMIDRV - ok23:03:26.0398 1528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys23:03:26.0413 1528 IPNAT - ok23:03:26.0476 1528 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe23:03:26.0491 1528 iPod Service - ok23:03:26.0523 1528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys23:03:26.0523 1528 IRENUM - ok23:03:26.0554 1528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys23:03:26.0554 1528 isapnp - ok23:03:26.0569 1528 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys23:03:26.0569 1528 iScsiPrt - ok23:03:26.0601 1528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys23:03:26.0601 1528 kbdclass - ok23:03:26.0616 1528 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys23:03:26.0616 1528 kbdhid - ok23:03:26.0632 1528 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe23:03:26.0632 1528 KeyIso - ok23:03:26.0663 1528 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys23:03:26.0663 1528 KSecDD - ok23:03:26.0694 1528 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys23:03:26.0694 1528 KSecPkg - ok23:03:26.0725 1528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys23:03:26.0725 1528 ksthunk - ok23:03:26.0757 1528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll23:03:26.0772 1528 KtmRm - ok23:03:26.0803 1528 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll23:03:26.0803 1528 LanmanServer - ok23:03:26.0850 1528 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll23:03:26.0850 1528 LanmanWorkstation - ok23:03:26.0866 1528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys23:03:26.0866 1528 lltdio - ok23:03:26.0897 1528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll23:03:26.0897 1528 lltdsvc - ok23:03:26.0928 1528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll23:03:26.0928 1528 lmhosts - ok23:03:26.0944 1528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys23:03:26.0959 1528 LSI_FC - ok23:03:26.0975 1528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys23:03:26.0975 1528 LSI_SAS - ok23:03:26.0991 1528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys23:03:26.0991 1528 LSI_SAS2 - ok23:03:27.0006 1528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys23:03:27.0022 1528 LSI_SCSI - ok23:03:27.0037 1528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys23:03:27.0053 1528 luafv - ok23:03:27.0100 1528 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys23:03:27.0100 1528 LVRS64 - ok23:03:27.0287 1528 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys23:03:27.0427 1528 LVUVC64 - ok23:03:27.0490 1528 [ 622FCF264119F7DF127BE353F796B319 ] Maps4PC_0cService C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe23:03:27.0490 1528 Maps4PC_0cService - ok23:03:27.0552 1528 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe23:03:27.0552 1528 McComponentHostService - ok23:03:27.0583 1528 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll23:03:27.0583 1528 Mcx2Svc - ok23:03:27.0615 1528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys23:03:27.0615 1528 megasas - ok23:03:27.0630 1528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys23:03:27.0646 1528 MegaSR - ok23:03:27.0661 1528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll23:03:27.0677 1528 MMCSS - ok23:03:27.0708 1528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys23:03:27.0708 1528 Modem - ok23:03:27.0724 1528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys23:03:27.0724 1528 monitor - ok23:03:27.0724 1528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys23:03:27.0724 1528 mouclass - ok23:03:27.0739 1528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys23:03:27.0739 1528 mouhid - ok23:03:27.0755 1528 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys23:03:27.0755 1528 mountmgr - ok23:03:27.0786 1528 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe23:03:27.0786 1528 MozillaMaintenance - ok23:03:27.0802 1528 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys23:03:27.0817 1528 mpio - ok23:03:27.0833 1528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys23:03:27.0833 1528 mpsdrv - ok23:03:27.0880 1528 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll23:03:27.0895 1528 MpsSvc - ok23:03:27.0911 1528 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys23:03:27.0911 1528 MRxDAV - ok23:03:27.0942 1528 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys23:03:27.0942 1528 mrxsmb - ok23:03:27.0973 1528 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys23:03:27.0989 1528 mrxsmb10 - ok23:03:28.0005 1528 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys23:03:28.0005 1528 mrxsmb20 - ok23:03:28.0020 1528 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys23:03:28.0020 1528 msahci - ok23:03:28.0036 1528 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys23:03:28.0036 1528 msdsm - ok23:03:28.0051 1528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe23:03:28.0051 1528 MSDTC - ok23:03:28.0083 1528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys23:03:28.0083 1528 Msfs - ok23:03:28.0098 1528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys23:03:28.0098 1528 mshidkmdf - ok23:03:28.0114 1528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys23:03:28.0114 1528 msisadrv - ok23:03:28.0145 1528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll23:03:28.0145 1528 MSiSCSI - ok23:03:28.0145 1528 msiserver - ok23:03:28.0161 1528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys23:03:28.0161 1528 MSKSSRV - ok23:03:28.0192 1528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys23:03:28.0192 1528 MSPCLOCK - ok23:03:28.0207 1528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys23:03:28.0207 1528 MSPQM - ok23:03:28.0239 1528 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys23:03:28.0239 1528 MsRPC - ok23:03:28.0254 1528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys23:03:28.0270 1528 mssmbios - ok23:03:28.0285 1528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys23:03:28.0301 1528 MSTEE - ok23:03:28.0301 1528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys23:03:28.0301 1528 MTConfig - ok23:03:28.0317 1528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys23:03:28.0317 1528 Mup - ok23:03:28.0379 1528 [ BB74024A1D4E4808562C090980151653 ] MyWebSearchService C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe23:03:28.0379 1528 MyWebSearchService - ok23:03:28.0410 1528 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll23:03:28.0441 1528 napagent - ok23:03:28.0473 1528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys23:03:28.0473 1528 NativeWifiP - ok23:03:28.0519 1528 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys23:03:28.0535 1528 NDIS - ok23:03:28.0551 1528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys23:03:28.0551 1528 NdisCap - ok23:03:28.0566 1528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys23:03:28.0566 1528 NdisTapi - ok23:03:28.0582 1528 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys23:03:28.0582 1528 Ndisuio - ok23:03:28.0597 1528 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys23:03:28.0613 1528 NdisWan - ok23:03:28.0629 1528 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys23:03:28.0629 1528 NDProxy - ok23:03:28.0644 1528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys23:03:28.0644 1528 NetBIOS - ok23:03:28.0660 1528 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys23:03:28.0675 1528 NetBT - ok23:03:28.0691 1528 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe23:03:28.0691 1528 Netlogon - ok23:03:28.0722 1528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll23:03:28.0722 1528 Netman - ok23:03:28.0738 1528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll23:03:28.0738 1528 netprofm - ok23:03:28.0769 1528 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe23:03:28.0769 1528 NetTcpPortSharing - ok23:03:28.0785 1528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys23:03:28.0800 1528 nfrd960 - ok23:03:28.0816 1528 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll23:03:28.0831 1528 NlaSvc - ok23:03:28.0831 1528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys23:03:28.0831 1528 Npfs - ok23:03:28.0863 1528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll23:03:28.0863 1528 nsi - ok23:03:28.0863 1528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys23:03:28.0878 1528 nsiproxy - ok23:03:28.0941 1528 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys23:03:28.0972 1528 Ntfs - ok23:03:29.0003 1528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys23:03:29.0003 1528 Null - ok23:03:29.0331 1528 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys23:03:29.0612 1528 nvlddmkm - ok23:03:29.0643 1528 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys23:03:29.0643 1528 nvraid - ok23:03:29.0674 1528 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys23:03:29.0674 1528 nvstor - ok23:03:29.0768 1528 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe23:03:29.0783 1528 nvsvc - ok23:03:29.0846 1528 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe23:03:29.0877 1528 nvUpdatusService - ok23:03:29.0892 1528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys23:03:29.0892 1528 nv_agp - ok23:03:29.0924 1528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys23:03:29.0924 1528 ohci1394 - ok23:03:29.0970 1528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE23:03:29.0970 1528 ose - ok23:03:30.0158 1528 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE23:03:30.0298 1528 osppsvc - ok23:03:30.0329 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll23:03:30.0345 1528 p2pimsvc - ok23:03:30.0376 1528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll23:03:30.0392 1528 p2psvc - ok23:03:30.0407 1528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys23:03:30.0407 1528 Parport - ok23:03:30.0438 1528 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys23:03:30.0438 1528 partmgr - ok23:03:30.0454 1528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll23:03:30.0454 1528 PcaSvc - ok23:03:30.0470 1528 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys23:03:30.0470 1528 pci - ok23:03:30.0485 1528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys23:03:30.0485 1528 pciide - ok23:03:30.0501 1528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys23:03:30.0501 1528 pcmcia - ok23:03:30.0516 1528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys23:03:30.0532 1528 pcw - ok23:03:30.0548 1528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys23:03:30.0579 1528 PEAUTH - ok23:03:30.0626 1528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe23:03:30.0641 1528 PerfHost - ok23:03:30.0704 1528 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll23:03:30.0719 1528 pla - ok23:03:30.0766 1528 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll23:03:30.0766 1528 PlugPlay - ok23:03:30.0782 1528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll23:03:30.0782 1528 PNRPAutoReg - ok23:03:30.0797 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll23:03:30.0797 1528 PNRPsvc - ok23:03:30.0844 1528 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll23:03:30.0860 1528 PolicyAgent - ok23:03:30.0875 1528 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll23:03:30.0891 1528 Power - ok23:03:30.0906 1528 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys23:03:30.0906 1528 PptpMiniport - ok23:03:30.0938 1528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys23:03:30.0938 1528 Processor - ok23:03:30.0969 1528 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll23:03:30.0969 1528 ProfSvc - ok23:03:30.0984 1528 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe23:03:30.0984 1528 ProtectedStorage - ok23:03:31.0000 1528 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys23:03:31.0016 1528 Psched - ok23:03:31.0031 1528 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys23:03:31.0031 1528 PxHlpa64 - ok23:03:31.0078 1528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys23:03:31.0109 1528 ql2300 - ok23:03:31.0125 1528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys23:03:31.0125 1528 ql40xx - ok23:03:31.0156 1528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll23:03:31.0172 1528 QWAVE - ok23:03:31.0172 1528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys23:03:31.0172 1528 QWAVEdrv - ok23:03:31.0187 1528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys23:03:31.0203 1528 RasAcd - ok23:03:31.0218 1528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys23:03:31.0218 1528 RasAgileVpn - ok23:03:31.0265 1528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll23:03:31.0281 1528 RasAuto - ok23:03:31.0281 1528 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys23:03:31.0296 1528 Rasl2tp - ok23:03:31.0312 1528 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll23:03:31.0312 1528 RasMan - ok23:03:31.0328 1528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys23:03:31.0328 1528 RasPppoe - ok23:03:31.0343 1528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys23:03:31.0359 1528 RasSstp - ok23:03:31.0390 1528 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys23:03:31.0390 1528 rdbss - ok23:03:31.0406 1528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys23:03:31.0406 1528 rdpbus - ok23:03:31.0437 1528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys23:03:31.0437 1528 RDPCDD - ok23:03:31.0452 1528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys23:03:31.0452 1528 RDPENCDD - ok23:03:31.0468 1528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys23:03:31.0468 1528 RDPREFMP - ok23:03:31.0499 1528 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys23:03:31.0499 1528 RdpVideoMiniport - ok23:03:31.0530 1528 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys23:03:31.0530 1528 RDPWD - ok23:03:31.0562 1528 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys23:03:31.0562 1528 rdyboost - ok23:03:31.0593 1528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll23:03:31.0593 1528 RemoteAccess - ok23:03:31.0624 1528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll23:03:31.0624 1528 RemoteRegistry - ok23:03:31.0655 1528 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys23:03:31.0671 1528 RimUsb - ok23:03:31.0702 1528 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys23:03:31.0702 1528 RimVSerPort - ok23:03:31.0733 1528 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys23:03:31.0733 1528 ROOTMODEM - ok23:03:31.0749 1528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll23:03:31.0749 1528 RpcEptMapper - ok23:03:31.0780 1528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe23:03:31.0780 1528 RpcLocator - ok23:03:31.0796 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll23:03:31.0811 1528 RpcSs - ok23:03:31.0811 1528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys23:03:31.0827 1528 rspndr - ok23:03:31.0827 1528 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe23:03:31.0827 1528 SamSs - ok23:03:31.0842 1528 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys23:03:31.0842 1528 sbp2port - ok23:03:31.0858 1528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll23:03:31.0874 1528 SCardSvr - ok23:03:31.0889 1528 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys23:03:31.0889 1528 scfilter - ok23:03:31.0936 1528 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll23:03:31.0967 1528 Schedule - ok23:03:31.0998 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll23:03:31.0998 1528 SCPolicySvc - ok23:03:32.0014 1528 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll23:03:32.0014 1528 SDRSVC - ok23:03:32.0030 1528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys23:03:32.0030 1528 secdrv - ok23:03:32.0045 1528 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll23:03:32.0045 1528 seclogon - ok23:03:32.0061 1528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll23:03:32.0061 1528 SENS - ok23:03:32.0108 1528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll23:03:32.0108 1528 SensrSvc - ok23:03:32.0123 1528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys23:03:32.0123 1528 Serenum - ok23:03:32.0139 1528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys23:03:32.0139 1528 Serial - ok23:03:32.0154 1528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys23:03:32.0154 1528 sermouse - ok23:03:32.0186 1528 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll23:03:32.0186 1528 SessionEnv - ok23:03:32.0201 1528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys23:03:32.0201 1528 sffdisk - ok23:03:32.0217 1528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys23:03:32.0217 1528 sffp_mmc - ok23:03:32.0248 1528 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys23:03:32.0248 1528 sffp_sd - ok23:03:32.0264 1528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys23:03:32.0264 1528 sfloppy - ok23:03:32.0295 1528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll23:03:32.0295 1528 SharedAccess - ok23:03:32.0310 1528 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll23:03:32.0326 1528 ShellHWDetection - ok23:03:32.0342 1528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys23:03:32.0342 1528 SiSRaid2 - ok23:03:32.0357 1528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys23:03:32.0357 1528 SiSRaid4 - ok23:03:32.0404 1528 [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe23:03:32.0404 1528 SkypeUpdate - ok23:03:32.0420 1528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys23:03:32.0420 1528 Smb - ok23:03:32.0435 1528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe23:03:32.0435 1528 SNMPTRAP - ok23:03:32.0451 1528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys23:03:32.0451 1528 spldr - ok23:03:32.0482 1528 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe23:03:32.0498 1528 Spooler - ok23:03:32.0576 1528 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe23:03:32.0638 1528 sppsvc - ok23:03:32.0669 1528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll23:03:32.0669 1528 sppuinotify - ok23:03:32.0700 1528 [ 34F974F8B3C86DE03A30DCBE79091C97 ] sptd C:\Windows\system32\Drivers\sptd.sys23:03:32.0700 1528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C9723:03:32.0716 1528 sptd ( LockedFile.Multi.Generic ) - warning23:03:32.0716 1528 sptd - detected LockedFile.Multi.Generic (1)23:03:32.0747 1528 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys23:03:32.0763 1528 srv - ok23:03:32.0794 1528 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys23:03:32.0794 1528 srv2 - ok23:03:32.0810 1528 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys23:03:32.0810 1528 srvnet - ok23:03:32.0841 1528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll23:03:32.0856 1528 SSDPSRV - ok23:03:32.0872 1528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll23:03:32.0872 1528 SstpSvc - ok23:03:32.0903 1528 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys23:03:32.0903 1528 ssudmdm - ok23:03:32.0966 1528 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe23:03:32.0981 1528 Stereo Service - ok23:03:33.0012 1528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys23:03:33.0012 1528 stexstor - ok23:03:33.0044 1528 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll23:03:33.0059 1528 stisvc - ok23:03:33.0075 1528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys23:03:33.0075 1528 swenum - ok23:03:33.0122 1528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll23:03:33.0137 1528 swprv - ok23:03:33.0184 1528 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll23:03:33.0215 1528 SysMain - ok23:03:33.0231 1528 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll23:03:33.0262 1528 TabletInputService - ok23:03:33.0278 1528 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll23:03:33.0278 1528 TapiSrv - ok23:03:33.0293 1528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll23:03:33.0293 1528 TBS - ok23:03:33.0356 1528 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys23:03:33.0387 1528 Tcpip - ok23:03:33.0434 1528 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys23:03:33.0434 1528 TCPIP6 - ok23:03:33.0480 1528 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys23:03:33.0480 1528 tcpipreg - ok23:03:33.0512 1528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys23:03:33.0512 1528 TDPIPE - ok23:03:33.0543 1528 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys23:03:33.0543 1528 TDTCP - ok23:03:33.0558 1528 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys23:03:33.0558 1528 tdx - ok23:03:33.0574 1528 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys23:03:33.0574 1528 TermDD - ok23:03:33.0605 1528 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll23:03:33.0621 1528 TermService - ok23:03:33.0636 1528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll23:03:33.0636 1528 Themes - ok23:03:33.0652 1528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll23:03:33.0652 1528 THREADORDER - ok23:03:33.0668 1528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll23:03:33.0668 1528 TrkWks - ok23:03:33.0714 1528 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe23:03:33.0714 1528 TrustedInstaller - ok23:03:33.0730 1528 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys23:03:33.0730 1528 tssecsrv - ok23:03:33.0761 1528 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys23:03:33.0761 1528 TsUsbFlt - ok23:03:33.0777 1528 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys23:03:33.0792 1528 TsUsbGD - ok23:03:33.0902 1528 [ DD296C78B0D2C3F5E42DC0D2972CD992 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe23:03:33.0948 1528 TuneUp.UtilitiesSvc - ok23:03:33.0980 1528 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys23:03:33.0980 1528 TuneUpUtilitiesDrv - ok23:03:34.0011 1528 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys23:03:34.0011 1528 tunnel - ok23:03:34.0042 1528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys23:03:34.0042 1528 uagp35 - ok23:03:34.0058 1528 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys23:03:34.0073 1528 udfs - ok23:03:34.0104 1528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe23:03:34.0104 1528 UI0Detect - ok23:03:34.0120 1528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys23:03:34.0120 1528 uliagpkx - ok23:03:34.0136 1528 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys23:03:34.0136 1528 umbus - ok23:03:34.0151 1528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys23:03:34.0151 1528 UmPass - ok23:03:34.0182 1528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll23:03:34.0182 1528 upnphost - ok23:03:34.0214 1528 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys23:03:34.0229 1528 USBAAPL64 - ok23:03:34.0260 1528 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys23:03:34.0260 1528 usbaudio - ok23:03:34.0307 1528 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys23:03:34.0307 1528 usbccgp - ok23:03:34.0323 1528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys23:03:34.0323 1528 usbcir - ok23:03:34.0354 1528 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys23:03:34.0354 1528 usbehci - ok23:03:34.0385 1528 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys23:03:34.0385 1528 usbhub - ok23:03:34.0416 1528 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys23:03:34.0416 1528 usbohci - ok23:03:34.0432 1528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys23:03:34.0432 1528 usbprint - ok23:03:34.0463 1528 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys23:03:34.0463 1528 usbscan - ok23:03:34.0479 1528 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS23:03:34.0479 1528 USBSTOR - ok23:03:34.0494 1528 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys23:03:34.0494 1528 usbuhci - ok23:03:34.0526 1528 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys23:03:34.0541 1528 usbvideo - ok23:03:34.0557 1528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll23:03:34.0557 1528 UxSms - ok23:03:34.0572 1528 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe23:03:34.0572 1528 VaultSvc - ok23:03:34.0588 1528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys23:03:34.0588 1528 vdrvroot - ok23:03:34.0604 1528 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe23:03:34.0619 1528 vds - ok23:03:34.0635 1528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys23:03:34.0650 1528 vga - ok23:03:34.0666 1528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys23:03:34.0666 1528 VgaSave - ok23:03:34.0682 1528 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys23:03:34.0682 1528 vhdmp - ok23:03:34.0697 1528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys23:03:34.0713 1528 viaide - ok23:03:34.0713 1528 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys23:03:34.0713 1528 volmgr - ok23:03:34.0744 1528 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys23:03:34.0744 1528 volmgrx - ok23:03:34.0760 1528 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys23:03:34.0760 1528 volsnap - ok23:03:34.0775 1528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys23:03:34.0775 1528 vsmraid - ok23:03:34.0838 1528 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe23:03:34.0900 1528 VSS - ok23:03:34.0916 1528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys23:03:34.0916 1528 vwifibus - ok23:03:34.0931 1528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll23:03:34.0947 1528 W32Time - ok23:03:34.0962 1528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys23:03:34.0978 1528 WacomPen - ok23:03:35.0025 1528 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe23:03:35.0025 1528 WajamUpdater - ok23:03:35.0040 1528 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys23:03:35.0040 1528 WANARP - ok23:03:35.0056 1528 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys23:03:35.0056 1528 Wanarpv6 - ok23:03:35.0103 1528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe23:03:35.0134 1528 WatAdminSvc - ok23:03:35.0181 1528 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe23:03:35.0212 1528 wbengine - ok23:03:35.0243 1528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll23:03:35.0243 1528 WbioSrvc - ok23:03:35.0259 1528 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll23:03:35.0259 1528 wcncsvc - ok23:03:35.0274 1528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll23:03:35.0274 1528 WcsPlugInService - ok23:03:35.0306 1528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys23:03:35.0306 1528 Wd - ok23:03:35.0352 1528 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys23:03:35.0368 1528 Wdf01000 - ok23:03:35.0384 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll23:03:35.0384 1528 WdiServiceHost - ok23:03:35.0384 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll23:03:35.0399 1528 WdiSystemHost - ok23:03:35.0415 1528 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll23:03:35.0415 1528 WebClient - ok23:03:35.0430 1528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll23:03:35.0430 1528 Wecsvc - ok23:03:35.0446 1528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll23:03:35.0446 1528 wercplsupport - ok23:03:35.0462 1528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll23:03:35.0462 1528 WerSvc - ok23:03:35.0508 1528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys23:03:35.0508 1528 WfpLwf - ok23:03:35.0524 1528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys23:03:35.0524 1528 WIMMount - ok23:03:35.0555 1528 WinDefend - ok23:03:35.0555 1528 WinHttpAutoProxySvc - ok23:03:35.0618 1528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll23:03:35.0618 1528 Winmgmt - ok23:03:35.0664 1528 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll23:03:35.0711 1528 WinRM - ok23:03:35.0758 1528 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys23:03:35.0774 1528 WinUsb - ok23:03:35.0805 1528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll23:03:35.0820 1528 Wlansvc - ok23:03:35.0867 1528 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe23:03:35.0867 1528 wlcrasvc - ok23:03:35.0992 1528 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE23:03:36.0054 1528 wlidsvc - ok23:03:36.0086 1528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys23:03:36.0086 1528 WmiAcpi - ok23:03:36.0117 1528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe23:03:36.0132 1528 wmiApSrv - ok23:03:36.0148 1528 WMPNetworkSvc - ok23:03:36.0164 1528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll23:03:36.0164 1528 WPCSvc - ok23:03:36.0179 1528 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll23:03:36.0179 1528 WPDBusEnum - ok23:03:36.0195 1528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys23:03:36.0195 1528 ws2ifsl - ok23:03:36.0226 1528 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll23:03:36.0226 1528 wscsvc - ok23:03:36.0242 1528 WSearch - ok23:03:36.0335 1528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll23:03:36.0413 1528 wuauserv - ok23:03:36.0429 1528 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys23:03:36.0444 1528 WudfPf - ok23:03:36.0476 1528 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys23:03:36.0476 1528 WUDFRd - ok23:03:36.0491 1528 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll23:03:36.0507 1528 wudfsvc - ok23:03:36.0522 1528 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll23:03:36.0538 1528 WwanSvc - ok23:03:36.0585 1528 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys23:03:36.0585 1528 yukonw7 - ok23:03:36.0600 1528 ================ Scan global ===============================23:03:36.0632 1528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll23:03:36.0647 1528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll23:03:36.0663 1528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll23:03:36.0694 1528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll23:03:36.0725 1528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe23:03:36.0725 1528 [Global] - ok23:03:36.0725 1528 ================ Scan MBR ==================================23:03:36.0741 1528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR023:03:36.0912 1528 \Device\Harddisk0\DR0 - ok23:03:36.0912 1528 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR123:03:36.0928 1528 \Device\Harddisk1\DR1 - ok23:03:36.0928 1528 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk6\DR623:03:36.0944 1528 \Device\Harddisk6\DR6 - ok23:03:36.0944 1528 ================ Scan VBR ==================================23:03:36.0944 1528 [ 5E1FFDA03ADF716325B3EEBDA320AD70 ] \Device\Harddisk0\DR0\Partition123:03:36.0944 1528 \Device\Harddisk0\DR0\Partition1 - ok23:03:36.0959 1528 [ F0DB76EEA7384EAFEFA271B4C132FE2D ] \Device\Harddisk1\DR1\Partition123:03:36.0959 1528 \Device\Harddisk1\DR1\Partition1 - ok23:03:36.0959 1528 [ 2CA56DCF83E1A4BF11BF562A88793243 ] \Device\Harddisk6\DR6\Partition123:03:36.0959 1528 \Device\Harddisk6\DR6\Partition1 - ok23:03:36.0959 1528 ============================================================23:03:36.0959 1528 Scan finished23:03:36.0959 1528 ============================================================23:03:36.0975 5116 Detected object count: 123:03:36.0975 5116 Actual detected object count: 123:05:26.0097 5116 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine23:05:26.0097 5116 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine23:05:43.0413 3392 Deinitialize success Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 9, 2013 ID:700853 Share Posted July 9, 2013 Please post the other logs as well whenever possible. Link to post Share on other sites More sharing options...
dann Posted July 9, 2013 Author ID:700854 Share Posted July 9, 2013 will do when the scans are all done Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 10, 2013 ID:700859 Share Posted July 10, 2013 Sounds good. Keep me posted. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 13, 2013 Root Admin ID:702179 Share Posted July 13, 2013 Are you still with us? Link to post Share on other sites More sharing options...
dann Posted July 13, 2013 Author ID:702302 Share Posted July 13, 2013 Yes... The main drive died (old pc) so had to get new HDD...... Thank you for your help anyway Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 16, 2013 Root Admin ID:703401 Share Posted July 16, 2013 Thank you for the follow-up reply. I'll close your topic now. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 16, 2013 Root Admin ID:703402 Share Posted July 16, 2013 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts