Jump to content

gr8nw

Members
  • Posts

    18
  • Joined

  • Last visited

Everything posted by gr8nw

  1. My CPU is fine, and it was fine before, I just did a random scan and AVG found that so I decided to make a post on here. I think it said Quarantine the first time I did a scan I dont know what this folder is but its located on C:/FRST/ then theres 3 folders (Hives, Logs, Quarantine) and file named "softdebug" Should I throw the folder in the trash and delete? I dont know what this same file keeps coming up when I scan with AVG. I ran a scan again says 1 infection and that its not been removed or healed Options are: View details, removed selected and remove all unhealed
  2. Alright AVG found it again.....This is what it says.... C:/FRST/Quarantine/services.exe Trojan horse patched_c.LXT
  3. Computer was running fine before, i just decided to run a scan using AVG and it found that trojan thats in the description and Malware found nothing after I did AVG. Here is the newest Malware report log. Ill run AVG again after I post this... Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.15.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 jk :: JK-HP [administrator] 8/15/2012 3:17:24 PM mbam-log-2012-08-15 (15-17-24).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 216726 Time elapsed: 1 minute(s), 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  4. ComboFix 12-08-15.01 - jk 08/15/2012 13:58:37.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4292 [GMT -7:00] Running from: c:\users\jk\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-15 to 2012-08-15 ))))))))))))))))))))))))))))))) . . 2012-08-15 21:01 . 2012-08-15 21:01 -------- d-----w- c:\users\Mcx1-JK-HP\AppData\Local\temp 2012-08-15 21:01 . 2012-08-15 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-14 19:20 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-14 19:20 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-14 19:20 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-08-14 19:20 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-14 19:20 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll 2012-08-14 19:20 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-14 19:20 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-14 19:20 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-08-14 19:20 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-14 19:20 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-14 19:20 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe 2012-08-14 19:20 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-11 05:03 . 2012-08-11 05:03 -------- d-----w- c:\users\jk\AppData\Local\HP 2012-07-29 20:24 . 2012-07-29 20:24 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-21 03:37 . 2012-07-21 03:37 -------- d-----w- C:\FRST 2012-07-20 22:20 . 2012-07-20 23:36 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-07-20 22:12 . 2012-07-20 22:12 -------- d-----w- c:\users\jk\AppData\Roaming\RedDotGames 2012-07-20 22:10 . 2009-09-05 00:44 238936 ----a-w- c:\windows\SysWow64\xactengine3_5.dll 2012-07-20 21:56 . 2012-07-20 21:56 -------- d-----w- c:\program files (x86)\DVD Decrypter 2012-07-20 19:32 . 2012-07-20 21:52 -------- d-----w- c:\users\jk\AppData\Roaming\mIRC 2012-07-20 19:32 . 2012-07-20 19:32 -------- d-----w- c:\program files (x86)\mIRC . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-14 20:36 . 2012-01-03 18:59 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 20:46 . 2012-05-11 00:27 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-09 05:43 . 2012-07-10 22:37 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-10 22:37 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-10 22:37 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-10 22:37 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-10 22:37 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-10 22:37 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-10 22:37 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-21 19:18 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 19:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 19:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 19:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 19:18 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 22:19 . 2012-06-21 19:18 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 19:19 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 19:18 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 22:15 . 2012-06-21 19:18 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 05:50 . 2012-07-10 22:37 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-10 22:37 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:48 . 2012-07-10 22:37 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:45 . 2012-07-10 22:37 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-10 22:37 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-10 22:37 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-10 22:37 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-10 22:37 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-10 22:37 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-02-28 3474840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-09 85560] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976] R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-08-13 31152] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-21 1255736] R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144] . . Contents of the 'Scheduled Tasks' folder . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001Core.job - c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001UA.job - c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08] . 2012-08-13 c:\windows\Tasks\HPCeeScheduleForjk.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-25 168216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-25 391960] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-25 418584] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS REMOVED - - - - . AddRemove-{34681D92-5958-406A-A654-1B57E7A7B3DC} - c:\program files (x86)\InstallShield Installation Information\{34681D92-5958-406A-A654-1B57E7A7B3DC}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):d3,3d,89,7c,db,c5,71,e8,73,47,b8,b8,59,ba,c3,67,18,e2,ca,f4,44, 18,1c,99,60,f6,08,4b,52,1d,78,7d,e9,9b,ae,cc,50,2a,65,b0,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7efc96ed-aa46-4e9d-a2a5-9e04fc4742d4}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000052 "Therad"=dword:0000001d "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2012-08-15 14:06:10 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-15 21:06 . Pre-Run: 807,303,467,008 bytes free Post-Run: 807,087,624,192 bytes free . - - End Of File - - 35FD9AD438D31A3116CC06C1A86C45B8
  5. 13:13:58.0052 3472 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 13:13:58.0536 3472 ============================================================ 13:13:58.0536 3472 Current date / time: 2012/08/15 13:13:58.0536 13:13:58.0536 3472 SystemInfo: 13:13:58.0536 3472 13:13:58.0536 3472 OS Version: 6.1.7601 ServicePack: 1.0 13:13:58.0536 3472 Product type: Workstation 13:13:58.0536 3472 ComputerName: JK-HP 13:13:58.0536 3472 UserName: jk 13:13:58.0536 3472 Windows directory: C:\Windows 13:13:58.0536 3472 System windows directory: C:\Windows 13:13:58.0536 3472 Running under WOW64 13:13:58.0536 3472 Processor architecture: Intel x64 13:13:58.0536 3472 Number of processors: 4 13:13:58.0536 3472 Page size: 0x1000 13:13:58.0536 3472 Boot type: Normal boot 13:13:58.0536 3472 ============================================================ 13:13:58.0957 3472 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:13:58.0973 3472 ============================================================ 13:13:58.0973 3472 \Device\Harddisk0\DR0: 13:13:58.0988 3472 MBR partitions: 13:13:58.0988 3472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:13:58.0988 3472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F78000 13:13:58.0988 3472 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72FAA800, BlocksNum 0x175B800 13:13:58.0988 3472 ============================================================ 13:13:59.0051 3472 C: <-> \Device\Harddisk0\DR0\Partition2 13:13:59.0098 3472 D: <-> \Device\Harddisk0\DR0\Partition3 13:13:59.0098 3472 ============================================================ 13:13:59.0098 3472 Initialize success 13:13:59.0098 3472 ============================================================ 13:14:37.0240 2456 ============================================================ 13:14:37.0240 2456 Scan started 13:14:37.0240 2456 Mode: Manual; SigCheck; TDLFS; 13:14:37.0240 2456 ============================================================ 13:14:37.0739 2456 ================ Scan services ============================= 13:14:37.0895 2456 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:14:38.0004 2456 1394ohci - ok 13:14:38.0020 2456 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:14:38.0035 2456 ACPI - ok 13:14:38.0066 2456 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:14:38.0160 2456 AcpiPmi - ok 13:14:38.0191 2456 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 13:14:38.0207 2456 adp94xx - ok 13:14:38.0222 2456 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 13:14:38.0238 2456 adpahci - ok 13:14:38.0269 2456 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 13:14:38.0285 2456 adpu320 - ok 13:14:38.0300 2456 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:14:38.0410 2456 AeLookupSvc - ok 13:14:38.0441 2456 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys 13:14:38.0472 2456 AFD - ok 13:14:38.0488 2456 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 13:14:38.0503 2456 agp440 - ok 13:14:38.0534 2456 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe 13:14:38.0550 2456 ALG - ok 13:14:38.0581 2456 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys 13:14:38.0597 2456 aliide - ok 13:14:38.0597 2456 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys 13:14:38.0612 2456 amdide - ok 13:14:38.0628 2456 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 13:14:38.0644 2456 AmdK8 - ok 13:14:38.0644 2456 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 13:14:38.0675 2456 AmdPPM - ok 13:14:38.0690 2456 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:14:38.0706 2456 amdsata - ok 13:14:38.0737 2456 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 13:14:38.0737 2456 amdsbs - ok 13:14:38.0768 2456 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:14:38.0768 2456 amdxata - ok 13:14:38.0800 2456 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys 13:14:38.0862 2456 AppID - ok 13:14:38.0878 2456 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:14:38.0924 2456 AppIDSvc - ok 13:14:38.0924 2456 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll 13:14:38.0971 2456 Appinfo - ok 13:14:39.0112 2456 [ 3debbecf665dcdde3a95d9b902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:14:39.0112 2456 Apple Mobile Device - ok 13:14:39.0268 2456 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys 13:14:39.0283 2456 arc - ok 13:14:39.0299 2456 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys 13:14:39.0314 2456 arcsas - ok 13:14:39.0408 2456 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 13:14:39.0408 2456 aspnet_state - ok 13:14:39.0424 2456 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:14:39.0470 2456 AsyncMac - ok 13:14:39.0486 2456 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys 13:14:39.0486 2456 atapi - ok 13:14:39.0533 2456 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:14:39.0580 2456 AudioEndpointBuilder - ok 13:14:39.0595 2456 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:14:39.0642 2456 AudioSrv - ok 13:14:39.0782 2456 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 13:14:39.0878 2456 AVGIDSAgent - ok 13:14:39.0909 2456 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 13:14:39.0909 2456 AVGIDSDriver - ok 13:14:39.0925 2456 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys 13:14:39.0940 2456 AVGIDSFilter - ok 13:14:39.0972 2456 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 13:14:39.0972 2456 AVGIDSHA - ok 13:14:39.0987 2456 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 13:14:40.0003 2456 Avgldx64 - ok 13:14:40.0018 2456 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 13:14:40.0034 2456 Avgmfx64 - ok 13:14:40.0065 2456 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 13:14:40.0081 2456 Avgrkx64 - ok 13:14:40.0096 2456 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 13:14:40.0112 2456 Avgtdia - ok 13:14:40.0128 2456 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 13:14:40.0143 2456 avgwd - ok 13:14:40.0174 2456 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:14:40.0237 2456 AxInstSV - ok 13:14:40.0252 2456 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 13:14:40.0284 2456 b06bdrv - ok 13:14:40.0315 2456 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:14:40.0330 2456 b57nd60a - ok 13:14:40.0393 2456 [ 93ee7d9c35ae7e9ffda148d7805f1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 13:14:40.0408 2456 BBSvc - ok 13:14:40.0424 2456 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:14:40.0455 2456 BDESVC - ok 13:14:40.0455 2456 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:14:40.0502 2456 Beep - ok 13:14:40.0533 2456 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll 13:14:40.0564 2456 BFE - ok 13:14:40.0596 2456 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll 13:14:40.0642 2456 BITS - ok 13:14:40.0674 2456 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 13:14:40.0674 2456 blbdrive - ok 13:14:40.0736 2456 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:14:40.0752 2456 Bonjour Service - ok 13:14:40.0783 2456 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:14:40.0814 2456 bowser - ok 13:14:40.0845 2456 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 13:14:40.0876 2456 BrFiltLo - ok 13:14:40.0892 2456 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 13:14:40.0908 2456 BrFiltUp - ok 13:14:40.0970 2456 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 13:14:41.0001 2456 BridgeMP - ok 13:14:41.0032 2456 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll 13:14:41.0032 2456 Browser - ok 13:14:41.0048 2456 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:14:41.0064 2456 Brserid - ok 13:14:41.0110 2456 [ 80e52ef092f3dad03e0ee15e64f97245 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys 13:14:41.0126 2456 BrSerIf - ok 13:14:41.0142 2456 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:14:41.0173 2456 BrSerWdm - ok 13:14:41.0173 2456 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:14:41.0188 2456 BrUsbMdm - ok 13:14:41.0204 2456 [ 601cb966fffebc6806626dc8e7aa0ef2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys 13:14:41.0220 2456 BrUsbSer - ok 13:14:41.0235 2456 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 13:14:41.0251 2456 BTHMODEM - ok 13:14:41.0266 2456 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll 13:14:41.0313 2456 bthserv - ok 13:14:41.0329 2456 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:14:41.0344 2456 cdfs - ok 13:14:41.0360 2456 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:14:41.0391 2456 cdrom - ok 13:14:41.0407 2456 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll 13:14:41.0438 2456 CertPropSvc - ok 13:14:41.0454 2456 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys 13:14:41.0469 2456 circlass - ok 13:14:41.0485 2456 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys 13:14:41.0485 2456 CLFS - ok 13:14:41.0532 2456 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:14:41.0532 2456 clr_optimization_v2.0.50727_32 - ok 13:14:41.0578 2456 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:14:41.0578 2456 clr_optimization_v2.0.50727_64 - ok 13:14:41.0641 2456 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:14:41.0656 2456 clr_optimization_v4.0.30319_32 - ok 13:14:41.0672 2456 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:14:41.0688 2456 clr_optimization_v4.0.30319_64 - ok 13:14:41.0703 2456 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 13:14:41.0719 2456 CmBatt - ok 13:14:41.0734 2456 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:14:41.0750 2456 cmdide - ok 13:14:41.0781 2456 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys 13:14:41.0812 2456 CNG - ok 13:14:41.0812 2456 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 13:14:41.0828 2456 Compbatt - ok 13:14:41.0844 2456 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 13:14:41.0844 2456 CompositeBus - ok 13:14:41.0844 2456 COMSysApp - ok 13:14:41.0859 2456 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 13:14:41.0859 2456 crcdisk - ok 13:14:41.0906 2456 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:14:41.0937 2456 CryptSvc - ok 13:14:41.0968 2456 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:14:42.0031 2456 DcomLaunch - ok 13:14:42.0062 2456 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll 13:14:42.0109 2456 defragsvc - ok 13:14:42.0140 2456 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:14:42.0171 2456 DfsC - ok 13:14:42.0202 2456 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll 13:14:42.0234 2456 Dhcp - ok 13:14:42.0249 2456 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys 13:14:42.0280 2456 discache - ok 13:14:42.0312 2456 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys 13:14:42.0312 2456 Disk - ok 13:14:42.0343 2456 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:14:42.0374 2456 Dnscache - ok 13:14:42.0390 2456 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll 13:14:42.0436 2456 dot3svc - ok 13:14:42.0436 2456 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll 13:14:42.0483 2456 DPS - ok 13:14:42.0514 2456 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:14:42.0530 2456 drmkaud - ok 13:14:42.0561 2456 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:14:42.0592 2456 DXGKrnl - ok 13:14:42.0592 2456 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:14:42.0639 2456 EapHost - ok 13:14:42.0686 2456 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys 13:14:42.0717 2456 ebdrv - ok 13:14:42.0748 2456 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe 13:14:42.0748 2456 EFS - ok 13:14:42.0811 2456 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:14:42.0842 2456 ehRecvr - ok 13:14:42.0858 2456 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe 13:14:42.0873 2456 ehSched - ok 13:14:42.0904 2456 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 13:14:42.0936 2456 elxstor - ok 13:14:42.0951 2456 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:14:42.0967 2456 ErrDev - ok 13:14:43.0029 2456 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll 13:14:43.0076 2456 EventSystem - ok 13:14:43.0092 2456 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys 13:14:43.0123 2456 exfat - ok 13:14:43.0138 2456 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:14:43.0170 2456 fastfat - ok 13:14:43.0185 2456 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe 13:14:43.0216 2456 Fax - ok 13:14:43.0232 2456 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys 13:14:43.0248 2456 fdc - ok 13:14:43.0279 2456 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:14:43.0310 2456 fdPHost - ok 13:14:43.0310 2456 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:14:43.0341 2456 FDResPub - ok 13:14:43.0341 2456 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:14:43.0357 2456 FileInfo - ok 13:14:43.0357 2456 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:14:43.0388 2456 Filetrace - ok 13:14:43.0419 2456 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 13:14:43.0419 2456 flpydisk - ok 13:14:43.0435 2456 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:14:43.0450 2456 FltMgr - ok 13:14:43.0482 2456 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll 13:14:43.0513 2456 FontCache - ok 13:14:43.0560 2456 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:14:43.0560 2456 FontCache3.0.0.0 - ok 13:14:43.0591 2456 [ 71cdc1d7f58d5ec49ebc2e2332ad3fae ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe 13:14:43.0606 2456 FPLService - ok 13:14:43.0622 2456 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:14:43.0622 2456 FsDepends - ok 13:14:43.0638 2456 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:14:43.0653 2456 Fs_Rec - ok 13:14:43.0684 2456 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:14:43.0684 2456 fvevol - ok 13:14:43.0716 2456 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 13:14:43.0716 2456 gagp30kx - ok 13:14:43.0747 2456 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 13:14:43.0762 2456 GamesAppService - ok 13:14:43.0778 2456 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:14:43.0778 2456 GEARAspiWDM - ok 13:14:43.0840 2456 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll 13:14:43.0872 2456 gpsvc - ok 13:14:43.0903 2456 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:14:43.0934 2456 hcw85cir - ok 13:14:43.0965 2456 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 13:14:43.0981 2456 HdAudAddService - ok 13:14:44.0012 2456 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 13:14:44.0043 2456 HDAudBus - ok 13:14:44.0059 2456 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 13:14:44.0074 2456 HidBatt - ok 13:14:44.0090 2456 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 13:14:44.0121 2456 HidBth - ok 13:14:44.0168 2456 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 13:14:44.0199 2456 HidIr - ok 13:14:44.0215 2456 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll 13:14:44.0246 2456 hidserv - ok 13:14:44.0308 2456 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:14:44.0324 2456 HidUsb - ok 13:14:44.0371 2456 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:14:44.0402 2456 hkmsvc - ok 13:14:44.0433 2456 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:14:44.0464 2456 HomeGroupListener - ok 13:14:44.0480 2456 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:14:44.0496 2456 HomeGroupProvider - ok 13:14:44.0542 2456 [ 531d1843c7a411f4e41ec6786f291e5f ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 13:14:44.0558 2456 HP Support Assistant Service - ok 13:14:44.0589 2456 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 13:14:44.0605 2456 HPClientSvc - ok 13:14:44.0636 2456 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 13:14:44.0636 2456 HPDrvMntSvc.exe - ok 13:14:44.0683 2456 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 13:14:44.0714 2456 hpqwmiex - ok 13:14:44.0730 2456 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:14:44.0745 2456 HpSAMD - ok 13:14:44.0776 2456 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:14:44.0823 2456 HTTP - ok 13:14:44.0839 2456 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:14:44.0839 2456 hwpolicy - ok 13:14:44.0854 2456 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 13:14:44.0870 2456 i8042prt - ok 13:14:44.0886 2456 [ 26cf4275034214ecedd8ec17b0a18a99 ] iaStor C:\Windows\system32\drivers\iaStor.sys 13:14:44.0901 2456 iaStor - ok 13:14:44.0917 2456 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:14:44.0932 2456 iaStorV - ok 13:14:44.0979 2456 [ 5534e14ef27ebe8563cdbce6b88501a3 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys 13:14:44.0995 2456 IDMWFP - ok 13:14:45.0042 2456 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:14:45.0057 2456 idsvc - ok 13:14:45.0244 2456 [ efe5a0af39a8e179624117c521f1e012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 13:14:45.0369 2456 igfx - ok 13:14:45.0400 2456 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 13:14:45.0416 2456 iirsp - ok 13:14:45.0447 2456 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll 13:14:45.0478 2456 IKEEXT - ok 13:14:45.0494 2456 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\drivers\Impcd.sys 13:14:45.0510 2456 Impcd - ok 13:14:45.0572 2456 [ c7124da48e557d8f88d0d7f1254557f4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 13:14:45.0619 2456 IntcAzAudAddService - ok 13:14:45.0634 2456 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys 13:14:45.0650 2456 intelide - ok 13:14:45.0666 2456 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 13:14:45.0681 2456 intelppm - ok 13:14:45.0712 2456 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:14:45.0759 2456 IPBusEnum - ok 13:14:45.0759 2456 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:14:45.0790 2456 IpFilterDriver - ok 13:14:45.0822 2456 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:14:45.0853 2456 iphlpsvc - ok 13:14:45.0884 2456 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:14:45.0900 2456 IPMIDRV - ok 13:14:45.0915 2456 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:14:45.0931 2456 IPNAT - ok 13:14:45.0978 2456 [ ee4c2a137c7088911a8919effc9812e7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:14:46.0009 2456 iPod Service - ok 13:14:46.0024 2456 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:14:46.0040 2456 IRENUM - ok 13:14:46.0040 2456 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:14:46.0056 2456 isapnp - ok 13:14:46.0071 2456 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:14:46.0071 2456 iScsiPrt - ok 13:14:46.0118 2456 [ 6c85719a21b3f62c2c76280f4bd36c7b ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 13:14:46.0149 2456 jhi_service - ok 13:14:46.0165 2456 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:14:46.0180 2456 kbdclass - ok 13:14:46.0180 2456 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 13:14:46.0196 2456 kbdhid - ok 13:14:46.0212 2456 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe 13:14:46.0212 2456 KeyIso - ok 13:14:46.0243 2456 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:14:46.0258 2456 KSecDD - ok 13:14:46.0258 2456 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:14:46.0274 2456 KSecPkg - ok 13:14:46.0274 2456 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:14:46.0305 2456 ksthunk - ok 13:14:46.0336 2456 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll 13:14:46.0383 2456 KtmRm - ok 13:14:46.0399 2456 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll 13:14:46.0430 2456 LanmanServer - ok 13:14:46.0446 2456 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:14:46.0477 2456 LanmanWorkstation - ok 13:14:46.0508 2456 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:14:46.0555 2456 lltdio - ok 13:14:46.0570 2456 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:14:46.0602 2456 lltdsvc - ok 13:14:46.0617 2456 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:14:46.0633 2456 lmhosts - ok 13:14:46.0680 2456 [ d75c4b4a8fe6d7fd74a7eecdbaec729f ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 13:14:46.0680 2456 LMS - ok 13:14:46.0695 2456 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 13:14:46.0711 2456 LSI_FC - ok 13:14:46.0726 2456 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 13:14:46.0726 2456 LSI_SAS - ok 13:14:46.0742 2456 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 13:14:46.0742 2456 LSI_SAS2 - ok 13:14:46.0758 2456 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 13:14:46.0758 2456 LSI_SCSI - ok 13:14:46.0773 2456 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys 13:14:46.0804 2456 luafv - ok 13:14:46.0851 2456 [ 0c85b2b6fb74b36a251792d45e0ef860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 13:14:46.0867 2456 LVRS64 - ok 13:14:46.0976 2456 [ ff3a488924b0032b1a9ca6948c1fa9e8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 13:14:47.0023 2456 LVUVC64 - ok 13:14:47.0070 2456 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 13:14:47.0085 2456 MBAMProtector - ok 13:14:47.0132 2456 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 13:14:47.0163 2456 MBAMService - ok 13:14:47.0179 2456 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:14:47.0194 2456 Mcx2Svc - ok 13:14:47.0194 2456 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys 13:14:47.0210 2456 megasas - ok 13:14:47.0226 2456 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 13:14:47.0241 2456 MegaSR - ok 13:14:47.0257 2456 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys 13:14:47.0257 2456 MEIx64 - ok 13:14:47.0272 2456 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll 13:14:47.0304 2456 MMCSS - ok 13:14:47.0319 2456 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:14:47.0335 2456 Modem - ok 13:14:47.0366 2456 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:14:47.0382 2456 monitor - ok 13:14:47.0397 2456 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:14:47.0413 2456 mouclass - ok 13:14:47.0428 2456 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:14:47.0444 2456 mouhid - ok 13:14:47.0460 2456 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:14:47.0475 2456 mountmgr - ok 13:14:47.0522 2456 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:14:47.0538 2456 MozillaMaintenance - ok 13:14:47.0553 2456 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys 13:14:47.0553 2456 mpio - ok 13:14:47.0569 2456 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:14:47.0584 2456 mpsdrv - ok 13:14:47.0647 2456 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:14:47.0709 2456 MpsSvc - ok 13:14:47.0725 2456 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:14:47.0740 2456 MRxDAV - ok 13:14:47.0756 2456 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:14:47.0787 2456 mrxsmb - ok 13:14:47.0787 2456 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:14:47.0803 2456 mrxsmb10 - ok 13:14:47.0803 2456 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:14:47.0818 2456 mrxsmb20 - ok 13:14:47.0834 2456 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys 13:14:47.0834 2456 msahci - ok 13:14:47.0865 2456 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:14:47.0865 2456 msdsm - ok 13:14:47.0881 2456 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe 13:14:47.0896 2456 MSDTC - ok 13:14:47.0912 2456 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:14:47.0928 2456 Msfs - ok 13:14:47.0943 2456 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:14:47.0974 2456 mshidkmdf - ok 13:14:47.0974 2456 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:14:47.0990 2456 msisadrv - ok 13:14:48.0006 2456 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:14:48.0037 2456 MSiSCSI - ok 13:14:48.0037 2456 msiserver - ok 13:14:48.0052 2456 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:14:48.0084 2456 MSKSSRV - ok 13:14:48.0084 2456 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:14:48.0115 2456 MSPCLOCK - ok 13:14:48.0130 2456 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:14:48.0162 2456 MSPQM - ok 13:14:48.0177 2456 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:14:48.0193 2456 MsRPC - ok 13:14:48.0193 2456 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 13:14:48.0208 2456 mssmbios - ok 13:14:48.0208 2456 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:14:48.0240 2456 MSTEE - ok 13:14:48.0240 2456 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 13:14:48.0255 2456 MTConfig - ok 13:14:48.0255 2456 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:14:48.0271 2456 Mup - ok 13:14:48.0302 2456 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll 13:14:48.0333 2456 napagent - ok 13:14:48.0349 2456 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:14:48.0364 2456 NativeWifiP - ok 13:14:48.0396 2456 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys 13:14:48.0411 2456 NDIS - ok 13:14:48.0427 2456 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:14:48.0458 2456 NdisCap - ok 13:14:48.0474 2456 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:14:48.0505 2456 NdisTapi - ok 13:14:48.0520 2456 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:14:48.0552 2456 Ndisuio - ok 13:14:48.0567 2456 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:14:48.0598 2456 NdisWan - ok 13:14:48.0598 2456 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:14:48.0630 2456 NDProxy - ok 13:14:48.0630 2456 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:14:48.0661 2456 NetBIOS - ok 13:14:48.0676 2456 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:14:48.0708 2456 NetBT - ok 13:14:48.0708 2456 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe 13:14:48.0708 2456 Netlogon - ok 13:14:48.0723 2456 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll 13:14:48.0770 2456 Netman - ok 13:14:48.0801 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:14:48.0817 2456 NetMsmqActivator - ok 13:14:48.0817 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:14:48.0817 2456 NetPipeActivator - ok 13:14:48.0832 2456 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll 13:14:48.0864 2456 netprofm - ok 13:14:48.0910 2456 [ 8b5d2d7cb0ef5b1967860b8ab742a46c ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys 13:14:48.0926 2456 netr28x - ok 13:14:48.0926 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:14:48.0942 2456 NetTcpActivator - ok 13:14:48.0942 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:14:48.0957 2456 NetTcpPortSharing - ok 13:14:48.0973 2456 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 13:14:48.0973 2456 nfrd960 - ok 13:14:49.0004 2456 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:14:49.0035 2456 NlaSvc - ok 13:14:49.0113 2456 [ 5839a8027d6d324a7cd494051a96628c ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 13:14:49.0160 2456 NOBU - ok 13:14:49.0176 2456 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:14:49.0207 2456 Npfs - ok 13:14:49.0269 2456 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:14:49.0316 2456 nsi - ok 13:14:49.0332 2456 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:14:49.0363 2456 nsiproxy - ok 13:14:49.0425 2456 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:14:49.0456 2456 Ntfs - ok 13:14:49.0472 2456 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys 13:14:49.0488 2456 Null - ok 13:14:49.0519 2456 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:14:49.0534 2456 nvraid - ok 13:14:49.0534 2456 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:14:49.0550 2456 nvstor - ok 13:14:49.0566 2456 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:14:49.0581 2456 nv_agp - ok 13:14:49.0597 2456 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:14:49.0597 2456 ohci1394 - ok 13:14:49.0628 2456 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:14:49.0659 2456 p2pimsvc - ok 13:14:49.0675 2456 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:14:49.0690 2456 p2psvc - ok 13:14:49.0706 2456 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys 13:14:49.0722 2456 Parport - ok 13:14:49.0753 2456 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:14:49.0753 2456 partmgr - ok 13:14:49.0768 2456 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:14:49.0800 2456 PcaSvc - ok 13:14:49.0800 2456 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys 13:14:49.0815 2456 pci - ok 13:14:49.0831 2456 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys 13:14:49.0846 2456 pciide - ok 13:14:49.0862 2456 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 13:14:49.0878 2456 pcmcia - ok 13:14:49.0893 2456 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:14:49.0893 2456 pcw - ok 13:14:49.0924 2456 pdfcDispatcher - ok 13:14:49.0940 2456 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:14:49.0971 2456 PEAUTH - ok 13:14:50.0034 2456 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:14:50.0065 2456 PerfHost - ok 13:14:50.0112 2456 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll 13:14:50.0158 2456 pla - ok 13:14:50.0190 2456 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:14:50.0205 2456 PlugPlay - ok 13:14:50.0236 2456 [ 0bee791c7c7ace453c134e73633c497d ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys 13:14:50.0236 2456 pmxdrv - ok 13:14:50.0252 2456 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:14:50.0268 2456 PNRPAutoReg - ok 13:14:50.0283 2456 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:14:50.0283 2456 PNRPsvc - ok 13:14:50.0314 2456 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:14:50.0346 2456 PolicyAgent - ok 13:14:50.0377 2456 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll 13:14:50.0408 2456 Power - ok 13:14:50.0439 2456 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:14:50.0470 2456 PptpMiniport - ok 13:14:50.0470 2456 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys 13:14:50.0486 2456 Processor - ok 13:14:50.0517 2456 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll 13:14:50.0548 2456 ProfSvc - ok 13:14:50.0548 2456 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:14:50.0564 2456 ProtectedStorage - ok 13:14:50.0564 2456 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:14:50.0611 2456 Psched - ok 13:14:50.0642 2456 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 13:14:50.0673 2456 ql2300 - ok 13:14:50.0689 2456 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 13:14:50.0704 2456 ql40xx - ok 13:14:50.0720 2456 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll 13:14:50.0736 2456 QWAVE - ok 13:14:50.0736 2456 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:14:50.0767 2456 QWAVEdrv - ok 13:14:50.0782 2456 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:14:50.0814 2456 RasAcd - ok 13:14:50.0829 2456 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:14:50.0860 2456 RasAgileVpn - ok 13:14:50.0860 2456 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll 13:14:50.0892 2456 RasAuto - ok 13:14:50.0907 2456 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:14:50.0938 2456 Rasl2tp - ok 13:14:50.0954 2456 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll 13:14:50.0970 2456 RasMan - ok 13:14:50.0985 2456 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:14:51.0016 2456 RasPppoe - ok 13:14:51.0032 2456 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:14:51.0063 2456 RasSstp - ok 13:14:51.0079 2456 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:14:51.0094 2456 rdbss - ok 13:14:51.0110 2456 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 13:14:51.0141 2456 rdpbus - ok 13:14:51.0141 2456 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:14:51.0172 2456 RDPCDD - ok 13:14:51.0172 2456 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:14:51.0204 2456 RDPENCDD - ok 13:14:51.0219 2456 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:14:51.0250 2456 RDPREFMP - ok 13:14:51.0266 2456 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:14:51.0282 2456 RDPWD - ok 13:14:51.0297 2456 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:14:51.0313 2456 rdyboost - ok 13:14:51.0328 2456 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:14:51.0360 2456 RemoteAccess - ok 13:14:51.0375 2456 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:14:51.0406 2456 RemoteRegistry - ok 13:14:51.0422 2456 [ 085d18c71ab2611a3d61528132b6501e ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 13:14:51.0438 2456 RoxioNow Service - ok 13:14:51.0453 2456 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:14:51.0484 2456 RpcEptMapper - ok 13:14:51.0500 2456 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe 13:14:51.0500 2456 RpcLocator - ok 13:14:51.0531 2456 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll 13:14:51.0547 2456 RpcSs - ok 13:14:51.0562 2456 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:14:51.0594 2456 rspndr - ok 13:14:51.0625 2456 [ f4c374b1c46de294b573bb43723ac3f6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 13:14:51.0625 2456 RTL8167 - ok 13:14:51.0640 2456 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe 13:14:51.0656 2456 SamSs - ok 13:14:51.0656 2456 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:14:51.0672 2456 sbp2port - ok 13:14:51.0687 2456 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:14:51.0703 2456 SCardSvr - ok 13:14:51.0703 2456 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:14:51.0750 2456 scfilter - ok 13:14:51.0765 2456 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll 13:14:51.0812 2456 Schedule - ok 13:14:51.0843 2456 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll 13:14:51.0859 2456 SCPolicySvc - ok 13:14:51.0874 2456 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:14:51.0874 2456 SDRSVC - ok 13:14:51.0921 2456 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 13:14:51.0937 2456 SeaPort - ok 13:14:51.0952 2456 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:14:51.0984 2456 secdrv - ok 13:14:51.0999 2456 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll 13:14:52.0030 2456 seclogon - ok 13:14:52.0046 2456 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll 13:14:52.0077 2456 SENS - ok 13:14:52.0093 2456 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:14:52.0108 2456 SensrSvc - ok 13:14:52.0108 2456 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys 13:14:52.0124 2456 Serenum - ok 13:14:52.0140 2456 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys 13:14:52.0155 2456 Serial - ok 13:14:52.0171 2456 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 13:14:52.0202 2456 sermouse - ok 13:14:52.0233 2456 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll 13:14:52.0264 2456 SessionEnv - ok 13:14:52.0264 2456 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:14:52.0280 2456 sffdisk - ok 13:14:52.0280 2456 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:14:52.0311 2456 sffp_mmc - ok 13:14:52.0327 2456 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:14:52.0327 2456 sffp_sd - ok 13:14:52.0342 2456 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 13:14:52.0358 2456 sfloppy - ok 13:14:52.0389 2456 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:14:52.0420 2456 SharedAccess - ok 13:14:52.0436 2456 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:14:52.0467 2456 ShellHWDetection - ok 13:14:52.0483 2456 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 13:14:52.0483 2456 SiSRaid2 - ok 13:14:52.0498 2456 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 13:14:52.0498 2456 SiSRaid4 - ok 13:14:52.0545 2456 [ 17eab7852ff9f15fbaab4e95efc0b812 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:14:52.0561 2456 SkypeUpdate - ok 13:14:52.0576 2456 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:14:52.0623 2456 Smb - ok 13:14:52.0639 2456 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:14:52.0654 2456 SNMPTRAP - ok 13:14:52.0670 2456 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:14:52.0670 2456 spldr - ok 13:14:52.0701 2456 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe 13:14:52.0717 2456 Spooler - ok 13:14:52.0779 2456 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe 13:14:52.0857 2456 sppsvc - ok 13:14:52.0857 2456 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:14:52.0888 2456 sppuinotify - ok 13:14:52.0904 2456 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys 13:14:52.0935 2456 srv - ok 13:14:52.0951 2456 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:14:52.0982 2456 srv2 - ok 13:14:52.0998 2456 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:14:52.0998 2456 srvnet - ok 13:14:53.0029 2456 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:14:53.0060 2456 SSDPSRV - ok 13:14:53.0076 2456 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:14:53.0107 2456 SstpSvc - ok 13:14:53.0107 2456 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys 13:14:53.0107 2456 stexstor - ok 13:14:53.0138 2456 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll 13:14:53.0154 2456 stisvc - ok 13:14:53.0185 2456 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys 13:14:53.0185 2456 swenum - ok 13:14:53.0200 2456 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll 13:14:53.0232 2456 swprv - ok 13:14:53.0263 2456 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll 13:14:53.0310 2456 SysMain - ok 13:14:53.0310 2456 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:14:53.0325 2456 TabletInputService - ok 13:14:53.0341 2456 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 13:14:53.0388 2456 TapiSrv - ok 13:14:53.0403 2456 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll 13:14:53.0419 2456 TBS - ok 13:14:53.0466 2456 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:14:53.0481 2456 Tcpip - ok 13:14:53.0512 2456 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:14:53.0544 2456 TCPIP6 - ok 13:14:53.0559 2456 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:14:53.0590 2456 tcpipreg - ok 13:14:53.0606 2456 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:14:53.0622 2456 TDPIPE - ok 13:14:53.0653 2456 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:14:53.0668 2456 TDTCP - ok 13:14:53.0684 2456 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:14:53.0715 2456 tdx - ok 13:14:53.0746 2456 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys 13:14:53.0746 2456 TermDD - ok 13:14:53.0778 2456 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll 13:14:53.0809 2456 TermService - ok 13:14:53.0824 2456 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll 13:14:53.0840 2456 Themes - ok 13:14:53.0856 2456 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll 13:14:53.0887 2456 THREADORDER - ok 13:14:53.0887 2456 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll 13:14:53.0918 2456 TrkWks - ok 13:14:53.0949 2456 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:14:53.0965 2456 TrustedInstaller - ok 13:14:53.0980 2456 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:14:54.0012 2456 tssecsrv - ok 13:14:54.0012 2456 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:14:54.0027 2456 TsUsbFlt - ok 13:14:54.0043 2456 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 13:14:54.0043 2456 TsUsbGD - ok 13:14:54.0074 2456 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:14:54.0105 2456 tunnel - ok 13:14:54.0121 2456 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 13:14:54.0121 2456 uagp35 - ok 13:14:54.0136 2456 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:14:54.0168 2456 udfs - ok 13:14:54.0199 2456 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:14:54.0214 2456 UI0Detect - ok 13:14:54.0230 2456 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:14:54.0230 2456 uliagpkx - ok 13:14:54.0261 2456 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:14:54.0277 2456 umbus - ok 13:14:54.0292 2456 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 13:14:54.0324 2456 UmPass - ok 13:14:54.0480 2456 [ 67a95b9d129ed5399e7965cd09cf30e7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 13:14:54.0495 2456 UMVPFSrv - ok 13:14:54.0636 2456 [ 758c2ce427c343f780a205e28555c98d ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 13:14:54.0667 2456 UNS - ok 13:14:54.0714 2456 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll 13:14:54.0776 2456 upnphost - ok 13:14:54.0792 2456 [ aa33fc47ed58c34e6e9261e4f850b7eb ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 13:14:54.0807 2456 USBAAPL64 - ok 13:14:54.0870 2456 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 13:14:54.0901 2456 usbaudio - ok 13:14:54.0932 2456 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:14:54.0948 2456 usbccgp - ok 13:14:54.0979 2456 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:14:54.0994 2456 usbcir - ok 13:14:54.0994 2456 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys 13:14:55.0010 2456 usbehci - ok 13:14:55.0026 2456 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:14:55.0041 2456 usbhub - ok 13:14:55.0057 2456 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:14:55.0072 2456 usbohci - ok 13:14:55.0088 2456 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:14:55.0104 2456 usbprint - ok 13:14:55.0135 2456 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:14:55.0150 2456 usbscan - ok 13:14:55.0166 2456 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:14:55.0197 2456 USBSTOR - ok 13:14:55.0197 2456 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 13:14:55.0213 2456 usbuhci - ok 13:14:55.0228 2456 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll 13:14:55.0244 2456 UxSms - ok 13:14:55.0260 2456 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe 13:14:55.0260 2456 VaultSvc - ok 13:14:55.0291 2456 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:14:55.0291 2456 vdrvroot - ok 13:14:55.0306 2456 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe 13:14:55.0353 2456 vds - ok 13:14:55.0369 2456 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:14:55.0384 2456 vga - ok 13:14:55.0400 2456 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys 13:14:55.0431 2456 VgaSave - ok 13:14:55.0447 2456 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:14:55.0447 2456 vhdmp - ok 13:14:55.0478 2456 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys 13:14:55.0478 2456 viaide - ok 13:14:55.0494 2456 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:14:55.0509 2456 volmgr - ok 13:14:55.0525 2456 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:14:55.0525 2456 volmgrx - ok 13:14:55.0540 2456 [ df8126bd41180351a093a3ad2fc8903b ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:14:55.0556 2456 volsnap - ok 13:14:55.0572 2456 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 13:14:55.0587 2456 vsmraid - ok 13:14:55.0618 2456 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe 13:14:55.0681 2456 VSS - ok 13:14:55.0696 2456 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:14:55.0728 2456 vwifibus - ok 13:14:55.0728 2456 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:14:55.0743 2456 vwififlt - ok 13:14:55.0759 2456 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll 13:14:55.0790 2456 W32Time - ok 13:14:55.0806 2456 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys 13:14:55.0821 2456 WacomPen - ok 13:14:55.0837 2456 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:14:55.0868 2456 WANARP - ok 13:14:55.0868 2456 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:14:55.0899 2456 Wanarpv6 - ok 13:14:55.0930 2456 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 13:14:55.0962 2456 WatAdminSvc - ok 13:14:56.0008 2456 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe 13:14:56.0055 2456 wbengine - ok 13:14:56.0071 2456 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:14:56.0086 2456 WbioSrvc - ok 13:14:56.0102 2456 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:14:56.0133 2456 wcncsvc - ok 13:14:56.0149 2456 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:14:56.0164 2456 WcsPlugInService - ok 13:14:56.0180 2456 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys 13:14:56.0180 2456 Wd - ok 13:14:56.0211 2456 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:14:56.0227 2456 Wdf01000 - ok 13:14:56.0242 2456 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:14:56.0258 2456 WdiServiceHost - ok 13:14:56.0258 2456 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:14:56.0274 2456 WdiSystemHost - ok 13:14:56.0305 2456 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll 13:14:56.0320 2456 WebClient - ok 13:14:56.0336 2456 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:14:56.0367 2456 Wecsvc - ok 13:14:56.0383 2456 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:14:56.0414 2456 wercplsupport - ok 13:14:56.0430 2456 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:14:56.0445 2456 WerSvc - ok 13:14:56.0476 2456 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:14:56.0492 2456 WfpLwf - ok 13:14:56.0508 2456 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:14:56.0523 2456 WIMMount - ok 13:14:56.0570 2456 WinDefend - ok 13:14:56.0570 2456 WinHttpAutoProxySvc - ok 13:14:56.0617 2456 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:14:56.0664 2456 Winmgmt - ok 13:14:56.0695 2456 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll 13:14:56.0757 2456 WinRM - ok 13:14:56.0804 2456 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:14:56.0820 2456 WinUsb - ok 13:14:56.0851 2456 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll 13:14:56.0866 2456 Wlansvc - ok 13:14:56.0898 2456 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 13:14:56.0913 2456 wlcrasvc - ok 13:14:56.0991 2456 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:14:57.0038 2456 wlidsvc - ok 13:14:57.0054 2456 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 13:14:57.0069 2456 WmiAcpi - ok 13:14:57.0085 2456 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:14:57.0116 2456 wmiApSrv - ok 13:14:57.0132 2456 WMPNetworkSvc - ok 13:14:57.0163 2456 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:14:57.0178 2456 WPCSvc - ok 13:14:57.0194 2456 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:14:57.0194 2456 WPDBusEnum - ok 13:14:57.0225 2456 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:14:57.0241 2456 ws2ifsl - ok 13:14:57.0272 2456 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll 13:14:57.0303 2456 wscsvc - ok 13:14:57.0303 2456 WSearch - ok 13:14:57.0366 2456 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll 13:14:57.0428 2456 wuauserv - ok 13:14:57.0444 2456 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:14:57.0459 2456 WudfPf - ok 13:14:57.0475 2456 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:14:57.0506 2456 WUDFRd - ok 13:14:57.0522 2456 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:14:57.0553 2456 wudfsvc - ok 13:14:57.0553 2456 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll 13:14:57.0568 2456 WwanSvc - ok 13:14:57.0584 2456 ================ Scan global =============================== 13:14:57.0600 2456 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll 13:14:57.0615 2456 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll 13:14:57.0631 2456 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll 13:14:57.0646 2456 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll 13:14:57.0678 2456 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe 13:14:57.0678 2456 [Global] - ok 13:14:57.0678 2456 ================ Scan MBR ================================== 13:14:57.0693 2456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 13:14:57.0958 2456 \Device\Harddisk0\DR0 - ok 13:14:57.0958 2456 ================ Scan VBR ================================== 13:14:57.0974 2456 Boot (0x1200) (fa8d80a531131c449e22fda608531982) \Device\Harddisk0\DR0\Partition1 13:14:57.0974 2456 \Device\Harddisk0\DR0\Partition1 - ok 13:14:58.0005 2456 Boot (0x1200) (52e3616b50d280c6b230c8b86db1cdb2) \Device\Harddisk0\DR0\Partition2 13:14:58.0005 2456 \Device\Harddisk0\DR0\Partition2 - ok 13:14:58.0036 2456 Boot (0x1200) (ba6015a06b397afafd4fe952608a6b55) \Device\Harddisk0\DR0\Partition3 13:14:58.0036 2456 \Device\Harddisk0\DR0\Partition3 - ok 13:14:58.0036 2456 ============================================================ 13:14:58.0036 2456 Scan finished 13:14:58.0036 2456 ============================================================ 13:14:58.0052 6052 Detected object count: 0 13:14:58.0052 6052 Actual detected object count: 0 13:15:39.0876 5872 Deinitialize success
  6. RogueKiller V7.6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: jk [Admin rights] Mode: Scan -- Date: 08/15/2012 12:29:07 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HDS721010CLA632 +++++ --- User --- [MBR] 860cebdaaf929a4844e260dbfd069371 [bSP] 858edd0464ef9939185e335b0feaac5c : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 941808 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1929029632 | Size: 11959 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] d9d8eb2f7730918cb4b1ab035ba5b81e [bSP] eb7d0a945c1dc80a73fbc5b2bdf7eaea : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 226125824 | Size: 300 Mo Finished : << RKreport[1].txt >> RKreport[1].txt
  7. I ran a scan with AVG and it found that file, I then ran Malwarebytes and it found nothing. Here are my DDS and Attach reports.... DDS: DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by jk at 22:25:25 on 2012-08-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.3363 [GMT -7:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: Interfaces\{30DAA431-0433-4787-8D69-5363B8238F30} : DhcpNameServer = 192.168.1.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO-X64: IDM Helper - No File BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO-X64: AVG Do Not Track - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO-X64: TSBHO Class - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\jk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46:54 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-9 85560] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-12 1128952] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-12 2656280] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?] R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976] S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-12 655944] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-14 19:20:38 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-08-14 19:20:38 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-08-14 19:20:37 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-08-14 19:20:37 751104 ----a-w- C:\Windows\System32\win32spl.dll 2012-08-14 19:20:37 67072 ----a-w- C:\Windows\splwow64.exe 2012-08-14 19:20:37 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-08-14 19:20:37 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-08-14 19:20:37 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-08-14 19:20:37 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-08-14 19:20:37 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-08-14 19:20:37 136704 ----a-w- C:\Windows\System32\browser.dll 2012-08-11 05:03:06 -------- d-----w- C:\Users\jk\AppData\Local\HP 2012-07-29 20:24:39 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-21 19:52:37 -------- d-sh--w- C:\$RECYCLE.BIN 2012-07-21 03:37:51 -------- d-----w- C:\FRST 2012-07-20 22:20:08 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-07-20 22:12:10 -------- d-----w- C:\Users\jk\AppData\Roaming\RedDotGames 2012-07-20 22:10:59 5554512 ----a-w- C:\Windows\System32\d3dcsx_42.dll 2012-07-20 21:56:10 -------- d-----w- C:\Program Files (x86)\DVD Decrypter 2012-07-20 19:32:12 -------- d-----w- C:\Users\jk\AppData\Roaming\mIRC 2012-07-20 19:32:11 -------- d-----w- C:\Program Files (x86)\mIRC . ==================== Find3M ==================== . 2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 22:25:43.05 =============== Attatch: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 11/19/2011 7:25:53 PM System Uptime: 8/14/2012 1:45:57 PM (9 hours ago) . Motherboard: PEGATRON CORPORATION | | 2AC2 Processor: Intel® Core i3-2120 CPU @ 3.30GHz | CPU 1 | 3300/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 920 GiB total, 752.695 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.43 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP65: 7/29/2012 4:35:46 PM - Scheduled Checkpoint RP66: 8/7/2012 3:47:27 PM - Scheduled Checkpoint RP67: 8/10/2012 10:00:31 PM - HPSF Restore Point RP68: 8/14/2012 1:36:30 PM - Windows Update . ==== Installed Programs ====================== . 802.11n Wireless LAN Card Adobe AIR Adobe Flash Player 10 Plugin Agatha Christie - Peril at End House Apple Application Support Apple Software Update Bejeweled 3 Bing Bar Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Cake Mania CameraHelperMsi Chronicles of Albian Chuzzle Deluxe Cradle of Rome 2 D3DX10 DVD Decrypter (Remove Only) erLT Farm Frenzy FATE Google Talk Plugin Governor of Poker 2 Premium Edition Hewlett-Packard ACLM.NET v1.1.1.0 HP Customer Experience Enhancements HP Games HP LinkUp HP MovieStore HP Odometer HP Setup HP Setup Manager HP SimplePass PE 2011 HP Support Assistant HP Support Information HP Update Intel® Control Center Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Intel® Processor Graphics Internet Download Manager Java Auto Updater Java 6 Update 30 Java 7 Update 5 JavaFX 2.1.1 Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update Kobo LabelPrint Logitech Vid HD Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Mah Jong Medley Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Microsoft Mathematics Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN Norton Online Backup Out of the Park Baseball 13 PDF Complete Special Edition Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Police Force Power2Go PressReader Realtek High Definition Audio Driver Reason 5.0 Recovery Manager Remote Graphics Receiver Remote Mouse version 1.50 RoxioNow Player Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype™ 5.8 Slingo Supreme SoulSeek 157 NS 13e StreamTorrent 1.0 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Vacation Quest - The Hawaiian Islands VIP Access SDK (1.0.1.4) Virtual Villagers 5 - New Believers Visual Studio 2008 x64 Redistributables VLC media player 2.0.1 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Messenger Zinio Reader 4 Zuma Deluxe . ==== End Of File ===========================
  8. Alright did all that and deleted all the logs and programs. Thanks again for the help.
  9. So is there anything else I need to do? Thanks
  10. CPU seems fine now. No more re-direct sites, AVG is not popping up with a threat detected. There is one thing Im having a problem with and thats adobe flash player....I know thats off the subject but its been crashing alot the past few weeks. Any recomendations on how to fix it? It looks something like this "adobe flash player 11.3 r300 crashed" Well heres the log report.... Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.21.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 jk :: JK-HP [administrator] Protection: Enabled 7/21/2012 1:14:29 PM mbam-log-2012-07-21 (13-14-29).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 211487 Time elapsed: 25 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  11. Haha I missed that part.....So am I good to go?
  12. Im on my laptop writing this but before I post the log report, the infected Pc I tried opening firefox and got an error.... "c:/program files (x86)/mozilla firefox/ firefox.exe" "illegal opperation attempted on a registry key that has been marked for deletion", then another window asked "cant open this item" it might have been moved, renamed, or deleted. Do you want to remove this item. What do I do? ComboFix 12-07-21.01 - jk 07/21/2012 12:23:27.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4238 [GMT -7:00] Running from: c:\users\jk\Downloads\Programs\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\jk\AppData\Local\Temp\7zS2C9C\HPSLPSVC64.DLL c:\users\jk\AppData\Roaming\Propellerhead Software\ReCycle c:\users\jk\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle Preferences File.prf c:\users\jk\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle220.dat . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_HPSLPSVC . . ((((((((((((((((((((((((( Files Created from 2012-06-21 to 2012-07-21 ))))))))))))))))))))))))))))))) . . 2012-07-21 19:26 . 2012-07-21 19:26 -------- d-----w- c:\users\Mcx1-JK-HP\AppData\Local\temp 2012-07-21 19:26 . 2012-07-21 19:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-21 03:37 . 2012-07-21 03:37 -------- d-----w- C:\FRST 2012-07-20 22:20 . 2012-07-20 23:36 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-07-20 22:12 . 2012-07-20 22:12 -------- d-----w- c:\users\jk\AppData\Roaming\RedDotGames 2012-07-20 22:10 . 2009-09-05 00:44 238936 ----a-w- c:\windows\SysWow64\xactengine3_5.dll 2012-07-20 21:56 . 2012-07-20 21:56 -------- d-----w- c:\program files (x86)\DVD Decrypter 2012-07-20 19:32 . 2012-07-20 21:52 -------- d-----w- c:\users\jk\AppData\Roaming\mIRC 2012-07-20 19:32 . 2012-07-20 19:32 -------- d-----w- c:\program files (x86)\mIRC 2012-07-12 23:01 . 2012-07-12 23:01 -------- d-----w- c:\users\jk\AppData\Local\MicrosoftStore 2012-07-12 22:46 . 2012-07-12 22:46 237 ----a-w- C:\user.js 2012-07-12 19:59 . 2012-07-12 19:59 -------- d-----w- c:\users\jk\AppData\Local\FANiSO 2012-07-11 05:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-10 22:37 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-27 21:01 . 2012-06-27 21:01 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-06-27 21:00 . 2012-06-27 21:00 -------- d-----w- c:\program files (x86)\Oracle 2012-06-27 21:00 . 2012-05-05 02:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-06-27 20:59 . 2012-06-27 20:59 -------- d-----w- c:\programdata\McAfee 2012-06-27 20:54 . 2012-06-27 21:36 -------- d-----w- c:\users\jk\AppData\Roaming\.minecraft 2012-06-25 04:29 . 2012-06-25 04:29 -------- d-----w- c:\program files\Propellerhead 2012-06-25 04:20 . 2012-06-25 04:20 -------- d-----w- c:\windows\en 2012-06-25 04:17 . 2012-06-25 04:17 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DSETUP.dll 2012-06-25 04:17 . 2012-06-25 04:17 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DXSETUP.exe 2012-06-25 04:17 . 2012-06-25 04:17 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\dsetup32.dll 2012-06-25 04:17 . 2012-06-25 04:17 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d9109691cd528904\MeshBetaRemover.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-16 18:53 . 2012-04-02 17:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-16 18:53 . 2011-08-13 03:55 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 05:55 . 2012-01-03 18:59 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 20:46 . 2012-05-11 00:27 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-02 22:19 . 2012-06-21 19:18 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 19:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 19:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 19:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 19:18 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 22:19 . 2012-06-21 19:18 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 19:19 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 19:18 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 22:15 . 2012-06-21 19:18 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-05-05 02:29 . 2011-12-19 03:26 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-04 11:06 . 2012-06-13 19:22 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-13 19:22 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-13 19:22 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40 . 2012-06-13 19:22 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-04-30 21:47 . 2012-04-30 21:47 191264 ----a-w- c:\windows\system32\javaws.exe 2012-04-30 21:47 . 2012-04-30 21:47 172320 ----a-w- c:\windows\system32\javaw.exe 2012-04-30 21:47 . 2012-04-30 21:47 172320 ----a-w- c:\windows\system32\java.exe 2012-04-30 21:47 . 2011-12-17 22:48 525544 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-28 03:55 . 2012-06-13 19:22 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:41 . 2012-06-13 19:22 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:41 . 2012-06-13 19:22 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:34 . 2012-06-13 19:22 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:37 . 2012-06-13 19:22 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:37 . 2012-06-13 19:22 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 05:37 . 2012-06-13 19:22 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 04:36 . 2012-06-13 19:22 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:36 . 2012-06-13 19:22 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-04-24 04:36 . 2012-06-13 19:22 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-02-28 3474840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-09 85560] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976] R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-08-13 31152] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-21 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144] S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001Core.job - c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08] . 2012-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001UA.job - c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08] . 2012-07-16 c:\windows\Tasks\HPCeeScheduleForjk.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-25 168216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-25 391960] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-25 418584] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "combofix"="c:\combofix\CF85.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS REMOVED - - - - . AddRemove-{34681D92-5958-406A-A654-1B57E7A7B3DC} - c:\program files (x86)\InstallShield Installation Information\{34681D92-5958-406A-A654-1B57E7A7B3DC}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):d3,3d,89,7c,db,c5,71,e8,73,47,b8,b8,59,ba,c3,67,18,e2,ca,f4,44, 18,1c,99,60,f6,08,4b,52,1d,78,7d,e9,9b,ae,cc,50,2a,65,b0,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7efc96ed-aa46-4e9d-a2a5-9e04fc4742d4}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000052 "Therad"=dword:0000001d "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2012-07-21 12:31:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-21 19:31 . Pre-Run: 814,427,643,904 bytes free Post-Run: 814,855,725,056 bytes free . - - End Of File - - 88D50A38FC4D0E6B74A3C0115DE3DACC
  13. 11:03:26.0198 0992 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 11:03:26.0619 0992 ============================================================ 11:03:26.0619 0992 Current date / time: 2012/07/21 11:03:26.0619 11:03:26.0619 0992 SystemInfo: 11:03:26.0619 0992 11:03:26.0619 0992 OS Version: 6.1.7601 ServicePack: 1.0 11:03:26.0619 0992 Product type: Workstation 11:03:26.0619 0992 ComputerName: JK-HP 11:03:26.0619 0992 UserName: jk 11:03:26.0619 0992 Windows directory: C:\Windows 11:03:26.0619 0992 System windows directory: C:\Windows 11:03:26.0619 0992 Running under WOW64 11:03:26.0619 0992 Processor architecture: Intel x64 11:03:26.0619 0992 Number of processors: 4 11:03:26.0619 0992 Page size: 0x1000 11:03:26.0619 0992 Boot type: Normal boot 11:03:26.0619 0992 ============================================================ 11:03:27.0227 0992 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:03:27.0243 0992 ============================================================ 11:03:27.0243 0992 \Device\Harddisk0\DR0: 11:03:27.0243 0992 MBR partitions: 11:03:27.0243 0992 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 11:03:27.0243 0992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F78000 11:03:27.0243 0992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72FAA800, BlocksNum 0x175B800 11:03:27.0243 0992 ============================================================ 11:03:27.0290 0992 C: <-> \Device\Harddisk0\DR0\Partition1 11:03:27.0337 0992 D: <-> \Device\Harddisk0\DR0\Partition2 11:03:27.0337 0992 ============================================================ 11:03:27.0337 0992 Initialize success 11:03:27.0337 0992 ============================================================ 11:03:59.0052 4924 Deinitialize success 11:04:27.0050 3244 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 11:04:27.0518 3244 ============================================================ 11:04:27.0518 3244 Current date / time: 2012/07/21 11:04:27.0518 11:04:27.0518 3244 SystemInfo: 11:04:27.0518 3244 11:04:27.0518 3244 OS Version: 6.1.7601 ServicePack: 1.0 11:04:27.0518 3244 Product type: Workstation 11:04:27.0518 3244 ComputerName: JK-HP 11:04:27.0518 3244 UserName: jk 11:04:27.0518 3244 Windows directory: C:\Windows 11:04:27.0518 3244 System windows directory: C:\Windows 11:04:27.0518 3244 Running under WOW64 11:04:27.0518 3244 Processor architecture: Intel x64 11:04:27.0518 3244 Number of processors: 4 11:04:27.0518 3244 Page size: 0x1000 11:04:27.0518 3244 Boot type: Normal boot 11:04:27.0518 3244 ============================================================ 11:04:27.0862 3244 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:04:27.0877 3244 ============================================================ 11:04:27.0877 3244 \Device\Harddisk0\DR0: 11:04:27.0877 3244 MBR partitions: 11:04:27.0877 3244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 11:04:27.0877 3244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F78000 11:04:27.0877 3244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72FAA800, BlocksNum 0x175B800 11:04:27.0877 3244 ============================================================ 11:04:27.0908 3244 C: <-> \Device\Harddisk0\DR0\Partition1 11:04:27.0971 3244 D: <-> \Device\Harddisk0\DR0\Partition2 11:04:27.0971 3244 ============================================================ 11:04:27.0971 3244 Initialize success 11:04:27.0971 3244 ============================================================ 11:05:05.0582 2052 ============================================================ 11:05:05.0582 2052 Scan started 11:05:05.0598 2052 Mode: Manual; SigCheck; TDLFS; 11:05:05.0598 2052 ============================================================ 11:05:07.0517 2052 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:05:07.0673 2052 1394ohci - ok 11:05:07.0704 2052 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:05:07.0720 2052 ACPI - ok 11:05:07.0735 2052 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:05:07.0782 2052 AcpiPmi - ok 11:05:07.0829 2052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:05:07.0860 2052 adp94xx - ok 11:05:07.0891 2052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:05:07.0907 2052 adpahci - ok 11:05:07.0922 2052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:05:07.0938 2052 adpu320 - ok 11:05:07.0969 2052 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 11:05:08.0078 2052 AeLookupSvc - ok 11:05:08.0125 2052 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:05:08.0188 2052 AFD - ok 11:05:08.0219 2052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:05:08.0234 2052 agp440 - ok 11:05:08.0266 2052 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 11:05:08.0297 2052 ALG - ok 11:05:08.0312 2052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:05:08.0328 2052 aliide - ok 11:05:08.0328 2052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:05:08.0344 2052 amdide - ok 11:05:08.0359 2052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:05:08.0390 2052 AmdK8 - ok 11:05:08.0390 2052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 11:05:08.0422 2052 AmdPPM - ok 11:05:08.0453 2052 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:05:08.0468 2052 amdsata - ok 11:05:08.0500 2052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:05:08.0515 2052 amdsbs - ok 11:05:08.0546 2052 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:05:08.0563 2052 amdxata - ok 11:05:08.0594 2052 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:05:08.0641 2052 AppID - ok 11:05:08.0672 2052 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 11:05:08.0719 2052 AppIDSvc - ok 11:05:08.0735 2052 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 11:05:08.0766 2052 Appinfo - ok 11:05:08.0859 2052 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:05:08.0875 2052 Apple Mobile Device - ok 11:05:08.0891 2052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:05:08.0906 2052 arc - ok 11:05:08.0937 2052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:05:08.0953 2052 arcsas - ok 11:05:09.0015 2052 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 11:05:09.0031 2052 aspnet_state - ok 11:05:09.0047 2052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:05:09.0093 2052 AsyncMac - ok 11:05:09.0125 2052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:05:09.0140 2052 atapi - ok 11:05:09.0218 2052 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:05:09.0281 2052 AudioEndpointBuilder - ok 11:05:09.0281 2052 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:05:09.0312 2052 AudioSrv - ok 11:05:09.0717 2052 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 11:05:09.0780 2052 AVGIDSAgent - ok 11:05:09.0951 2052 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys 11:05:09.0967 2052 AVGIDSDriver - ok 11:05:10.0014 2052 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys 11:05:10.0029 2052 AVGIDSFilter - ok 11:05:10.0061 2052 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys 11:05:10.0076 2052 AVGIDSHA - ok 11:05:10.0107 2052 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys 11:05:10.0123 2052 Avgldx64 - ok 11:05:10.0139 2052 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys 11:05:10.0154 2052 Avgmfx64 - ok 11:05:10.0201 2052 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys 11:05:10.0217 2052 Avgrkx64 - ok 11:05:10.0263 2052 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys 11:05:10.0279 2052 Avgtdia - ok 11:05:10.0357 2052 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 11:05:10.0373 2052 avgwd - ok 11:05:10.0404 2052 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 11:05:10.0466 2052 AxInstSV - ok 11:05:10.0513 2052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:05:10.0544 2052 b06bdrv - ok 11:05:10.0591 2052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:05:10.0607 2052 b57nd60a - ok 11:05:10.0716 2052 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 11:05:10.0731 2052 BBSvc - ok 11:05:10.0794 2052 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 11:05:10.0841 2052 BDESVC - ok 11:05:10.0919 2052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:05:10.0981 2052 Beep - ok 11:05:11.0402 2052 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 11:05:11.0465 2052 BITS - ok 11:05:11.0589 2052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:05:11.0636 2052 blbdrive - ok 11:05:11.0745 2052 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 11:05:11.0761 2052 Bonjour Service - ok 11:05:11.0792 2052 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:05:11.0808 2052 bowser - ok 11:05:11.0886 2052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:05:11.0917 2052 BrFiltLo - ok 11:05:12.0089 2052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:05:12.0104 2052 BrFiltUp - ok 11:05:12.0135 2052 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 11:05:12.0182 2052 Browser - ok 11:05:12.0213 2052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:05:12.0229 2052 Brserid - ok 11:05:12.0307 2052 BrSerIf (80e52ef092f3dad03e0ee15e64f97245) C:\Windows\system32\DRIVERS\BrSerIf.sys 11:05:12.0338 2052 BrSerIf - ok 11:05:12.0385 2052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:05:12.0401 2052 BrSerWdm - ok 11:05:12.0463 2052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:05:12.0494 2052 BrUsbMdm - ok 11:05:12.0510 2052 BrUsbSer (601cb966fffebc6806626dc8e7aa0ef2) C:\Windows\system32\DRIVERS\BrUsbSer.sys 11:05:12.0525 2052 BrUsbSer - ok 11:05:12.0541 2052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:05:12.0557 2052 BTHMODEM - ok 11:05:12.0603 2052 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 11:05:12.0635 2052 bthserv - ok 11:05:12.0650 2052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:05:12.0666 2052 cdfs - ok 11:05:12.0697 2052 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:05:12.0728 2052 cdrom - ok 11:05:12.0744 2052 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:05:12.0806 2052 CertPropSvc - ok 11:05:12.0837 2052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:05:12.0869 2052 circlass - ok 11:05:12.0900 2052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:05:12.0931 2052 CLFS - ok 11:05:12.0978 2052 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:05:12.0993 2052 clr_optimization_v2.0.50727_32 - ok 11:05:13.0040 2052 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:05:13.0056 2052 clr_optimization_v2.0.50727_64 - ok 11:05:13.0118 2052 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:05:13.0134 2052 clr_optimization_v4.0.30319_32 - ok 11:05:13.0149 2052 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:05:13.0181 2052 clr_optimization_v4.0.30319_64 - ok 11:05:13.0212 2052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:05:13.0243 2052 CmBatt - ok 11:05:13.0243 2052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:05:13.0259 2052 cmdide - ok 11:05:13.0337 2052 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 11:05:13.0368 2052 CNG - ok 11:05:13.0383 2052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:05:13.0383 2052 Compbatt - ok 11:05:13.0415 2052 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:05:13.0415 2052 CompositeBus - ok 11:05:13.0430 2052 COMSysApp - ok 11:05:13.0446 2052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:05:13.0477 2052 crcdisk - ok 11:05:13.0508 2052 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 11:05:13.0539 2052 CryptSvc - ok 11:05:13.0586 2052 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:05:13.0649 2052 DcomLaunch - ok 11:05:13.0664 2052 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 11:05:13.0711 2052 defragsvc - ok 11:05:13.0742 2052 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:05:13.0789 2052 DfsC - ok 11:05:13.0836 2052 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 11:05:13.0867 2052 Dhcp - ok 11:05:13.0883 2052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:05:13.0914 2052 discache - ok 11:05:13.0961 2052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:05:13.0961 2052 Disk - ok 11:05:13.0992 2052 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 11:05:14.0023 2052 Dnscache - ok 11:05:14.0054 2052 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 11:05:14.0101 2052 dot3svc - ok 11:05:14.0117 2052 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 11:05:14.0148 2052 DPS - ok 11:05:14.0163 2052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:05:14.0179 2052 drmkaud - ok 11:05:14.0241 2052 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:05:14.0257 2052 DXGKrnl - ok 11:05:14.0273 2052 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 11:05:14.0319 2052 EapHost - ok 11:05:14.0491 2052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:05:14.0538 2052 ebdrv - ok 11:05:14.0616 2052 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 11:05:14.0631 2052 EFS - ok 11:05:14.0725 2052 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 11:05:14.0772 2052 ehRecvr - ok 11:05:14.0787 2052 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 11:05:14.0803 2052 ehSched - ok 11:05:14.0865 2052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:05:14.0897 2052 elxstor - ok 11:05:14.0912 2052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:05:14.0928 2052 ErrDev - ok 11:05:14.0975 2052 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 11:05:15.0006 2052 EventSystem - ok 11:05:15.0021 2052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:05:15.0053 2052 exfat - ok 11:05:15.0068 2052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:05:15.0099 2052 fastfat - ok 11:05:15.0162 2052 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 11:05:15.0209 2052 Fax - ok 11:05:15.0224 2052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:05:15.0255 2052 fdc - ok 11:05:15.0287 2052 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 11:05:15.0318 2052 fdPHost - ok 11:05:15.0333 2052 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 11:05:15.0365 2052 FDResPub - ok 11:05:15.0380 2052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:05:15.0380 2052 FileInfo - ok 11:05:15.0396 2052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:05:15.0443 2052 Filetrace - ok 11:05:15.0474 2052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:05:15.0489 2052 flpydisk - ok 11:05:15.0521 2052 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:05:15.0521 2052 FltMgr - ok 11:05:15.0630 2052 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 11:05:15.0692 2052 FontCache - ok 11:05:15.0755 2052 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:05:15.0770 2052 FontCache3.0.0.0 - ok 11:05:15.0817 2052 FPLService (71cdc1d7f58d5ec49ebc2e2332ad3fae) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe 11:05:15.0833 2052 FPLService - ok 11:05:15.0911 2052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:05:15.0926 2052 FsDepends - ok 11:05:15.0942 2052 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 11:05:15.0957 2052 Fs_Rec - ok 11:05:15.0989 2052 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:05:16.0004 2052 fvevol - ok 11:05:16.0035 2052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:05:16.0035 2052 gagp30kx - ok 11:05:16.0082 2052 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 11:05:16.0098 2052 GamesAppService - ok 11:05:16.0113 2052 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:05:16.0129 2052 GEARAspiWDM - ok 11:05:16.0191 2052 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 11:05:16.0238 2052 gpsvc - ok 11:05:16.0254 2052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:05:16.0269 2052 hcw85cir - ok 11:05:16.0301 2052 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:05:16.0316 2052 HdAudAddService - ok 11:05:16.0347 2052 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:05:16.0363 2052 HDAudBus - ok 11:05:16.0363 2052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:05:16.0394 2052 HidBatt - ok 11:05:16.0410 2052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:05:16.0425 2052 HidBth - ok 11:05:16.0441 2052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:05:16.0457 2052 HidIr - ok 11:05:16.0488 2052 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 11:05:16.0503 2052 hidserv - ok 11:05:16.0535 2052 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:05:16.0550 2052 HidUsb - ok 11:05:16.0581 2052 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 11:05:16.0613 2052 hkmsvc - ok 11:05:16.0644 2052 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 11:05:16.0691 2052 HomeGroupListener - ok 11:05:16.0706 2052 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 11:05:16.0737 2052 HomeGroupProvider - ok 11:05:16.0815 2052 HP Support Assistant Service (531d1843c7a411f4e41ec6786f291e5f) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 11:05:16.0831 2052 HP Support Assistant Service - ok 11:05:16.0878 2052 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 11:05:16.0893 2052 HPClientSvc - ok 11:05:16.0925 2052 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 11:05:16.0940 2052 HPDrvMntSvc.exe - ok 11:05:17.0003 2052 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 11:05:17.0018 2052 hpqwmiex - ok 11:05:17.0127 2052 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:05:17.0143 2052 HpSAMD - ok 11:05:17.0408 2052 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Users\jk\AppData\Local\Temp\7zS2C9C\hpslpsvc64.dll 11:05:17.0455 2052 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 11:05:17.0455 2052 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 11:05:17.0611 2052 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:05:17.0642 2052 HTTP - ok 11:05:17.0658 2052 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:05:17.0658 2052 hwpolicy - ok 11:05:17.0689 2052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 11:05:17.0705 2052 i8042prt - ok 11:05:17.0736 2052 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys 11:05:17.0751 2052 iaStor - ok 11:05:17.0798 2052 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:05:17.0814 2052 iaStorV - ok 11:05:17.0861 2052 IDMWFP (5534e14ef27ebe8563cdbce6b88501a3) C:\Windows\system32\DRIVERS\idmwfp.sys 11:05:17.0876 2052 IDMWFP - ok 11:05:17.0954 2052 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:05:17.0970 2052 idsvc - ok 11:05:18.0500 2052 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:05:18.0687 2052 igfx - ok 11:05:18.0781 2052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:05:18.0781 2052 iirsp - ok 11:05:18.0828 2052 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 11:05:18.0875 2052 IKEEXT - ok 11:05:18.0890 2052 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys 11:05:18.0921 2052 Impcd - ok 11:05:19.0046 2052 IntcAzAudAddService (c7124da48e557d8f88d0d7f1254557f4) C:\Windows\system32\drivers\RTKVHD64.sys 11:05:19.0077 2052 IntcAzAudAddService - ok 11:05:19.0171 2052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:05:19.0187 2052 intelide - ok 11:05:19.0249 2052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 11:05:19.0265 2052 intelppm - ok 11:05:19.0327 2052 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 11:05:19.0358 2052 IPBusEnum - ok 11:05:19.0389 2052 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:05:19.0405 2052 IpFilterDriver - ok 11:05:19.0452 2052 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:05:19.0483 2052 IPMIDRV - ok 11:05:19.0499 2052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:05:19.0545 2052 IPNAT - ok 11:05:19.0717 2052 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe 11:05:19.0748 2052 iPod Service - ok 11:05:19.0764 2052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:05:19.0779 2052 IRENUM - ok 11:05:19.0795 2052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:05:19.0795 2052 isapnp - ok 11:05:19.0826 2052 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:05:19.0826 2052 iScsiPrt - ok 11:05:19.0904 2052 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 11:05:19.0904 2052 jhi_service - ok 11:05:19.0935 2052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 11:05:19.0935 2052 kbdclass - ok 11:05:19.0951 2052 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 11:05:19.0982 2052 kbdhid - ok 11:05:19.0998 2052 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:05:20.0013 2052 KeyIso - ok 11:05:20.0045 2052 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 11:05:20.0045 2052 KSecDD - ok 11:05:20.0060 2052 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 11:05:20.0076 2052 KSecPkg - ok 11:05:20.0091 2052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:05:20.0123 2052 ksthunk - ok 11:05:20.0169 2052 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 11:05:20.0201 2052 KtmRm - ok 11:05:20.0232 2052 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 11:05:20.0263 2052 LanmanServer - ok 11:05:20.0279 2052 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 11:05:20.0310 2052 LanmanWorkstation - ok 11:05:20.0341 2052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:05:20.0372 2052 lltdio - ok 11:05:20.0419 2052 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 11:05:20.0450 2052 lltdsvc - ok 11:05:20.0513 2052 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 11:05:20.0528 2052 lmhosts - ok 11:05:20.0653 2052 LMS (d75c4b4a8fe6d7fd74a7eecdbaec729f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 11:05:20.0653 2052 LMS - ok 11:05:20.0731 2052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:05:20.0731 2052 LSI_FC - ok 11:05:20.0778 2052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:05:20.0778 2052 LSI_SAS - ok 11:05:20.0809 2052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:05:20.0809 2052 LSI_SAS2 - ok 11:05:20.0825 2052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:05:20.0840 2052 LSI_SCSI - ok 11:05:20.0856 2052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:05:20.0887 2052 luafv - ok 11:05:20.0949 2052 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys 11:05:20.0949 2052 LVRS64 - ok 11:05:21.0168 2052 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys 11:05:21.0246 2052 LVUVC64 - ok 11:05:21.0355 2052 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 11:05:21.0355 2052 MBAMProtector - ok 11:05:21.0433 2052 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:05:21.0449 2052 MBAMService - ok 11:05:21.0464 2052 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 11:05:21.0480 2052 Mcx2Svc - ok 11:05:21.0495 2052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:05:21.0495 2052 megasas - ok 11:05:21.0542 2052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:05:21.0542 2052 MegaSR - ok 11:05:21.0558 2052 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys 11:05:21.0573 2052 MEIx64 - ok 11:05:21.0573 2052 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:05:21.0605 2052 MMCSS - ok 11:05:21.0620 2052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:05:21.0651 2052 Modem - ok 11:05:21.0683 2052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:05:21.0698 2052 monitor - ok 11:05:21.0729 2052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:05:21.0745 2052 mouclass - ok 11:05:21.0761 2052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:05:21.0776 2052 mouhid - ok 11:05:21.0792 2052 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:05:21.0807 2052 mountmgr - ok 11:05:21.0870 2052 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:05:21.0885 2052 MozillaMaintenance - ok 11:05:21.0901 2052 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:05:21.0917 2052 mpio - ok 11:05:21.0917 2052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:05:21.0948 2052 mpsdrv - ok 11:05:21.0963 2052 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:05:21.0995 2052 MRxDAV - ok 11:05:22.0010 2052 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:05:22.0041 2052 mrxsmb - ok 11:05:22.0057 2052 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:05:22.0057 2052 mrxsmb10 - ok 11:05:22.0073 2052 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:05:22.0088 2052 mrxsmb20 - ok 11:05:22.0104 2052 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:05:22.0104 2052 msahci - ok 11:05:22.0135 2052 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:05:22.0151 2052 msdsm - ok 11:05:22.0166 2052 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 11:05:22.0182 2052 MSDTC - ok 11:05:22.0197 2052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:05:22.0229 2052 Msfs - ok 11:05:22.0244 2052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:05:22.0260 2052 mshidkmdf - ok 11:05:22.0275 2052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:05:22.0275 2052 msisadrv - ok 11:05:22.0307 2052 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 11:05:22.0338 2052 MSiSCSI - ok 11:05:22.0338 2052 msiserver - ok 11:05:22.0369 2052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:05:22.0400 2052 MSKSSRV - ok 11:05:22.0400 2052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:05:22.0431 2052 MSPCLOCK - ok 11:05:22.0447 2052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:05:22.0494 2052 MSPQM - ok 11:05:22.0525 2052 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:05:22.0525 2052 MsRPC - ok 11:05:22.0556 2052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:05:22.0556 2052 mssmbios - ok 11:05:22.0572 2052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:05:22.0619 2052 MSTEE - ok 11:05:22.0619 2052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:05:22.0634 2052 MTConfig - ok 11:05:22.0650 2052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:05:22.0665 2052 Mup - ok 11:05:22.0697 2052 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 11:05:22.0728 2052 napagent - ok 11:05:22.0775 2052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:05:22.0775 2052 NativeWifiP - ok 11:05:22.0837 2052 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 11:05:22.0853 2052 NDIS - ok 11:05:22.0868 2052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:05:22.0899 2052 NdisCap - ok 11:05:22.0931 2052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:05:22.0962 2052 NdisTapi - ok 11:05:22.0977 2052 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:05:22.0993 2052 Ndisuio - ok 11:05:23.0009 2052 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:05:23.0040 2052 NdisWan - ok 11:05:23.0071 2052 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:05:23.0102 2052 NDProxy - ok 11:05:23.0118 2052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:05:23.0149 2052 NetBIOS - ok 11:05:23.0180 2052 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:05:23.0211 2052 NetBT - ok 11:05:23.0258 2052 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:05:23.0258 2052 Netlogon - ok 11:05:23.0352 2052 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 11:05:23.0399 2052 Netman - ok 11:05:23.0445 2052 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:05:23.0461 2052 NetMsmqActivator - ok 11:05:23.0461 2052 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:05:23.0461 2052 NetPipeActivator - ok 11:05:23.0492 2052 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 11:05:23.0539 2052 netprofm - ok 11:05:23.0617 2052 netr28x (8b5d2d7cb0ef5b1967860b8ab742a46c) C:\Windows\system32\DRIVERS\netr28x.sys 11:05:23.0633 2052 netr28x - ok 11:05:23.0711 2052 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:05:23.0711 2052 NetTcpActivator - ok 11:05:23.0711 2052 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:05:23.0726 2052 NetTcpPortSharing - ok 11:05:23.0789 2052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:05:23.0789 2052 nfrd960 - ok 11:05:23.0835 2052 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 11:05:23.0867 2052 NlaSvc - ok 11:05:24.0023 2052 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 11:05:24.0069 2052 NOBU - ok 11:05:24.0132 2052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:05:24.0163 2052 Npfs - ok 11:05:24.0179 2052 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 11:05:24.0210 2052 nsi - ok 11:05:24.0225 2052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:05:24.0257 2052 nsiproxy - ok 11:05:24.0350 2052 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:05:24.0366 2052 Ntfs - ok 11:05:24.0444 2052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:05:24.0475 2052 Null - ok 11:05:24.0506 2052 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:05:24.0522 2052 nvraid - ok 11:05:24.0537 2052 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:05:24.0553 2052 nvstor - ok 11:05:24.0584 2052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:05:24.0584 2052 nv_agp - ok 11:05:24.0600 2052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:05:24.0615 2052 ohci1394 - ok 11:05:24.0647 2052 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:05:24.0678 2052 p2pimsvc - ok 11:05:24.0693 2052 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 11:05:24.0709 2052 p2psvc - ok 11:05:24.0740 2052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:05:24.0740 2052 Parport - ok 11:05:24.0771 2052 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 11:05:24.0787 2052 partmgr - ok 11:05:24.0818 2052 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 11:05:24.0834 2052 PcaSvc - ok 11:05:24.0849 2052 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:05:24.0865 2052 pci - ok 11:05:24.0881 2052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:05:24.0881 2052 pciide - ok 11:05:24.0912 2052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:05:24.0912 2052 pcmcia - ok 11:05:24.0928 2052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:05:24.0943 2052 pcw - ok 11:05:24.0974 2052 pdfcDispatcher - ok 11:05:25.0006 2052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:05:25.0037 2052 PEAUTH - ok 11:05:25.0115 2052 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 11:05:25.0130 2052 PerfHost - ok 11:05:25.0427 2052 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 11:05:25.0474 2052 pla - ok 11:05:25.0552 2052 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 11:05:25.0583 2052 PlugPlay - ok 11:05:25.0661 2052 pmxdrv (0bee791c7c7ace453c134e73633c497d) C:\Windows\system32\drivers\pmxdrv.sys 11:05:25.0676 2052 pmxdrv - ok 11:05:25.0723 2052 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 11:05:25.0770 2052 PNRPAutoReg - ok 11:05:25.0832 2052 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:05:25.0848 2052 PNRPsvc - ok 11:05:25.0926 2052 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 11:05:25.0988 2052 PolicyAgent - ok 11:05:26.0020 2052 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 11:05:26.0051 2052 Power - ok 11:05:26.0082 2052 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:05:26.0129 2052 PptpMiniport - ok 11:05:26.0129 2052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:05:26.0144 2052 Processor - ok 11:05:26.0176 2052 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 11:05:26.0207 2052 ProfSvc - ok 11:05:26.0222 2052 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:05:26.0238 2052 ProtectedStorage - ok 11:05:26.0254 2052 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:05:26.0285 2052 Psched - ok 11:05:26.0378 2052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:05:26.0394 2052 ql2300 - ok 11:05:26.0488 2052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:05:26.0503 2052 ql40xx - ok 11:05:26.0519 2052 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 11:05:26.0534 2052 QWAVE - ok 11:05:26.0534 2052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:05:26.0566 2052 QWAVEdrv - ok 11:05:26.0581 2052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:05:26.0628 2052 RasAcd - ok 11:05:26.0644 2052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:05:26.0659 2052 RasAgileVpn - ok 11:05:26.0675 2052 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 11:05:26.0706 2052 RasAuto - ok 11:05:26.0722 2052 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:05:26.0753 2052 Rasl2tp - ok 11:05:26.0784 2052 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 11:05:26.0815 2052 RasMan - ok 11:05:26.0831 2052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:05:26.0862 2052 RasPppoe - ok 11:05:26.0878 2052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:05:26.0909 2052 RasSstp - ok 11:05:26.0924 2052 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:05:26.0971 2052 rdbss - ok 11:05:26.0987 2052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 11:05:26.0987 2052 rdpbus - ok 11:05:27.0018 2052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:05:27.0049 2052 RDPCDD - ok 11:05:27.0049 2052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:05:27.0080 2052 RDPENCDD - ok 11:05:27.0096 2052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:05:27.0112 2052 RDPREFMP - ok 11:05:27.0143 2052 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 11:05:27.0190 2052 RDPWD - ok 11:05:27.0439 2052 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:05:27.0455 2052 rdyboost - ok 11:05:27.0642 2052 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 11:05:27.0860 2052 RemoteAccess - ok 11:05:27.0938 2052 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 11:05:27.0970 2052 RemoteRegistry - ok 11:05:28.0079 2052 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 11:05:28.0079 2052 RoxioNow Service - ok 11:05:28.0110 2052 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 11:05:28.0141 2052 RpcEptMapper - ok 11:05:28.0172 2052 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 11:05:28.0172 2052 RpcLocator - ok 11:05:28.0204 2052 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:05:28.0235 2052 RpcSs - ok 11:05:28.0282 2052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:05:28.0297 2052 rspndr - ok 11:05:28.0344 2052 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys 11:05:28.0344 2052 RTL8167 - ok 11:05:28.0375 2052 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:05:28.0375 2052 SamSs - ok 11:05:28.0391 2052 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:05:28.0406 2052 sbp2port - ok 11:05:28.0438 2052 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 11:05:28.0453 2052 SCardSvr - ok 11:05:28.0469 2052 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:05:28.0500 2052 scfilter - ok 11:05:28.0547 2052 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 11:05:28.0578 2052 Schedule - ok 11:05:28.0609 2052 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:05:28.0640 2052 SCPolicySvc - ok 11:05:28.0656 2052 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 11:05:28.0687 2052 SDRSVC - ok 11:05:28.0750 2052 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 11:05:28.0750 2052 SeaPort - ok 11:05:28.0796 2052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:05:28.0828 2052 secdrv - ok 11:05:28.0843 2052 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 11:05:28.0859 2052 seclogon - ok 11:05:28.0874 2052 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 11:05:28.0906 2052 SENS - ok 11:05:28.0937 2052 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 11:05:28.0952 2052 SensrSvc - ok 11:05:28.0968 2052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:05:28.0999 2052 Serenum - ok 11:05:29.0015 2052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:05:29.0015 2052 Serial - ok 11:05:29.0046 2052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:05:29.0062 2052 sermouse - ok 11:05:29.0077 2052 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 11:05:29.0108 2052 SessionEnv - ok 11:05:29.0140 2052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:05:29.0140 2052 sffdisk - ok 11:05:29.0155 2052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:05:29.0171 2052 sffp_mmc - ok 11:05:29.0218 2052 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:05:29.0233 2052 sffp_sd - ok 11:05:29.0374 2052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:05:29.0452 2052 sfloppy - ok 11:05:29.0608 2052 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 11:05:29.0701 2052 ShellHWDetection - ok 11:05:29.0888 2052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:05:29.0888 2052 SiSRaid2 - ok 11:05:29.0951 2052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:05:29.0966 2052 SiSRaid4 - ok 11:05:30.0169 2052 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe 11:05:30.0185 2052 SkypeUpdate - ok 11:05:30.0622 2052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:05:30.0715 2052 Smb - ok 11:05:31.0121 2052 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 11:05:31.0370 2052 SNMPTRAP - ok 11:05:31.0464 2052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:05:31.0464 2052 spldr - ok 11:05:31.0698 2052 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 11:05:31.0745 2052 Spooler - ok 11:05:32.0431 2052 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 11:05:32.0478 2052 sppsvc - ok 11:05:32.0837 2052 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 11:05:32.0899 2052 sppuinotify - ok 11:05:33.0274 2052 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:05:33.0352 2052 srv - ok 11:05:33.0430 2052 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:05:33.0461 2052 srv2 - ok 11:05:33.0476 2052 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:05:33.0492 2052 srvnet - ok 11:05:33.0554 2052 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 11:05:33.0617 2052 SSDPSRV - ok 11:05:33.0648 2052 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 11:05:33.0664 2052 SstpSvc - ok 11:05:33.0742 2052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:05:33.0773 2052 stexstor - ok 11:05:33.0851 2052 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 11:05:33.0882 2052 stisvc - ok 11:05:33.0944 2052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:05:33.0960 2052 swenum - ok 11:05:34.0038 2052 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 11:05:34.0116 2052 swprv - ok 11:05:34.0303 2052 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 11:05:34.0381 2052 SysMain - ok 11:05:34.0444 2052 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 11:05:34.0475 2052 TabletInputService - ok 11:05:34.0506 2052 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 11:05:34.0537 2052 TapiSrv - ok 11:05:34.0568 2052 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 11:05:34.0600 2052 TBS - ok 11:05:34.0787 2052 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 11:05:34.0818 2052 Tcpip - ok 11:05:34.0958 2052 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 11:05:34.0974 2052 TCPIP6 - ok 11:05:35.0036 2052 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:05:35.0083 2052 tcpipreg - ok 11:05:35.0083 2052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:05:35.0114 2052 TDPIPE - ok 11:05:35.0146 2052 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 11:05:35.0161 2052 TDTCP - ok 11:05:35.0192 2052 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:05:35.0208 2052 tdx - ok 11:05:35.0270 2052 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:05:35.0286 2052 TermDD - ok 11:05:35.0333 2052 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 11:05:35.0380 2052 TermService - ok 11:05:35.0411 2052 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 11:05:35.0426 2052 Themes - ok 11:05:35.0489 2052 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:05:35.0520 2052 THREADORDER - ok 11:05:35.0598 2052 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 11:05:35.0645 2052 TrkWks - ok 11:05:35.0738 2052 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 11:05:35.0785 2052 TrustedInstaller - ok 11:05:35.0848 2052 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:05:35.0926 2052 tssecsrv - ok 11:05:35.0972 2052 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:05:35.0988 2052 TsUsbFlt - ok 11:05:36.0019 2052 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 11:05:36.0035 2052 TsUsbGD - ok 11:05:36.0066 2052 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:05:36.0113 2052 tunnel - ok 11:05:36.0128 2052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:05:36.0144 2052 uagp35 - ok 11:05:36.0175 2052 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:05:36.0206 2052 udfs - ok 11:05:36.0238 2052 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 11:05:36.0253 2052 UI0Detect - ok 11:05:36.0269 2052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:05:36.0284 2052 uliagpkx - ok 11:05:36.0316 2052 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 11:05:36.0331 2052 umbus - ok 11:05:36.0362 2052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 11:05:36.0378 2052 UmPass - ok 11:05:36.0565 2052 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 11:05:36.0565 2052 UMVPFSrv - ok 11:05:37.0064 2052 UNS (758c2ce427c343f780a205e28555c98d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 11:05:37.0096 2052 UNS - ok 11:05:37.0267 2052 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 11:05:37.0345 2052 upnphost - ok 11:05:37.0376 2052 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 11:05:37.0408 2052 USBAAPL64 - ok 11:05:37.0439 2052 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 11:05:37.0470 2052 usbaudio - ok 11:05:37.0501 2052 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:05:37.0517 2052 usbccgp - ok 11:05:37.0548 2052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:05:37.0564 2052 usbcir - ok 11:05:37.0579 2052 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:05:37.0579 2052 usbehci - ok 11:05:37.0610 2052 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:05:37.0642 2052 usbhub - ok 11:05:37.0657 2052 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:05:37.0673 2052 usbohci - ok 11:05:37.0704 2052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:05:37.0735 2052 usbprint - ok 11:05:37.0798 2052 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:05:37.0813 2052 usbscan - ok 11:05:37.0829 2052 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:05:37.0860 2052 USBSTOR - ok 11:05:37.0860 2052 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:05:37.0876 2052 usbuhci - ok 11:05:37.0907 2052 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 11:05:37.0938 2052 UxSms - ok 11:05:37.0969 2052 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:05:37.0969 2052 VaultSvc - ok 11:05:38.0016 2052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:05:38.0016 2052 vdrvroot - ok 11:05:38.0047 2052 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 11:05:38.0094 2052 vds - ok 11:05:38.0125 2052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:05:38.0141 2052 vga - ok 11:05:38.0156 2052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:05:38.0203 2052 VgaSave - ok 11:05:38.0219 2052 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:05:38.0234 2052 vhdmp - ok 11:05:38.0266 2052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:05:38.0266 2052 viaide - ok 11:05:38.0281 2052 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:05:38.0297 2052 volmgr - ok 11:05:38.0312 2052 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:05:38.0328 2052 volmgrx - ok 11:05:38.0359 2052 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys 11:05:38.0375 2052 volsnap - ok 11:05:38.0390 2052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:05:38.0406 2052 vsmraid - ok 11:05:38.0500 2052 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 11:05:38.0531 2052 VSS - ok 11:05:38.0624 2052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:05:38.0640 2052 vwifibus - ok 11:05:38.0656 2052 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:05:38.0671 2052 vwififlt - ok 11:05:38.0718 2052 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 11:05:38.0765 2052 W32Time - ok 11:05:38.0796 2052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:05:38.0827 2052 WacomPen - ok 11:05:38.0858 2052 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:05:38.0905 2052 WANARP - ok 11:05:38.0905 2052 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:05:38.0921 2052 Wanarpv6 - ok 11:05:39.0014 2052 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 11:05:39.0061 2052 WatAdminSvc - ok 11:05:39.0139 2052 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 11:05:39.0311 2052 wbengine - ok 11:05:39.0389 2052 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 11:05:39.0404 2052 WbioSrvc - ok 11:05:39.0436 2052 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 11:05:39.0467 2052 wcncsvc - ok 11:05:39.0482 2052 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 11:05:39.0498 2052 WcsPlugInService - ok 11:05:39.0529 2052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:05:39.0545 2052 Wd - ok 11:05:39.0592 2052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:05:39.0623 2052 Wdf01000 - ok 11:05:39.0638 2052 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:05:39.0685 2052 WdiServiceHost - ok 11:05:39.0685 2052 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:05:39.0701 2052 WdiSystemHost - ok 11:05:39.0716 2052 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 11:05:39.0748 2052 WebClient - ok 11:05:39.0779 2052 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 11:05:39.0810 2052 Wecsvc - ok 11:05:39.0826 2052 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 11:05:39.0857 2052 wercplsupport - ok 11:05:39.0872 2052 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 11:05:39.0904 2052 WerSvc - ok 11:05:39.0935 2052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:05:39.0966 2052 WfpLwf - ok 11:05:39.0982 2052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:05:39.0982 2052 WIMMount - ok 11:05:39.0982 2052 WinHttpAutoProxySvc - ok 11:05:40.0044 2052 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 11:05:40.0075 2052 Winmgmt - ok 11:05:40.0200 2052 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 11:05:40.0262 2052 WinRM - ok 11:05:40.0387 2052 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 11:05:40.0418 2052 WinUsb - ok 11:05:40.0496 2052 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 11:05:40.0528 2052 Wlansvc - ok 11:05:40.0574 2052 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 11:05:40.0574 2052 wlcrasvc - ok 11:05:40.0793 2052 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:05:40.0840 2052 wlidsvc - ok 11:05:41.0011 2052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:05:41.0027 2052 WmiAcpi - ok 11:05:41.0089 2052 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 11:05:41.0120 2052 wmiApSrv - ok 11:05:41.0152 2052 WMPNetworkSvc - ok 11:05:41.0198 2052 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 11:05:41.0339 2052 WPCSvc - ok 11:05:41.0417 2052 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 11:05:41.0432 2052 WPDBusEnum - ok 11:05:41.0448 2052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:05:41.0479 2052 ws2ifsl - ok 11:05:41.0495 2052 WSearch - ok 11:05:41.0635 2052 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 11:05:41.0682 2052 wuauserv - ok 11:05:41.0776 2052 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:05:41.0807 2052 WudfPf - ok 11:05:41.0822 2052 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:05:41.0869 2052 WUDFRd - ok 11:05:41.0885 2052 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 11:05:41.0916 2052 wudfsvc - ok 11:05:41.0932 2052 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 11:05:41.0947 2052 WwanSvc - ok 11:05:41.0978 2052 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 11:05:42.0259 2052 \Device\Harddisk0\DR0 - ok 11:05:42.0259 2052 Boot (0x1200) (fa8d80a531131c449e22fda608531982) \Device\Harddisk0\DR0\Partition0 11:05:42.0259 2052 \Device\Harddisk0\DR0\Partition0 - ok 11:05:42.0290 2052 Boot (0x1200) (52e3616b50d280c6b230c8b86db1cdb2) \Device\Harddisk0\DR0\Partition1 11:05:42.0290 2052 \Device\Harddisk0\DR0\Partition1 - ok 11:05:42.0337 2052 Boot (0x1200) (ba6015a06b397afafd4fe952608a6b55) \Device\Harddisk0\DR0\Partition2 11:05:42.0337 2052 \Device\Harddisk0\DR0\Partition2 - ok 11:05:42.0337 2052 ============================================================ 11:05:42.0337 2052 Scan finished 11:05:42.0337 2052 ============================================================ 11:05:42.0353 3256 Detected object count: 1 11:05:42.0353 3256 Actual detected object count: 1 11:06:09.0076 3256 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 11:06:09.0076 3256 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:06:58.0699 2600 Deinitialize success
  14. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 20-07-2012 01 Ran by SYSTEM at 2012-07-21 10:46:09 Run:1 Running from K:\ ============================================== C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603} moved successfully. C:\Windows\assembly\GAC_32\Desktop.ini moved successfully. C:\Windows\assembly\GAC_64\Desktop.ini moved successfully. C:\Windows\System32\services.exe moved successfully. C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe ==== End of Fixlog ====
  15. Scan result of Farbar Recovery Scan Tool Version: 20-07-2012 01 Ran by SYSTEM at 20-07-2012 19:37:59 Running from K:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [igfxTray] C:\Windows\system32\igfxtray.exe [168216 2011-04-25] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391960 2011-04-25] (Intel Corporation) HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [418584 2011-04-25] (Intel Corporation) HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2587008 2012-04-05] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.) HKU\jk\...\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [3474840 2012-02-27] (Tonec Inc.) HKU\jk\...\Run: [Google Update] "C:\Users\jk\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-06] (Google Inc.) HKU\Mcx1-JK-HP\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation) Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 ==================== Services (Whitelisted) ====== 2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [5160568 2012-07-04] (AVG Technologies CZ, s.r.o.) 2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.) 2 HPSLPSVC; C:\Users\jk\AppData\Local\Temp\7zS2C9C\hpslpsvc64.dll [1039360 2011-11-14] (Hewlett-Packard Co.) 2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation) 2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [2804568 2010-06-01] (Symantec Corporation) 2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2656280 2011-01-31] (Intel Corporation) ========================== Drivers (Whitelisted) ============= 3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. ) 3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. ) 0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. ) 1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.) 1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.) 0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.) 1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [383808 2012-03-19] (AVG Technologies CZ, s.r.o.) 3 BrSerIf; C:\Windows\System32\Drivers\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.) 2 IDMWFP; C:\Windows\System32\Drivers\IDMWFP.sys [149640 2012-02-07] (Tonec Inc.) 3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation) 3 pmxdrv; C:\Windows\System32\Drivers\pmxdrv.sys [31152 2011-08-12] () ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-07-20 16:33 - 2012-07-20 16:33 - 00023482 ____A C:\Users\jk\Desktop\DDS.txt 2012-07-20 16:32 - 2012-07-20 16:32 - 00006817 ____A C:\Users\jk\Desktop\1.txt 2012-07-20 16:30 - 2012-07-20 16:30 - 00607260 ____R (Swearware) C:\Users\jk\Downloads\dds.scr 2012-07-20 14:20 - 2012-07-20 15:36 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-07-20 14:12 - 2012-07-20 14:12 - 00000000 ____D C:\Users\jk\AppData\Roaming\RedDotGames 2012-07-20 14:11 - 2010-06-02 03:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2012-07-20 14:11 - 2010-06-02 03:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll 2012-07-20 14:11 - 2010-06-02 03:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2012-07-20 14:11 - 2010-06-02 03:55 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll 2012-07-20 14:11 - 2010-06-02 03:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll 2012-07-20 14:11 - 2010-06-02 03:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 02401112 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 01907552 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 00511328 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll 2012-07-20 14:11 - 2010-05-26 10:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00530776 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00078680 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll 2012-07-20 14:11 - 2010-02-04 09:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2012-07-20 14:11 - 2009-09-04 16:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll 2012-07-20 14:10 - 2009-09-04 16:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2012-07-20 14:10 - 2009-09-04 16:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll 2012-07-20 14:10 - 2009-09-04 16:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll 2012-07-20 14:10 - 2009-09-04 16:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2012-07-20 14:10 - 2009-03-16 13:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll 2012-07-20 14:10 - 2009-03-16 13:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2012-07-20 14:10 - 2009-03-16 13:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2012-07-20 14:10 - 2009-03-16 13:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll 2012-07-20 14:10 - 2009-03-16 13:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll 2012-07-20 14:10 - 2009-03-16 13:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-07-20 14:10 - 2009-03-09 14:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll 2012-07-20 14:10 - 2009-03-09 14:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll 2012-07-20 14:10 - 2008-10-27 09:04 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll 2012-07-20 14:10 - 2008-10-27 09:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2012-07-20 14:10 - 2008-10-27 09:04 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll 2012-07-20 14:10 - 2008-10-27 09:04 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll 2012-07-20 14:10 - 2008-10-27 09:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-07-20 14:10 - 2008-10-15 05:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll 2012-07-20 14:10 - 2008-10-15 05:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2012-07-20 14:10 - 2008-10-15 05:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll 2012-07-20 14:10 - 2008-10-15 05:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-07-20 14:10 - 2008-10-15 05:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll 2012-07-20 14:10 - 2008-10-15 05:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2012-07-20 13:56 - 2012-07-20 13:56 - 00000000 ____D C:\Program Files (x86)\DVD Decrypter 2012-07-20 11:32 - 2012-07-20 13:52 - 00000000 ____D C:\Users\jk\AppData\Roaming\mIRC 2012-07-20 11:32 - 2012-07-20 11:32 - 00000000 ____D C:\Program Files (x86)\mIRC 2012-07-20 11:28 - 2012-07-20 11:46 - 552157910 ____A C:\Users\jk\Downloads\sara jay newmeat.wmv 2012-07-18 21:33 - 2011-04-14 18:38 - 00743049 ____A C:\Users\jk\Documents\VID 00051.3GP 2012-07-18 21:33 - 2011-04-14 18:38 - 00459299 ____A C:\Users\jk\Documents\VID 00053.3GP 2012-07-18 21:32 - 2012-07-18 21:32 - 00000000 ____D C:\Users\jk\Documents\piks 2012-07-18 21:32 - 2012-07-18 21:32 - 00000000 ____D C:\Users\jk\Documents\golf 2012-07-15 18:18 - 2012-07-15 18:22 - 390570916 ____A C:\Users\jk\Desktop\'max.payne_wish_1e3a7_e977a.flv' 2012-07-12 15:01 - 2012-07-12 15:01 - 00000000 ____D C:\Users\jk\AppData\Local\MicrosoftStore 2012-07-12 14:46 - 2012-07-12 14:46 - 00000237 ____A C:\user.js 2012-07-12 11:59 - 2012-07-12 11:59 - 00000000 ____D C:\Users\jk\AppData\Local\FANiSO 2012-07-10 21:56 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-10 21:54 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-07-10 21:54 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-07-10 21:54 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-07-10 21:54 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-07-10 21:54 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-07-10 21:54 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-07-10 21:54 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-07-10 21:54 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-07-10 21:54 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-07-10 21:54 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-07-10 21:54 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-07-10 21:54 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-07-10 21:54 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-07-10 21:54 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-07-10 21:54 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-07-10 21:54 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-07-10 21:54 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-07-10 21:54 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-07-10 21:54 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-07-10 21:54 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-07-10 21:54 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-07-10 21:54 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-07-10 21:54 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-07-10 21:54 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-07-10 21:54 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-07-10 21:54 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-07-10 21:54 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-07-10 21:54 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-07-10 14:37 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-07-10 14:37 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-07-10 14:37 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-07-10 14:37 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-07-10 14:37 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-07-10 14:37 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-07-10 14:37 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-07-10 14:37 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-07-10 14:37 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2012-07-10 14:37 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2012-07-10 14:37 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-07-10 14:37 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-07-10 14:37 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-07-10 14:37 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-07-10 14:37 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-07-10 14:37 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-07-10 14:37 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-07-10 14:37 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2012-07-10 14:37 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2012-07-06 21:24 - 2012-07-06 21:49 - 00000000 ____D C:\Users\jk\Desktop\TV Shows 2012-07-01 21:30 - 2012-07-01 21:30 - 00000000 ____D C:\Users\jk\AppData\Local\{EE7FB3F8-CB11-4CE3-A2B7-2CEFC85CBEB0} 2012-07-01 21:30 - 2012-07-01 21:30 - 00000000 ____D C:\Users\jk\AppData\Local\{18E10980-C3AC-4B78-B622-C04D2D8D56BE} 2012-06-30 21:14 - 2012-06-30 21:14 - 00000000 ____D C:\Users\jk\AppData\Local\{427FF6B0-70C4-4E13-918D-7C4594D89A14} 2012-06-30 21:13 - 2012-06-30 21:14 - 00000000 ____D C:\Users\jk\AppData\Local\{45FD7920-604B-4759-98CE-D461DB437767} 2012-06-30 15:26 - 2012-06-30 15:26 - 00000000 ____D C:\Users\jk\Downloads\SexUnderwater.12.06.24.Hot.censoreding.Afternoon.XXX.HR.WMV-KTR[rbg] 2012-06-27 13:00 - 2012-06-27 13:00 - 00000000 ____D C:\Program Files (x86)\Oracle 2012-06-27 13:00 - 2012-05-04 18:29 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2012-06-27 13:00 - 2012-05-04 18:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2012-06-27 12:59 - 2012-06-27 12:59 - 00000000 ____D C:\Users\All Users\McAfee 2012-06-27 12:54 - 2012-06-27 13:36 - 00000000 ____D C:\Users\jk\AppData\Roaming\.minecraft 2012-06-25 18:59 - 2012-06-25 18:59 - 00000000 ____D C:\Users\jk\AppData\Local\{24FA9293-D32D-45E4-91A9-BA62A62D1114} 2012-06-25 18:58 - 2012-06-25 18:59 - 00000000 ____D C:\Users\jk\AppData\Local\{0CC7ACD3-7788-48AA-AE2E-510913A9F489} 2012-06-24 20:57 - 2012-06-24 20:57 - 00000000 ____D C:\Users\jk\AppData\Local\{B57FD7E1-66E5-4423-9267-E5378B6D6805} 2012-06-24 20:57 - 2012-06-24 20:57 - 00000000 ____D C:\Users\jk\AppData\Local\{5E784052-C914-475B-9724-234D993DF3BF} 2012-06-24 20:34 - 2012-06-24 20:34 - 00000000 ____D C:\Users\jk\AppData\Local\{3B814F19-51A3-453A-B5CE-1FF3243C8AFE} 2012-06-24 20:29 - 2012-06-24 20:29 - 00000000 ____D C:\Program Files\Propellerhead 2012-06-24 20:20 - 2012-06-24 20:20 - 00000000 ____D C:\Windows\en 2012-06-24 20:20 - 2012-06-24 20:20 - 00000000 ____D C:\Users\jk\AppData\Local\{F6494445-2394-4690-8315-190570531CAC} 2012-06-24 20:20 - 2012-06-24 20:20 - 00000000 ____D C:\Users\jk\AppData\Local\{7B08C4D7-EB26-4D3F-B159-8A7E9F828EC4} 2012-06-24 20:17 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{EFE55C35-B71B-4689-A69B-9286A6849D39} 2012-06-24 20:17 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{B6D6D538-01D2-4EEB-B205-AFE7454273F0} 2012-06-24 20:17 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{49FDB53B-913D-4006-9A5D-B6E9BDFF1758} 2012-06-24 20:16 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{ACBF606D-B58A-4FD1-B272-5068D988BBA6} 2012-06-24 20:16 - 2012-06-24 20:16 - 00000000 ____D C:\Users\jk\AppData\Local\{A51BFA65-CB7E-4E8C-B546-0491F6BB3392} 2012-06-24 18:19 - 2012-06-24 18:19 - 00000000 ____D C:\Users\jk\AppData\Local\{983262F3-0973-4D01-B813-C55B6BD3C3E6} 2012-06-22 16:25 - 2012-06-22 16:25 - 00000000 ____D C:\Users\jk\AppData\Local\{78A560EC-DA11-421C-80FC-6E2F3B0D8016} 2012-06-21 11:19 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-21 11:19 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-21 11:19 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-21 11:19 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-21 11:18 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-21 11:18 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-21 11:18 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-21 11:18 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-21 11:18 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe ============ 3 Months Modified Files ======================== 2012-07-20 18:31 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-07-20 18:31 - 2009-07-13 20:51 - 00071388 ____A C:\Windows\setupact.log 2012-07-20 18:27 - 2011-11-19 19:25 - 01252341 ____A C:\Windows\WindowsUpdate.log 2012-07-20 18:05 - 2009-07-13 21:13 - 00778834 ____A C:\Windows\System32\PerfStringBackup.INI 2012-07-20 17:28 - 2011-12-06 22:08 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001UA.job 2012-07-20 17:09 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-07-20 17:09 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-07-20 17:02 - 2010-11-20 19:47 - 00552720 ____A C:\Windows\PFRO.log 2012-07-20 16:33 - 2012-07-20 16:33 - 00023482 ____A C:\Users\jk\Desktop\DDS.txt 2012-07-20 16:32 - 2012-07-20 16:32 - 00006817 ____A C:\Users\jk\Desktop\1.txt 2012-07-20 16:30 - 2012-07-20 16:30 - 00607260 ____R (Swearware) C:\Users\jk\Downloads\dds.scr 2012-07-20 15:29 - 2012-04-24 13:23 - 00000258 _RASH C:\Users\All Users\ntuser.pol 2012-07-20 15:29 - 2009-07-13 20:45 - 00268944 ____A C:\Windows\System32\FNTCACHE.DAT 2012-07-20 14:10 - 2011-08-12 19:58 - 00029342 ____A C:\Windows\DirectX.log 2012-07-20 11:46 - 2012-07-20 11:28 - 552157910 ____A C:\Users\jk\Downloads\sara jay newmeat.wmv 2012-07-19 16:40 - 2011-12-06 22:08 - 00000844 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001Core.job 2012-07-16 10:53 - 2012-04-02 09:24 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-07-16 10:53 - 2011-08-12 19:55 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-07-16 10:52 - 2011-11-27 21:53 - 00000320 ____A C:\Windows\Tasks\HPCeeScheduleForjk.job 2012-07-15 20:23 - 2011-11-27 21:53 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt 2012-07-15 20:23 - 2011-11-20 21:19 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log 2012-07-15 18:22 - 2012-07-15 18:18 - 390570916 ____A C:\Users\jk\Desktop\'max.payne_wish_1e3a7_e977a.flv' 2012-07-12 14:46 - 2012-07-12 14:46 - 00000237 ____A C:\user.js 2012-07-10 21:55 - 2012-01-03 10:59 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-07-03 12:46 - 2012-05-10 16:27 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-06-27 12:59 - 2011-12-18 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2012-06-27 12:59 - 2011-12-18 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2012-06-13 11:16 - 2009-07-13 21:08 - 00032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-06-11 19:08 - 2012-07-10 21:56 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-06-08 21:43 - 2012-07-10 14:37 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-08 20:41 - 2012-07-10 14:37 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-06-06 20:27 - 2012-06-06 20:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2012-06-05 22:06 - 2012-07-10 14:37 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-06-05 22:06 - 2012-07-10 14:37 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-06-05 22:02 - 2012-07-10 14:37 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-06-05 21:05 - 2012-07-10 14:37 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-06-05 21:05 - 2012-07-10 14:37 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-06-05 21:03 - 2012-07-10 14:37 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-06-02 14:19 - 2012-06-21 11:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 14:19 - 2012-06-21 11:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 14:19 - 2012-06-21 11:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 14:19 - 2012-06-21 11:18 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 14:19 - 2012-06-21 11:18 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 14:19 - 2012-06-21 11:18 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 14:15 - 2012-06-21 11:19 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 14:15 - 2012-06-21 11:18 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 14:15 - 2012-06-21 11:18 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-06-02 04:49 - 2012-07-10 21:54 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-02 04:17 - 2012-07-10 21:54 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-02 04:12 - 2012-07-10 21:54 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-02 04:05 - 2012-07-10 21:54 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-02 04:05 - 2012-07-10 21:54 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-02 04:04 - 2012-07-10 21:54 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-02 04:04 - 2012-07-10 21:54 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-02 04:03 - 2012-07-10 21:54 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-02 04:01 - 2012-07-10 21:54 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-02 04:00 - 2012-07-10 21:54 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-02 03:59 - 2012-07-10 21:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-02 03:57 - 2012-07-10 21:54 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-02 03:57 - 2012-07-10 21:54 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-02 03:54 - 2012-07-10 21:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-02 01:07 - 2012-07-10 21:54 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-02 00:43 - 2012-07-10 21:54 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-02 00:33 - 2012-07-10 21:54 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-02 00:26 - 2012-07-10 21:54 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-02 00:25 - 2012-07-10 21:54 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-02 00:25 - 2012-07-10 21:54 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-02 00:23 - 2012-07-10 21:54 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-02 00:21 - 2012-07-10 21:54 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-02 00:20 - 2012-07-10 21:54 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-02 00:19 - 2012-07-10 21:54 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-02 00:19 - 2012-07-10 21:54 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-02 00:17 - 2012-07-10 21:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-02 00:16 - 2012-07-10 21:54 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-02 00:14 - 2012-07-10 21:54 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-01 21:50 - 2012-07-10 14:37 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2012-06-01 21:48 - 2012-07-10 14:37 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2012-06-01 21:48 - 2012-07-10 14:37 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-06-01 21:45 - 2012-07-10 14:37 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-06-01 21:44 - 2012-07-10 14:37 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-06-01 20:40 - 2012-07-10 14:37 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-06-01 20:40 - 2012-07-10 14:37 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-06-01 20:39 - 2012-07-10 14:37 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-06-01 20:34 - 2012-07-10 14:37 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-05-30 22:08 - 2012-05-30 22:08 - 53505952 ____A C:\Users\jk\Desktop\Rich_The_Factor-Gates_Sauce_To_A_Boss-2012-FiH.zip 2012-05-04 18:29 - 2012-06-27 13:00 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2012-05-04 18:29 - 2012-06-27 13:00 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2012-05-04 18:29 - 2011-12-18 19:26 - 00687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2012-05-04 03:06 - 2012-06-13 11:22 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-05-04 02:03 - 2012-06-13 11:22 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2012-05-04 02:03 - 2012-06-13 11:22 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2012-04-30 21:40 - 2012-06-13 11:22 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll 2012-04-30 13:47 - 2012-04-30 13:47 - 00191264 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe 2012-04-30 13:47 - 2012-04-30 13:47 - 00172320 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe 2012-04-30 13:47 - 2012-04-30 13:47 - 00172320 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe 2012-04-30 13:47 - 2011-12-17 14:48 - 00525544 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll 2012-04-27 19:55 - 2012-06-13 11:22 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-04-25 21:41 - 2012-06-13 11:22 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2012-04-25 21:41 - 2012-06-13 11:22 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll 2012-04-25 21:34 - 2012-06-13 11:22 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe 2012-04-24 13:24 - 2012-04-24 13:24 - 00000020 __ASH C:\Users\Mcx1-JK-HP\ntuser.ini 2012-04-23 21:37 - 2012-06-13 11:22 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-04-23 21:37 - 2012-06-13 11:22 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-04-23 21:37 - 2012-06-13 11:22 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-04-23 20:36 - 2012-06-13 11:22 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2012-04-23 20:36 - 2012-06-13 11:22 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2012-04-23 20:36 - 2012-06-13 11:22 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll ZeroAccess: C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603} C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L\00000004.@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L\1afb2d56 C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L\201d3dde C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\00000004.@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\00000008.@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\000000cb.@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\80000000.@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\80000032.@ C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\80000064.@ ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!. C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ========================= Memory info ====================== Percentage of memory in use: 16% Total physical RAM: 6050.52 MB Available physical RAM: 5054.96 MB Total Pagefile: 6048.71 MB Available Pagefile: 5044.14 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:919.73 GB) (Free:759.22 GB) NTFS 2 Drive e: (HP_RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.43 GB) NTFS ==>[system with boot components (obtained from reading drive)] 8 Drive k: () (Removable) (Total:7.44 GB) (Free:6.66 GB) FAT32 9 Drive x: (Boot) (Fixed) (Total:0.12 GB) (Free:0.12 GB) NTFS 10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 931 GB 0 B Disk 1 No Media 0 B 0 B Disk 2 No Media 0 B 0 B Disk 3 No Media 0 B 0 B Disk 4 No Media 0 B 0 B Disk 5 Online 7633 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 919 GB 101 MB Partition 3 Primary 11 GB 919 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 919 GB Healthy ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E HP_RECOVERY NTFS Partition 11 GB Healthy ================================================================================== Partitions of Disk 5: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7633 MB 16 KB ================================================================================== Disk: 5 Partition 1 Type : 0B Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 8 K FAT32 Removable 7633 MB Healthy ================================================================================== ========================================================== Last Boot: 2012-07-18 12:02 ======================= End Of Log ========================== Farbar Recovery Scan Tool Version: 20-07-2012 01 Ran by SYSTEM at 2012-07-20 19:41:44 Running from K:\ ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC ====== End Of Search ======
  16. Now my AVG antivirus found "Sirefef" has something to do with firefox.....I dont know what it is....
  17. As of today ive had issues of AVG pops up saying threat detected, Google searches going to a random page, and MalwareBytes finding 1 object but unable to remove it. Threat name for AVG "Trojan horse Patched_c.LXT"....File name "c:/Windows/System32/services.exe Attach DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 11/19/2011 7:25:53 PM System Uptime: 7/20/2012 5:28:19 PM (0 hours ago) . Motherboard: PEGATRON CORPORATION | | 2AC2 Processor: Intel® Core i3-2120 CPU @ 3.30GHz | CPU 1 | 3300/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 920 GiB total, 759.546 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.43 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP59: 7/10/2012 10:53:55 PM - Windows Update RP60: 7/12/2012 3:58:57 PM - Removed BabylonObjectInstaller RP61: 7/20/2012 3:09:52 PM - Installed DirectX RP62: 7/20/2012 4:33:53 PM - Restore Operation . ==== Installed Programs ====================== . µTorrent 802.11n Wireless LAN Card Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Agatha Christie - Peril at End House Apple Application Support Apple Software Update Bejeweled 3 Bing Bar Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Cake Mania CameraHelperMsi Chronicles of Albian Chuzzle Deluxe Cradle of Rome 2 D3DX10 DVD Decrypter (Remove Only) erLT Farm Frenzy FATE Google Talk Plugin Governor of Poker 2 Premium Edition Hewlett-Packard ACLM.NET v1.1.1.0 HP Customer Experience Enhancements HP Games HP LinkUp HP MovieStore HP Odometer HP Setup HP Setup Manager HP SimplePass PE 2011 HP Support Assistant HP Support Information HP Update Intel® Control Center Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Intel® Processor Graphics Internet Download Manager Java Auto Updater Java 6 Update 30 Java 7 Update 5 JavaFX 2.1.1 Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update Kobo LabelPrint Logitech Vid HD Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Mah Jong Medley Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Microsoft Mathematics Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime mIRC Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN Norton Online Backup Out of the Park Baseball 13 PDF Complete Special Edition Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Police Force Power2Go PressReader Realtek High Definition Audio Driver Reason 5.0 Recovery Manager Remote Graphics Receiver Remote Mouse version 1.50 RoxioNow Player Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype™ 5.8 Slingo Supreme SoulSeek 157 NS 13e StreamTorrent 1.0 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Vacation Quest - The Hawaiian Islands VIP Access SDK (1.0.1.4) Virtual Villagers 5 - New Believers Visual Studio 2008 x64 Redistributables VLC media player 2.0.1 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Messenger Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 7/20/2012 5:29:02 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 7/20/2012 5:29:02 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 7/20/2012 5:28:45 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 7/20/2012 5:28:43 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 7/20/2012 5:28:43 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. . ==== End Of File =========================== DDS DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by jk at 17:31:21 on 2012-07-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4302 [GMT -7:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot uRun: [Google Update] "C:\Users\jk\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{10E95479-1198-431B-9936-6DD7F2D361C6} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{30DAA431-0433-4787-8D69-5363B8238F30} : DhcpNameServer = 192.168.1.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO-X64: IDM Helper - No File BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO-X64: AVG Do Not Track - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO-X64: TSBHO Class - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\jk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46:54 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-9 85560] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-12 655944] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-12 1128952] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-12 2656280] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?] R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976] S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-20 22:20:08 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-07-20 22:12:10 -------- d-----w- C:\Users\jk\AppData\Roaming\RedDotGames 2012-07-20 22:10:59 5554512 ----a-w- C:\Windows\System32\d3dcsx_42.dll 2012-07-20 21:56:10 -------- d-----w- C:\Program Files (x86)\DVD Decrypter 2012-07-20 19:32:12 -------- d-----w- C:\Users\jk\AppData\Roaming\mIRC 2012-07-20 19:32:11 -------- d-----w- C:\Program Files (x86)\mIRC 2012-07-12 23:01:25 -------- d-----w- C:\Users\jk\AppData\Local\MicrosoftStore 2012-07-12 19:59:35 -------- d-----w- C:\Users\jk\AppData\Local\FANiSO 2012-07-11 05:56:32 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-10 22:37:23 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-07-02 05:30:38 -------- d-----w- C:\Users\jk\AppData\Local\{18E10980-C3AC-4B78-B622-C04D2D8D56BE} 2012-07-02 05:30:27 -------- d-----w- C:\Users\jk\AppData\Local\{EE7FB3F8-CB11-4CE3-A2B7-2CEFC85CBEB0} 2012-07-01 05:14:04 -------- d-----w- C:\Users\jk\AppData\Local\{427FF6B0-70C4-4E13-918D-7C4594D89A14} 2012-07-01 05:13:54 -------- d-----w- C:\Users\jk\AppData\Local\{45FD7920-604B-4759-98CE-D461DB437767} 2012-06-27 21:00:38 -------- d-----w- C:\Program Files (x86)\Oracle 2012-06-27 21:00:13 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-06-27 20:54:27 -------- d-----w- C:\Users\jk\AppData\Roaming\.minecraft 2012-06-26 02:59:02 -------- d-----w- C:\Users\jk\AppData\Local\{24FA9293-D32D-45E4-91A9-BA62A62D1114} 2012-06-26 02:58:51 -------- d-----w- C:\Users\jk\AppData\Local\{0CC7ACD3-7788-48AA-AE2E-510913A9F489} 2012-06-25 04:57:43 -------- d-----w- C:\Users\jk\AppData\Local\{5E784052-C914-475B-9724-234D993DF3BF} 2012-06-25 04:57:32 -------- d-----w- C:\Users\jk\AppData\Local\{B57FD7E1-66E5-4423-9267-E5378B6D6805} 2012-06-25 04:34:47 -------- d-----w- C:\Users\jk\AppData\Local\{3B814F19-51A3-453A-B5CE-1FF3243C8AFE} 2012-06-25 04:29:51 -------- d-----w- C:\Program Files\Propellerhead 2012-06-25 04:20:46 -------- d-----w- C:\Users\jk\AppData\Local\{7B08C4D7-EB26-4D3F-B159-8A7E9F828EC4} 2012-06-25 04:20:35 -------- d-----w- C:\Users\jk\AppData\Local\{F6494445-2394-4690-8315-190570531CAC} 2012-06-25 04:20:05 -------- d-----w- C:\Windows\en 2012-06-25 04:17:53 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DSETUP.dll 2012-06-25 04:17:53 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DXSETUP.exe 2012-06-25 04:17:53 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\dsetup32.dll 2012-06-25 04:17:53 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d9109691cd528904\MeshBetaRemover.exe 2012-06-25 04:17:50 -------- d-----w- C:\Users\jk\AppData\Local\{49FDB53B-913D-4006-9A5D-B6E9BDFF1758} 2012-06-25 04:17:28 -------- d-----w- C:\Users\jk\AppData\Local\{EFE55C35-B71B-4689-A69B-9286A6849D39} 2012-06-25 04:17:17 -------- d-----w- C:\Users\jk\AppData\Local\{B6D6D538-01D2-4EEB-B205-AFE7454273F0} 2012-06-25 04:16:59 -------- d-----w- C:\Users\jk\AppData\Local\{ACBF606D-B58A-4FD1-B272-5068D988BBA6} 2012-06-25 04:16:48 -------- d-----w- C:\Users\jk\AppData\Local\{A51BFA65-CB7E-4E8C-B546-0491F6BB3392} 2012-06-25 02:19:23 -------- d-----w- C:\Users\jk\AppData\Local\{983262F3-0973-4D01-B813-C55B6BD3C3E6} 2012-06-23 00:25:14 -------- d-----w- C:\Users\jk\AppData\Local\{78A560EC-DA11-421C-80FC-6E2F3B0D8016} 2012-06-21 19:19:03 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 19:18:51 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 19:18:43 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 19:18:43 186752 ----a-w- C:\Windows\System32\wuwebv.dll . ==================== Find3M ==================== . 2012-07-16 18:53:06 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-16 18:53:06 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-05-05 02:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-30 21:47:34 525544 ----a-w- C:\Windows\System32\deployJava1.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 17:32:19.01 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.