gr8nw
-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by gr8nw
-
-
My CPU is fine, and it was fine before, I just did a random scan and AVG found that so I decided to make a post on here. I think it said Quarantine the first time I did a scan
I dont know what this folder is but its located on C:/FRST/ then theres 3 folders (Hives, Logs, Quarantine) and file named "softdebug" Should I throw the folder in the trash and delete? I dont know what this same file keeps coming up when I scan with AVG.
I ran a scan again says 1 infection and that its not been removed or healed
Options are: View details, removed selected and remove all unhealed
-
Alright AVG found it again.....This is what it says....
C:/FRST/Quarantine/services.exe Trojan horse patched_c.LXT
-
Computer was running fine before, i just decided to run a scan using AVG and it found that trojan thats in the description and Malware found nothing after I did AVG. Here is the newest Malware report log. Ill run AVG again after I post this...
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.15.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jk :: JK-HP [administrator]
8/15/2012 3:17:24 PM
mbam-log-2012-08-15 (15-17-24).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216726
Time elapsed: 1 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
ComboFix 12-08-15.01 - jk 08/15/2012 13:58:37.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4292 [GMT -7:00]
Running from: c:\users\jk\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-07-15 to 2012-08-15 )))))))))))))))))))))))))))))))
.
.
2012-08-15 21:01 . 2012-08-15 21:01 -------- d-----w- c:\users\Mcx1-JK-HP\AppData\Local\temp
2012-08-15 21:01 . 2012-08-15 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-14 19:20 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-14 19:20 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-14 19:20 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-14 19:20 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-14 19:20 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-14 19:20 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-14 19:20 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-14 19:20 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 19:20 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-14 19:20 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-14 19:20 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-14 19:20 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-11 05:03 . 2012-08-11 05:03 -------- d-----w- c:\users\jk\AppData\Local\HP
2012-07-29 20:24 . 2012-07-29 20:24 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-21 03:37 . 2012-07-21 03:37 -------- d-----w- C:\FRST
2012-07-20 22:20 . 2012-07-20 23:36 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-20 22:12 . 2012-07-20 22:12 -------- d-----w- c:\users\jk\AppData\Roaming\RedDotGames
2012-07-20 22:10 . 2009-09-05 00:44 238936 ----a-w- c:\windows\SysWow64\xactengine3_5.dll
2012-07-20 21:56 . 2012-07-20 21:56 -------- d-----w- c:\program files (x86)\DVD Decrypter
2012-07-20 19:32 . 2012-07-20 21:52 -------- d-----w- c:\users\jk\AppData\Roaming\mIRC
2012-07-20 19:32 . 2012-07-20 19:32 -------- d-----w- c:\program files (x86)\mIRC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-14 20:36 . 2012-01-03 18:59 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 20:46 . 2012-05-11 00:27 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-09 05:43 . 2012-07-10 22:37 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-10 22:37 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-10 22:37 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-10 22:37 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-10 22:37 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-10 22:37 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-10 22:37 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 19:18 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 19:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 19:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 19:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 19:18 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-21 19:18 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 19:19 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 19:18 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-21 19:18 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-10 22:37 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-10 22:37 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-10 22:37 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-10 22:37 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-10 22:37 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-10 22:37 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-10 22:37 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-10 22:37 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-10 22:37 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-02-28 3474840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-09 85560]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-08-13 31152]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-21 1255736]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001Core.job
- c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001UA.job
- c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08]
.
2012-08-13 c:\windows\Tasks\HPCeeScheduleForjk.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-25 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-25 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-25 418584]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{34681D92-5958-406A-A654-1B57E7A7B3DC} - c:\program files (x86)\InstallShield Installation Information\{34681D92-5958-406A-A654-1B57E7A7B3DC}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):d3,3d,89,7c,db,c5,71,e8,73,47,b8,b8,59,ba,c3,67,18,e2,ca,f4,44,
18,1c,99,60,f6,08,4b,52,1d,78,7d,e9,9b,ae,cc,50,2a,65,b0,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7efc96ed-aa46-4e9d-a2a5-9e04fc4742d4}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000052
"Therad"=dword:0000001d
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-08-15 14:06:10 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-15 21:06
.
Pre-Run: 807,303,467,008 bytes free
Post-Run: 807,087,624,192 bytes free
.
- - End Of File - - 35FD9AD438D31A3116CC06C1A86C45B8
-
13:13:58.0052 3472 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
13:13:58.0536 3472 ============================================================
13:13:58.0536 3472 Current date / time: 2012/08/15 13:13:58.0536
13:13:58.0536 3472 SystemInfo:
13:13:58.0536 3472
13:13:58.0536 3472 OS Version: 6.1.7601 ServicePack: 1.0
13:13:58.0536 3472 Product type: Workstation
13:13:58.0536 3472 ComputerName: JK-HP
13:13:58.0536 3472 UserName: jk
13:13:58.0536 3472 Windows directory: C:\Windows
13:13:58.0536 3472 System windows directory: C:\Windows
13:13:58.0536 3472 Running under WOW64
13:13:58.0536 3472 Processor architecture: Intel x64
13:13:58.0536 3472 Number of processors: 4
13:13:58.0536 3472 Page size: 0x1000
13:13:58.0536 3472 Boot type: Normal boot
13:13:58.0536 3472 ============================================================
13:13:58.0957 3472 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:13:58.0973 3472 ============================================================
13:13:58.0973 3472 \Device\Harddisk0\DR0:
13:13:58.0988 3472 MBR partitions:
13:13:58.0988 3472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:13:58.0988 3472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F78000
13:13:58.0988 3472 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72FAA800, BlocksNum 0x175B800
13:13:58.0988 3472 ============================================================
13:13:59.0051 3472 C: <-> \Device\Harddisk0\DR0\Partition2
13:13:59.0098 3472 D: <-> \Device\Harddisk0\DR0\Partition3
13:13:59.0098 3472 ============================================================
13:13:59.0098 3472 Initialize success
13:13:59.0098 3472 ============================================================
13:14:37.0240 2456 ============================================================
13:14:37.0240 2456 Scan started
13:14:37.0240 2456 Mode: Manual; SigCheck; TDLFS;
13:14:37.0240 2456 ============================================================
13:14:37.0739 2456 ================ Scan services =============================
13:14:37.0895 2456 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:14:38.0004 2456 1394ohci - ok
13:14:38.0020 2456 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:14:38.0035 2456 ACPI - ok
13:14:38.0066 2456 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:14:38.0160 2456 AcpiPmi - ok
13:14:38.0191 2456 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:14:38.0207 2456 adp94xx - ok
13:14:38.0222 2456 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:14:38.0238 2456 adpahci - ok
13:14:38.0269 2456 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:14:38.0285 2456 adpu320 - ok
13:14:38.0300 2456 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:14:38.0410 2456 AeLookupSvc - ok
13:14:38.0441 2456 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:14:38.0472 2456 AFD - ok
13:14:38.0488 2456 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:14:38.0503 2456 agp440 - ok
13:14:38.0534 2456 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
13:14:38.0550 2456 ALG - ok
13:14:38.0581 2456 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:14:38.0597 2456 aliide - ok
13:14:38.0597 2456 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
13:14:38.0612 2456 amdide - ok
13:14:38.0628 2456 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:14:38.0644 2456 AmdK8 - ok
13:14:38.0644 2456 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:14:38.0675 2456 AmdPPM - ok
13:14:38.0690 2456 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:14:38.0706 2456 amdsata - ok
13:14:38.0737 2456 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:14:38.0737 2456 amdsbs - ok
13:14:38.0768 2456 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:14:38.0768 2456 amdxata - ok
13:14:38.0800 2456 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
13:14:38.0862 2456 AppID - ok
13:14:38.0878 2456 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:14:38.0924 2456 AppIDSvc - ok
13:14:38.0924 2456 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:14:38.0971 2456 Appinfo - ok
13:14:39.0112 2456 [ 3debbecf665dcdde3a95d9b902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:14:39.0112 2456 Apple Mobile Device - ok
13:14:39.0268 2456 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
13:14:39.0283 2456 arc - ok
13:14:39.0299 2456 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:14:39.0314 2456 arcsas - ok
13:14:39.0408 2456 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:14:39.0408 2456 aspnet_state - ok
13:14:39.0424 2456 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:14:39.0470 2456 AsyncMac - ok
13:14:39.0486 2456 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
13:14:39.0486 2456 atapi - ok
13:14:39.0533 2456 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:14:39.0580 2456 AudioEndpointBuilder - ok
13:14:39.0595 2456 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:14:39.0642 2456 AudioSrv - ok
13:14:39.0782 2456 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
13:14:39.0878 2456 AVGIDSAgent - ok
13:14:39.0909 2456 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:14:39.0909 2456 AVGIDSDriver - ok
13:14:39.0925 2456 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
13:14:39.0940 2456 AVGIDSFilter - ok
13:14:39.0972 2456 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
13:14:39.0972 2456 AVGIDSHA - ok
13:14:39.0987 2456 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
13:14:40.0003 2456 Avgldx64 - ok
13:14:40.0018 2456 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
13:14:40.0034 2456 Avgmfx64 - ok
13:14:40.0065 2456 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
13:14:40.0081 2456 Avgrkx64 - ok
13:14:40.0096 2456 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
13:14:40.0112 2456 Avgtdia - ok
13:14:40.0128 2456 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
13:14:40.0143 2456 avgwd - ok
13:14:40.0174 2456 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:14:40.0237 2456 AxInstSV - ok
13:14:40.0252 2456 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:14:40.0284 2456 b06bdrv - ok
13:14:40.0315 2456 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:14:40.0330 2456 b57nd60a - ok
13:14:40.0393 2456 [ 93ee7d9c35ae7e9ffda148d7805f1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:14:40.0408 2456 BBSvc - ok
13:14:40.0424 2456 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:14:40.0455 2456 BDESVC - ok
13:14:40.0455 2456 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:14:40.0502 2456 Beep - ok
13:14:40.0533 2456 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
13:14:40.0564 2456 BFE - ok
13:14:40.0596 2456 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll
13:14:40.0642 2456 BITS - ok
13:14:40.0674 2456 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:14:40.0674 2456 blbdrive - ok
13:14:40.0736 2456 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:14:40.0752 2456 Bonjour Service - ok
13:14:40.0783 2456 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:14:40.0814 2456 bowser - ok
13:14:40.0845 2456 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:14:40.0876 2456 BrFiltLo - ok
13:14:40.0892 2456 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:14:40.0908 2456 BrFiltUp - ok
13:14:40.0970 2456 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:14:41.0001 2456 BridgeMP - ok
13:14:41.0032 2456 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
13:14:41.0032 2456 Browser - ok
13:14:41.0048 2456 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:14:41.0064 2456 Brserid - ok
13:14:41.0110 2456 [ 80e52ef092f3dad03e0ee15e64f97245 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
13:14:41.0126 2456 BrSerIf - ok
13:14:41.0142 2456 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:14:41.0173 2456 BrSerWdm - ok
13:14:41.0173 2456 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:14:41.0188 2456 BrUsbMdm - ok
13:14:41.0204 2456 [ 601cb966fffebc6806626dc8e7aa0ef2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
13:14:41.0220 2456 BrUsbSer - ok
13:14:41.0235 2456 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:14:41.0251 2456 BTHMODEM - ok
13:14:41.0266 2456 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
13:14:41.0313 2456 bthserv - ok
13:14:41.0329 2456 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:14:41.0344 2456 cdfs - ok
13:14:41.0360 2456 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:14:41.0391 2456 cdrom - ok
13:14:41.0407 2456 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
13:14:41.0438 2456 CertPropSvc - ok
13:14:41.0454 2456 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
13:14:41.0469 2456 circlass - ok
13:14:41.0485 2456 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
13:14:41.0485 2456 CLFS - ok
13:14:41.0532 2456 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:14:41.0532 2456 clr_optimization_v2.0.50727_32 - ok
13:14:41.0578 2456 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:14:41.0578 2456 clr_optimization_v2.0.50727_64 - ok
13:14:41.0641 2456 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:14:41.0656 2456 clr_optimization_v4.0.30319_32 - ok
13:14:41.0672 2456 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:14:41.0688 2456 clr_optimization_v4.0.30319_64 - ok
13:14:41.0703 2456 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:14:41.0719 2456 CmBatt - ok
13:14:41.0734 2456 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:14:41.0750 2456 cmdide - ok
13:14:41.0781 2456 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
13:14:41.0812 2456 CNG - ok
13:14:41.0812 2456 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:14:41.0828 2456 Compbatt - ok
13:14:41.0844 2456 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:14:41.0844 2456 CompositeBus - ok
13:14:41.0844 2456 COMSysApp - ok
13:14:41.0859 2456 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:14:41.0859 2456 crcdisk - ok
13:14:41.0906 2456 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:14:41.0937 2456 CryptSvc - ok
13:14:41.0968 2456 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:14:42.0031 2456 DcomLaunch - ok
13:14:42.0062 2456 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
13:14:42.0109 2456 defragsvc - ok
13:14:42.0140 2456 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:14:42.0171 2456 DfsC - ok
13:14:42.0202 2456 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
13:14:42.0234 2456 Dhcp - ok
13:14:42.0249 2456 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
13:14:42.0280 2456 discache - ok
13:14:42.0312 2456 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
13:14:42.0312 2456 Disk - ok
13:14:42.0343 2456 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:14:42.0374 2456 Dnscache - ok
13:14:42.0390 2456 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:14:42.0436 2456 dot3svc - ok
13:14:42.0436 2456 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
13:14:42.0483 2456 DPS - ok
13:14:42.0514 2456 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:14:42.0530 2456 drmkaud - ok
13:14:42.0561 2456 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:14:42.0592 2456 DXGKrnl - ok
13:14:42.0592 2456 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:14:42.0639 2456 EapHost - ok
13:14:42.0686 2456 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:14:42.0717 2456 ebdrv - ok
13:14:42.0748 2456 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
13:14:42.0748 2456 EFS - ok
13:14:42.0811 2456 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:14:42.0842 2456 ehRecvr - ok
13:14:42.0858 2456 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
13:14:42.0873 2456 ehSched - ok
13:14:42.0904 2456 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:14:42.0936 2456 elxstor - ok
13:14:42.0951 2456 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:14:42.0967 2456 ErrDev - ok
13:14:43.0029 2456 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
13:14:43.0076 2456 EventSystem - ok
13:14:43.0092 2456 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
13:14:43.0123 2456 exfat - ok
13:14:43.0138 2456 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:14:43.0170 2456 fastfat - ok
13:14:43.0185 2456 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
13:14:43.0216 2456 Fax - ok
13:14:43.0232 2456 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
13:14:43.0248 2456 fdc - ok
13:14:43.0279 2456 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:14:43.0310 2456 fdPHost - ok
13:14:43.0310 2456 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:14:43.0341 2456 FDResPub - ok
13:14:43.0341 2456 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:14:43.0357 2456 FileInfo - ok
13:14:43.0357 2456 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:14:43.0388 2456 Filetrace - ok
13:14:43.0419 2456 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:14:43.0419 2456 flpydisk - ok
13:14:43.0435 2456 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:14:43.0450 2456 FltMgr - ok
13:14:43.0482 2456 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
13:14:43.0513 2456 FontCache - ok
13:14:43.0560 2456 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:14:43.0560 2456 FontCache3.0.0.0 - ok
13:14:43.0591 2456 [ 71cdc1d7f58d5ec49ebc2e2332ad3fae ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
13:14:43.0606 2456 FPLService - ok
13:14:43.0622 2456 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:14:43.0622 2456 FsDepends - ok
13:14:43.0638 2456 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:14:43.0653 2456 Fs_Rec - ok
13:14:43.0684 2456 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:14:43.0684 2456 fvevol - ok
13:14:43.0716 2456 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:14:43.0716 2456 gagp30kx - ok
13:14:43.0747 2456 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:14:43.0762 2456 GamesAppService - ok
13:14:43.0778 2456 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:14:43.0778 2456 GEARAspiWDM - ok
13:14:43.0840 2456 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
13:14:43.0872 2456 gpsvc - ok
13:14:43.0903 2456 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:14:43.0934 2456 hcw85cir - ok
13:14:43.0965 2456 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:14:43.0981 2456 HdAudAddService - ok
13:14:44.0012 2456 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:14:44.0043 2456 HDAudBus - ok
13:14:44.0059 2456 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:14:44.0074 2456 HidBatt - ok
13:14:44.0090 2456 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:14:44.0121 2456 HidBth - ok
13:14:44.0168 2456 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:14:44.0199 2456 HidIr - ok
13:14:44.0215 2456 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
13:14:44.0246 2456 hidserv - ok
13:14:44.0308 2456 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:14:44.0324 2456 HidUsb - ok
13:14:44.0371 2456 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:14:44.0402 2456 hkmsvc - ok
13:14:44.0433 2456 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:14:44.0464 2456 HomeGroupListener - ok
13:14:44.0480 2456 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:14:44.0496 2456 HomeGroupProvider - ok
13:14:44.0542 2456 [ 531d1843c7a411f4e41ec6786f291e5f ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:14:44.0558 2456 HP Support Assistant Service - ok
13:14:44.0589 2456 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:14:44.0605 2456 HPClientSvc - ok
13:14:44.0636 2456 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:14:44.0636 2456 HPDrvMntSvc.exe - ok
13:14:44.0683 2456 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:14:44.0714 2456 hpqwmiex - ok
13:14:44.0730 2456 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:14:44.0745 2456 HpSAMD - ok
13:14:44.0776 2456 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:14:44.0823 2456 HTTP - ok
13:14:44.0839 2456 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:14:44.0839 2456 hwpolicy - ok
13:14:44.0854 2456 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:14:44.0870 2456 i8042prt - ok
13:14:44.0886 2456 [ 26cf4275034214ecedd8ec17b0a18a99 ] iaStor C:\Windows\system32\drivers\iaStor.sys
13:14:44.0901 2456 iaStor - ok
13:14:44.0917 2456 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:14:44.0932 2456 iaStorV - ok
13:14:44.0979 2456 [ 5534e14ef27ebe8563cdbce6b88501a3 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
13:14:44.0995 2456 IDMWFP - ok
13:14:45.0042 2456 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:14:45.0057 2456 idsvc - ok
13:14:45.0244 2456 [ efe5a0af39a8e179624117c521f1e012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:14:45.0369 2456 igfx - ok
13:14:45.0400 2456 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:14:45.0416 2456 iirsp - ok
13:14:45.0447 2456 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
13:14:45.0478 2456 IKEEXT - ok
13:14:45.0494 2456 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
13:14:45.0510 2456 Impcd - ok
13:14:45.0572 2456 [ c7124da48e557d8f88d0d7f1254557f4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:14:45.0619 2456 IntcAzAudAddService - ok
13:14:45.0634 2456 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
13:14:45.0650 2456 intelide - ok
13:14:45.0666 2456 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:14:45.0681 2456 intelppm - ok
13:14:45.0712 2456 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:14:45.0759 2456 IPBusEnum - ok
13:14:45.0759 2456 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:14:45.0790 2456 IpFilterDriver - ok
13:14:45.0822 2456 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:14:45.0853 2456 iphlpsvc - ok
13:14:45.0884 2456 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:14:45.0900 2456 IPMIDRV - ok
13:14:45.0915 2456 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:14:45.0931 2456 IPNAT - ok
13:14:45.0978 2456 [ ee4c2a137c7088911a8919effc9812e7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:14:46.0009 2456 iPod Service - ok
13:14:46.0024 2456 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:14:46.0040 2456 IRENUM - ok
13:14:46.0040 2456 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:14:46.0056 2456 isapnp - ok
13:14:46.0071 2456 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:14:46.0071 2456 iScsiPrt - ok
13:14:46.0118 2456 [ 6c85719a21b3f62c2c76280f4bd36c7b ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
13:14:46.0149 2456 jhi_service - ok
13:14:46.0165 2456 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:14:46.0180 2456 kbdclass - ok
13:14:46.0180 2456 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:14:46.0196 2456 kbdhid - ok
13:14:46.0212 2456 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
13:14:46.0212 2456 KeyIso - ok
13:14:46.0243 2456 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:14:46.0258 2456 KSecDD - ok
13:14:46.0258 2456 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:14:46.0274 2456 KSecPkg - ok
13:14:46.0274 2456 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:14:46.0305 2456 ksthunk - ok
13:14:46.0336 2456 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
13:14:46.0383 2456 KtmRm - ok
13:14:46.0399 2456 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:14:46.0430 2456 LanmanServer - ok
13:14:46.0446 2456 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:14:46.0477 2456 LanmanWorkstation - ok
13:14:46.0508 2456 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:14:46.0555 2456 lltdio - ok
13:14:46.0570 2456 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:14:46.0602 2456 lltdsvc - ok
13:14:46.0617 2456 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:14:46.0633 2456 lmhosts - ok
13:14:46.0680 2456 [ d75c4b4a8fe6d7fd74a7eecdbaec729f ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:14:46.0680 2456 LMS - ok
13:14:46.0695 2456 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:14:46.0711 2456 LSI_FC - ok
13:14:46.0726 2456 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:14:46.0726 2456 LSI_SAS - ok
13:14:46.0742 2456 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:14:46.0742 2456 LSI_SAS2 - ok
13:14:46.0758 2456 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:14:46.0758 2456 LSI_SCSI - ok
13:14:46.0773 2456 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
13:14:46.0804 2456 luafv - ok
13:14:46.0851 2456 [ 0c85b2b6fb74b36a251792d45e0ef860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
13:14:46.0867 2456 LVRS64 - ok
13:14:46.0976 2456 [ ff3a488924b0032b1a9ca6948c1fa9e8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
13:14:47.0023 2456 LVUVC64 - ok
13:14:47.0070 2456 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:14:47.0085 2456 MBAMProtector - ok
13:14:47.0132 2456 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:14:47.0163 2456 MBAMService - ok
13:14:47.0179 2456 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:14:47.0194 2456 Mcx2Svc - ok
13:14:47.0194 2456 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:14:47.0210 2456 megasas - ok
13:14:47.0226 2456 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:14:47.0241 2456 MegaSR - ok
13:14:47.0257 2456 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
13:14:47.0257 2456 MEIx64 - ok
13:14:47.0272 2456 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
13:14:47.0304 2456 MMCSS - ok
13:14:47.0319 2456 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:14:47.0335 2456 Modem - ok
13:14:47.0366 2456 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:14:47.0382 2456 monitor - ok
13:14:47.0397 2456 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:14:47.0413 2456 mouclass - ok
13:14:47.0428 2456 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:14:47.0444 2456 mouhid - ok
13:14:47.0460 2456 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:14:47.0475 2456 mountmgr - ok
13:14:47.0522 2456 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:14:47.0538 2456 MozillaMaintenance - ok
13:14:47.0553 2456 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:14:47.0553 2456 mpio - ok
13:14:47.0569 2456 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:14:47.0584 2456 mpsdrv - ok
13:14:47.0647 2456 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:14:47.0709 2456 MpsSvc - ok
13:14:47.0725 2456 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:14:47.0740 2456 MRxDAV - ok
13:14:47.0756 2456 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:14:47.0787 2456 mrxsmb - ok
13:14:47.0787 2456 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:14:47.0803 2456 mrxsmb10 - ok
13:14:47.0803 2456 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:14:47.0818 2456 mrxsmb20 - ok
13:14:47.0834 2456 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:14:47.0834 2456 msahci - ok
13:14:47.0865 2456 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:14:47.0865 2456 msdsm - ok
13:14:47.0881 2456 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
13:14:47.0896 2456 MSDTC - ok
13:14:47.0912 2456 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:14:47.0928 2456 Msfs - ok
13:14:47.0943 2456 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:14:47.0974 2456 mshidkmdf - ok
13:14:47.0974 2456 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:14:47.0990 2456 msisadrv - ok
13:14:48.0006 2456 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:14:48.0037 2456 MSiSCSI - ok
13:14:48.0037 2456 msiserver - ok
13:14:48.0052 2456 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:14:48.0084 2456 MSKSSRV - ok
13:14:48.0084 2456 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:14:48.0115 2456 MSPCLOCK - ok
13:14:48.0130 2456 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:14:48.0162 2456 MSPQM - ok
13:14:48.0177 2456 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:14:48.0193 2456 MsRPC - ok
13:14:48.0193 2456 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:14:48.0208 2456 mssmbios - ok
13:14:48.0208 2456 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:14:48.0240 2456 MSTEE - ok
13:14:48.0240 2456 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:14:48.0255 2456 MTConfig - ok
13:14:48.0255 2456 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:14:48.0271 2456 Mup - ok
13:14:48.0302 2456 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
13:14:48.0333 2456 napagent - ok
13:14:48.0349 2456 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:14:48.0364 2456 NativeWifiP - ok
13:14:48.0396 2456 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
13:14:48.0411 2456 NDIS - ok
13:14:48.0427 2456 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:14:48.0458 2456 NdisCap - ok
13:14:48.0474 2456 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:14:48.0505 2456 NdisTapi - ok
13:14:48.0520 2456 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:14:48.0552 2456 Ndisuio - ok
13:14:48.0567 2456 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:14:48.0598 2456 NdisWan - ok
13:14:48.0598 2456 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:14:48.0630 2456 NDProxy - ok
13:14:48.0630 2456 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:14:48.0661 2456 NetBIOS - ok
13:14:48.0676 2456 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:14:48.0708 2456 NetBT - ok
13:14:48.0708 2456 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
13:14:48.0708 2456 Netlogon - ok
13:14:48.0723 2456 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
13:14:48.0770 2456 Netman - ok
13:14:48.0801 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:48.0817 2456 NetMsmqActivator - ok
13:14:48.0817 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:48.0817 2456 NetPipeActivator - ok
13:14:48.0832 2456 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
13:14:48.0864 2456 netprofm - ok
13:14:48.0910 2456 [ 8b5d2d7cb0ef5b1967860b8ab742a46c ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
13:14:48.0926 2456 netr28x - ok
13:14:48.0926 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:48.0942 2456 NetTcpActivator - ok
13:14:48.0942 2456 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:48.0957 2456 NetTcpPortSharing - ok
13:14:48.0973 2456 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:14:48.0973 2456 nfrd960 - ok
13:14:49.0004 2456 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:14:49.0035 2456 NlaSvc - ok
13:14:49.0113 2456 [ 5839a8027d6d324a7cd494051a96628c ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
13:14:49.0160 2456 NOBU - ok
13:14:49.0176 2456 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:14:49.0207 2456 Npfs - ok
13:14:49.0269 2456 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:14:49.0316 2456 nsi - ok
13:14:49.0332 2456 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:14:49.0363 2456 nsiproxy - ok
13:14:49.0425 2456 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:14:49.0456 2456 Ntfs - ok
13:14:49.0472 2456 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
13:14:49.0488 2456 Null - ok
13:14:49.0519 2456 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:14:49.0534 2456 nvraid - ok
13:14:49.0534 2456 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:14:49.0550 2456 nvstor - ok
13:14:49.0566 2456 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:14:49.0581 2456 nv_agp - ok
13:14:49.0597 2456 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:14:49.0597 2456 ohci1394 - ok
13:14:49.0628 2456 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:14:49.0659 2456 p2pimsvc - ok
13:14:49.0675 2456 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:14:49.0690 2456 p2psvc - ok
13:14:49.0706 2456 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:14:49.0722 2456 Parport - ok
13:14:49.0753 2456 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:14:49.0753 2456 partmgr - ok
13:14:49.0768 2456 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:14:49.0800 2456 PcaSvc - ok
13:14:49.0800 2456 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
13:14:49.0815 2456 pci - ok
13:14:49.0831 2456 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
13:14:49.0846 2456 pciide - ok
13:14:49.0862 2456 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:14:49.0878 2456 pcmcia - ok
13:14:49.0893 2456 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:14:49.0893 2456 pcw - ok
13:14:49.0924 2456 pdfcDispatcher - ok
13:14:49.0940 2456 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:14:49.0971 2456 PEAUTH - ok
13:14:50.0034 2456 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:14:50.0065 2456 PerfHost - ok
13:14:50.0112 2456 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
13:14:50.0158 2456 pla - ok
13:14:50.0190 2456 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:14:50.0205 2456 PlugPlay - ok
13:14:50.0236 2456 [ 0bee791c7c7ace453c134e73633c497d ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
13:14:50.0236 2456 pmxdrv - ok
13:14:50.0252 2456 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:14:50.0268 2456 PNRPAutoReg - ok
13:14:50.0283 2456 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:14:50.0283 2456 PNRPsvc - ok
13:14:50.0314 2456 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:14:50.0346 2456 PolicyAgent - ok
13:14:50.0377 2456 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
13:14:50.0408 2456 Power - ok
13:14:50.0439 2456 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:14:50.0470 2456 PptpMiniport - ok
13:14:50.0470 2456 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
13:14:50.0486 2456 Processor - ok
13:14:50.0517 2456 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:14:50.0548 2456 ProfSvc - ok
13:14:50.0548 2456 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:14:50.0564 2456 ProtectedStorage - ok
13:14:50.0564 2456 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:14:50.0611 2456 Psched - ok
13:14:50.0642 2456 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:14:50.0673 2456 ql2300 - ok
13:14:50.0689 2456 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:14:50.0704 2456 ql40xx - ok
13:14:50.0720 2456 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
13:14:50.0736 2456 QWAVE - ok
13:14:50.0736 2456 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:14:50.0767 2456 QWAVEdrv - ok
13:14:50.0782 2456 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:14:50.0814 2456 RasAcd - ok
13:14:50.0829 2456 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:14:50.0860 2456 RasAgileVpn - ok
13:14:50.0860 2456 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
13:14:50.0892 2456 RasAuto - ok
13:14:50.0907 2456 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:14:50.0938 2456 Rasl2tp - ok
13:14:50.0954 2456 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
13:14:50.0970 2456 RasMan - ok
13:14:50.0985 2456 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:14:51.0016 2456 RasPppoe - ok
13:14:51.0032 2456 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:14:51.0063 2456 RasSstp - ok
13:14:51.0079 2456 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:14:51.0094 2456 rdbss - ok
13:14:51.0110 2456 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:14:51.0141 2456 rdpbus - ok
13:14:51.0141 2456 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:14:51.0172 2456 RDPCDD - ok
13:14:51.0172 2456 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:14:51.0204 2456 RDPENCDD - ok
13:14:51.0219 2456 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:14:51.0250 2456 RDPREFMP - ok
13:14:51.0266 2456 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:14:51.0282 2456 RDPWD - ok
13:14:51.0297 2456 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:14:51.0313 2456 rdyboost - ok
13:14:51.0328 2456 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:14:51.0360 2456 RemoteAccess - ok
13:14:51.0375 2456 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:14:51.0406 2456 RemoteRegistry - ok
13:14:51.0422 2456 [ 085d18c71ab2611a3d61528132b6501e ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
13:14:51.0438 2456 RoxioNow Service - ok
13:14:51.0453 2456 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:14:51.0484 2456 RpcEptMapper - ok
13:14:51.0500 2456 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
13:14:51.0500 2456 RpcLocator - ok
13:14:51.0531 2456 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
13:14:51.0547 2456 RpcSs - ok
13:14:51.0562 2456 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:14:51.0594 2456 rspndr - ok
13:14:51.0625 2456 [ f4c374b1c46de294b573bb43723ac3f6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:14:51.0625 2456 RTL8167 - ok
13:14:51.0640 2456 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
13:14:51.0656 2456 SamSs - ok
13:14:51.0656 2456 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:14:51.0672 2456 sbp2port - ok
13:14:51.0687 2456 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:14:51.0703 2456 SCardSvr - ok
13:14:51.0703 2456 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:14:51.0750 2456 scfilter - ok
13:14:51.0765 2456 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
13:14:51.0812 2456 Schedule - ok
13:14:51.0843 2456 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
13:14:51.0859 2456 SCPolicySvc - ok
13:14:51.0874 2456 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:14:51.0874 2456 SDRSVC - ok
13:14:51.0921 2456 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:14:51.0937 2456 SeaPort - ok
13:14:51.0952 2456 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:14:51.0984 2456 secdrv - ok
13:14:51.0999 2456 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
13:14:52.0030 2456 seclogon - ok
13:14:52.0046 2456 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
13:14:52.0077 2456 SENS - ok
13:14:52.0093 2456 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:14:52.0108 2456 SensrSvc - ok
13:14:52.0108 2456 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
13:14:52.0124 2456 Serenum - ok
13:14:52.0140 2456 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
13:14:52.0155 2456 Serial - ok
13:14:52.0171 2456 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:14:52.0202 2456 sermouse - ok
13:14:52.0233 2456 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:14:52.0264 2456 SessionEnv - ok
13:14:52.0264 2456 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:14:52.0280 2456 sffdisk - ok
13:14:52.0280 2456 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:14:52.0311 2456 sffp_mmc - ok
13:14:52.0327 2456 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:14:52.0327 2456 sffp_sd - ok
13:14:52.0342 2456 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:14:52.0358 2456 sfloppy - ok
13:14:52.0389 2456 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:14:52.0420 2456 SharedAccess - ok
13:14:52.0436 2456 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:14:52.0467 2456 ShellHWDetection - ok
13:14:52.0483 2456 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:14:52.0483 2456 SiSRaid2 - ok
13:14:52.0498 2456 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:14:52.0498 2456 SiSRaid4 - ok
13:14:52.0545 2456 [ 17eab7852ff9f15fbaab4e95efc0b812 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:14:52.0561 2456 SkypeUpdate - ok
13:14:52.0576 2456 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:14:52.0623 2456 Smb - ok
13:14:52.0639 2456 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:14:52.0654 2456 SNMPTRAP - ok
13:14:52.0670 2456 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:14:52.0670 2456 spldr - ok
13:14:52.0701 2456 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:14:52.0717 2456 Spooler - ok
13:14:52.0779 2456 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
13:14:52.0857 2456 sppsvc - ok
13:14:52.0857 2456 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:14:52.0888 2456 sppuinotify - ok
13:14:52.0904 2456 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
13:14:52.0935 2456 srv - ok
13:14:52.0951 2456 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:14:52.0982 2456 srv2 - ok
13:14:52.0998 2456 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:14:52.0998 2456 srvnet - ok
13:14:53.0029 2456 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:14:53.0060 2456 SSDPSRV - ok
13:14:53.0076 2456 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:14:53.0107 2456 SstpSvc - ok
13:14:53.0107 2456 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:14:53.0107 2456 stexstor - ok
13:14:53.0138 2456 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
13:14:53.0154 2456 stisvc - ok
13:14:53.0185 2456 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:14:53.0185 2456 swenum - ok
13:14:53.0200 2456 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
13:14:53.0232 2456 swprv - ok
13:14:53.0263 2456 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
13:14:53.0310 2456 SysMain - ok
13:14:53.0310 2456 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:14:53.0325 2456 TabletInputService - ok
13:14:53.0341 2456 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:14:53.0388 2456 TapiSrv - ok
13:14:53.0403 2456 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
13:14:53.0419 2456 TBS - ok
13:14:53.0466 2456 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:14:53.0481 2456 Tcpip - ok
13:14:53.0512 2456 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:14:53.0544 2456 TCPIP6 - ok
13:14:53.0559 2456 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:14:53.0590 2456 tcpipreg - ok
13:14:53.0606 2456 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:14:53.0622 2456 TDPIPE - ok
13:14:53.0653 2456 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:14:53.0668 2456 TDTCP - ok
13:14:53.0684 2456 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:14:53.0715 2456 tdx - ok
13:14:53.0746 2456 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:14:53.0746 2456 TermDD - ok
13:14:53.0778 2456 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
13:14:53.0809 2456 TermService - ok
13:14:53.0824 2456 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
13:14:53.0840 2456 Themes - ok
13:14:53.0856 2456 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
13:14:53.0887 2456 THREADORDER - ok
13:14:53.0887 2456 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
13:14:53.0918 2456 TrkWks - ok
13:14:53.0949 2456 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:14:53.0965 2456 TrustedInstaller - ok
13:14:53.0980 2456 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:14:54.0012 2456 tssecsrv - ok
13:14:54.0012 2456 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:14:54.0027 2456 TsUsbFlt - ok
13:14:54.0043 2456 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:14:54.0043 2456 TsUsbGD - ok
13:14:54.0074 2456 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:14:54.0105 2456 tunnel - ok
13:14:54.0121 2456 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:14:54.0121 2456 uagp35 - ok
13:14:54.0136 2456 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:14:54.0168 2456 udfs - ok
13:14:54.0199 2456 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:14:54.0214 2456 UI0Detect - ok
13:14:54.0230 2456 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:14:54.0230 2456 uliagpkx - ok
13:14:54.0261 2456 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:14:54.0277 2456 umbus - ok
13:14:54.0292 2456 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:14:54.0324 2456 UmPass - ok
13:14:54.0480 2456 [ 67a95b9d129ed5399e7965cd09cf30e7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:14:54.0495 2456 UMVPFSrv - ok
13:14:54.0636 2456 [ 758c2ce427c343f780a205e28555c98d ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:14:54.0667 2456 UNS - ok
13:14:54.0714 2456 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
13:14:54.0776 2456 upnphost - ok
13:14:54.0792 2456 [ aa33fc47ed58c34e6e9261e4f850b7eb ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:14:54.0807 2456 USBAAPL64 - ok
13:14:54.0870 2456 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:14:54.0901 2456 usbaudio - ok
13:14:54.0932 2456 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:14:54.0948 2456 usbccgp - ok
13:14:54.0979 2456 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:14:54.0994 2456 usbcir - ok
13:14:54.0994 2456 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:14:55.0010 2456 usbehci - ok
13:14:55.0026 2456 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:14:55.0041 2456 usbhub - ok
13:14:55.0057 2456 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:14:55.0072 2456 usbohci - ok
13:14:55.0088 2456 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:14:55.0104 2456 usbprint - ok
13:14:55.0135 2456 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:14:55.0150 2456 usbscan - ok
13:14:55.0166 2456 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:14:55.0197 2456 USBSTOR - ok
13:14:55.0197 2456 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:14:55.0213 2456 usbuhci - ok
13:14:55.0228 2456 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
13:14:55.0244 2456 UxSms - ok
13:14:55.0260 2456 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
13:14:55.0260 2456 VaultSvc - ok
13:14:55.0291 2456 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:14:55.0291 2456 vdrvroot - ok
13:14:55.0306 2456 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
13:14:55.0353 2456 vds - ok
13:14:55.0369 2456 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:14:55.0384 2456 vga - ok
13:14:55.0400 2456 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
13:14:55.0431 2456 VgaSave - ok
13:14:55.0447 2456 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:14:55.0447 2456 vhdmp - ok
13:14:55.0478 2456 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:14:55.0478 2456 viaide - ok
13:14:55.0494 2456 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:14:55.0509 2456 volmgr - ok
13:14:55.0525 2456 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:14:55.0525 2456 volmgrx - ok
13:14:55.0540 2456 [ df8126bd41180351a093a3ad2fc8903b ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:14:55.0556 2456 volsnap - ok
13:14:55.0572 2456 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:14:55.0587 2456 vsmraid - ok
13:14:55.0618 2456 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
13:14:55.0681 2456 VSS - ok
13:14:55.0696 2456 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:14:55.0728 2456 vwifibus - ok
13:14:55.0728 2456 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:14:55.0743 2456 vwififlt - ok
13:14:55.0759 2456 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
13:14:55.0790 2456 W32Time - ok
13:14:55.0806 2456 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:14:55.0821 2456 WacomPen - ok
13:14:55.0837 2456 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:14:55.0868 2456 WANARP - ok
13:14:55.0868 2456 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:14:55.0899 2456 Wanarpv6 - ok
13:14:55.0930 2456 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:14:55.0962 2456 WatAdminSvc - ok
13:14:56.0008 2456 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
13:14:56.0055 2456 wbengine - ok
13:14:56.0071 2456 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:14:56.0086 2456 WbioSrvc - ok
13:14:56.0102 2456 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:14:56.0133 2456 wcncsvc - ok
13:14:56.0149 2456 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:14:56.0164 2456 WcsPlugInService - ok
13:14:56.0180 2456 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
13:14:56.0180 2456 Wd - ok
13:14:56.0211 2456 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:14:56.0227 2456 Wdf01000 - ok
13:14:56.0242 2456 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:14:56.0258 2456 WdiServiceHost - ok
13:14:56.0258 2456 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:14:56.0274 2456 WdiSystemHost - ok
13:14:56.0305 2456 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:14:56.0320 2456 WebClient - ok
13:14:56.0336 2456 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:14:56.0367 2456 Wecsvc - ok
13:14:56.0383 2456 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:14:56.0414 2456 wercplsupport - ok
13:14:56.0430 2456 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:14:56.0445 2456 WerSvc - ok
13:14:56.0476 2456 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:14:56.0492 2456 WfpLwf - ok
13:14:56.0508 2456 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:14:56.0523 2456 WIMMount - ok
13:14:56.0570 2456 WinDefend - ok
13:14:56.0570 2456 WinHttpAutoProxySvc - ok
13:14:56.0617 2456 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:14:56.0664 2456 Winmgmt - ok
13:14:56.0695 2456 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
13:14:56.0757 2456 WinRM - ok
13:14:56.0804 2456 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:14:56.0820 2456 WinUsb - ok
13:14:56.0851 2456 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
13:14:56.0866 2456 Wlansvc - ok
13:14:56.0898 2456 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:14:56.0913 2456 wlcrasvc - ok
13:14:56.0991 2456 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:14:57.0038 2456 wlidsvc - ok
13:14:57.0054 2456 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:14:57.0069 2456 WmiAcpi - ok
13:14:57.0085 2456 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:14:57.0116 2456 wmiApSrv - ok
13:14:57.0132 2456 WMPNetworkSvc - ok
13:14:57.0163 2456 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:14:57.0178 2456 WPCSvc - ok
13:14:57.0194 2456 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:14:57.0194 2456 WPDBusEnum - ok
13:14:57.0225 2456 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:14:57.0241 2456 ws2ifsl - ok
13:14:57.0272 2456 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll
13:14:57.0303 2456 wscsvc - ok
13:14:57.0303 2456 WSearch - ok
13:14:57.0366 2456 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:14:57.0428 2456 wuauserv - ok
13:14:57.0444 2456 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:14:57.0459 2456 WudfPf - ok
13:14:57.0475 2456 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:14:57.0506 2456 WUDFRd - ok
13:14:57.0522 2456 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:14:57.0553 2456 wudfsvc - ok
13:14:57.0553 2456 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
13:14:57.0568 2456 WwanSvc - ok
13:14:57.0584 2456 ================ Scan global ===============================
13:14:57.0600 2456 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
13:14:57.0615 2456 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
13:14:57.0631 2456 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
13:14:57.0646 2456 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
13:14:57.0678 2456 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
13:14:57.0678 2456 [Global] - ok
13:14:57.0678 2456 ================ Scan MBR ==================================
13:14:57.0693 2456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:14:57.0958 2456 \Device\Harddisk0\DR0 - ok
13:14:57.0958 2456 ================ Scan VBR ==================================
13:14:57.0974 2456 Boot (0x1200) (fa8d80a531131c449e22fda608531982) \Device\Harddisk0\DR0\Partition1
13:14:57.0974 2456 \Device\Harddisk0\DR0\Partition1 - ok
13:14:58.0005 2456 Boot (0x1200) (52e3616b50d280c6b230c8b86db1cdb2) \Device\Harddisk0\DR0\Partition2
13:14:58.0005 2456 \Device\Harddisk0\DR0\Partition2 - ok
13:14:58.0036 2456 Boot (0x1200) (ba6015a06b397afafd4fe952608a6b55) \Device\Harddisk0\DR0\Partition3
13:14:58.0036 2456 \Device\Harddisk0\DR0\Partition3 - ok
13:14:58.0036 2456 ============================================================
13:14:58.0036 2456 Scan finished
13:14:58.0036 2456 ============================================================
13:14:58.0052 6052 Detected object count: 0
13:14:58.0052 6052 Actual detected object count: 0
13:15:39.0876 5872 Deinitialize success
-
RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: jk [Admin rights]
Mode: Scan -- Date: 08/15/2012 12:29:07
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA632 +++++
--- User ---
[MBR] 860cebdaaf929a4844e260dbfd069371
[bSP] 858edd0464ef9939185e335b0feaac5c : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 941808 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1929029632 | Size: 11959 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] d9d8eb2f7730918cb4b1ab035ba5b81e
[bSP] eb7d0a945c1dc80a73fbc5b2bdf7eaea : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 226125824 | Size: 300 Mo
Finished : << RKreport[1].txt >>
RKreport[1].txt
-
I ran a scan with AVG and it found that file, I then ran Malwarebytes and it found nothing. Here are my DDS and Attach reports....
DDS:
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by jk at 22:25:25 on 2012-08-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.3363 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: Interfaces\{30DAA431-0433-4787-8D69-5363B8238F30} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO-X64: TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\jk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46:54
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-9 85560]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-12 1128952]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-12 2656280]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976]
S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-12 655944]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-14 19:20:38 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-08-14 19:20:38 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-08-14 19:20:37 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-08-14 19:20:37 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-08-14 19:20:37 67072 ----a-w- C:\Windows\splwow64.exe
2012-08-14 19:20:37 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-08-14 19:20:37 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-08-14 19:20:37 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-08-14 19:20:37 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-08-14 19:20:37 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-08-14 19:20:37 136704 ----a-w- C:\Windows\System32\browser.dll
2012-08-11 05:03:06 -------- d-----w- C:\Users\jk\AppData\Local\HP
2012-07-29 20:24:39 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-21 19:52:37 -------- d-sh--w- C:\$RECYCLE.BIN
2012-07-21 03:37:51 -------- d-----w- C:\FRST
2012-07-20 22:20:08 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-20 22:12:10 -------- d-----w- C:\Users\jk\AppData\Roaming\RedDotGames
2012-07-20 22:10:59 5554512 ----a-w- C:\Windows\System32\d3dcsx_42.dll
2012-07-20 21:56:10 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2012-07-20 19:32:12 -------- d-----w- C:\Users\jk\AppData\Roaming\mIRC
2012-07-20 19:32:11 -------- d-----w- C:\Program Files (x86)\mIRC
.
==================== Find3M ====================
.
2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 22:25:43.05 ===============
Attatch:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/19/2011 7:25:53 PM
System Uptime: 8/14/2012 1:45:57 PM (9 hours ago)
.
Motherboard: PEGATRON CORPORATION | | 2AC2
Processor: Intel® Core i3-2120 CPU @ 3.30GHz | CPU 1 | 3300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 920 GiB total, 752.695 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.43 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP65: 7/29/2012 4:35:46 PM - Scheduled Checkpoint
RP66: 8/7/2012 3:47:27 PM - Scheduled Checkpoint
RP67: 8/10/2012 10:00:31 PM - HPSF Restore Point
RP68: 8/14/2012 1:36:30 PM - Windows Update
.
==== Installed Programs ======================
.
802.11n Wireless LAN Card
Adobe AIR
Adobe Flash Player 10 Plugin
Agatha Christie - Peril at End House
Apple Application Support
Apple Software Update
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Cake Mania
CameraHelperMsi
Chronicles of Albian
Chuzzle Deluxe
Cradle of Rome 2
D3DX10
DVD Decrypter (Remove Only)
erLT
Farm Frenzy
FATE
Google Talk Plugin
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.1.1.0
HP Customer Experience Enhancements
HP Games
HP LinkUp
HP MovieStore
HP Odometer
HP Setup
HP Setup Manager
HP SimplePass PE 2011
HP Support Assistant
HP Support Information
HP Update
Intel® Control Center
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
Intel® Processor Graphics
Internet Download Manager
Java Auto Updater
Java 6 Update 30
Java 7 Update 5
JavaFX 2.1.1
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
Kobo
LabelPrint
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Mah Jong Medley
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Microsoft Mathematics
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery of Mortlake Mansion
Namco All-Stars: PAC-MAN
Norton Online Backup
Out of the Park Baseball 13
PDF Complete Special Edition
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Police Force
Power2Go
PressReader
Realtek High Definition Audio Driver
Reason 5.0
Recovery Manager
Remote Graphics Receiver
Remote Mouse version 1.50
RoxioNow Player
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skype™ 5.8
Slingo Supreme
SoulSeek 157 NS 13e
StreamTorrent 1.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands
VIP Access SDK (1.0.1.4)
Virtual Villagers 5 - New Believers
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.1
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Zinio Reader 4
Zuma Deluxe
.
==== End Of File ===========================
-
Alright did all that and deleted all the logs and programs. Thanks again for the help.
-
So is there anything else I need to do? Thanks
-
CPU seems fine now. No more re-direct sites, AVG is not popping up with a threat detected. There is one thing Im having a problem with and thats adobe flash player....I know thats off the subject but its been crashing alot the past few weeks. Any recomendations on how to fix it? It looks something like this "adobe flash player 11.3 r300 crashed" Well heres the log report....
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.07.21.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jk :: JK-HP [administrator]
Protection: Enabled
7/21/2012 1:14:29 PM
mbam-log-2012-07-21 (13-14-29).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211487
Time elapsed: 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Haha I missed that part.....So am I good to go?
-
Im on my laptop writing this but before I post the log report, the infected Pc I tried opening firefox and got an error....
"c:/program files (x86)/mozilla firefox/ firefox.exe" "illegal opperation attempted on a registry key that has been marked for deletion", then another window asked "cant open this item" it might have been moved, renamed, or deleted. Do you want to remove this item. What do I do?
ComboFix 12-07-21.01 - jk 07/21/2012 12:23:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4238 [GMT -7:00]
Running from: c:\users\jk\Downloads\Programs\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\jk\AppData\Local\Temp\7zS2C9C\HPSLPSVC64.DLL
c:\users\jk\AppData\Roaming\Propellerhead Software\ReCycle
c:\users\jk\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle Preferences File.prf
c:\users\jk\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle220.dat
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Files Created from 2012-06-21 to 2012-07-21 )))))))))))))))))))))))))))))))
.
.
2012-07-21 19:26 . 2012-07-21 19:26 -------- d-----w- c:\users\Mcx1-JK-HP\AppData\Local\temp
2012-07-21 19:26 . 2012-07-21 19:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-21 03:37 . 2012-07-21 03:37 -------- d-----w- C:\FRST
2012-07-20 22:20 . 2012-07-20 23:36 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-20 22:12 . 2012-07-20 22:12 -------- d-----w- c:\users\jk\AppData\Roaming\RedDotGames
2012-07-20 22:10 . 2009-09-05 00:44 238936 ----a-w- c:\windows\SysWow64\xactengine3_5.dll
2012-07-20 21:56 . 2012-07-20 21:56 -------- d-----w- c:\program files (x86)\DVD Decrypter
2012-07-20 19:32 . 2012-07-20 21:52 -------- d-----w- c:\users\jk\AppData\Roaming\mIRC
2012-07-20 19:32 . 2012-07-20 19:32 -------- d-----w- c:\program files (x86)\mIRC
2012-07-12 23:01 . 2012-07-12 23:01 -------- d-----w- c:\users\jk\AppData\Local\MicrosoftStore
2012-07-12 22:46 . 2012-07-12 22:46 237 ----a-w- C:\user.js
2012-07-12 19:59 . 2012-07-12 19:59 -------- d-----w- c:\users\jk\AppData\Local\FANiSO
2012-07-11 05:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-10 22:37 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-27 21:01 . 2012-06-27 21:01 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-27 21:00 . 2012-06-27 21:00 -------- d-----w- c:\program files (x86)\Oracle
2012-06-27 21:00 . 2012-05-05 02:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-27 20:59 . 2012-06-27 20:59 -------- d-----w- c:\programdata\McAfee
2012-06-27 20:54 . 2012-06-27 21:36 -------- d-----w- c:\users\jk\AppData\Roaming\.minecraft
2012-06-25 04:29 . 2012-06-25 04:29 -------- d-----w- c:\program files\Propellerhead
2012-06-25 04:20 . 2012-06-25 04:20 -------- d-----w- c:\windows\en
2012-06-25 04:17 . 2012-06-25 04:17 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DSETUP.dll
2012-06-25 04:17 . 2012-06-25 04:17 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DXSETUP.exe
2012-06-25 04:17 . 2012-06-25 04:17 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\dsetup32.dll
2012-06-25 04:17 . 2012-06-25 04:17 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7d9109691cd528904\MeshBetaRemover.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 18:53 . 2012-04-02 17:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-16 18:53 . 2011-08-13 03:55 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 05:55 . 2012-01-03 18:59 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 20:46 . 2012-05-11 00:27 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 22:19 . 2012-06-21 19:18 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 19:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 19:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 19:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 19:18 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-21 19:18 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 19:19 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 19:18 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-21 19:18 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-05-05 02:29 . 2011-12-19 03:26 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-13 19:22 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 19:22 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 19:22 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 19:22 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-30 21:47 . 2012-04-30 21:47 191264 ----a-w- c:\windows\system32\javaws.exe
2012-04-30 21:47 . 2012-04-30 21:47 172320 ----a-w- c:\windows\system32\javaw.exe
2012-04-30 21:47 . 2012-04-30 21:47 172320 ----a-w- c:\windows\system32\java.exe
2012-04-30 21:47 . 2011-12-17 22:48 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-28 03:55 . 2012-06-13 19:22 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 19:22 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 19:22 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 19:22 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 19:22 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 19:22 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 19:22 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 19:22 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 19:22 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 19:22 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-02-28 3474840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-09 85560]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-08-13 31152]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-21 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001Core.job
- c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001UA.job
- c:\users\jk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 06:08]
.
2012-07-16 c:\windows\Tasks\HPCeeScheduleForjk.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-25 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-25 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-25 418584]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"combofix"="c:\combofix\CF85.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{34681D92-5958-406A-A654-1B57E7A7B3DC} - c:\program files (x86)\InstallShield Installation Information\{34681D92-5958-406A-A654-1B57E7A7B3DC}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):d3,3d,89,7c,db,c5,71,e8,73,47,b8,b8,59,ba,c3,67,18,e2,ca,f4,44,
18,1c,99,60,f6,08,4b,52,1d,78,7d,e9,9b,ae,cc,50,2a,65,b0,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-221318694-525691764-1706660316-1001_Classes\Wow6432Node\CLSID\{7efc96ed-aa46-4e9d-a2a5-9e04fc4742d4}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000052
"Therad"=dword:0000001d
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-07-21 12:31:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-21 19:31
.
Pre-Run: 814,427,643,904 bytes free
Post-Run: 814,855,725,056 bytes free
.
- - End Of File - - 88D50A38FC4D0E6B74A3C0115DE3DACC
-
11:03:26.0198 0992 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
11:03:26.0619 0992 ============================================================
11:03:26.0619 0992 Current date / time: 2012/07/21 11:03:26.0619
11:03:26.0619 0992 SystemInfo:
11:03:26.0619 0992
11:03:26.0619 0992 OS Version: 6.1.7601 ServicePack: 1.0
11:03:26.0619 0992 Product type: Workstation
11:03:26.0619 0992 ComputerName: JK-HP
11:03:26.0619 0992 UserName: jk
11:03:26.0619 0992 Windows directory: C:\Windows
11:03:26.0619 0992 System windows directory: C:\Windows
11:03:26.0619 0992 Running under WOW64
11:03:26.0619 0992 Processor architecture: Intel x64
11:03:26.0619 0992 Number of processors: 4
11:03:26.0619 0992 Page size: 0x1000
11:03:26.0619 0992 Boot type: Normal boot
11:03:26.0619 0992 ============================================================
11:03:27.0227 0992 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:03:27.0243 0992 ============================================================
11:03:27.0243 0992 \Device\Harddisk0\DR0:
11:03:27.0243 0992 MBR partitions:
11:03:27.0243 0992 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:03:27.0243 0992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F78000
11:03:27.0243 0992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72FAA800, BlocksNum 0x175B800
11:03:27.0243 0992 ============================================================
11:03:27.0290 0992 C: <-> \Device\Harddisk0\DR0\Partition1
11:03:27.0337 0992 D: <-> \Device\Harddisk0\DR0\Partition2
11:03:27.0337 0992 ============================================================
11:03:27.0337 0992 Initialize success
11:03:27.0337 0992 ============================================================
11:03:59.0052 4924 Deinitialize success
11:04:27.0050 3244 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
11:04:27.0518 3244 ============================================================
11:04:27.0518 3244 Current date / time: 2012/07/21 11:04:27.0518
11:04:27.0518 3244 SystemInfo:
11:04:27.0518 3244
11:04:27.0518 3244 OS Version: 6.1.7601 ServicePack: 1.0
11:04:27.0518 3244 Product type: Workstation
11:04:27.0518 3244 ComputerName: JK-HP
11:04:27.0518 3244 UserName: jk
11:04:27.0518 3244 Windows directory: C:\Windows
11:04:27.0518 3244 System windows directory: C:\Windows
11:04:27.0518 3244 Running under WOW64
11:04:27.0518 3244 Processor architecture: Intel x64
11:04:27.0518 3244 Number of processors: 4
11:04:27.0518 3244 Page size: 0x1000
11:04:27.0518 3244 Boot type: Normal boot
11:04:27.0518 3244 ============================================================
11:04:27.0862 3244 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:04:27.0877 3244 ============================================================
11:04:27.0877 3244 \Device\Harddisk0\DR0:
11:04:27.0877 3244 MBR partitions:
11:04:27.0877 3244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:04:27.0877 3244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F78000
11:04:27.0877 3244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72FAA800, BlocksNum 0x175B800
11:04:27.0877 3244 ============================================================
11:04:27.0908 3244 C: <-> \Device\Harddisk0\DR0\Partition1
11:04:27.0971 3244 D: <-> \Device\Harddisk0\DR0\Partition2
11:04:27.0971 3244 ============================================================
11:04:27.0971 3244 Initialize success
11:04:27.0971 3244 ============================================================
11:05:05.0582 2052 ============================================================
11:05:05.0582 2052 Scan started
11:05:05.0598 2052 Mode: Manual; SigCheck; TDLFS;
11:05:05.0598 2052 ============================================================
11:05:07.0517 2052 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:05:07.0673 2052 1394ohci - ok
11:05:07.0704 2052 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:05:07.0720 2052 ACPI - ok
11:05:07.0735 2052 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:05:07.0782 2052 AcpiPmi - ok
11:05:07.0829 2052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:05:07.0860 2052 adp94xx - ok
11:05:07.0891 2052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:05:07.0907 2052 adpahci - ok
11:05:07.0922 2052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:05:07.0938 2052 adpu320 - ok
11:05:07.0969 2052 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:05:08.0078 2052 AeLookupSvc - ok
11:05:08.0125 2052 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:05:08.0188 2052 AFD - ok
11:05:08.0219 2052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:05:08.0234 2052 agp440 - ok
11:05:08.0266 2052 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:05:08.0297 2052 ALG - ok
11:05:08.0312 2052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:05:08.0328 2052 aliide - ok
11:05:08.0328 2052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:05:08.0344 2052 amdide - ok
11:05:08.0359 2052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:05:08.0390 2052 AmdK8 - ok
11:05:08.0390 2052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:05:08.0422 2052 AmdPPM - ok
11:05:08.0453 2052 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:05:08.0468 2052 amdsata - ok
11:05:08.0500 2052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:05:08.0515 2052 amdsbs - ok
11:05:08.0546 2052 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:05:08.0563 2052 amdxata - ok
11:05:08.0594 2052 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:05:08.0641 2052 AppID - ok
11:05:08.0672 2052 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:05:08.0719 2052 AppIDSvc - ok
11:05:08.0735 2052 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:05:08.0766 2052 Appinfo - ok
11:05:08.0859 2052 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:05:08.0875 2052 Apple Mobile Device - ok
11:05:08.0891 2052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:05:08.0906 2052 arc - ok
11:05:08.0937 2052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:05:08.0953 2052 arcsas - ok
11:05:09.0015 2052 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:05:09.0031 2052 aspnet_state - ok
11:05:09.0047 2052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:05:09.0093 2052 AsyncMac - ok
11:05:09.0125 2052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:05:09.0140 2052 atapi - ok
11:05:09.0218 2052 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:05:09.0281 2052 AudioEndpointBuilder - ok
11:05:09.0281 2052 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:05:09.0312 2052 AudioSrv - ok
11:05:09.0717 2052 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:05:09.0780 2052 AVGIDSAgent - ok
11:05:09.0951 2052 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:05:09.0967 2052 AVGIDSDriver - ok
11:05:10.0014 2052 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:05:10.0029 2052 AVGIDSFilter - ok
11:05:10.0061 2052 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
11:05:10.0076 2052 AVGIDSHA - ok
11:05:10.0107 2052 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
11:05:10.0123 2052 Avgldx64 - ok
11:05:10.0139 2052 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:05:10.0154 2052 Avgmfx64 - ok
11:05:10.0201 2052 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:05:10.0217 2052 Avgrkx64 - ok
11:05:10.0263 2052 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
11:05:10.0279 2052 Avgtdia - ok
11:05:10.0357 2052 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:05:10.0373 2052 avgwd - ok
11:05:10.0404 2052 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:05:10.0466 2052 AxInstSV - ok
11:05:10.0513 2052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:05:10.0544 2052 b06bdrv - ok
11:05:10.0591 2052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:05:10.0607 2052 b57nd60a - ok
11:05:10.0716 2052 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:05:10.0731 2052 BBSvc - ok
11:05:10.0794 2052 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:05:10.0841 2052 BDESVC - ok
11:05:10.0919 2052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:05:10.0981 2052 Beep - ok
11:05:11.0402 2052 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:05:11.0465 2052 BITS - ok
11:05:11.0589 2052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:05:11.0636 2052 blbdrive - ok
11:05:11.0745 2052 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:05:11.0761 2052 Bonjour Service - ok
11:05:11.0792 2052 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:05:11.0808 2052 bowser - ok
11:05:11.0886 2052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:05:11.0917 2052 BrFiltLo - ok
11:05:12.0089 2052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:05:12.0104 2052 BrFiltUp - ok
11:05:12.0135 2052 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:05:12.0182 2052 Browser - ok
11:05:12.0213 2052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:05:12.0229 2052 Brserid - ok
11:05:12.0307 2052 BrSerIf (80e52ef092f3dad03e0ee15e64f97245) C:\Windows\system32\DRIVERS\BrSerIf.sys
11:05:12.0338 2052 BrSerIf - ok
11:05:12.0385 2052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:05:12.0401 2052 BrSerWdm - ok
11:05:12.0463 2052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:05:12.0494 2052 BrUsbMdm - ok
11:05:12.0510 2052 BrUsbSer (601cb966fffebc6806626dc8e7aa0ef2) C:\Windows\system32\DRIVERS\BrUsbSer.sys
11:05:12.0525 2052 BrUsbSer - ok
11:05:12.0541 2052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:05:12.0557 2052 BTHMODEM - ok
11:05:12.0603 2052 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:05:12.0635 2052 bthserv - ok
11:05:12.0650 2052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:05:12.0666 2052 cdfs - ok
11:05:12.0697 2052 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:05:12.0728 2052 cdrom - ok
11:05:12.0744 2052 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:05:12.0806 2052 CertPropSvc - ok
11:05:12.0837 2052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:05:12.0869 2052 circlass - ok
11:05:12.0900 2052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:05:12.0931 2052 CLFS - ok
11:05:12.0978 2052 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:05:12.0993 2052 clr_optimization_v2.0.50727_32 - ok
11:05:13.0040 2052 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:05:13.0056 2052 clr_optimization_v2.0.50727_64 - ok
11:05:13.0118 2052 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:05:13.0134 2052 clr_optimization_v4.0.30319_32 - ok
11:05:13.0149 2052 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:05:13.0181 2052 clr_optimization_v4.0.30319_64 - ok
11:05:13.0212 2052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:05:13.0243 2052 CmBatt - ok
11:05:13.0243 2052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:05:13.0259 2052 cmdide - ok
11:05:13.0337 2052 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:05:13.0368 2052 CNG - ok
11:05:13.0383 2052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:05:13.0383 2052 Compbatt - ok
11:05:13.0415 2052 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:05:13.0415 2052 CompositeBus - ok
11:05:13.0430 2052 COMSysApp - ok
11:05:13.0446 2052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:05:13.0477 2052 crcdisk - ok
11:05:13.0508 2052 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:05:13.0539 2052 CryptSvc - ok
11:05:13.0586 2052 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:05:13.0649 2052 DcomLaunch - ok
11:05:13.0664 2052 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:05:13.0711 2052 defragsvc - ok
11:05:13.0742 2052 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:05:13.0789 2052 DfsC - ok
11:05:13.0836 2052 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:05:13.0867 2052 Dhcp - ok
11:05:13.0883 2052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:05:13.0914 2052 discache - ok
11:05:13.0961 2052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:05:13.0961 2052 Disk - ok
11:05:13.0992 2052 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:05:14.0023 2052 Dnscache - ok
11:05:14.0054 2052 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:05:14.0101 2052 dot3svc - ok
11:05:14.0117 2052 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:05:14.0148 2052 DPS - ok
11:05:14.0163 2052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:05:14.0179 2052 drmkaud - ok
11:05:14.0241 2052 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:05:14.0257 2052 DXGKrnl - ok
11:05:14.0273 2052 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:05:14.0319 2052 EapHost - ok
11:05:14.0491 2052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:05:14.0538 2052 ebdrv - ok
11:05:14.0616 2052 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:05:14.0631 2052 EFS - ok
11:05:14.0725 2052 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:05:14.0772 2052 ehRecvr - ok
11:05:14.0787 2052 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:05:14.0803 2052 ehSched - ok
11:05:14.0865 2052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:05:14.0897 2052 elxstor - ok
11:05:14.0912 2052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:05:14.0928 2052 ErrDev - ok
11:05:14.0975 2052 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:05:15.0006 2052 EventSystem - ok
11:05:15.0021 2052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:05:15.0053 2052 exfat - ok
11:05:15.0068 2052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:05:15.0099 2052 fastfat - ok
11:05:15.0162 2052 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:05:15.0209 2052 Fax - ok
11:05:15.0224 2052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:05:15.0255 2052 fdc - ok
11:05:15.0287 2052 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:05:15.0318 2052 fdPHost - ok
11:05:15.0333 2052 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:05:15.0365 2052 FDResPub - ok
11:05:15.0380 2052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:05:15.0380 2052 FileInfo - ok
11:05:15.0396 2052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:05:15.0443 2052 Filetrace - ok
11:05:15.0474 2052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:05:15.0489 2052 flpydisk - ok
11:05:15.0521 2052 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:05:15.0521 2052 FltMgr - ok
11:05:15.0630 2052 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:05:15.0692 2052 FontCache - ok
11:05:15.0755 2052 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:05:15.0770 2052 FontCache3.0.0.0 - ok
11:05:15.0817 2052 FPLService (71cdc1d7f58d5ec49ebc2e2332ad3fae) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
11:05:15.0833 2052 FPLService - ok
11:05:15.0911 2052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:05:15.0926 2052 FsDepends - ok
11:05:15.0942 2052 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:05:15.0957 2052 Fs_Rec - ok
11:05:15.0989 2052 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:05:16.0004 2052 fvevol - ok
11:05:16.0035 2052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:05:16.0035 2052 gagp30kx - ok
11:05:16.0082 2052 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:05:16.0098 2052 GamesAppService - ok
11:05:16.0113 2052 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:05:16.0129 2052 GEARAspiWDM - ok
11:05:16.0191 2052 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:05:16.0238 2052 gpsvc - ok
11:05:16.0254 2052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:05:16.0269 2052 hcw85cir - ok
11:05:16.0301 2052 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:05:16.0316 2052 HdAudAddService - ok
11:05:16.0347 2052 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:05:16.0363 2052 HDAudBus - ok
11:05:16.0363 2052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:05:16.0394 2052 HidBatt - ok
11:05:16.0410 2052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:05:16.0425 2052 HidBth - ok
11:05:16.0441 2052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:05:16.0457 2052 HidIr - ok
11:05:16.0488 2052 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:05:16.0503 2052 hidserv - ok
11:05:16.0535 2052 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:05:16.0550 2052 HidUsb - ok
11:05:16.0581 2052 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:05:16.0613 2052 hkmsvc - ok
11:05:16.0644 2052 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:05:16.0691 2052 HomeGroupListener - ok
11:05:16.0706 2052 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:05:16.0737 2052 HomeGroupProvider - ok
11:05:16.0815 2052 HP Support Assistant Service (531d1843c7a411f4e41ec6786f291e5f) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:05:16.0831 2052 HP Support Assistant Service - ok
11:05:16.0878 2052 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
11:05:16.0893 2052 HPClientSvc - ok
11:05:16.0925 2052 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:05:16.0940 2052 HPDrvMntSvc.exe - ok
11:05:17.0003 2052 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:05:17.0018 2052 hpqwmiex - ok
11:05:17.0127 2052 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:05:17.0143 2052 HpSAMD - ok
11:05:17.0408 2052 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Users\jk\AppData\Local\Temp\7zS2C9C\hpslpsvc64.dll
11:05:17.0455 2052 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
11:05:17.0455 2052 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
11:05:17.0611 2052 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:05:17.0642 2052 HTTP - ok
11:05:17.0658 2052 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:05:17.0658 2052 hwpolicy - ok
11:05:17.0689 2052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:05:17.0705 2052 i8042prt - ok
11:05:17.0736 2052 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
11:05:17.0751 2052 iaStor - ok
11:05:17.0798 2052 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:05:17.0814 2052 iaStorV - ok
11:05:17.0861 2052 IDMWFP (5534e14ef27ebe8563cdbce6b88501a3) C:\Windows\system32\DRIVERS\idmwfp.sys
11:05:17.0876 2052 IDMWFP - ok
11:05:17.0954 2052 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:05:17.0970 2052 idsvc - ok
11:05:18.0500 2052 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:05:18.0687 2052 igfx - ok
11:05:18.0781 2052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:05:18.0781 2052 iirsp - ok
11:05:18.0828 2052 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:05:18.0875 2052 IKEEXT - ok
11:05:18.0890 2052 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:05:18.0921 2052 Impcd - ok
11:05:19.0046 2052 IntcAzAudAddService (c7124da48e557d8f88d0d7f1254557f4) C:\Windows\system32\drivers\RTKVHD64.sys
11:05:19.0077 2052 IntcAzAudAddService - ok
11:05:19.0171 2052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:05:19.0187 2052 intelide - ok
11:05:19.0249 2052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:05:19.0265 2052 intelppm - ok
11:05:19.0327 2052 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:05:19.0358 2052 IPBusEnum - ok
11:05:19.0389 2052 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:05:19.0405 2052 IpFilterDriver - ok
11:05:19.0452 2052 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:05:19.0483 2052 IPMIDRV - ok
11:05:19.0499 2052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:05:19.0545 2052 IPNAT - ok
11:05:19.0717 2052 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:05:19.0748 2052 iPod Service - ok
11:05:19.0764 2052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:05:19.0779 2052 IRENUM - ok
11:05:19.0795 2052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:05:19.0795 2052 isapnp - ok
11:05:19.0826 2052 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:05:19.0826 2052 iScsiPrt - ok
11:05:19.0904 2052 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
11:05:19.0904 2052 jhi_service - ok
11:05:19.0935 2052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:05:19.0935 2052 kbdclass - ok
11:05:19.0951 2052 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:05:19.0982 2052 kbdhid - ok
11:05:19.0998 2052 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:05:20.0013 2052 KeyIso - ok
11:05:20.0045 2052 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:05:20.0045 2052 KSecDD - ok
11:05:20.0060 2052 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:05:20.0076 2052 KSecPkg - ok
11:05:20.0091 2052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:05:20.0123 2052 ksthunk - ok
11:05:20.0169 2052 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:05:20.0201 2052 KtmRm - ok
11:05:20.0232 2052 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:05:20.0263 2052 LanmanServer - ok
11:05:20.0279 2052 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:05:20.0310 2052 LanmanWorkstation - ok
11:05:20.0341 2052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:05:20.0372 2052 lltdio - ok
11:05:20.0419 2052 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:05:20.0450 2052 lltdsvc - ok
11:05:20.0513 2052 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:05:20.0528 2052 lmhosts - ok
11:05:20.0653 2052 LMS (d75c4b4a8fe6d7fd74a7eecdbaec729f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:05:20.0653 2052 LMS - ok
11:05:20.0731 2052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:05:20.0731 2052 LSI_FC - ok
11:05:20.0778 2052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:05:20.0778 2052 LSI_SAS - ok
11:05:20.0809 2052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:05:20.0809 2052 LSI_SAS2 - ok
11:05:20.0825 2052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:05:20.0840 2052 LSI_SCSI - ok
11:05:20.0856 2052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:05:20.0887 2052 luafv - ok
11:05:20.0949 2052 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
11:05:20.0949 2052 LVRS64 - ok
11:05:21.0168 2052 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
11:05:21.0246 2052 LVUVC64 - ok
11:05:21.0355 2052 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
11:05:21.0355 2052 MBAMProtector - ok
11:05:21.0433 2052 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:05:21.0449 2052 MBAMService - ok
11:05:21.0464 2052 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:05:21.0480 2052 Mcx2Svc - ok
11:05:21.0495 2052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:05:21.0495 2052 megasas - ok
11:05:21.0542 2052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:05:21.0542 2052 MegaSR - ok
11:05:21.0558 2052 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
11:05:21.0573 2052 MEIx64 - ok
11:05:21.0573 2052 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:05:21.0605 2052 MMCSS - ok
11:05:21.0620 2052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:05:21.0651 2052 Modem - ok
11:05:21.0683 2052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:05:21.0698 2052 monitor - ok
11:05:21.0729 2052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:05:21.0745 2052 mouclass - ok
11:05:21.0761 2052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:05:21.0776 2052 mouhid - ok
11:05:21.0792 2052 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:05:21.0807 2052 mountmgr - ok
11:05:21.0870 2052 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:05:21.0885 2052 MozillaMaintenance - ok
11:05:21.0901 2052 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:05:21.0917 2052 mpio - ok
11:05:21.0917 2052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:05:21.0948 2052 mpsdrv - ok
11:05:21.0963 2052 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:05:21.0995 2052 MRxDAV - ok
11:05:22.0010 2052 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:05:22.0041 2052 mrxsmb - ok
11:05:22.0057 2052 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:05:22.0057 2052 mrxsmb10 - ok
11:05:22.0073 2052 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:05:22.0088 2052 mrxsmb20 - ok
11:05:22.0104 2052 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:05:22.0104 2052 msahci - ok
11:05:22.0135 2052 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:05:22.0151 2052 msdsm - ok
11:05:22.0166 2052 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:05:22.0182 2052 MSDTC - ok
11:05:22.0197 2052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:05:22.0229 2052 Msfs - ok
11:05:22.0244 2052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:05:22.0260 2052 mshidkmdf - ok
11:05:22.0275 2052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:05:22.0275 2052 msisadrv - ok
11:05:22.0307 2052 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:05:22.0338 2052 MSiSCSI - ok
11:05:22.0338 2052 msiserver - ok
11:05:22.0369 2052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:05:22.0400 2052 MSKSSRV - ok
11:05:22.0400 2052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:05:22.0431 2052 MSPCLOCK - ok
11:05:22.0447 2052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:05:22.0494 2052 MSPQM - ok
11:05:22.0525 2052 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:05:22.0525 2052 MsRPC - ok
11:05:22.0556 2052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:05:22.0556 2052 mssmbios - ok
11:05:22.0572 2052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:05:22.0619 2052 MSTEE - ok
11:05:22.0619 2052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:05:22.0634 2052 MTConfig - ok
11:05:22.0650 2052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:05:22.0665 2052 Mup - ok
11:05:22.0697 2052 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:05:22.0728 2052 napagent - ok
11:05:22.0775 2052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:05:22.0775 2052 NativeWifiP - ok
11:05:22.0837 2052 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:05:22.0853 2052 NDIS - ok
11:05:22.0868 2052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:05:22.0899 2052 NdisCap - ok
11:05:22.0931 2052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:05:22.0962 2052 NdisTapi - ok
11:05:22.0977 2052 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:05:22.0993 2052 Ndisuio - ok
11:05:23.0009 2052 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:05:23.0040 2052 NdisWan - ok
11:05:23.0071 2052 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:05:23.0102 2052 NDProxy - ok
11:05:23.0118 2052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:05:23.0149 2052 NetBIOS - ok
11:05:23.0180 2052 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:05:23.0211 2052 NetBT - ok
11:05:23.0258 2052 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:05:23.0258 2052 Netlogon - ok
11:05:23.0352 2052 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:05:23.0399 2052 Netman - ok
11:05:23.0445 2052 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:05:23.0461 2052 NetMsmqActivator - ok
11:05:23.0461 2052 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:05:23.0461 2052 NetPipeActivator - ok
11:05:23.0492 2052 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:05:23.0539 2052 netprofm - ok
11:05:23.0617 2052 netr28x (8b5d2d7cb0ef5b1967860b8ab742a46c) C:\Windows\system32\DRIVERS\netr28x.sys
11:05:23.0633 2052 netr28x - ok
11:05:23.0711 2052 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:05:23.0711 2052 NetTcpActivator - ok
11:05:23.0711 2052 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:05:23.0726 2052 NetTcpPortSharing - ok
11:05:23.0789 2052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:05:23.0789 2052 nfrd960 - ok
11:05:23.0835 2052 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:05:23.0867 2052 NlaSvc - ok
11:05:24.0023 2052 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:05:24.0069 2052 NOBU - ok
11:05:24.0132 2052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:05:24.0163 2052 Npfs - ok
11:05:24.0179 2052 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:05:24.0210 2052 nsi - ok
11:05:24.0225 2052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:05:24.0257 2052 nsiproxy - ok
11:05:24.0350 2052 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:05:24.0366 2052 Ntfs - ok
11:05:24.0444 2052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:05:24.0475 2052 Null - ok
11:05:24.0506 2052 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:05:24.0522 2052 nvraid - ok
11:05:24.0537 2052 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:05:24.0553 2052 nvstor - ok
11:05:24.0584 2052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:05:24.0584 2052 nv_agp - ok
11:05:24.0600 2052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:05:24.0615 2052 ohci1394 - ok
11:05:24.0647 2052 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:05:24.0678 2052 p2pimsvc - ok
11:05:24.0693 2052 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:05:24.0709 2052 p2psvc - ok
11:05:24.0740 2052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:05:24.0740 2052 Parport - ok
11:05:24.0771 2052 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:05:24.0787 2052 partmgr - ok
11:05:24.0818 2052 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:05:24.0834 2052 PcaSvc - ok
11:05:24.0849 2052 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:05:24.0865 2052 pci - ok
11:05:24.0881 2052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:05:24.0881 2052 pciide - ok
11:05:24.0912 2052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:05:24.0912 2052 pcmcia - ok
11:05:24.0928 2052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:05:24.0943 2052 pcw - ok
11:05:24.0974 2052 pdfcDispatcher - ok
11:05:25.0006 2052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:05:25.0037 2052 PEAUTH - ok
11:05:25.0115 2052 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:05:25.0130 2052 PerfHost - ok
11:05:25.0427 2052 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:05:25.0474 2052 pla - ok
11:05:25.0552 2052 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:05:25.0583 2052 PlugPlay - ok
11:05:25.0661 2052 pmxdrv (0bee791c7c7ace453c134e73633c497d) C:\Windows\system32\drivers\pmxdrv.sys
11:05:25.0676 2052 pmxdrv - ok
11:05:25.0723 2052 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:05:25.0770 2052 PNRPAutoReg - ok
11:05:25.0832 2052 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:05:25.0848 2052 PNRPsvc - ok
11:05:25.0926 2052 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:05:25.0988 2052 PolicyAgent - ok
11:05:26.0020 2052 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:05:26.0051 2052 Power - ok
11:05:26.0082 2052 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:05:26.0129 2052 PptpMiniport - ok
11:05:26.0129 2052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:05:26.0144 2052 Processor - ok
11:05:26.0176 2052 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:05:26.0207 2052 ProfSvc - ok
11:05:26.0222 2052 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:05:26.0238 2052 ProtectedStorage - ok
11:05:26.0254 2052 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:05:26.0285 2052 Psched - ok
11:05:26.0378 2052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:05:26.0394 2052 ql2300 - ok
11:05:26.0488 2052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:05:26.0503 2052 ql40xx - ok
11:05:26.0519 2052 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:05:26.0534 2052 QWAVE - ok
11:05:26.0534 2052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:05:26.0566 2052 QWAVEdrv - ok
11:05:26.0581 2052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:05:26.0628 2052 RasAcd - ok
11:05:26.0644 2052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:05:26.0659 2052 RasAgileVpn - ok
11:05:26.0675 2052 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:05:26.0706 2052 RasAuto - ok
11:05:26.0722 2052 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:05:26.0753 2052 Rasl2tp - ok
11:05:26.0784 2052 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:05:26.0815 2052 RasMan - ok
11:05:26.0831 2052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:05:26.0862 2052 RasPppoe - ok
11:05:26.0878 2052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:05:26.0909 2052 RasSstp - ok
11:05:26.0924 2052 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:05:26.0971 2052 rdbss - ok
11:05:26.0987 2052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:05:26.0987 2052 rdpbus - ok
11:05:27.0018 2052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:05:27.0049 2052 RDPCDD - ok
11:05:27.0049 2052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:05:27.0080 2052 RDPENCDD - ok
11:05:27.0096 2052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:05:27.0112 2052 RDPREFMP - ok
11:05:27.0143 2052 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:05:27.0190 2052 RDPWD - ok
11:05:27.0439 2052 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:05:27.0455 2052 rdyboost - ok
11:05:27.0642 2052 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:05:27.0860 2052 RemoteAccess - ok
11:05:27.0938 2052 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:05:27.0970 2052 RemoteRegistry - ok
11:05:28.0079 2052 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
11:05:28.0079 2052 RoxioNow Service - ok
11:05:28.0110 2052 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:05:28.0141 2052 RpcEptMapper - ok
11:05:28.0172 2052 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:05:28.0172 2052 RpcLocator - ok
11:05:28.0204 2052 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:05:28.0235 2052 RpcSs - ok
11:05:28.0282 2052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:05:28.0297 2052 rspndr - ok
11:05:28.0344 2052 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:05:28.0344 2052 RTL8167 - ok
11:05:28.0375 2052 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:05:28.0375 2052 SamSs - ok
11:05:28.0391 2052 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:05:28.0406 2052 sbp2port - ok
11:05:28.0438 2052 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:05:28.0453 2052 SCardSvr - ok
11:05:28.0469 2052 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:05:28.0500 2052 scfilter - ok
11:05:28.0547 2052 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:05:28.0578 2052 Schedule - ok
11:05:28.0609 2052 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:05:28.0640 2052 SCPolicySvc - ok
11:05:28.0656 2052 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:05:28.0687 2052 SDRSVC - ok
11:05:28.0750 2052 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:05:28.0750 2052 SeaPort - ok
11:05:28.0796 2052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:05:28.0828 2052 secdrv - ok
11:05:28.0843 2052 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:05:28.0859 2052 seclogon - ok
11:05:28.0874 2052 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:05:28.0906 2052 SENS - ok
11:05:28.0937 2052 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:05:28.0952 2052 SensrSvc - ok
11:05:28.0968 2052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:05:28.0999 2052 Serenum - ok
11:05:29.0015 2052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:05:29.0015 2052 Serial - ok
11:05:29.0046 2052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:05:29.0062 2052 sermouse - ok
11:05:29.0077 2052 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:05:29.0108 2052 SessionEnv - ok
11:05:29.0140 2052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:05:29.0140 2052 sffdisk - ok
11:05:29.0155 2052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:05:29.0171 2052 sffp_mmc - ok
11:05:29.0218 2052 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:05:29.0233 2052 sffp_sd - ok
11:05:29.0374 2052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:05:29.0452 2052 sfloppy - ok
11:05:29.0608 2052 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:05:29.0701 2052 ShellHWDetection - ok
11:05:29.0888 2052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:05:29.0888 2052 SiSRaid2 - ok
11:05:29.0951 2052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:05:29.0966 2052 SiSRaid4 - ok
11:05:30.0169 2052 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:05:30.0185 2052 SkypeUpdate - ok
11:05:30.0622 2052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:05:30.0715 2052 Smb - ok
11:05:31.0121 2052 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:05:31.0370 2052 SNMPTRAP - ok
11:05:31.0464 2052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:05:31.0464 2052 spldr - ok
11:05:31.0698 2052 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:05:31.0745 2052 Spooler - ok
11:05:32.0431 2052 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:05:32.0478 2052 sppsvc - ok
11:05:32.0837 2052 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:05:32.0899 2052 sppuinotify - ok
11:05:33.0274 2052 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:05:33.0352 2052 srv - ok
11:05:33.0430 2052 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:05:33.0461 2052 srv2 - ok
11:05:33.0476 2052 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:05:33.0492 2052 srvnet - ok
11:05:33.0554 2052 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:05:33.0617 2052 SSDPSRV - ok
11:05:33.0648 2052 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:05:33.0664 2052 SstpSvc - ok
11:05:33.0742 2052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:05:33.0773 2052 stexstor - ok
11:05:33.0851 2052 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:05:33.0882 2052 stisvc - ok
11:05:33.0944 2052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:05:33.0960 2052 swenum - ok
11:05:34.0038 2052 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:05:34.0116 2052 swprv - ok
11:05:34.0303 2052 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:05:34.0381 2052 SysMain - ok
11:05:34.0444 2052 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:05:34.0475 2052 TabletInputService - ok
11:05:34.0506 2052 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:05:34.0537 2052 TapiSrv - ok
11:05:34.0568 2052 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:05:34.0600 2052 TBS - ok
11:05:34.0787 2052 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:05:34.0818 2052 Tcpip - ok
11:05:34.0958 2052 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:05:34.0974 2052 TCPIP6 - ok
11:05:35.0036 2052 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:05:35.0083 2052 tcpipreg - ok
11:05:35.0083 2052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:05:35.0114 2052 TDPIPE - ok
11:05:35.0146 2052 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:05:35.0161 2052 TDTCP - ok
11:05:35.0192 2052 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:05:35.0208 2052 tdx - ok
11:05:35.0270 2052 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:05:35.0286 2052 TermDD - ok
11:05:35.0333 2052 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:05:35.0380 2052 TermService - ok
11:05:35.0411 2052 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:05:35.0426 2052 Themes - ok
11:05:35.0489 2052 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:05:35.0520 2052 THREADORDER - ok
11:05:35.0598 2052 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:05:35.0645 2052 TrkWks - ok
11:05:35.0738 2052 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:05:35.0785 2052 TrustedInstaller - ok
11:05:35.0848 2052 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:05:35.0926 2052 tssecsrv - ok
11:05:35.0972 2052 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:05:35.0988 2052 TsUsbFlt - ok
11:05:36.0019 2052 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:05:36.0035 2052 TsUsbGD - ok
11:05:36.0066 2052 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:05:36.0113 2052 tunnel - ok
11:05:36.0128 2052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:05:36.0144 2052 uagp35 - ok
11:05:36.0175 2052 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:05:36.0206 2052 udfs - ok
11:05:36.0238 2052 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:05:36.0253 2052 UI0Detect - ok
11:05:36.0269 2052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:05:36.0284 2052 uliagpkx - ok
11:05:36.0316 2052 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:05:36.0331 2052 umbus - ok
11:05:36.0362 2052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:05:36.0378 2052 UmPass - ok
11:05:36.0565 2052 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
11:05:36.0565 2052 UMVPFSrv - ok
11:05:37.0064 2052 UNS (758c2ce427c343f780a205e28555c98d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:05:37.0096 2052 UNS - ok
11:05:37.0267 2052 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:05:37.0345 2052 upnphost - ok
11:05:37.0376 2052 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:05:37.0408 2052 USBAAPL64 - ok
11:05:37.0439 2052 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:05:37.0470 2052 usbaudio - ok
11:05:37.0501 2052 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:05:37.0517 2052 usbccgp - ok
11:05:37.0548 2052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:05:37.0564 2052 usbcir - ok
11:05:37.0579 2052 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:05:37.0579 2052 usbehci - ok
11:05:37.0610 2052 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:05:37.0642 2052 usbhub - ok
11:05:37.0657 2052 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:05:37.0673 2052 usbohci - ok
11:05:37.0704 2052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:05:37.0735 2052 usbprint - ok
11:05:37.0798 2052 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:05:37.0813 2052 usbscan - ok
11:05:37.0829 2052 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:05:37.0860 2052 USBSTOR - ok
11:05:37.0860 2052 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:05:37.0876 2052 usbuhci - ok
11:05:37.0907 2052 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:05:37.0938 2052 UxSms - ok
11:05:37.0969 2052 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:05:37.0969 2052 VaultSvc - ok
11:05:38.0016 2052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:05:38.0016 2052 vdrvroot - ok
11:05:38.0047 2052 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:05:38.0094 2052 vds - ok
11:05:38.0125 2052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:05:38.0141 2052 vga - ok
11:05:38.0156 2052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:05:38.0203 2052 VgaSave - ok
11:05:38.0219 2052 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:05:38.0234 2052 vhdmp - ok
11:05:38.0266 2052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:05:38.0266 2052 viaide - ok
11:05:38.0281 2052 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:05:38.0297 2052 volmgr - ok
11:05:38.0312 2052 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:05:38.0328 2052 volmgrx - ok
11:05:38.0359 2052 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
11:05:38.0375 2052 volsnap - ok
11:05:38.0390 2052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:05:38.0406 2052 vsmraid - ok
11:05:38.0500 2052 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:05:38.0531 2052 VSS - ok
11:05:38.0624 2052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:05:38.0640 2052 vwifibus - ok
11:05:38.0656 2052 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:05:38.0671 2052 vwififlt - ok
11:05:38.0718 2052 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:05:38.0765 2052 W32Time - ok
11:05:38.0796 2052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:05:38.0827 2052 WacomPen - ok
11:05:38.0858 2052 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:05:38.0905 2052 WANARP - ok
11:05:38.0905 2052 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:05:38.0921 2052 Wanarpv6 - ok
11:05:39.0014 2052 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:05:39.0061 2052 WatAdminSvc - ok
11:05:39.0139 2052 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:05:39.0311 2052 wbengine - ok
11:05:39.0389 2052 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:05:39.0404 2052 WbioSrvc - ok
11:05:39.0436 2052 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:05:39.0467 2052 wcncsvc - ok
11:05:39.0482 2052 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:05:39.0498 2052 WcsPlugInService - ok
11:05:39.0529 2052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:05:39.0545 2052 Wd - ok
11:05:39.0592 2052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:05:39.0623 2052 Wdf01000 - ok
11:05:39.0638 2052 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:05:39.0685 2052 WdiServiceHost - ok
11:05:39.0685 2052 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:05:39.0701 2052 WdiSystemHost - ok
11:05:39.0716 2052 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:05:39.0748 2052 WebClient - ok
11:05:39.0779 2052 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:05:39.0810 2052 Wecsvc - ok
11:05:39.0826 2052 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:05:39.0857 2052 wercplsupport - ok
11:05:39.0872 2052 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:05:39.0904 2052 WerSvc - ok
11:05:39.0935 2052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:05:39.0966 2052 WfpLwf - ok
11:05:39.0982 2052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:05:39.0982 2052 WIMMount - ok
11:05:39.0982 2052 WinHttpAutoProxySvc - ok
11:05:40.0044 2052 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:05:40.0075 2052 Winmgmt - ok
11:05:40.0200 2052 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:05:40.0262 2052 WinRM - ok
11:05:40.0387 2052 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:05:40.0418 2052 WinUsb - ok
11:05:40.0496 2052 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:05:40.0528 2052 Wlansvc - ok
11:05:40.0574 2052 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:05:40.0574 2052 wlcrasvc - ok
11:05:40.0793 2052 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:05:40.0840 2052 wlidsvc - ok
11:05:41.0011 2052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:05:41.0027 2052 WmiAcpi - ok
11:05:41.0089 2052 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:05:41.0120 2052 wmiApSrv - ok
11:05:41.0152 2052 WMPNetworkSvc - ok
11:05:41.0198 2052 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:05:41.0339 2052 WPCSvc - ok
11:05:41.0417 2052 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:05:41.0432 2052 WPDBusEnum - ok
11:05:41.0448 2052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:05:41.0479 2052 ws2ifsl - ok
11:05:41.0495 2052 WSearch - ok
11:05:41.0635 2052 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:05:41.0682 2052 wuauserv - ok
11:05:41.0776 2052 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:05:41.0807 2052 WudfPf - ok
11:05:41.0822 2052 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:41.0869 2052 WUDFRd - ok
11:05:41.0885 2052 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:05:41.0916 2052 wudfsvc - ok
11:05:41.0932 2052 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:05:41.0947 2052 WwanSvc - ok
11:05:41.0978 2052 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:05:42.0259 2052 \Device\Harddisk0\DR0 - ok
11:05:42.0259 2052 Boot (0x1200) (fa8d80a531131c449e22fda608531982) \Device\Harddisk0\DR0\Partition0
11:05:42.0259 2052 \Device\Harddisk0\DR0\Partition0 - ok
11:05:42.0290 2052 Boot (0x1200) (52e3616b50d280c6b230c8b86db1cdb2) \Device\Harddisk0\DR0\Partition1
11:05:42.0290 2052 \Device\Harddisk0\DR0\Partition1 - ok
11:05:42.0337 2052 Boot (0x1200) (ba6015a06b397afafd4fe952608a6b55) \Device\Harddisk0\DR0\Partition2
11:05:42.0337 2052 \Device\Harddisk0\DR0\Partition2 - ok
11:05:42.0337 2052 ============================================================
11:05:42.0337 2052 Scan finished
11:05:42.0337 2052 ============================================================
11:05:42.0353 3256 Detected object count: 1
11:05:42.0353 3256 Actual detected object count: 1
11:06:09.0076 3256 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:06:09.0076 3256 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:06:58.0699 2600 Deinitialize success
-
Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 20-07-2012 01
Ran by SYSTEM at 2012-07-21 10:46:09 Run:1
Running from K:\
==============================================
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe
==== End of Fixlog ====
-
Scan result of Farbar Recovery Scan Tool Version: 20-07-2012 01
Ran by SYSTEM at 20-07-2012 19:37:59
Running from K:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [igfxTray] C:\Windows\system32\igfxtray.exe [168216 2011-04-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391960 2011-04-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [418584 2011-04-25] (Intel Corporation)
HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2587008 2012-04-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\jk\...\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [3474840 2012-02-27] (Tonec Inc.)
HKU\jk\...\Run: [Google Update] "C:\Users\jk\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-06] (Google Inc.)
HKU\Mcx1-JK-HP\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
==================== Services (Whitelisted) ======
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [5160568 2012-07-04] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 HPSLPSVC; C:\Users\jk\AppData\Local\Temp\7zS2C9C\hpslpsvc64.dll [1039360 2011-11-14] (Hewlett-Packard Co.)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)
2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [2804568 2010-06-01] (Symantec Corporation)
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2656280 2011-01-31] (Intel Corporation)
========================== Drivers (Whitelisted) =============
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [383808 2012-03-19] (AVG Technologies CZ, s.r.o.)
3 BrSerIf; C:\Windows\System32\Drivers\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
2 IDMWFP; C:\Windows\System32\Drivers\IDMWFP.sys [149640 2012-02-07] (Tonec Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation)
3 pmxdrv; C:\Windows\System32\Drivers\pmxdrv.sys [31152 2011-08-12] ()
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-07-20 16:33 - 2012-07-20 16:33 - 00023482 ____A C:\Users\jk\Desktop\DDS.txt
2012-07-20 16:32 - 2012-07-20 16:32 - 00006817 ____A C:\Users\jk\Desktop\1.txt
2012-07-20 16:30 - 2012-07-20 16:30 - 00607260 ____R (Swearware) C:\Users\jk\Downloads\dds.scr
2012-07-20 14:20 - 2012-07-20 15:36 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-07-20 14:12 - 2012-07-20 14:12 - 00000000 ____D C:\Users\jk\AppData\Roaming\RedDotGames
2012-07-20 14:11 - 2010-06-02 03:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2012-07-20 14:11 - 2010-06-02 03:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2012-07-20 14:11 - 2010-06-02 03:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2012-07-20 14:11 - 2010-06-02 03:55 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2012-07-20 14:11 - 2010-06-02 03:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2012-07-20 14:11 - 2010-06-02 03:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 02401112 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 01907552 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 00511328 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2012-07-20 14:11 - 2010-05-26 10:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00530776 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00078680 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2012-07-20 14:11 - 2010-02-04 09:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-07-20 14:11 - 2009-09-04 16:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2012-07-20 14:10 - 2009-09-04 16:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2012-07-20 14:10 - 2009-09-04 16:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2012-07-20 14:10 - 2009-09-04 16:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2012-07-20 14:10 - 2009-09-04 16:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2012-07-20 14:10 - 2009-03-16 13:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2012-07-20 14:10 - 2009-03-16 13:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2012-07-20 14:10 - 2009-03-16 13:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2012-07-20 14:10 - 2009-03-16 13:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2012-07-20 14:10 - 2009-03-16 13:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2012-07-20 14:10 - 2009-03-16 13:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-07-20 14:10 - 2009-03-09 14:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2012-07-20 14:10 - 2009-03-09 14:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2012-07-20 14:10 - 2008-10-27 09:04 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2012-07-20 14:10 - 2008-10-27 09:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2012-07-20 14:10 - 2008-10-27 09:04 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2012-07-20 14:10 - 2008-10-27 09:04 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2012-07-20 14:10 - 2008-10-27 09:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-07-20 14:10 - 2008-10-15 05:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2012-07-20 14:10 - 2008-10-15 05:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2012-07-20 14:10 - 2008-10-15 05:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2012-07-20 14:10 - 2008-10-15 05:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-07-20 14:10 - 2008-10-15 05:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2012-07-20 14:10 - 2008-10-15 05:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2012-07-20 13:56 - 2012-07-20 13:56 - 00000000 ____D C:\Program Files (x86)\DVD Decrypter
2012-07-20 11:32 - 2012-07-20 13:52 - 00000000 ____D C:\Users\jk\AppData\Roaming\mIRC
2012-07-20 11:32 - 2012-07-20 11:32 - 00000000 ____D C:\Program Files (x86)\mIRC
2012-07-20 11:28 - 2012-07-20 11:46 - 552157910 ____A C:\Users\jk\Downloads\sara jay newmeat.wmv
2012-07-18 21:33 - 2011-04-14 18:38 - 00743049 ____A C:\Users\jk\Documents\VID 00051.3GP
2012-07-18 21:33 - 2011-04-14 18:38 - 00459299 ____A C:\Users\jk\Documents\VID 00053.3GP
2012-07-18 21:32 - 2012-07-18 21:32 - 00000000 ____D C:\Users\jk\Documents\piks
2012-07-18 21:32 - 2012-07-18 21:32 - 00000000 ____D C:\Users\jk\Documents\golf
2012-07-15 18:18 - 2012-07-15 18:22 - 390570916 ____A C:\Users\jk\Desktop\'max.payne_wish_1e3a7_e977a.flv'
2012-07-12 15:01 - 2012-07-12 15:01 - 00000000 ____D C:\Users\jk\AppData\Local\MicrosoftStore
2012-07-12 14:46 - 2012-07-12 14:46 - 00000237 ____A C:\user.js
2012-07-12 11:59 - 2012-07-12 11:59 - 00000000 ____D C:\Users\jk\AppData\Local\FANiSO
2012-07-10 21:56 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-10 21:54 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-10 21:54 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-10 21:54 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-10 21:54 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-10 21:54 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-10 21:54 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-10 21:54 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-10 21:54 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-10 21:54 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-10 21:54 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-10 21:54 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-10 21:54 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-10 21:54 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-10 21:54 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-10 21:54 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-10 21:54 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-10 21:54 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-10 21:54 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-10 21:54 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-10 21:54 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-10 21:54 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-10 21:54 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-10 21:54 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-10 21:54 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-10 21:54 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-10 21:54 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-10 21:54 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-10 21:54 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-10 14:37 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-10 14:37 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-10 14:37 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-10 14:37 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-10 14:37 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-10 14:37 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-10 14:37 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-10 14:37 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-10 14:37 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-10 14:37 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-10 14:37 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-10 14:37 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-10 14:37 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-10 14:37 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-10 14:37 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-10 14:37 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-10 14:37 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-10 14:37 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-10 14:37 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-06 21:24 - 2012-07-06 21:49 - 00000000 ____D C:\Users\jk\Desktop\TV Shows
2012-07-01 21:30 - 2012-07-01 21:30 - 00000000 ____D C:\Users\jk\AppData\Local\{EE7FB3F8-CB11-4CE3-A2B7-2CEFC85CBEB0}
2012-07-01 21:30 - 2012-07-01 21:30 - 00000000 ____D C:\Users\jk\AppData\Local\{18E10980-C3AC-4B78-B622-C04D2D8D56BE}
2012-06-30 21:14 - 2012-06-30 21:14 - 00000000 ____D C:\Users\jk\AppData\Local\{427FF6B0-70C4-4E13-918D-7C4594D89A14}
2012-06-30 21:13 - 2012-06-30 21:14 - 00000000 ____D C:\Users\jk\AppData\Local\{45FD7920-604B-4759-98CE-D461DB437767}
2012-06-30 15:26 - 2012-06-30 15:26 - 00000000 ____D C:\Users\jk\Downloads\SexUnderwater.12.06.24.Hot.censoreding.Afternoon.XXX.HR.WMV-KTR[rbg]
2012-06-27 13:00 - 2012-06-27 13:00 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-27 13:00 - 2012-05-04 18:29 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-06-27 13:00 - 2012-05-04 18:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-27 12:59 - 2012-06-27 12:59 - 00000000 ____D C:\Users\All Users\McAfee
2012-06-27 12:54 - 2012-06-27 13:36 - 00000000 ____D C:\Users\jk\AppData\Roaming\.minecraft
2012-06-25 18:59 - 2012-06-25 18:59 - 00000000 ____D C:\Users\jk\AppData\Local\{24FA9293-D32D-45E4-91A9-BA62A62D1114}
2012-06-25 18:58 - 2012-06-25 18:59 - 00000000 ____D C:\Users\jk\AppData\Local\{0CC7ACD3-7788-48AA-AE2E-510913A9F489}
2012-06-24 20:57 - 2012-06-24 20:57 - 00000000 ____D C:\Users\jk\AppData\Local\{B57FD7E1-66E5-4423-9267-E5378B6D6805}
2012-06-24 20:57 - 2012-06-24 20:57 - 00000000 ____D C:\Users\jk\AppData\Local\{5E784052-C914-475B-9724-234D993DF3BF}
2012-06-24 20:34 - 2012-06-24 20:34 - 00000000 ____D C:\Users\jk\AppData\Local\{3B814F19-51A3-453A-B5CE-1FF3243C8AFE}
2012-06-24 20:29 - 2012-06-24 20:29 - 00000000 ____D C:\Program Files\Propellerhead
2012-06-24 20:20 - 2012-06-24 20:20 - 00000000 ____D C:\Windows\en
2012-06-24 20:20 - 2012-06-24 20:20 - 00000000 ____D C:\Users\jk\AppData\Local\{F6494445-2394-4690-8315-190570531CAC}
2012-06-24 20:20 - 2012-06-24 20:20 - 00000000 ____D C:\Users\jk\AppData\Local\{7B08C4D7-EB26-4D3F-B159-8A7E9F828EC4}
2012-06-24 20:17 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{EFE55C35-B71B-4689-A69B-9286A6849D39}
2012-06-24 20:17 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{B6D6D538-01D2-4EEB-B205-AFE7454273F0}
2012-06-24 20:17 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{49FDB53B-913D-4006-9A5D-B6E9BDFF1758}
2012-06-24 20:16 - 2012-06-24 20:17 - 00000000 ____D C:\Users\jk\AppData\Local\{ACBF606D-B58A-4FD1-B272-5068D988BBA6}
2012-06-24 20:16 - 2012-06-24 20:16 - 00000000 ____D C:\Users\jk\AppData\Local\{A51BFA65-CB7E-4E8C-B546-0491F6BB3392}
2012-06-24 18:19 - 2012-06-24 18:19 - 00000000 ____D C:\Users\jk\AppData\Local\{983262F3-0973-4D01-B813-C55B6BD3C3E6}
2012-06-22 16:25 - 2012-06-22 16:25 - 00000000 ____D C:\Users\jk\AppData\Local\{78A560EC-DA11-421C-80FC-6E2F3B0D8016}
2012-06-21 11:19 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-21 11:19 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-21 11:19 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-21 11:19 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-21 11:18 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-21 11:18 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-21 11:18 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-21 11:18 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-21 11:18 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
============ 3 Months Modified Files ========================
2012-07-20 18:31 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-20 18:31 - 2009-07-13 20:51 - 00071388 ____A C:\Windows\setupact.log
2012-07-20 18:27 - 2011-11-19 19:25 - 01252341 ____A C:\Windows\WindowsUpdate.log
2012-07-20 18:05 - 2009-07-13 21:13 - 00778834 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-20 17:28 - 2011-12-06 22:08 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001UA.job
2012-07-20 17:09 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-20 17:09 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-20 17:02 - 2010-11-20 19:47 - 00552720 ____A C:\Windows\PFRO.log
2012-07-20 16:33 - 2012-07-20 16:33 - 00023482 ____A C:\Users\jk\Desktop\DDS.txt
2012-07-20 16:32 - 2012-07-20 16:32 - 00006817 ____A C:\Users\jk\Desktop\1.txt
2012-07-20 16:30 - 2012-07-20 16:30 - 00607260 ____R (Swearware) C:\Users\jk\Downloads\dds.scr
2012-07-20 15:29 - 2012-04-24 13:23 - 00000258 _RASH C:\Users\All Users\ntuser.pol
2012-07-20 15:29 - 2009-07-13 20:45 - 00268944 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-20 14:10 - 2011-08-12 19:58 - 00029342 ____A C:\Windows\DirectX.log
2012-07-20 11:46 - 2012-07-20 11:28 - 552157910 ____A C:\Users\jk\Downloads\sara jay newmeat.wmv
2012-07-19 16:40 - 2011-12-06 22:08 - 00000844 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-221318694-525691764-1706660316-1001Core.job
2012-07-16 10:53 - 2012-04-02 09:24 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-16 10:53 - 2011-08-12 19:55 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-16 10:52 - 2011-11-27 21:53 - 00000320 ____A C:\Windows\Tasks\HPCeeScheduleForjk.job
2012-07-15 20:23 - 2011-11-27 21:53 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-07-15 20:23 - 2011-11-20 21:19 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-07-15 18:22 - 2012-07-15 18:18 - 390570916 ____A C:\Users\jk\Desktop\'max.payne_wish_1e3a7_e977a.flv'
2012-07-12 14:46 - 2012-07-12 14:46 - 00000237 ____A C:\user.js
2012-07-10 21:55 - 2012-01-03 10:59 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-03 12:46 - 2012-05-10 16:27 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-27 12:59 - 2011-12-18 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-27 12:59 - 2011-12-18 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-13 11:16 - 2009-07-13 21:08 - 00032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-11 19:08 - 2012-07-10 21:56 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 21:43 - 2012-07-10 14:37 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-10 14:37 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-06 20:27 - 2012-06-06 20:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-06-05 22:06 - 2012-07-10 14:37 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-10 14:37 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-10 14:37 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-10 14:37 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-10 14:37 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-10 14:37 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-06-21 11:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 11:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 11:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 11:18 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 11:18 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 14:19 - 2012-06-21 11:18 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-21 11:19 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-21 11:18 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 14:15 - 2012-06-21 11:18 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 04:49 - 2012-07-10 21:54 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-10 21:54 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-10 21:54 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-10 21:54 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:05 - 2012-07-10 21:54 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:04 - 2012-07-10 21:54 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-10 21:54 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-10 21:54 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-10 21:54 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-10 21:54 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-10 21:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-10 21:54 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-10 21:54 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-10 21:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-10 21:54 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-10 21:54 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-10 21:54 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-10 21:54 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-10 21:54 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-10 21:54 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-10 21:54 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-10 21:54 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-10 21:54 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-10 21:54 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-10 21:54 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-10 21:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-10 21:54 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-10 21:54 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-10 14:37 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-10 14:37 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-10 14:37 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-10 14:37 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-10 14:37 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-10 14:37 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-10 14:37 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-10 14:37 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-10 14:37 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-05-30 22:08 - 2012-05-30 22:08 - 53505952 ____A C:\Users\jk\Desktop\Rich_The_Factor-Gates_Sauce_To_A_Boss-2012-FiH.zip
2012-05-04 18:29 - 2012-06-27 13:00 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-04 18:29 - 2012-06-27 13:00 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-05-04 18:29 - 2011-12-18 19:26 - 00687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-05-04 03:06 - 2012-06-13 11:22 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-06-13 11:22 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-13 11:22 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-30 21:40 - 2012-06-13 11:22 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-30 13:47 - 2012-04-30 13:47 - 00191264 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2012-04-30 13:47 - 2012-04-30 13:47 - 00172320 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2012-04-30 13:47 - 2012-04-30 13:47 - 00172320 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2012-04-30 13:47 - 2011-12-17 14:48 - 00525544 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2012-04-27 19:55 - 2012-06-13 11:22 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 21:41 - 2012-06-13 11:22 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-13 11:22 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-13 11:22 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-24 13:24 - 2012-04-24 13:24 - 00000020 __ASH C:\Users\Mcx1-JK-HP\ntuser.ini
2012-04-23 21:37 - 2012-06-13 11:22 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-13 11:22 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-13 11:22 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-13 11:22 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-13 11:22 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-13 11:22 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
ZeroAccess:
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L\00000004.@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L\1afb2d56
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\L\201d3dde
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\00000004.@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\00000008.@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\000000cb.@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\80000000.@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\80000032.@
C:\Windows\Installer\{b38f056e-006e-8d7a-6bb4-ac636ba3d603}\U\80000064.@
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 16%
Total physical RAM: 6050.52 MB
Available physical RAM: 5054.96 MB
Total Pagefile: 6048.71 MB
Available Pagefile: 5044.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
======================= Partitions =========================
1 Drive c: (OS) (Fixed) (Total:919.73 GB) (Free:759.22 GB) NTFS
2 Drive e: (HP_RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.43 GB) NTFS ==>[system with boot components (obtained from reading drive)]
8 Drive k: () (Removable) (Total:7.44 GB) (Free:6.66 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.12 GB) (Free:0.12 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 Online 7633 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 919 GB 101 MB
Partition 3 Primary 11 GB 919 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy
==================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 919 GB Healthy
==================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY NTFS Partition 11 GB Healthy
==================================================================================
Partitions of Disk 5:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB
==================================================================================
Disk: 5
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 K FAT32 Removable 7633 MB Healthy
==================================================================================
==========================================================
Last Boot: 2012-07-18 12:02
======================= End Of Log ==========================
Farbar Recovery Scan Tool Version: 20-07-2012 01
Ran by SYSTEM at 2012-07-20 19:41:44
Running from K:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC
====== End Of Search ======
-
Now my AVG antivirus found "Sirefef" has something to do with firefox.....I dont know what it is....
-
As of today ive had issues of AVG pops up saying threat detected, Google searches going to a random page, and MalwareBytes finding 1 object but unable to remove it.
Threat name for AVG "Trojan horse Patched_c.LXT"....File name "c:/Windows/System32/services.exe
Attach
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/19/2011 7:25:53 PM
System Uptime: 7/20/2012 5:28:19 PM (0 hours ago)
.
Motherboard: PEGATRON CORPORATION | | 2AC2
Processor: Intel® Core i3-2120 CPU @ 3.30GHz | CPU 1 | 3300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 920 GiB total, 759.546 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.43 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP59: 7/10/2012 10:53:55 PM - Windows Update
RP60: 7/12/2012 3:58:57 PM - Removed BabylonObjectInstaller
RP61: 7/20/2012 3:09:52 PM - Installed DirectX
RP62: 7/20/2012 4:33:53 PM - Restore Operation
.
==== Installed Programs ======================
.
µTorrent
802.11n Wireless LAN Card
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Agatha Christie - Peril at End House
Apple Application Support
Apple Software Update
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Cake Mania
CameraHelperMsi
Chronicles of Albian
Chuzzle Deluxe
Cradle of Rome 2
D3DX10
DVD Decrypter (Remove Only)
erLT
Farm Frenzy
FATE
Google Talk Plugin
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.1.1.0
HP Customer Experience Enhancements
HP Games
HP LinkUp
HP MovieStore
HP Odometer
HP Setup
HP Setup Manager
HP SimplePass PE 2011
HP Support Assistant
HP Support Information
HP Update
Intel® Control Center
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
Intel® Processor Graphics
Internet Download Manager
Java Auto Updater
Java 6 Update 30
Java 7 Update 5
JavaFX 2.1.1
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
Kobo
LabelPrint
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Mah Jong Medley
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Microsoft Mathematics
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
mIRC
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery of Mortlake Mansion
Namco All-Stars: PAC-MAN
Norton Online Backup
Out of the Park Baseball 13
PDF Complete Special Edition
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Police Force
Power2Go
PressReader
Realtek High Definition Audio Driver
Reason 5.0
Recovery Manager
Remote Graphics Receiver
Remote Mouse version 1.50
RoxioNow Player
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skype™ 5.8
Slingo Supreme
SoulSeek 157 NS 13e
StreamTorrent 1.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands
VIP Access SDK (1.0.1.4)
Virtual Villagers 5 - New Believers
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.1
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
7/20/2012 5:29:02 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
7/20/2012 5:29:02 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
7/20/2012 5:28:45 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/20/2012 5:28:43 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
7/20/2012 5:28:43 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
.
==== End Of File ===========================
DDS
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by jk at 17:31:21 on 2012-07-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4302 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Google Update] "C:\Users\jk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{10E95479-1198-431B-9936-6DD7F2D361C6} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{30DAA431-0433-4787-8D69-5363B8238F30} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO-X64: TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jk\AppData\Roaming\Mozilla\Firefox\Profiles\dm4gl0fx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\jk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\jk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111787
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.hardId - 1091fab2000000000000d0df9a7f5762
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15533
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:46:54
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-9 85560]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-12 655944]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-12 1128952]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-12 2656280]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976]
S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-20 22:20:08 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-20 22:12:10 -------- d-----w- C:\Users\jk\AppData\Roaming\RedDotGames
2012-07-20 22:10:59 5554512 ----a-w- C:\Windows\System32\d3dcsx_42.dll
2012-07-20 21:56:10 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2012-07-20 19:32:12 -------- d-----w- C:\Users\jk\AppData\Roaming\mIRC
2012-07-20 19:32:11 -------- d-----w- C:\Program Files (x86)\mIRC
2012-07-12 23:01:25 -------- d-----w- C:\Users\jk\AppData\Local\MicrosoftStore
2012-07-12 19:59:35 -------- d-----w- C:\Users\jk\AppData\Local\FANiSO
2012-07-11 05:56:32 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-10 22:37:23 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-07-02 05:30:38 -------- d-----w- C:\Users\jk\AppData\Local\{18E10980-C3AC-4B78-B622-C04D2D8D56BE}
2012-07-02 05:30:27 -------- d-----w- C:\Users\jk\AppData\Local\{EE7FB3F8-CB11-4CE3-A2B7-2CEFC85CBEB0}
2012-07-01 05:14:04 -------- d-----w- C:\Users\jk\AppData\Local\{427FF6B0-70C4-4E13-918D-7C4594D89A14}
2012-07-01 05:13:54 -------- d-----w- C:\Users\jk\AppData\Local\{45FD7920-604B-4759-98CE-D461DB437767}
2012-06-27 21:00:38 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-27 21:00:13 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-27 20:54:27 -------- d-----w- C:\Users\jk\AppData\Roaming\.minecraft
2012-06-26 02:59:02 -------- d-----w- C:\Users\jk\AppData\Local\{24FA9293-D32D-45E4-91A9-BA62A62D1114}
2012-06-26 02:58:51 -------- d-----w- C:\Users\jk\AppData\Local\{0CC7ACD3-7788-48AA-AE2E-510913A9F489}
2012-06-25 04:57:43 -------- d-----w- C:\Users\jk\AppData\Local\{5E784052-C914-475B-9724-234D993DF3BF}
2012-06-25 04:57:32 -------- d-----w- C:\Users\jk\AppData\Local\{B57FD7E1-66E5-4423-9267-E5378B6D6805}
2012-06-25 04:34:47 -------- d-----w- C:\Users\jk\AppData\Local\{3B814F19-51A3-453A-B5CE-1FF3243C8AFE}
2012-06-25 04:29:51 -------- d-----w- C:\Program Files\Propellerhead
2012-06-25 04:20:46 -------- d-----w- C:\Users\jk\AppData\Local\{7B08C4D7-EB26-4D3F-B159-8A7E9F828EC4}
2012-06-25 04:20:35 -------- d-----w- C:\Users\jk\AppData\Local\{F6494445-2394-4690-8315-190570531CAC}
2012-06-25 04:20:05 -------- d-----w- C:\Windows\en
2012-06-25 04:17:53 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DSETUP.dll
2012-06-25 04:17:53 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\DXSETUP.exe
2012-06-25 04:17:53 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d5426951cd528903\dsetup32.dll
2012-06-25 04:17:53 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7d9109691cd528904\MeshBetaRemover.exe
2012-06-25 04:17:50 -------- d-----w- C:\Users\jk\AppData\Local\{49FDB53B-913D-4006-9A5D-B6E9BDFF1758}
2012-06-25 04:17:28 -------- d-----w- C:\Users\jk\AppData\Local\{EFE55C35-B71B-4689-A69B-9286A6849D39}
2012-06-25 04:17:17 -------- d-----w- C:\Users\jk\AppData\Local\{B6D6D538-01D2-4EEB-B205-AFE7454273F0}
2012-06-25 04:16:59 -------- d-----w- C:\Users\jk\AppData\Local\{ACBF606D-B58A-4FD1-B272-5068D988BBA6}
2012-06-25 04:16:48 -------- d-----w- C:\Users\jk\AppData\Local\{A51BFA65-CB7E-4E8C-B546-0491F6BB3392}
2012-06-25 02:19:23 -------- d-----w- C:\Users\jk\AppData\Local\{983262F3-0973-4D01-B813-C55B6BD3C3E6}
2012-06-23 00:25:14 -------- d-----w- C:\Users\jk\AppData\Local\{78A560EC-DA11-421C-80FC-6E2F3B0D8016}
2012-06-21 19:19:03 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 19:18:51 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 19:18:43 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 19:18:43 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-16 18:53:06 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-16 18:53:06 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-05-05 02:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-30 21:47:34 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
============= FINISH: 17:32:19.01 ===============
services.exe Trojan horse Patched_c.LXT
in Resolved Malware Removal Logs
Posted
All done. Thanks for the help again.