Jump to content

dann

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

Reputation

0 Neutral
  1. dann
    Yes... The main drive died (old pc) so had to get new HDD...... Thank you for your help anyway
  2. dann
    will do when the scans are all done
  3. dann
    23:02:26.0664 4152 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19 23:02:26.0773 4152 ============================================================ 23:02:26.0773 4152 Current date / time: 2013/07/09 23:02:26.0773 23:02:26.0773 4152 SystemInfo: 23:02:26.0773 4152 23:02:26.0773 4152 OS Version: 6.1.7601 ServicePack: 1.0 23:02:26.0773 4152 Product type: Workstation 23:02:26.0773 4152 ComputerName: LES-PC 23:02:26.0773 4152 UserName: Les 23:02:26.0773 4152 Windows directory: C:\Windows 23:02:26.0773 4152 System windows directory: C:\Windows 23:02:26.0773 4152 Running under WOW64 23:02:26.0773 4152 Processor architecture: Intel x64 23:02:26.0773 4152 Number of processors: 2 23:02:26.0773 4152 Page size: 0x1000 23:02:26.0773 4152 Boot type: Normal boot 23:02:26.0773 4152 ============================================================ 23:02:28.0350 4152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:02:28.0366 4152 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:02:28.0381 4152 Drive \Device\Harddisk6\DR6 - Size: 0x1DC8D0800 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 23:02:28.0381 4152 ============================================================ 23:02:28.0381 4152 \Device\Harddisk0\DR0: 23:02:28.0381 4152 MBR partitions: 23:02:28.0381 4152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4F800, BlocksNum 0x38636000 23:02:28.0381 4152 \Device\Harddisk1\DR1: 23:02:28.0381 4152 MBR partitions: 23:02:28.0381 4152 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000 23:02:28.0381 4152 \Device\Harddisk6\DR6: 23:02:28.0397 4152 MBR partitions: 23:02:28.0397 4152 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEE3FA1 23:02:28.0397 4152 ============================================================ 23:02:28.0412 4152 C: <-> \Device\Harddisk0\DR0\Partition1 23:02:28.0444 4152 D: <-> \Device\Harddisk1\DR1\Partition1 23:02:28.0444 4152 ============================================================ 23:02:28.0444 4152 Initialize success 23:02:28.0444 4152 ============================================================ 23:03:19.0674 1528 ============================================================ 23:03:19.0674 1528 Scan started 23:03:19.0674 1528 Mode: Manual; 23:03:19.0674 1528 ============================================================ 23:03:20.0251 1528 ================ Scan system memory ======================== 23:03:20.0251 1528 System memory - ok 23:03:20.0251 1528 ================ Scan services ============================= 23:03:20.0392 1528 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 23:03:20.0392 1528 1394ohci - ok 23:03:20.0423 1528 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 23:03:20.0439 1528 ACPI - ok 23:03:20.0454 1528 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 23:03:20.0454 1528 AcpiPmi - ok 23:03:20.0548 1528 [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe 23:03:20.0548 1528 AdobeActiveFileMonitor8.0 - ok 23:03:20.0610 1528 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe 23:03:20.0610 1528 AdobeActiveFileMonitor9.0 - ok 23:03:20.0673 1528 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 23:03:20.0673 1528 AdobeARMservice - ok 23:03:20.0766 1528 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 23:03:20.0782 1528 AdobeFlashPlayerUpdateSvc - ok 23:03:20.0829 1528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 23:03:20.0844 1528 adp94xx - ok 23:03:20.0860 1528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 23:03:20.0860 1528 adpahci - ok 23:03:20.0875 1528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 23:03:20.0875 1528 adpu320 - ok 23:03:20.0922 1528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:03:20.0922 1528 AeLookupSvc - ok 23:03:20.0969 1528 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 23:03:20.0985 1528 AFD - ok 23:03:21.0000 1528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 23:03:21.0016 1528 agp440 - ok 23:03:21.0031 1528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 23:03:21.0031 1528 ALG - ok 23:03:21.0047 1528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 23:03:21.0047 1528 aliide - ok 23:03:21.0063 1528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 23:03:21.0063 1528 amdide - ok 23:03:21.0094 1528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 23:03:21.0094 1528 AmdK8 - ok 23:03:21.0094 1528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 23:03:21.0094 1528 AmdPPM - ok 23:03:21.0125 1528 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 23:03:21.0141 1528 amdsata - ok 23:03:21.0156 1528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 23:03:21.0156 1528 amdsbs - ok 23:03:21.0172 1528 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 23:03:21.0172 1528 amdxata - ok 23:03:21.0187 1528 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 23:03:21.0187 1528 AppID - ok 23:03:21.0219 1528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 23:03:21.0219 1528 AppIDSvc - ok 23:03:21.0234 1528 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 23:03:21.0265 1528 Appinfo - ok 23:03:21.0375 1528 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 23:03:21.0375 1528 Apple Mobile Device - ok 23:03:21.0390 1528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 23:03:21.0390 1528 arc - ok 23:03:21.0406 1528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 23:03:21.0406 1528 arcsas - ok 23:03:21.0421 1528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:03:21.0421 1528 AsyncMac - ok 23:03:21.0437 1528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 23:03:21.0437 1528 atapi - ok 23:03:21.0468 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:03:21.0499 1528 AudioEndpointBuilder - ok 23:03:21.0499 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 23:03:21.0515 1528 AudioSrv - ok 23:03:21.0546 1528 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys 23:03:21.0546 1528 Avgfwfd - ok 23:03:21.0624 1528 [ 6D3A517FE33AD047578BF73BB447EEAD ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe 23:03:21.0655 1528 avgfws - ok 23:03:21.0796 1528 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe 23:03:21.0936 1528 AVGIDSAgent - ok 23:03:21.0967 1528 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 23:03:21.0967 1528 AVGIDSDriver - ok 23:03:22.0014 1528 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 23:03:22.0014 1528 AVGIDSHA - ok 23:03:22.0061 1528 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 23:03:22.0061 1528 Avgldx64 - ok 23:03:22.0092 1528 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 23:03:22.0092 1528 Avgloga - ok 23:03:22.0123 1528 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 23:03:22.0123 1528 Avgmfx64 - ok 23:03:22.0139 1528 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 23:03:22.0139 1528 Avgrkx64 - ok 23:03:22.0170 1528 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 23:03:22.0170 1528 Avgtdia - ok 23:03:22.0201 1528 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe 23:03:22.0201 1528 avgwd - ok 23:03:22.0233 1528 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 23:03:22.0233 1528 AxInstSV - ok 23:03:22.0264 1528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 23:03:22.0279 1528 b06bdrv - ok 23:03:22.0311 1528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 23:03:22.0311 1528 b57nd60a - ok 23:03:22.0326 1528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 23:03:22.0326 1528 BDESVC - ok 23:03:22.0357 1528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 23:03:22.0373 1528 Beep - ok 23:03:22.0389 1528 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 23:03:22.0404 1528 BFE - ok 23:03:22.0451 1528 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 23:03:22.0467 1528 BITS - ok 23:03:22.0467 1528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 23:03:22.0482 1528 blbdrive - ok 23:03:22.0576 1528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 23:03:22.0591 1528 Bonjour Service - ok 23:03:22.0623 1528 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:03:22.0623 1528 bowser - ok 23:03:22.0654 1528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 23:03:22.0654 1528 BrFiltLo - ok 23:03:22.0669 1528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 23:03:22.0669 1528 BrFiltUp - ok 23:03:22.0701 1528 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 23:03:22.0701 1528 Browser - ok 23:03:22.0810 1528 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe 23:03:22.0857 1528 BrowserDefendert - ok 23:03:22.0872 1528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 23:03:22.0888 1528 Brserid - ok 23:03:22.0903 1528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 23:03:22.0903 1528 BrSerWdm - ok 23:03:22.0919 1528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 23:03:22.0919 1528 BrUsbMdm - ok 23:03:22.0935 1528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 23:03:22.0935 1528 BrUsbSer - ok 23:03:22.0950 1528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 23:03:22.0950 1528 BTHMODEM - ok 23:03:22.0981 1528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 23:03:22.0981 1528 bthserv - ok 23:03:22.0997 1528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:03:23.0013 1528 cdfs - ok 23:03:23.0028 1528 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 23:03:23.0028 1528 cdrom - ok 23:03:23.0044 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 23:03:23.0044 1528 CertPropSvc - ok 23:03:23.0059 1528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 23:03:23.0059 1528 circlass - ok 23:03:23.0137 1528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 23:03:23.0137 1528 CLFS - ok 23:03:23.0184 1528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:03:23.0184 1528 clr_optimization_v2.0.50727_32 - ok 23:03:23.0231 1528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:03:23.0247 1528 clr_optimization_v2.0.50727_64 - ok 23:03:23.0309 1528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:03:23.0309 1528 clr_optimization_v4.0.30319_32 - ok 23:03:23.0340 1528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:03:23.0340 1528 clr_optimization_v4.0.30319_64 - ok 23:03:23.0371 1528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 23:03:23.0371 1528 CmBatt - ok 23:03:23.0387 1528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 23:03:23.0387 1528 cmdide - ok 23:03:23.0434 1528 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 23:03:23.0449 1528 CNG - ok 23:03:23.0465 1528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 23:03:23.0465 1528 Compbatt - ok 23:03:23.0481 1528 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 23:03:23.0481 1528 CompositeBus - ok 23:03:23.0481 1528 COMSysApp - ok 23:03:23.0496 1528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 23:03:23.0496 1528 crcdisk - ok 23:03:23.0527 1528 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:03:23.0527 1528 CryptSvc - ok 23:03:23.0652 1528 [ 63BB35797AAA73236FB85C6363E2F156 ] DatamngrCoordinator C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe 23:03:23.0746 1528 DatamngrCoordinator - ok 23:03:23.0793 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 23:03:23.0808 1528 DcomLaunch - ok 23:03:23.0839 1528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 23:03:23.0839 1528 defragsvc - ok 23:03:23.0871 1528 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:03:23.0871 1528 DfsC - ok 23:03:23.0902 1528 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 23:03:23.0902 1528 dg_ssudbus - ok 23:03:23.0933 1528 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 23:03:23.0933 1528 Dhcp - ok 23:03:23.0964 1528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 23:03:23.0964 1528 discache - ok 23:03:23.0980 1528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 23:03:23.0980 1528 Disk - ok 23:03:24.0011 1528 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:03:24.0011 1528 Dnscache - ok 23:03:24.0042 1528 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 23:03:24.0042 1528 dot3svc - ok 23:03:24.0058 1528 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 23:03:24.0058 1528 DPS - ok 23:03:24.0089 1528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:03:24.0089 1528 drmkaud - ok 23:03:24.0136 1528 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:03:24.0151 1528 DXGKrnl - ok 23:03:24.0183 1528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 23:03:24.0183 1528 EapHost - ok 23:03:24.0261 1528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 23:03:24.0323 1528 ebdrv - ok 23:03:24.0354 1528 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 23:03:24.0354 1528 EFS - ok 23:03:24.0401 1528 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:03:24.0417 1528 ehRecvr - ok 23:03:24.0432 1528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 23:03:24.0432 1528 ehSched - ok 23:03:24.0479 1528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 23:03:24.0495 1528 elxstor - ok 23:03:24.0495 1528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 23:03:24.0510 1528 ErrDev - ok 23:03:24.0573 1528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 23:03:24.0588 1528 EventSystem - ok 23:03:24.0619 1528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 23:03:24.0635 1528 exfat - ok 23:03:24.0666 1528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:03:24.0682 1528 fastfat - ok 23:03:24.0713 1528 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 23:03:24.0729 1528 Fax - ok 23:03:24.0744 1528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 23:03:24.0744 1528 fdc - ok 23:03:24.0760 1528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 23:03:24.0760 1528 fdPHost - ok 23:03:24.0775 1528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 23:03:24.0775 1528 FDResPub - ok 23:03:24.0807 1528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:03:24.0807 1528 FileInfo - ok 23:03:24.0807 1528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:03:24.0822 1528 Filetrace - ok 23:03:24.0869 1528 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 23:03:24.0885 1528 FLEXnet Licensing Service - ok 23:03:24.0900 1528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 23:03:24.0900 1528 flpydisk - ok 23:03:24.0916 1528 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:03:24.0931 1528 FltMgr - ok 23:03:24.0963 1528 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 23:03:24.0994 1528 FontCache - ok 23:03:25.0041 1528 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:03:25.0041 1528 FontCache3.0.0.0 - ok 23:03:25.0056 1528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 23:03:25.0072 1528 FsDepends - ok 23:03:25.0119 1528 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 23:03:25.0119 1528 fssfltr - ok 23:03:25.0181 1528 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 23:03:25.0228 1528 fsssvc - ok 23:03:25.0275 1528 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:03:25.0275 1528 Fs_Rec - ok 23:03:25.0306 1528 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 23:03:25.0306 1528 fvevol - ok 23:03:25.0321 1528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 23:03:25.0321 1528 gagp30kx - ok 23:03:25.0353 1528 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 23:03:25.0353 1528 GEARAspiWDM - ok 23:03:25.0384 1528 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 23:03:25.0399 1528 gpsvc - ok 23:03:25.0493 1528 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 23:03:25.0493 1528 gupdate - ok 23:03:25.0493 1528 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 23:03:25.0509 1528 gupdatem - ok 23:03:25.0555 1528 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 23:03:25.0571 1528 gusvc - ok 23:03:25.0587 1528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 23:03:25.0587 1528 hcw85cir - ok 23:03:25.0633 1528 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:03:25.0633 1528 HdAudAddService - ok 23:03:25.0649 1528 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 23:03:25.0649 1528 HDAudBus - ok 23:03:25.0680 1528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 23:03:25.0680 1528 HidBatt - ok 23:03:25.0696 1528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 23:03:25.0696 1528 HidBth - ok 23:03:25.0711 1528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 23:03:25.0711 1528 HidIr - ok 23:03:25.0743 1528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 23:03:25.0743 1528 hidserv - ok 23:03:25.0758 1528 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 23:03:25.0758 1528 HidUsb - ok 23:03:25.0789 1528 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 23:03:25.0789 1528 hkmsvc - ok 23:03:25.0821 1528 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 23:03:25.0821 1528 HomeGroupListener - ok 23:03:25.0852 1528 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 23:03:25.0867 1528 HomeGroupProvider - ok 23:03:25.0883 1528 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 23:03:25.0883 1528 HpSAMD - ok 23:03:25.0914 1528 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:03:25.0930 1528 HTTP - ok 23:03:25.0945 1528 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 23:03:25.0945 1528 hwpolicy - ok 23:03:25.0961 1528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 23:03:25.0961 1528 i8042prt - ok 23:03:25.0992 1528 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 23:03:25.0992 1528 iaStorV - ok 23:03:26.0086 1528 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 23:03:26.0086 1528 IDriverT - ok 23:03:26.0133 1528 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:03:26.0148 1528 idsvc - ok 23:03:26.0164 1528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 23:03:26.0179 1528 iirsp - ok 23:03:26.0211 1528 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 23:03:26.0242 1528 IKEEXT - ok 23:03:26.0242 1528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 23:03:26.0257 1528 intelide - ok 23:03:26.0273 1528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 23:03:26.0273 1528 intelppm - ok 23:03:26.0289 1528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:03:26.0289 1528 IPBusEnum - ok 23:03:26.0304 1528 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:03:26.0304 1528 IpFilterDriver - ok 23:03:26.0351 1528 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:03:26.0367 1528 iphlpsvc - ok 23:03:26.0382 1528 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 23:03:26.0382 1528 IPMIDRV - ok 23:03:26.0398 1528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 23:03:26.0413 1528 IPNAT - ok 23:03:26.0476 1528 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 23:03:26.0491 1528 iPod Service - ok 23:03:26.0523 1528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:03:26.0523 1528 IRENUM - ok 23:03:26.0554 1528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 23:03:26.0554 1528 isapnp - ok 23:03:26.0569 1528 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 23:03:26.0569 1528 iScsiPrt - ok 23:03:26.0601 1528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 23:03:26.0601 1528 kbdclass - ok 23:03:26.0616 1528 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 23:03:26.0616 1528 kbdhid - ok 23:03:26.0632 1528 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 23:03:26.0632 1528 KeyIso - ok 23:03:26.0663 1528 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:03:26.0663 1528 KSecDD - ok 23:03:26.0694 1528 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 23:03:26.0694 1528 KSecPkg - ok 23:03:26.0725 1528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 23:03:26.0725 1528 ksthunk - ok 23:03:26.0757 1528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 23:03:26.0772 1528 KtmRm - ok 23:03:26.0803 1528 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 23:03:26.0803 1528 LanmanServer - ok 23:03:26.0850 1528 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:03:26.0850 1528 LanmanWorkstation - ok 23:03:26.0866 1528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:03:26.0866 1528 lltdio - ok 23:03:26.0897 1528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:03:26.0897 1528 lltdsvc - ok 23:03:26.0928 1528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 23:03:26.0928 1528 lmhosts - ok 23:03:26.0944 1528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 23:03:26.0959 1528 LSI_FC - ok 23:03:26.0975 1528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 23:03:26.0975 1528 LSI_SAS - ok 23:03:26.0991 1528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 23:03:26.0991 1528 LSI_SAS2 - ok 23:03:27.0006 1528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 23:03:27.0022 1528 LSI_SCSI - ok 23:03:27.0037 1528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 23:03:27.0053 1528 luafv - ok 23:03:27.0100 1528 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 23:03:27.0100 1528 LVRS64 - ok 23:03:27.0287 1528 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 23:03:27.0427 1528 LVUVC64 - ok 23:03:27.0490 1528 [ 622FCF264119F7DF127BE353F796B319 ] Maps4PC_0cService C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe 23:03:27.0490 1528 Maps4PC_0cService - ok 23:03:27.0552 1528 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe 23:03:27.0552 1528 McComponentHostService - ok 23:03:27.0583 1528 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:03:27.0583 1528 Mcx2Svc - ok 23:03:27.0615 1528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 23:03:27.0615 1528 megasas - ok 23:03:27.0630 1528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 23:03:27.0646 1528 MegaSR - ok 23:03:27.0661 1528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 23:03:27.0677 1528 MMCSS - ok 23:03:27.0708 1528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 23:03:27.0708 1528 Modem - ok 23:03:27.0724 1528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:03:27.0724 1528 monitor - ok 23:03:27.0724 1528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 23:03:27.0724 1528 mouclass - ok 23:03:27.0739 1528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:03:27.0739 1528 mouhid - ok 23:03:27.0755 1528 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 23:03:27.0755 1528 mountmgr - ok 23:03:27.0786 1528 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 23:03:27.0786 1528 MozillaMaintenance - ok 23:03:27.0802 1528 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 23:03:27.0817 1528 mpio - ok 23:03:27.0833 1528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:03:27.0833 1528 mpsdrv - ok 23:03:27.0880 1528 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 23:03:27.0895 1528 MpsSvc - ok 23:03:27.0911 1528 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:03:27.0911 1528 MRxDAV - ok 23:03:27.0942 1528 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:03:27.0942 1528 mrxsmb - ok 23:03:27.0973 1528 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:03:27.0989 1528 mrxsmb10 - ok 23:03:28.0005 1528 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:03:28.0005 1528 mrxsmb20 - ok 23:03:28.0020 1528 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 23:03:28.0020 1528 msahci - ok 23:03:28.0036 1528 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 23:03:28.0036 1528 msdsm - ok 23:03:28.0051 1528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 23:03:28.0051 1528 MSDTC - ok 23:03:28.0083 1528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:03:28.0083 1528 Msfs - ok 23:03:28.0098 1528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 23:03:28.0098 1528 mshidkmdf - ok 23:03:28.0114 1528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 23:03:28.0114 1528 msisadrv - ok 23:03:28.0145 1528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:03:28.0145 1528 MSiSCSI - ok 23:03:28.0145 1528 msiserver - ok 23:03:28.0161 1528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:03:28.0161 1528 MSKSSRV - ok 23:03:28.0192 1528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:03:28.0192 1528 MSPCLOCK - ok 23:03:28.0207 1528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:03:28.0207 1528 MSPQM - ok 23:03:28.0239 1528 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:03:28.0239 1528 MsRPC - ok 23:03:28.0254 1528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 23:03:28.0270 1528 mssmbios - ok 23:03:28.0285 1528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:03:28.0301 1528 MSTEE - ok 23:03:28.0301 1528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 23:03:28.0301 1528 MTConfig - ok 23:03:28.0317 1528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 23:03:28.0317 1528 Mup - ok 23:03:28.0379 1528 [ BB74024A1D4E4808562C090980151653 ] MyWebSearchService C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe 23:03:28.0379 1528 MyWebSearchService - ok 23:03:28.0410 1528 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 23:03:28.0441 1528 napagent - ok 23:03:28.0473 1528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:03:28.0473 1528 NativeWifiP - ok 23:03:28.0519 1528 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 23:03:28.0535 1528 NDIS - ok 23:03:28.0551 1528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 23:03:28.0551 1528 NdisCap - ok 23:03:28.0566 1528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:03:28.0566 1528 NdisTapi - ok 23:03:28.0582 1528 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:03:28.0582 1528 Ndisuio - ok 23:03:28.0597 1528 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:03:28.0613 1528 NdisWan - ok 23:03:28.0629 1528 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:03:28.0629 1528 NDProxy - ok 23:03:28.0644 1528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:03:28.0644 1528 NetBIOS - ok 23:03:28.0660 1528 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 23:03:28.0675 1528 NetBT - ok 23:03:28.0691 1528 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 23:03:28.0691 1528 Netlogon - ok 23:03:28.0722 1528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 23:03:28.0722 1528 Netman - ok 23:03:28.0738 1528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 23:03:28.0738 1528 netprofm - ok 23:03:28.0769 1528 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:03:28.0769 1528 NetTcpPortSharing - ok 23:03:28.0785 1528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 23:03:28.0800 1528 nfrd960 - ok 23:03:28.0816 1528 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 23:03:28.0831 1528 NlaSvc - ok 23:03:28.0831 1528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:03:28.0831 1528 Npfs - ok 23:03:28.0863 1528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 23:03:28.0863 1528 nsi - ok 23:03:28.0863 1528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:03:28.0878 1528 nsiproxy - ok 23:03:28.0941 1528 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:03:28.0972 1528 Ntfs - ok 23:03:29.0003 1528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 23:03:29.0003 1528 Null - ok 23:03:29.0331 1528 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:03:29.0612 1528 nvlddmkm - ok 23:03:29.0643 1528 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:03:29.0643 1528 nvraid - ok 23:03:29.0674 1528 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:03:29.0674 1528 nvstor - ok 23:03:29.0768 1528 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe 23:03:29.0783 1528 nvsvc - ok 23:03:29.0846 1528 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 23:03:29.0877 1528 nvUpdatusService - ok 23:03:29.0892 1528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 23:03:29.0892 1528 nv_agp - ok 23:03:29.0924 1528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 23:03:29.0924 1528 ohci1394 - ok 23:03:29.0970 1528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:03:29.0970 1528 ose - ok 23:03:30.0158 1528 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 23:03:30.0298 1528 osppsvc - ok 23:03:30.0329 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 23:03:30.0345 1528 p2pimsvc - ok 23:03:30.0376 1528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 23:03:30.0392 1528 p2psvc - ok 23:03:30.0407 1528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 23:03:30.0407 1528 Parport - ok 23:03:30.0438 1528 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:03:30.0438 1528 partmgr - ok 23:03:30.0454 1528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:03:30.0454 1528 PcaSvc - ok 23:03:30.0470 1528 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 23:03:30.0470 1528 pci - ok 23:03:30.0485 1528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 23:03:30.0485 1528 pciide - ok 23:03:30.0501 1528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 23:03:30.0501 1528 pcmcia - ok 23:03:30.0516 1528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 23:03:30.0532 1528 pcw - ok 23:03:30.0548 1528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:03:30.0579 1528 PEAUTH - ok 23:03:30.0626 1528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 23:03:30.0641 1528 PerfHost - ok 23:03:30.0704 1528 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 23:03:30.0719 1528 pla - ok 23:03:30.0766 1528 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:03:30.0766 1528 PlugPlay - ok 23:03:30.0782 1528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 23:03:30.0782 1528 PNRPAutoReg - ok 23:03:30.0797 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 23:03:30.0797 1528 PNRPsvc - ok 23:03:30.0844 1528 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:03:30.0860 1528 PolicyAgent - ok 23:03:30.0875 1528 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 23:03:30.0891 1528 Power - ok 23:03:30.0906 1528 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:03:30.0906 1528 PptpMiniport - ok 23:03:30.0938 1528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 23:03:30.0938 1528 Processor - ok 23:03:30.0969 1528 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 23:03:30.0969 1528 ProfSvc - ok 23:03:30.0984 1528 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:03:30.0984 1528 ProtectedStorage - ok 23:03:31.0000 1528 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 23:03:31.0016 1528 Psched - ok 23:03:31.0031 1528 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 23:03:31.0031 1528 PxHlpa64 - ok 23:03:31.0078 1528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 23:03:31.0109 1528 ql2300 - ok 23:03:31.0125 1528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 23:03:31.0125 1528 ql40xx - ok 23:03:31.0156 1528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 23:03:31.0172 1528 QWAVE - ok 23:03:31.0172 1528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:03:31.0172 1528 QWAVEdrv - ok 23:03:31.0187 1528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:03:31.0203 1528 RasAcd - ok 23:03:31.0218 1528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 23:03:31.0218 1528 RasAgileVpn - ok 23:03:31.0265 1528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 23:03:31.0281 1528 RasAuto - ok 23:03:31.0281 1528 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:03:31.0296 1528 Rasl2tp - ok 23:03:31.0312 1528 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 23:03:31.0312 1528 RasMan - ok 23:03:31.0328 1528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:03:31.0328 1528 RasPppoe - ok 23:03:31.0343 1528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 23:03:31.0359 1528 RasSstp - ok 23:03:31.0390 1528 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:03:31.0390 1528 rdbss - ok 23:03:31.0406 1528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 23:03:31.0406 1528 rdpbus - ok 23:03:31.0437 1528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:03:31.0437 1528 RDPCDD - ok 23:03:31.0452 1528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:03:31.0452 1528 RDPENCDD - ok 23:03:31.0468 1528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 23:03:31.0468 1528 RDPREFMP - ok 23:03:31.0499 1528 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 23:03:31.0499 1528 RdpVideoMiniport - ok 23:03:31.0530 1528 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:03:31.0530 1528 RDPWD - ok 23:03:31.0562 1528 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 23:03:31.0562 1528 rdyboost - ok 23:03:31.0593 1528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 23:03:31.0593 1528 RemoteAccess - ok 23:03:31.0624 1528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:03:31.0624 1528 RemoteRegistry - ok 23:03:31.0655 1528 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys 23:03:31.0671 1528 RimUsb - ok 23:03:31.0702 1528 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 23:03:31.0702 1528 RimVSerPort - ok 23:03:31.0733 1528 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 23:03:31.0733 1528 ROOTMODEM - ok 23:03:31.0749 1528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 23:03:31.0749 1528 RpcEptMapper - ok 23:03:31.0780 1528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 23:03:31.0780 1528 RpcLocator - ok 23:03:31.0796 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 23:03:31.0811 1528 RpcSs - ok 23:03:31.0811 1528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:03:31.0827 1528 rspndr - ok 23:03:31.0827 1528 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 23:03:31.0827 1528 SamSs - ok 23:03:31.0842 1528 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 23:03:31.0842 1528 sbp2port - ok 23:03:31.0858 1528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:03:31.0874 1528 SCardSvr - ok 23:03:31.0889 1528 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 23:03:31.0889 1528 scfilter - ok 23:03:31.0936 1528 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 23:03:31.0967 1528 Schedule - ok 23:03:31.0998 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 23:03:31.0998 1528 SCPolicySvc - ok 23:03:32.0014 1528 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:03:32.0014 1528 SDRSVC - ok 23:03:32.0030 1528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:03:32.0030 1528 secdrv - ok 23:03:32.0045 1528 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 23:03:32.0045 1528 seclogon - ok 23:03:32.0061 1528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 23:03:32.0061 1528 SENS - ok 23:03:32.0108 1528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 23:03:32.0108 1528 SensrSvc - ok 23:03:32.0123 1528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 23:03:32.0123 1528 Serenum - ok 23:03:32.0139 1528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 23:03:32.0139 1528 Serial - ok 23:03:32.0154 1528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 23:03:32.0154 1528 sermouse - ok 23:03:32.0186 1528 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 23:03:32.0186 1528 SessionEnv - ok 23:03:32.0201 1528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 23:03:32.0201 1528 sffdisk - ok 23:03:32.0217 1528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 23:03:32.0217 1528 sffp_mmc - ok 23:03:32.0248 1528 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 23:03:32.0248 1528 sffp_sd - ok 23:03:32.0264 1528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 23:03:32.0264 1528 sfloppy - ok 23:03:32.0295 1528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:03:32.0295 1528 SharedAccess - ok 23:03:32.0310 1528 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:03:32.0326 1528 ShellHWDetection - ok 23:03:32.0342 1528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 23:03:32.0342 1528 SiSRaid2 - ok 23:03:32.0357 1528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 23:03:32.0357 1528 SiSRaid4 - ok 23:03:32.0404 1528 [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 23:03:32.0404 1528 SkypeUpdate - ok 23:03:32.0420 1528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:03:32.0420 1528 Smb - ok 23:03:32.0435 1528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:03:32.0435 1528 SNMPTRAP - ok 23:03:32.0451 1528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 23:03:32.0451 1528 spldr - ok 23:03:32.0482 1528 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 23:03:32.0498 1528 Spooler - ok 23:03:32.0576 1528 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 23:03:32.0638 1528 sppsvc - ok 23:03:32.0669 1528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 23:03:32.0669 1528 sppuinotify - ok 23:03:32.0700 1528 [ 34F974F8B3C86DE03A30DCBE79091C97 ] sptd C:\Windows\system32\Drivers\sptd.sys 23:03:32.0700 1528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C97 23:03:32.0716 1528 sptd ( LockedFile.Multi.Generic ) - warning 23:03:32.0716 1528 sptd - detected LockedFile.Multi.Generic (1) 23:03:32.0747 1528 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 23:03:32.0763 1528 srv - ok 23:03:32.0794 1528 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:03:32.0794 1528 srv2 - ok 23:03:32.0810 1528 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:03:32.0810 1528 srvnet - ok 23:03:32.0841 1528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:03:32.0856 1528 SSDPSRV - ok 23:03:32.0872 1528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 23:03:32.0872 1528 SstpSvc - ok 23:03:32.0903 1528 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 23:03:32.0903 1528 ssudmdm - ok 23:03:32.0966 1528 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:03:32.0981 1528 Stereo Service - ok 23:03:33.0012 1528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 23:03:33.0012 1528 stexstor - ok 23:03:33.0044 1528 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 23:03:33.0059 1528 stisvc - ok 23:03:33.0075 1528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 23:03:33.0075 1528 swenum - ok 23:03:33.0122 1528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 23:03:33.0137 1528 swprv - ok 23:03:33.0184 1528 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 23:03:33.0215 1528 SysMain - ok 23:03:33.0231 1528 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:03:33.0262 1528 TabletInputService - ok 23:03:33.0278 1528 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 23:03:33.0278 1528 TapiSrv - ok 23:03:33.0293 1528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 23:03:33.0293 1528 TBS - ok 23:03:33.0356 1528 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:03:33.0387 1528 Tcpip - ok 23:03:33.0434 1528 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 23:03:33.0434 1528 TCPIP6 - ok 23:03:33.0480 1528 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:03:33.0480 1528 tcpipreg - ok 23:03:33.0512 1528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:03:33.0512 1528 TDPIPE - ok 23:03:33.0543 1528 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:03:33.0543 1528 TDTCP - ok 23:03:33.0558 1528 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:03:33.0558 1528 tdx - ok 23:03:33.0574 1528 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 23:03:33.0574 1528 TermDD - ok 23:03:33.0605 1528 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 23:03:33.0621 1528 TermService - ok 23:03:33.0636 1528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 23:03:33.0636 1528 Themes - ok 23:03:33.0652 1528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 23:03:33.0652 1528 THREADORDER - ok 23:03:33.0668 1528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 23:03:33.0668 1528 TrkWks - ok 23:03:33.0714 1528 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:03:33.0714 1528 TrustedInstaller - ok 23:03:33.0730 1528 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:03:33.0730 1528 tssecsrv - ok 23:03:33.0761 1528 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 23:03:33.0761 1528 TsUsbFlt - ok 23:03:33.0777 1528 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 23:03:33.0792 1528 TsUsbGD - ok 23:03:33.0902 1528 [ DD296C78B0D2C3F5E42DC0D2972CD992 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe 23:03:33.0948 1528 TuneUp.UtilitiesSvc - ok 23:03:33.0980 1528 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys 23:03:33.0980 1528 TuneUpUtilitiesDrv - ok 23:03:34.0011 1528 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:03:34.0011 1528 tunnel - ok 23:03:34.0042 1528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 23:03:34.0042 1528 uagp35 - ok 23:03:34.0058 1528 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:03:34.0073 1528 udfs - ok 23:03:34.0104 1528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:03:34.0104 1528 UI0Detect - ok 23:03:34.0120 1528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 23:03:34.0120 1528 uliagpkx - ok 23:03:34.0136 1528 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 23:03:34.0136 1528 umbus - ok 23:03:34.0151 1528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 23:03:34.0151 1528 UmPass - ok 23:03:34.0182 1528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 23:03:34.0182 1528 upnphost - ok 23:03:34.0214 1528 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 23:03:34.0229 1528 USBAAPL64 - ok 23:03:34.0260 1528 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 23:03:34.0260 1528 usbaudio - ok 23:03:34.0307 1528 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:03:34.0307 1528 usbccgp - ok 23:03:34.0323 1528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 23:03:34.0323 1528 usbcir - ok 23:03:34.0354 1528 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:03:34.0354 1528 usbehci - ok 23:03:34.0385 1528 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:03:34.0385 1528 usbhub - ok 23:03:34.0416 1528 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 23:03:34.0416 1528 usbohci - ok 23:03:34.0432 1528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 23:03:34.0432 1528 usbprint - ok 23:03:34.0463 1528 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 23:03:34.0463 1528 usbscan - ok 23:03:34.0479 1528 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:03:34.0479 1528 USBSTOR - ok 23:03:34.0494 1528 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 23:03:34.0494 1528 usbuhci - ok 23:03:34.0526 1528 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 23:03:34.0541 1528 usbvideo - ok 23:03:34.0557 1528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 23:03:34.0557 1528 UxSms - ok 23:03:34.0572 1528 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 23:03:34.0572 1528 VaultSvc - ok 23:03:34.0588 1528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 23:03:34.0588 1528 vdrvroot - ok 23:03:34.0604 1528 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 23:03:34.0619 1528 vds - ok 23:03:34.0635 1528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:03:34.0650 1528 vga - ok 23:03:34.0666 1528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 23:03:34.0666 1528 VgaSave - ok 23:03:34.0682 1528 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 23:03:34.0682 1528 vhdmp - ok 23:03:34.0697 1528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 23:03:34.0713 1528 viaide - ok 23:03:34.0713 1528 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 23:03:34.0713 1528 volmgr - ok 23:03:34.0744 1528 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:03:34.0744 1528 volmgrx - ok 23:03:34.0760 1528 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 23:03:34.0760 1528 volsnap - ok 23:03:34.0775 1528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 23:03:34.0775 1528 vsmraid - ok 23:03:34.0838 1528 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 23:03:34.0900 1528 VSS - ok 23:03:34.0916 1528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 23:03:34.0916 1528 vwifibus - ok 23:03:34.0931 1528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 23:03:34.0947 1528 W32Time - ok 23:03:34.0962 1528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 23:03:34.0978 1528 WacomPen - ok 23:03:35.0025 1528 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe 23:03:35.0025 1528 WajamUpdater - ok 23:03:35.0040 1528 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 23:03:35.0040 1528 WANARP - ok 23:03:35.0056 1528 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:03:35.0056 1528 Wanarpv6 - ok 23:03:35.0103 1528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 23:03:35.0134 1528 WatAdminSvc - ok 23:03:35.0181 1528 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 23:03:35.0212 1528 wbengine - ok 23:03:35.0243 1528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 23:03:35.0243 1528 WbioSrvc - ok 23:03:35.0259 1528 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:03:35.0259 1528 wcncsvc - ok 23:03:35.0274 1528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:03:35.0274 1528 WcsPlugInService - ok 23:03:35.0306 1528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 23:03:35.0306 1528 Wd - ok 23:03:35.0352 1528 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:03:35.0368 1528 Wdf01000 - ok 23:03:35.0384 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:03:35.0384 1528 WdiServiceHost - ok 23:03:35.0384 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:03:35.0399 1528 WdiSystemHost - ok 23:03:35.0415 1528 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 23:03:35.0415 1528 WebClient - ok 23:03:35.0430 1528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 23:03:35.0430 1528 Wecsvc - ok 23:03:35.0446 1528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:03:35.0446 1528 wercplsupport - ok 23:03:35.0462 1528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 23:03:35.0462 1528 WerSvc - ok 23:03:35.0508 1528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 23:03:35.0508 1528 WfpLwf - ok 23:03:35.0524 1528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 23:03:35.0524 1528 WIMMount - ok 23:03:35.0555 1528 WinDefend - ok 23:03:35.0555 1528 WinHttpAutoProxySvc - ok 23:03:35.0618 1528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:03:35.0618 1528 Winmgmt - ok 23:03:35.0664 1528 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 23:03:35.0711 1528 WinRM - ok 23:03:35.0758 1528 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 23:03:35.0774 1528 WinUsb - ok 23:03:35.0805 1528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 23:03:35.0820 1528 Wlansvc - ok 23:03:35.0867 1528 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 23:03:35.0867 1528 wlcrasvc - ok 23:03:35.0992 1528 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:03:36.0054 1528 wlidsvc - ok 23:03:36.0086 1528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 23:03:36.0086 1528 WmiAcpi - ok 23:03:36.0117 1528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:03:36.0132 1528 wmiApSrv - ok 23:03:36.0148 1528 WMPNetworkSvc - ok 23:03:36.0164 1528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:03:36.0164 1528 WPCSvc - ok 23:03:36.0179 1528 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:03:36.0179 1528 WPDBusEnum - ok 23:03:36.0195 1528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:03:36.0195 1528 ws2ifsl - ok 23:03:36.0226 1528 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 23:03:36.0226 1528 wscsvc - ok 23:03:36.0242 1528 WSearch - ok 23:03:36.0335 1528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 23:03:36.0413 1528 wuauserv - ok 23:03:36.0429 1528 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 23:03:36.0444 1528 WudfPf - ok 23:03:36.0476 1528 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:03:36.0476 1528 WUDFRd - ok 23:03:36.0491 1528 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:03:36.0507 1528 wudfsvc - ok 23:03:36.0522 1528 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 23:03:36.0538 1528 WwanSvc - ok 23:03:36.0585 1528 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys 23:03:36.0585 1528 yukonw7 - ok 23:03:36.0600 1528 ================ Scan global =============================== 23:03:36.0632 1528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 23:03:36.0647 1528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 23:03:36.0663 1528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 23:03:36.0694 1528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 23:03:36.0725 1528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 23:03:36.0725 1528 [Global] - ok 23:03:36.0725 1528 ================ Scan MBR ================================== 23:03:36.0741 1528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 23:03:36.0912 1528 \Device\Harddisk0\DR0 - ok 23:03:36.0912 1528 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1 23:03:36.0928 1528 \Device\Harddisk1\DR1 - ok 23:03:36.0928 1528 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk6\DR6 23:03:36.0944 1528 \Device\Harddisk6\DR6 - ok 23:03:36.0944 1528 ================ Scan VBR ================================== 23:03:36.0944 1528 [ 5E1FFDA03ADF716325B3EEBDA320AD70 ] \Device\Harddisk0\DR0\Partition1 23:03:36.0944 1528 \Device\Harddisk0\DR0\Partition1 - ok 23:03:36.0959 1528 [ F0DB76EEA7384EAFEFA271B4C132FE2D ] \Device\Harddisk1\DR1\Partition1 23:03:36.0959 1528 \Device\Harddisk1\DR1\Partition1 - ok 23:03:36.0959 1528 [ 2CA56DCF83E1A4BF11BF562A88793243 ] \Device\Harddisk6\DR6\Partition1 23:03:36.0959 1528 \Device\Harddisk6\DR6\Partition1 - ok 23:03:36.0959 1528 ============================================================ 23:03:36.0959 1528 Scan finished 23:03:36.0959 1528 ============================================================ 23:03:36.0975 5116 Detected object count: 1 23:03:36.0975 5116 Actual detected object count: 1 23:05:26.0097 5116 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine 23:05:26.0097 5116 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine 23:05:43.0413 3392 Deinitialize success
  4. dann
    Excellent! All working fine now... Thank you!
  5. dann
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-07-2013 01 Ran by SYSTEM at 2013-07-09 22:47:48 Run:1 Running from H:\ Boot Mode: Recovery ============================================== C:\Users\Les\AppData\Roaming\skype.dat => Moved successfully. C:\Users\Les\AppData\Roaming\skype.ini => Moved successfully. C:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1 => Moved successfully. HKU\Les\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. ==== End of Fixlog ====
  6. dann
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013 01 Ran by SYSTEM on 09-07-2013 22:18:57 Running from H:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-07-28] (Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.) HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation) HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe, HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-08-12] (Logitech Inc.) HKLM-x32\...\Run: [Maps4PC_0c Browser Plugin Loader] - C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbrmon.exe [30096 2011-09-28] (VER_COMPANY_NAME) HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [FUFAXRCV] - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [495616 2011-03-08] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [856064 2011-03-08] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-28] (AVG Technologies CZ, s.r.o.) HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Les\...\Run: [skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18708224 2013-01-08] (Skype Technologies S.A.) HKU\Les\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7525 Series" [241280 2013-02-23] (SEIKO EPSON CORPORATION) HKU\Les\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2013-04-19] (Google Inc.) HKU\Les\...\Winlogon: [shell] explorer.exe,C:\Users\Les\AppData\Roaming\skype.dat [70144 2011-11-16] () <==== ATTENTION HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll [22592 2013-06-22] () AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL c:\progra~3\browse~2\261339~1.144\{c16c1~1\browse~1.dll C:\PROGRA~2\MUSICT~1\Datamngr\mgrldr.dll [18496 2013-06-22] () IMEO\audibledownloadhelper.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\bingdesktop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\extendscript toolkit.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\firefox.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\photoshop elements 8.0.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\photoshopelementseditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\photoshopelementsorganizer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IMEO\rim.desktop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" Startup: C:\ProgramData\Start Menu\Programs\Startup\Audible Download Manager.lnk ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Les\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Services (Whitelisted) ================= S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1428472 2013-04-10] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-13] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-17] (AVG Technologies CZ, s.r.o.) S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] () S2 DatamngrCoordinator; C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3179584 2013-06-22] (iMesh Inc.) S2 Maps4PC_0cService; C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe [42504 2011-08-22] (COMPANYVERS_NAME) S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S4 MyWebSearchService; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320 2011-09-27] (MyWebSearch.com) S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148216 2012-08-23] (AVG) S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam) ==================== Drivers (Whitelisted) ==================== S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-28] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-07] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-07] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-07] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-07] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-07] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-20] (AVG Technologies CZ, s.r.o.) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-07-18] (Duplex Secure Ltd.) S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software) S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-09 22:18 - 2013-07-09 22:18 - 00000000 ____D C:\FRST 2013-07-08 08:25 - 2013-07-08 11:37 - 00000004 ____A C:\Users\Les\AppData\Roaming\skype.ini 2013-07-07 08:32 - 2013-07-07 09:15 - 00000866 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-07-07 08:31 - 2013-07-07 08:31 - 14391552 ____A (PortableApps.com) C:\Users\Les\Desktop\Java_Portable_6_Update_21_online.paf.exe 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\Delta 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\BabSolution 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Local\Wajam 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Delta 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____A C:\END 2013-07-05 01:58 - 2013-07-05 01:58 - 00002360 ____A C:\Users\Les\Desktop\Google Chrome.lnk 2013-06-29 14:55 - 2013-06-29 14:55 - 00000000 ____D C:\ProgramData\Browser Manager 2013-06-29 12:38 - 2013-06-29 12:39 - 00021504 ____A C:\Users\Les\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-06-29 12:36 - 2013-06-29 12:36 - 00000000 ____D C:\Users\Les\AppData\Roaming\MusicNet 2013-06-29 12:35 - 2013-06-29 12:35 - 00000000 ____D C:\Users\Les\Documents\My Received Files 2013-06-29 12:34 - 2013-06-29 12:34 - 00000000 ____D C:\ProgramData\Wincert 2013-06-29 12:33 - 2013-07-08 11:37 - 00000000 ____D C:\ProgramData\Datamngr 2013-06-29 12:33 - 2013-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\Music Toolbar 2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\Les\AppData\Roaming\AVG2013 2013-06-29 01:23 - 2013-06-29 01:23 - 00001003 ____A C:\Users\Public\Desktop\AVG 2013.lnk 2013-06-29 01:20 - 2013-06-29 01:25 - 00000000 ____D C:\ProgramData\AVG2013 2013-06-29 01:18 - 2013-06-29 09:44 - 00000000 ____D C:\Users\Les\AppData\Local\Avg2013 2013-06-29 01:18 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\MFAData 2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\Program Files\iTunes 2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-06-28 09:32 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iPod 2013-06-28 04:59 - 2013-06-28 04:59 - 02238976 ____N C:\Users\Les\Documents\IBA Manual of Deal Pages.xls 2013-06-26 18:06 - 2013-06-26 18:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-26 18:06 - 2013-06-26 18:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-06-26 18:06 - 2013-06-26 18:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-06-26 18:06 - 2013-06-26 18:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-06-26 18:06 - 2013-06-26 18:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-06-26 18:06 - 2013-06-26 18:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-06-26 18:06 - 2013-06-26 18:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-06-26 18:06 - 2013-06-26 18:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-06-26 18:04 - 2013-06-26 18:10 - 00007201 ____A C:\Windows\IE10_main.log 2013-06-26 16:01 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-26 16:01 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-26 16:01 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-26 16:01 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-26 16:01 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-06-26 15:59 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-26 15:59 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-26 15:58 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-26 15:58 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-26 15:58 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-26 15:58 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll 2013-06-26 15:58 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-26 15:58 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-06-26 15:58 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-26 15:58 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-26 15:58 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-26 15:58 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2013-06-26 15:56 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-26 15:56 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll ==================== One Month Modified Files and Folders ======= 2013-07-09 22:18 - 2013-07-09 22:18 - 00000000 ____D C:\FRST 2013-07-08 11:38 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-07-08 11:38 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-07-08 11:37 - 2013-07-08 08:25 - 00000004 ____A C:\Users\Les\AppData\Roaming\skype.ini 2013-07-08 11:37 - 2013-06-29 12:33 - 00000000 ____D C:\ProgramData\Datamngr 2013-07-08 11:37 - 2011-05-21 07:12 - 01968896 ____A C:\Windows\WindowsUpdate.log 2013-07-08 11:36 - 2011-07-16 02:36 - 00009852 ____A C:\Users\Les\Sti_Trace.log 2013-07-08 11:34 - 2013-01-26 17:00 - 00005594 ____A C:\Windows\setupact.log 2013-07-08 11:34 - 2012-11-17 19:11 - 00000000 ____D C:\ProgramData\NVIDIA 2013-07-08 11:34 - 2011-09-06 07:00 - 00000310 __ASH C:\Windows\Tasks\unzynxnxke.job 2013-07-08 11:34 - 2011-05-21 14:20 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-08 11:34 - 2011-05-21 07:32 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs 2013-07-08 11:34 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-07-08 11:16 - 2011-05-21 14:20 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-08 11:14 - 2011-05-21 08:21 - 00000000 ____D C:\ProgramData\MFAData 2013-07-08 11:12 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI 2013-07-08 11:09 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp 2013-07-08 08:41 - 2011-06-06 14:01 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352994947-2355220423-3568772355-1001UA.job 2013-07-08 08:28 - 2010-11-20 19:47 - 00189192 ____A C:\Windows\PFRO.log 2013-07-08 08:28 - 2009-07-13 21:08 - 00032636 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-07-08 07:53 - 2011-05-21 08:00 - 00000000 ____D C:\Users\Les\Documents\Outlook Files 2013-07-08 07:51 - 2012-07-16 08:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-08 05:41 - 2011-06-06 14:01 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352994947-2355220423-3568772355-1001Core.job 2013-07-07 09:15 - 2013-07-07 08:32 - 00000866 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-07-07 09:11 - 2011-06-12 10:06 - 00003125 ____A C:\Users\Les\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2013-07-07 08:31 - 2013-07-07 08:31 - 14391552 ____A (PortableApps.com) C:\Users\Les\Desktop\Java_Portable_6_Update_21_online.paf.exe 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\Delta 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\BabSolution 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Local\Wajam 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Delta 2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____A C:\END 2013-07-06 04:47 - 2011-05-21 08:05 - 00000000 ____D C:\Users\Les\AppData\Roaming\Skype 2013-07-05 01:58 - 2013-07-05 01:58 - 00002360 ____A C:\Users\Les\Desktop\Google Chrome.lnk 2013-06-29 14:55 - 2013-06-29 14:55 - 00000000 ____D C:\ProgramData\Browser Manager 2013-06-29 12:39 - 2013-06-29 12:38 - 00021504 ____A C:\Users\Les\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-06-29 12:36 - 2013-06-29 12:36 - 00000000 ____D C:\Users\Les\AppData\Roaming\MusicNet 2013-06-29 12:35 - 2013-06-29 12:35 - 00000000 ____D C:\Users\Les\Documents\My Received Files 2013-06-29 12:34 - 2013-06-29 12:34 - 00000000 ____D C:\ProgramData\Wincert 2013-06-29 12:33 - 2013-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\Music Toolbar 2013-06-29 12:17 - 2013-05-01 12:53 - 00000000 ____D C:\Users\Les\Documents\Mr Ohms Logos 2013-06-29 09:44 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\Avg2013 2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\Les\AppData\Roaming\AVG2013 2013-06-29 09:43 - 2011-05-21 08:41 - 00000000 ____D C:\Program Files (x86)\AVG 2013-06-29 01:25 - 2013-06-29 01:20 - 00000000 ____D C:\ProgramData\AVG2013 2013-06-29 01:23 - 2013-06-29 01:23 - 00001003 ____A C:\Users\Public\Desktop\AVG 2013.lnk 2013-06-29 01:23 - 2012-10-27 01:07 - 00000000 ____D C:\Users\Les\AppData\Roaming\TuneUp Software 2013-06-29 01:22 - 2011-09-24 00:30 - 00000000 ___HD C:\$AVG 2013-06-29 01:18 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\MFAData 2013-06-28 17:50 - 2011-05-21 08:42 - 00000000 ____D C:\Windows\System32\Drivers\AVG 2013-06-28 09:36 - 2011-05-23 03:10 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iTunes 2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-06-28 09:33 - 2012-11-03 08:42 - 00001821 ____A C:\Users\Public\Desktop\iTunes.lnk 2013-06-28 09:32 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iPod 2013-06-28 04:59 - 2013-06-28 04:59 - 02238976 ____N C:\Users\Les\Documents\IBA Manual of Deal Pages.xls 2013-06-26 23:37 - 2011-05-21 14:20 - 00000000 ____D C:\Users\Les\AppData\Local\Google 2013-06-26 19:09 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-06-26 18:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-06-26 18:10 - 2013-06-26 18:04 - 00007201 ____A C:\Windows\IE10_main.log 2013-06-26 18:06 - 2013-06-26 18:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-26 18:06 - 2013-06-26 18:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-06-26 18:06 - 2013-06-26 18:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-06-26 18:06 - 2013-06-26 18:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-06-26 18:06 - 2013-06-26 18:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-06-26 18:06 - 2013-06-26 18:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-06-26 18:06 - 2013-06-26 18:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-06-26 18:06 - 2013-06-26 18:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-06-26 18:06 - 2013-06-26 18:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-06-26 18:06 - 2013-06-26 18:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-06-26 18:01 - 2011-06-01 02:55 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-26 16:51 - 2012-04-14 17:44 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-26 16:51 - 2011-05-21 14:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ZeroAccess: C:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1 Files to move or delete: ==================== C:\Users\Les\AppData\Roaming\skype.dat C:\Users\Les\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 24% Total physical RAM: 2047.18 MB Available physical RAM: 1555.31 MB Total Pagefile: 2047.18 MB Available Pagefile: 1543 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:451.11 GB) (Free:350.12 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:465.76 GB) (Free:278.54 GB) NTFS (Disk=1 Partition=1) Drive e: (PQSERVICE) (Fixed) (Total:14.65 GB) (Free:6.95 GB) NTFS (Disk=0 Partition=1) Drive h: (KINGSTON) (Removable) (Total:7.44 GB) (Free:7.34 GB) FAT32 (Disk=2 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E04C1E5F) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=451 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 7B9C243B) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 7 GB) (Disk ID: 65901243) Partition 1: (Active) - (Size=7 GB) - (Type=0B) LastRegBack: 2013-07-02 15:06 ==================== End Of Log ============================ Farbar Recovery Scan Tool (x64) Version: 09-07-2013 01 Ran by SYSTEM at 2013-07-09 22:21:08 Running from H:\ Boot Mode: Recovery ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB ====== End Of Search ======
  7. dann
    I have got a computer that has been infected with ransomware. I have even tried to book to safe mode but as soon as I boot to safe it auto restarts! I have downloaded FRST64.exe as recommended from previous posts on here but now I need help in how to remove the virus, I can post the 2 logs here...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.