dann
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by dann
-
-
will do when the scans are all done
-
23:02:26.0664 4152 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
23:02:26.0773 4152 ============================================================
23:02:26.0773 4152 Current date / time: 2013/07/09 23:02:26.0773
23:02:26.0773 4152 SystemInfo:
23:02:26.0773 4152
23:02:26.0773 4152 OS Version: 6.1.7601 ServicePack: 1.0
23:02:26.0773 4152 Product type: Workstation
23:02:26.0773 4152 ComputerName: LES-PC
23:02:26.0773 4152 UserName: Les
23:02:26.0773 4152 Windows directory: C:\Windows
23:02:26.0773 4152 System windows directory: C:\Windows
23:02:26.0773 4152 Running under WOW64
23:02:26.0773 4152 Processor architecture: Intel x64
23:02:26.0773 4152 Number of processors: 2
23:02:26.0773 4152 Page size: 0x1000
23:02:26.0773 4152 Boot type: Normal boot
23:02:26.0773 4152 ============================================================
23:02:28.0350 4152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:28.0366 4152 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:28.0381 4152 Drive \Device\Harddisk6\DR6 - Size: 0x1DC8D0800 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:02:28.0381 4152 ============================================================
23:02:28.0381 4152 \Device\Harddisk0\DR0:
23:02:28.0381 4152 MBR partitions:
23:02:28.0381 4152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4F800, BlocksNum 0x38636000
23:02:28.0381 4152 \Device\Harddisk1\DR1:
23:02:28.0381 4152 MBR partitions:
23:02:28.0381 4152 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
23:02:28.0381 4152 \Device\Harddisk6\DR6:
23:02:28.0397 4152 MBR partitions:
23:02:28.0397 4152 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEE3FA1
23:02:28.0397 4152 ============================================================
23:02:28.0412 4152 C: <-> \Device\Harddisk0\DR0\Partition1
23:02:28.0444 4152 D: <-> \Device\Harddisk1\DR1\Partition1
23:02:28.0444 4152 ============================================================
23:02:28.0444 4152 Initialize success
23:02:28.0444 4152 ============================================================
23:03:19.0674 1528 ============================================================
23:03:19.0674 1528 Scan started
23:03:19.0674 1528 Mode: Manual;
23:03:19.0674 1528 ============================================================
23:03:20.0251 1528 ================ Scan system memory ========================
23:03:20.0251 1528 System memory - ok
23:03:20.0251 1528 ================ Scan services =============================
23:03:20.0392 1528 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:03:20.0392 1528 1394ohci - ok
23:03:20.0423 1528 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:03:20.0439 1528 ACPI - ok
23:03:20.0454 1528 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:03:20.0454 1528 AcpiPmi - ok
23:03:20.0548 1528 [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
23:03:20.0548 1528 AdobeActiveFileMonitor8.0 - ok
23:03:20.0610 1528 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
23:03:20.0610 1528 AdobeActiveFileMonitor9.0 - ok
23:03:20.0673 1528 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:03:20.0673 1528 AdobeARMservice - ok
23:03:20.0766 1528 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:03:20.0782 1528 AdobeFlashPlayerUpdateSvc - ok
23:03:20.0829 1528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:03:20.0844 1528 adp94xx - ok
23:03:20.0860 1528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:03:20.0860 1528 adpahci - ok
23:03:20.0875 1528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:03:20.0875 1528 adpu320 - ok
23:03:20.0922 1528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:03:20.0922 1528 AeLookupSvc - ok
23:03:20.0969 1528 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:03:20.0985 1528 AFD - ok
23:03:21.0000 1528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:03:21.0016 1528 agp440 - ok
23:03:21.0031 1528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:03:21.0031 1528 ALG - ok
23:03:21.0047 1528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:03:21.0047 1528 aliide - ok
23:03:21.0063 1528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:03:21.0063 1528 amdide - ok
23:03:21.0094 1528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:03:21.0094 1528 AmdK8 - ok
23:03:21.0094 1528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:03:21.0094 1528 AmdPPM - ok
23:03:21.0125 1528 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:03:21.0141 1528 amdsata - ok
23:03:21.0156 1528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:03:21.0156 1528 amdsbs - ok
23:03:21.0172 1528 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:03:21.0172 1528 amdxata - ok
23:03:21.0187 1528 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:03:21.0187 1528 AppID - ok
23:03:21.0219 1528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:03:21.0219 1528 AppIDSvc - ok
23:03:21.0234 1528 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
23:03:21.0265 1528 Appinfo - ok
23:03:21.0375 1528 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:03:21.0375 1528 Apple Mobile Device - ok
23:03:21.0390 1528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:03:21.0390 1528 arc - ok
23:03:21.0406 1528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:03:21.0406 1528 arcsas - ok
23:03:21.0421 1528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:21.0421 1528 AsyncMac - ok
23:03:21.0437 1528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:03:21.0437 1528 atapi - ok
23:03:21.0468 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:03:21.0499 1528 AudioEndpointBuilder - ok
23:03:21.0499 1528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:03:21.0515 1528 AudioSrv - ok
23:03:21.0546 1528 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
23:03:21.0546 1528 Avgfwfd - ok
23:03:21.0624 1528 [ 6D3A517FE33AD047578BF73BB447EEAD ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
23:03:21.0655 1528 avgfws - ok
23:03:21.0796 1528 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
23:03:21.0936 1528 AVGIDSAgent - ok
23:03:21.0967 1528 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
23:03:21.0967 1528 AVGIDSDriver - ok
23:03:22.0014 1528 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
23:03:22.0014 1528 AVGIDSHA - ok
23:03:22.0061 1528 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
23:03:22.0061 1528 Avgldx64 - ok
23:03:22.0092 1528 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
23:03:22.0092 1528 Avgloga - ok
23:03:22.0123 1528 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
23:03:22.0123 1528 Avgmfx64 - ok
23:03:22.0139 1528 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
23:03:22.0139 1528 Avgrkx64 - ok
23:03:22.0170 1528 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
23:03:22.0170 1528 Avgtdia - ok
23:03:22.0201 1528 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
23:03:22.0201 1528 avgwd - ok
23:03:22.0233 1528 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:03:22.0233 1528 AxInstSV - ok
23:03:22.0264 1528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:03:22.0279 1528 b06bdrv - ok
23:03:22.0311 1528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:03:22.0311 1528 b57nd60a - ok
23:03:22.0326 1528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:03:22.0326 1528 BDESVC - ok
23:03:22.0357 1528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:03:22.0373 1528 Beep - ok
23:03:22.0389 1528 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:03:22.0404 1528 BFE - ok
23:03:22.0451 1528 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:03:22.0467 1528 BITS - ok
23:03:22.0467 1528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:22.0482 1528 blbdrive - ok
23:03:22.0576 1528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:03:22.0591 1528 Bonjour Service - ok
23:03:22.0623 1528 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:03:22.0623 1528 bowser - ok
23:03:22.0654 1528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:03:22.0654 1528 BrFiltLo - ok
23:03:22.0669 1528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:03:22.0669 1528 BrFiltUp - ok
23:03:22.0701 1528 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:03:22.0701 1528 Browser - ok
23:03:22.0810 1528 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
23:03:22.0857 1528 BrowserDefendert - ok
23:03:22.0872 1528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:03:22.0888 1528 Brserid - ok
23:03:22.0903 1528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:22.0903 1528 BrSerWdm - ok
23:03:22.0919 1528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:22.0919 1528 BrUsbMdm - ok
23:03:22.0935 1528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:22.0935 1528 BrUsbSer - ok
23:03:22.0950 1528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:03:22.0950 1528 BTHMODEM - ok
23:03:22.0981 1528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:03:22.0981 1528 bthserv - ok
23:03:22.0997 1528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:03:23.0013 1528 cdfs - ok
23:03:23.0028 1528 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:03:23.0028 1528 cdrom - ok
23:03:23.0044 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:03:23.0044 1528 CertPropSvc - ok
23:03:23.0059 1528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:03:23.0059 1528 circlass - ok
23:03:23.0137 1528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:03:23.0137 1528 CLFS - ok
23:03:23.0184 1528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:23.0184 1528 clr_optimization_v2.0.50727_32 - ok
23:03:23.0231 1528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:03:23.0247 1528 clr_optimization_v2.0.50727_64 - ok
23:03:23.0309 1528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:03:23.0309 1528 clr_optimization_v4.0.30319_32 - ok
23:03:23.0340 1528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:03:23.0340 1528 clr_optimization_v4.0.30319_64 - ok
23:03:23.0371 1528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
23:03:23.0371 1528 CmBatt - ok
23:03:23.0387 1528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:03:23.0387 1528 cmdide - ok
23:03:23.0434 1528 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
23:03:23.0449 1528 CNG - ok
23:03:23.0465 1528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:03:23.0465 1528 Compbatt - ok
23:03:23.0481 1528 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:03:23.0481 1528 CompositeBus - ok
23:03:23.0481 1528 COMSysApp - ok
23:03:23.0496 1528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:03:23.0496 1528 crcdisk - ok
23:03:23.0527 1528 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:03:23.0527 1528 CryptSvc - ok
23:03:23.0652 1528 [ 63BB35797AAA73236FB85C6363E2F156 ] DatamngrCoordinator C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe
23:03:23.0746 1528 DatamngrCoordinator - ok
23:03:23.0793 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:03:23.0808 1528 DcomLaunch - ok
23:03:23.0839 1528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:03:23.0839 1528 defragsvc - ok
23:03:23.0871 1528 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:03:23.0871 1528 DfsC - ok
23:03:23.0902 1528 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:03:23.0902 1528 dg_ssudbus - ok
23:03:23.0933 1528 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:03:23.0933 1528 Dhcp - ok
23:03:23.0964 1528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:03:23.0964 1528 discache - ok
23:03:23.0980 1528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:03:23.0980 1528 Disk - ok
23:03:24.0011 1528 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:03:24.0011 1528 Dnscache - ok
23:03:24.0042 1528 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:03:24.0042 1528 dot3svc - ok
23:03:24.0058 1528 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:03:24.0058 1528 DPS - ok
23:03:24.0089 1528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:03:24.0089 1528 drmkaud - ok
23:03:24.0136 1528 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:03:24.0151 1528 DXGKrnl - ok
23:03:24.0183 1528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:03:24.0183 1528 EapHost - ok
23:03:24.0261 1528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:03:24.0323 1528 ebdrv - ok
23:03:24.0354 1528 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:03:24.0354 1528 EFS - ok
23:03:24.0401 1528 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:03:24.0417 1528 ehRecvr - ok
23:03:24.0432 1528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:03:24.0432 1528 ehSched - ok
23:03:24.0479 1528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:03:24.0495 1528 elxstor - ok
23:03:24.0495 1528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:03:24.0510 1528 ErrDev - ok
23:03:24.0573 1528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:03:24.0588 1528 EventSystem - ok
23:03:24.0619 1528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:03:24.0635 1528 exfat - ok
23:03:24.0666 1528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:03:24.0682 1528 fastfat - ok
23:03:24.0713 1528 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:03:24.0729 1528 Fax - ok
23:03:24.0744 1528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:03:24.0744 1528 fdc - ok
23:03:24.0760 1528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:03:24.0760 1528 fdPHost - ok
23:03:24.0775 1528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:03:24.0775 1528 FDResPub - ok
23:03:24.0807 1528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:03:24.0807 1528 FileInfo - ok
23:03:24.0807 1528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:03:24.0822 1528 Filetrace - ok
23:03:24.0869 1528 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:03:24.0885 1528 FLEXnet Licensing Service - ok
23:03:24.0900 1528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:03:24.0900 1528 flpydisk - ok
23:03:24.0916 1528 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:03:24.0931 1528 FltMgr - ok
23:03:24.0963 1528 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:03:24.0994 1528 FontCache - ok
23:03:25.0041 1528 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:03:25.0041 1528 FontCache3.0.0.0 - ok
23:03:25.0056 1528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:03:25.0072 1528 FsDepends - ok
23:03:25.0119 1528 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:03:25.0119 1528 fssfltr - ok
23:03:25.0181 1528 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:03:25.0228 1528 fsssvc - ok
23:03:25.0275 1528 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:25.0275 1528 Fs_Rec - ok
23:03:25.0306 1528 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:03:25.0306 1528 fvevol - ok
23:03:25.0321 1528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:03:25.0321 1528 gagp30kx - ok
23:03:25.0353 1528 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:03:25.0353 1528 GEARAspiWDM - ok
23:03:25.0384 1528 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:25.0399 1528 gpsvc - ok
23:03:25.0493 1528 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:25.0493 1528 gupdate - ok
23:03:25.0493 1528 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:25.0509 1528 gupdatem - ok
23:03:25.0555 1528 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:03:25.0571 1528 gusvc - ok
23:03:25.0587 1528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:03:25.0587 1528 hcw85cir - ok
23:03:25.0633 1528 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:25.0633 1528 HdAudAddService - ok
23:03:25.0649 1528 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:25.0649 1528 HDAudBus - ok
23:03:25.0680 1528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:03:25.0680 1528 HidBatt - ok
23:03:25.0696 1528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:03:25.0696 1528 HidBth - ok
23:03:25.0711 1528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:03:25.0711 1528 HidIr - ok
23:03:25.0743 1528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:03:25.0743 1528 hidserv - ok
23:03:25.0758 1528 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:25.0758 1528 HidUsb - ok
23:03:25.0789 1528 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:25.0789 1528 hkmsvc - ok
23:03:25.0821 1528 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:03:25.0821 1528 HomeGroupListener - ok
23:03:25.0852 1528 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:03:25.0867 1528 HomeGroupProvider - ok
23:03:25.0883 1528 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:03:25.0883 1528 HpSAMD - ok
23:03:25.0914 1528 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:25.0930 1528 HTTP - ok
23:03:25.0945 1528 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:03:25.0945 1528 hwpolicy - ok
23:03:25.0961 1528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:25.0961 1528 i8042prt - ok
23:03:25.0992 1528 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:03:25.0992 1528 iaStorV - ok
23:03:26.0086 1528 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:03:26.0086 1528 IDriverT - ok
23:03:26.0133 1528 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:03:26.0148 1528 idsvc - ok
23:03:26.0164 1528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:03:26.0179 1528 iirsp - ok
23:03:26.0211 1528 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:26.0242 1528 IKEEXT - ok
23:03:26.0242 1528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:03:26.0257 1528 intelide - ok
23:03:26.0273 1528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
23:03:26.0273 1528 intelppm - ok
23:03:26.0289 1528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:26.0289 1528 IPBusEnum - ok
23:03:26.0304 1528 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:26.0304 1528 IpFilterDriver - ok
23:03:26.0351 1528 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:26.0367 1528 iphlpsvc - ok
23:03:26.0382 1528 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:03:26.0382 1528 IPMIDRV - ok
23:03:26.0398 1528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:03:26.0413 1528 IPNAT - ok
23:03:26.0476 1528 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:03:26.0491 1528 iPod Service - ok
23:03:26.0523 1528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:26.0523 1528 IRENUM - ok
23:03:26.0554 1528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:03:26.0554 1528 isapnp - ok
23:03:26.0569 1528 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:03:26.0569 1528 iScsiPrt - ok
23:03:26.0601 1528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:26.0601 1528 kbdclass - ok
23:03:26.0616 1528 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:26.0616 1528 kbdhid - ok
23:03:26.0632 1528 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:03:26.0632 1528 KeyIso - ok
23:03:26.0663 1528 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:26.0663 1528 KSecDD - ok
23:03:26.0694 1528 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:03:26.0694 1528 KSecPkg - ok
23:03:26.0725 1528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:03:26.0725 1528 ksthunk - ok
23:03:26.0757 1528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:26.0772 1528 KtmRm - ok
23:03:26.0803 1528 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:03:26.0803 1528 LanmanServer - ok
23:03:26.0850 1528 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:26.0850 1528 LanmanWorkstation - ok
23:03:26.0866 1528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:26.0866 1528 lltdio - ok
23:03:26.0897 1528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:26.0897 1528 lltdsvc - ok
23:03:26.0928 1528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:26.0928 1528 lmhosts - ok
23:03:26.0944 1528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:03:26.0959 1528 LSI_FC - ok
23:03:26.0975 1528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:03:26.0975 1528 LSI_SAS - ok
23:03:26.0991 1528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:03:26.0991 1528 LSI_SAS2 - ok
23:03:27.0006 1528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:03:27.0022 1528 LSI_SCSI - ok
23:03:27.0037 1528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:27.0053 1528 luafv - ok
23:03:27.0100 1528 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
23:03:27.0100 1528 LVRS64 - ok
23:03:27.0287 1528 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
23:03:27.0427 1528 LVUVC64 - ok
23:03:27.0490 1528 [ 622FCF264119F7DF127BE353F796B319 ] Maps4PC_0cService C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe
23:03:27.0490 1528 Maps4PC_0cService - ok
23:03:27.0552 1528 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
23:03:27.0552 1528 McComponentHostService - ok
23:03:27.0583 1528 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:27.0583 1528 Mcx2Svc - ok
23:03:27.0615 1528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
23:03:27.0615 1528 megasas - ok
23:03:27.0630 1528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:03:27.0646 1528 MegaSR - ok
23:03:27.0661 1528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:03:27.0677 1528 MMCSS - ok
23:03:27.0708 1528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:03:27.0708 1528 Modem - ok
23:03:27.0724 1528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:27.0724 1528 monitor - ok
23:03:27.0724 1528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:27.0724 1528 mouclass - ok
23:03:27.0739 1528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:27.0739 1528 mouhid - ok
23:03:27.0755 1528 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:03:27.0755 1528 mountmgr - ok
23:03:27.0786 1528 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:03:27.0786 1528 MozillaMaintenance - ok
23:03:27.0802 1528 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:03:27.0817 1528 mpio - ok
23:03:27.0833 1528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:27.0833 1528 mpsdrv - ok
23:03:27.0880 1528 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:27.0895 1528 MpsSvc - ok
23:03:27.0911 1528 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:27.0911 1528 MRxDAV - ok
23:03:27.0942 1528 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:27.0942 1528 mrxsmb - ok
23:03:27.0973 1528 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:27.0989 1528 mrxsmb10 - ok
23:03:28.0005 1528 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:28.0005 1528 mrxsmb20 - ok
23:03:28.0020 1528 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:03:28.0020 1528 msahci - ok
23:03:28.0036 1528 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:03:28.0036 1528 msdsm - ok
23:03:28.0051 1528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:03:28.0051 1528 MSDTC - ok
23:03:28.0083 1528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:28.0083 1528 Msfs - ok
23:03:28.0098 1528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:03:28.0098 1528 mshidkmdf - ok
23:03:28.0114 1528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:03:28.0114 1528 msisadrv - ok
23:03:28.0145 1528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:28.0145 1528 MSiSCSI - ok
23:03:28.0145 1528 msiserver - ok
23:03:28.0161 1528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:28.0161 1528 MSKSSRV - ok
23:03:28.0192 1528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:28.0192 1528 MSPCLOCK - ok
23:03:28.0207 1528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:28.0207 1528 MSPQM - ok
23:03:28.0239 1528 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:28.0239 1528 MsRPC - ok
23:03:28.0254 1528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:28.0270 1528 mssmbios - ok
23:03:28.0285 1528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:28.0301 1528 MSTEE - ok
23:03:28.0301 1528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:03:28.0301 1528 MTConfig - ok
23:03:28.0317 1528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:28.0317 1528 Mup - ok
23:03:28.0379 1528 [ BB74024A1D4E4808562C090980151653 ] MyWebSearchService C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
23:03:28.0379 1528 MyWebSearchService - ok
23:03:28.0410 1528 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:03:28.0441 1528 napagent - ok
23:03:28.0473 1528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:28.0473 1528 NativeWifiP - ok
23:03:28.0519 1528 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:28.0535 1528 NDIS - ok
23:03:28.0551 1528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:28.0551 1528 NdisCap - ok
23:03:28.0566 1528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:28.0566 1528 NdisTapi - ok
23:03:28.0582 1528 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:28.0582 1528 Ndisuio - ok
23:03:28.0597 1528 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:28.0613 1528 NdisWan - ok
23:03:28.0629 1528 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:28.0629 1528 NDProxy - ok
23:03:28.0644 1528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:28.0644 1528 NetBIOS - ok
23:03:28.0660 1528 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:03:28.0675 1528 NetBT - ok
23:03:28.0691 1528 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:03:28.0691 1528 Netlogon - ok
23:03:28.0722 1528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:03:28.0722 1528 Netman - ok
23:03:28.0738 1528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:03:28.0738 1528 netprofm - ok
23:03:28.0769 1528 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:28.0769 1528 NetTcpPortSharing - ok
23:03:28.0785 1528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:03:28.0800 1528 nfrd960 - ok
23:03:28.0816 1528 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:28.0831 1528 NlaSvc - ok
23:03:28.0831 1528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:28.0831 1528 Npfs - ok
23:03:28.0863 1528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:03:28.0863 1528 nsi - ok
23:03:28.0863 1528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:28.0878 1528 nsiproxy - ok
23:03:28.0941 1528 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:28.0972 1528 Ntfs - ok
23:03:29.0003 1528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:03:29.0003 1528 Null - ok
23:03:29.0331 1528 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:03:29.0612 1528 nvlddmkm - ok
23:03:29.0643 1528 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:29.0643 1528 nvraid - ok
23:03:29.0674 1528 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:29.0674 1528 nvstor - ok
23:03:29.0768 1528 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:03:29.0783 1528 nvsvc - ok
23:03:29.0846 1528 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:03:29.0877 1528 nvUpdatusService - ok
23:03:29.0892 1528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:03:29.0892 1528 nv_agp - ok
23:03:29.0924 1528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:03:29.0924 1528 ohci1394 - ok
23:03:29.0970 1528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:29.0970 1528 ose - ok
23:03:30.0158 1528 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:03:30.0298 1528 osppsvc - ok
23:03:30.0329 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:03:30.0345 1528 p2pimsvc - ok
23:03:30.0376 1528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:30.0392 1528 p2psvc - ok
23:03:30.0407 1528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
23:03:30.0407 1528 Parport - ok
23:03:30.0438 1528 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:30.0438 1528 partmgr - ok
23:03:30.0454 1528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:30.0454 1528 PcaSvc - ok
23:03:30.0470 1528 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:03:30.0470 1528 pci - ok
23:03:30.0485 1528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:03:30.0485 1528 pciide - ok
23:03:30.0501 1528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:03:30.0501 1528 pcmcia - ok
23:03:30.0516 1528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:03:30.0532 1528 pcw - ok
23:03:30.0548 1528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:30.0579 1528 PEAUTH - ok
23:03:30.0626 1528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:03:30.0641 1528 PerfHost - ok
23:03:30.0704 1528 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:03:30.0719 1528 pla - ok
23:03:30.0766 1528 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:30.0766 1528 PlugPlay - ok
23:03:30.0782 1528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:03:30.0782 1528 PNRPAutoReg - ok
23:03:30.0797 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:03:30.0797 1528 PNRPsvc - ok
23:03:30.0844 1528 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:30.0860 1528 PolicyAgent - ok
23:03:30.0875 1528 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:03:30.0891 1528 Power - ok
23:03:30.0906 1528 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:30.0906 1528 PptpMiniport - ok
23:03:30.0938 1528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:03:30.0938 1528 Processor - ok
23:03:30.0969 1528 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:30.0969 1528 ProfSvc - ok
23:03:30.0984 1528 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:30.0984 1528 ProtectedStorage - ok
23:03:31.0000 1528 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:03:31.0016 1528 Psched - ok
23:03:31.0031 1528 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
23:03:31.0031 1528 PxHlpa64 - ok
23:03:31.0078 1528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:03:31.0109 1528 ql2300 - ok
23:03:31.0125 1528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:03:31.0125 1528 ql40xx - ok
23:03:31.0156 1528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:03:31.0172 1528 QWAVE - ok
23:03:31.0172 1528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:31.0172 1528 QWAVEdrv - ok
23:03:31.0187 1528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:31.0203 1528 RasAcd - ok
23:03:31.0218 1528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:31.0218 1528 RasAgileVpn - ok
23:03:31.0265 1528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:31.0281 1528 RasAuto - ok
23:03:31.0281 1528 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:31.0296 1528 Rasl2tp - ok
23:03:31.0312 1528 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:03:31.0312 1528 RasMan - ok
23:03:31.0328 1528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:31.0328 1528 RasPppoe - ok
23:03:31.0343 1528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:31.0359 1528 RasSstp - ok
23:03:31.0390 1528 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:31.0390 1528 rdbss - ok
23:03:31.0406 1528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:03:31.0406 1528 rdpbus - ok
23:03:31.0437 1528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:31.0437 1528 RDPCDD - ok
23:03:31.0452 1528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:31.0452 1528 RDPENCDD - ok
23:03:31.0468 1528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:03:31.0468 1528 RDPREFMP - ok
23:03:31.0499 1528 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:03:31.0499 1528 RdpVideoMiniport - ok
23:03:31.0530 1528 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:31.0530 1528 RDPWD - ok
23:03:31.0562 1528 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:03:31.0562 1528 rdyboost - ok
23:03:31.0593 1528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:31.0593 1528 RemoteAccess - ok
23:03:31.0624 1528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:31.0624 1528 RemoteRegistry - ok
23:03:31.0655 1528 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:03:31.0671 1528 RimUsb - ok
23:03:31.0702 1528 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:03:31.0702 1528 RimVSerPort - ok
23:03:31.0733 1528 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
23:03:31.0733 1528 ROOTMODEM - ok
23:03:31.0749 1528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:03:31.0749 1528 RpcEptMapper - ok
23:03:31.0780 1528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:03:31.0780 1528 RpcLocator - ok
23:03:31.0796 1528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:31.0811 1528 RpcSs - ok
23:03:31.0811 1528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:31.0827 1528 rspndr - ok
23:03:31.0827 1528 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:03:31.0827 1528 SamSs - ok
23:03:31.0842 1528 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:03:31.0842 1528 sbp2port - ok
23:03:31.0858 1528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:31.0874 1528 SCardSvr - ok
23:03:31.0889 1528 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:03:31.0889 1528 scfilter - ok
23:03:31.0936 1528 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:03:31.0967 1528 Schedule - ok
23:03:31.0998 1528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:31.0998 1528 SCPolicySvc - ok
23:03:32.0014 1528 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:32.0014 1528 SDRSVC - ok
23:03:32.0030 1528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:32.0030 1528 secdrv - ok
23:03:32.0045 1528 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:03:32.0045 1528 seclogon - ok
23:03:32.0061 1528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:03:32.0061 1528 SENS - ok
23:03:32.0108 1528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:03:32.0108 1528 SensrSvc - ok
23:03:32.0123 1528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:03:32.0123 1528 Serenum - ok
23:03:32.0139 1528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:03:32.0139 1528 Serial - ok
23:03:32.0154 1528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:03:32.0154 1528 sermouse - ok
23:03:32.0186 1528 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:32.0186 1528 SessionEnv - ok
23:03:32.0201 1528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:03:32.0201 1528 sffdisk - ok
23:03:32.0217 1528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:03:32.0217 1528 sffp_mmc - ok
23:03:32.0248 1528 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:03:32.0248 1528 sffp_sd - ok
23:03:32.0264 1528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:03:32.0264 1528 sfloppy - ok
23:03:32.0295 1528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:32.0295 1528 SharedAccess - ok
23:03:32.0310 1528 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:32.0326 1528 ShellHWDetection - ok
23:03:32.0342 1528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:03:32.0342 1528 SiSRaid2 - ok
23:03:32.0357 1528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:03:32.0357 1528 SiSRaid4 - ok
23:03:32.0404 1528 [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:03:32.0404 1528 SkypeUpdate - ok
23:03:32.0420 1528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:32.0420 1528 Smb - ok
23:03:32.0435 1528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:32.0435 1528 SNMPTRAP - ok
23:03:32.0451 1528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:32.0451 1528 spldr - ok
23:03:32.0482 1528 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:03:32.0498 1528 Spooler - ok
23:03:32.0576 1528 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:03:32.0638 1528 sppsvc - ok
23:03:32.0669 1528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:03:32.0669 1528 sppuinotify - ok
23:03:32.0700 1528 [ 34F974F8B3C86DE03A30DCBE79091C97 ] sptd C:\Windows\system32\Drivers\sptd.sys
23:03:32.0700 1528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C97
23:03:32.0716 1528 sptd ( LockedFile.Multi.Generic ) - warning
23:03:32.0716 1528 sptd - detected LockedFile.Multi.Generic (1)
23:03:32.0747 1528 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:32.0763 1528 srv - ok
23:03:32.0794 1528 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:32.0794 1528 srv2 - ok
23:03:32.0810 1528 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:32.0810 1528 srvnet - ok
23:03:32.0841 1528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:32.0856 1528 SSDPSRV - ok
23:03:32.0872 1528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:32.0872 1528 SstpSvc - ok
23:03:32.0903 1528 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:03:32.0903 1528 ssudmdm - ok
23:03:32.0966 1528 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:03:32.0981 1528 Stereo Service - ok
23:03:33.0012 1528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:03:33.0012 1528 stexstor - ok
23:03:33.0044 1528 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:03:33.0059 1528 stisvc - ok
23:03:33.0075 1528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:33.0075 1528 swenum - ok
23:03:33.0122 1528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:03:33.0137 1528 swprv - ok
23:03:33.0184 1528 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:03:33.0215 1528 SysMain - ok
23:03:33.0231 1528 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:33.0262 1528 TabletInputService - ok
23:03:33.0278 1528 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:33.0278 1528 TapiSrv - ok
23:03:33.0293 1528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:03:33.0293 1528 TBS - ok
23:03:33.0356 1528 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:33.0387 1528 Tcpip - ok
23:03:33.0434 1528 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:33.0434 1528 TCPIP6 - ok
23:03:33.0480 1528 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:33.0480 1528 tcpipreg - ok
23:03:33.0512 1528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:33.0512 1528 TDPIPE - ok
23:03:33.0543 1528 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:33.0543 1528 TDTCP - ok
23:03:33.0558 1528 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:33.0558 1528 tdx - ok
23:03:33.0574 1528 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:33.0574 1528 TermDD - ok
23:03:33.0605 1528 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:03:33.0621 1528 TermService - ok
23:03:33.0636 1528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:03:33.0636 1528 Themes - ok
23:03:33.0652 1528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:33.0652 1528 THREADORDER - ok
23:03:33.0668 1528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:03:33.0668 1528 TrkWks - ok
23:03:33.0714 1528 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:33.0714 1528 TrustedInstaller - ok
23:03:33.0730 1528 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:33.0730 1528 tssecsrv - ok
23:03:33.0761 1528 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:03:33.0761 1528 TsUsbFlt - ok
23:03:33.0777 1528 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:03:33.0792 1528 TsUsbGD - ok
23:03:33.0902 1528 [ DD296C78B0D2C3F5E42DC0D2972CD992 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
23:03:33.0948 1528 TuneUp.UtilitiesSvc - ok
23:03:33.0980 1528 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
23:03:33.0980 1528 TuneUpUtilitiesDrv - ok
23:03:34.0011 1528 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:34.0011 1528 tunnel - ok
23:03:34.0042 1528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:03:34.0042 1528 uagp35 - ok
23:03:34.0058 1528 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:34.0073 1528 udfs - ok
23:03:34.0104 1528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:34.0104 1528 UI0Detect - ok
23:03:34.0120 1528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:03:34.0120 1528 uliagpkx - ok
23:03:34.0136 1528 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:34.0136 1528 umbus - ok
23:03:34.0151 1528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:03:34.0151 1528 UmPass - ok
23:03:34.0182 1528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:03:34.0182 1528 upnphost - ok
23:03:34.0214 1528 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:03:34.0229 1528 USBAAPL64 - ok
23:03:34.0260 1528 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:03:34.0260 1528 usbaudio - ok
23:03:34.0307 1528 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:34.0307 1528 usbccgp - ok
23:03:34.0323 1528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:03:34.0323 1528 usbcir - ok
23:03:34.0354 1528 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:03:34.0354 1528 usbehci - ok
23:03:34.0385 1528 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:34.0385 1528 usbhub - ok
23:03:34.0416 1528 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:03:34.0416 1528 usbohci - ok
23:03:34.0432 1528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:34.0432 1528 usbprint - ok
23:03:34.0463 1528 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:03:34.0463 1528 usbscan - ok
23:03:34.0479 1528 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:34.0479 1528 USBSTOR - ok
23:03:34.0494 1528 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:03:34.0494 1528 usbuhci - ok
23:03:34.0526 1528 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:03:34.0541 1528 usbvideo - ok
23:03:34.0557 1528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:03:34.0557 1528 UxSms - ok
23:03:34.0572 1528 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:03:34.0572 1528 VaultSvc - ok
23:03:34.0588 1528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:03:34.0588 1528 vdrvroot - ok
23:03:34.0604 1528 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:03:34.0619 1528 vds - ok
23:03:34.0635 1528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:34.0650 1528 vga - ok
23:03:34.0666 1528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:03:34.0666 1528 VgaSave - ok
23:03:34.0682 1528 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:03:34.0682 1528 vhdmp - ok
23:03:34.0697 1528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:03:34.0713 1528 viaide - ok
23:03:34.0713 1528 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:03:34.0713 1528 volmgr - ok
23:03:34.0744 1528 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:03:34.0744 1528 volmgrx - ok
23:03:34.0760 1528 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:03:34.0760 1528 volsnap - ok
23:03:34.0775 1528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:03:34.0775 1528 vsmraid - ok
23:03:34.0838 1528 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:03:34.0900 1528 VSS - ok
23:03:34.0916 1528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:03:34.0916 1528 vwifibus - ok
23:03:34.0931 1528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:03:34.0947 1528 W32Time - ok
23:03:34.0962 1528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:03:34.0978 1528 WacomPen - ok
23:03:35.0025 1528 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
23:03:35.0025 1528 WajamUpdater - ok
23:03:35.0040 1528 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:03:35.0040 1528 WANARP - ok
23:03:35.0056 1528 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:03:35.0056 1528 Wanarpv6 - ok
23:03:35.0103 1528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:03:35.0134 1528 WatAdminSvc - ok
23:03:35.0181 1528 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:03:35.0212 1528 wbengine - ok
23:03:35.0243 1528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:03:35.0243 1528 WbioSrvc - ok
23:03:35.0259 1528 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:03:35.0259 1528 wcncsvc - ok
23:03:35.0274 1528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:35.0274 1528 WcsPlugInService - ok
23:03:35.0306 1528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:03:35.0306 1528 Wd - ok
23:03:35.0352 1528 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:03:35.0368 1528 Wdf01000 - ok
23:03:35.0384 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:03:35.0384 1528 WdiServiceHost - ok
23:03:35.0384 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:03:35.0399 1528 WdiSystemHost - ok
23:03:35.0415 1528 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:03:35.0415 1528 WebClient - ok
23:03:35.0430 1528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:03:35.0430 1528 Wecsvc - ok
23:03:35.0446 1528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:03:35.0446 1528 wercplsupport - ok
23:03:35.0462 1528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:03:35.0462 1528 WerSvc - ok
23:03:35.0508 1528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:35.0508 1528 WfpLwf - ok
23:03:35.0524 1528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:03:35.0524 1528 WIMMount - ok
23:03:35.0555 1528 WinDefend - ok
23:03:35.0555 1528 WinHttpAutoProxySvc - ok
23:03:35.0618 1528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:03:35.0618 1528 Winmgmt - ok
23:03:35.0664 1528 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:03:35.0711 1528 WinRM - ok
23:03:35.0758 1528 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:35.0774 1528 WinUsb - ok
23:03:35.0805 1528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:03:35.0820 1528 Wlansvc - ok
23:03:35.0867 1528 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:03:35.0867 1528 wlcrasvc - ok
23:03:35.0992 1528 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:03:36.0054 1528 wlidsvc - ok
23:03:36.0086 1528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:03:36.0086 1528 WmiAcpi - ok
23:03:36.0117 1528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:03:36.0132 1528 wmiApSrv - ok
23:03:36.0148 1528 WMPNetworkSvc - ok
23:03:36.0164 1528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:03:36.0164 1528 WPCSvc - ok
23:03:36.0179 1528 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:03:36.0179 1528 WPDBusEnum - ok
23:03:36.0195 1528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:03:36.0195 1528 ws2ifsl - ok
23:03:36.0226 1528 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:03:36.0226 1528 wscsvc - ok
23:03:36.0242 1528 WSearch - ok
23:03:36.0335 1528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:03:36.0413 1528 wuauserv - ok
23:03:36.0429 1528 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:03:36.0444 1528 WudfPf - ok
23:03:36.0476 1528 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:36.0476 1528 WUDFRd - ok
23:03:36.0491 1528 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:03:36.0507 1528 wudfsvc - ok
23:03:36.0522 1528 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:03:36.0538 1528 WwanSvc - ok
23:03:36.0585 1528 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
23:03:36.0585 1528 yukonw7 - ok
23:03:36.0600 1528 ================ Scan global ===============================
23:03:36.0632 1528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:03:36.0647 1528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:36.0663 1528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:36.0694 1528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:03:36.0725 1528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:03:36.0725 1528 [Global] - ok
23:03:36.0725 1528 ================ Scan MBR ==================================
23:03:36.0741 1528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:03:36.0912 1528 \Device\Harddisk0\DR0 - ok
23:03:36.0912 1528 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
23:03:36.0928 1528 \Device\Harddisk1\DR1 - ok
23:03:36.0928 1528 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk6\DR6
23:03:36.0944 1528 \Device\Harddisk6\DR6 - ok
23:03:36.0944 1528 ================ Scan VBR ==================================
23:03:36.0944 1528 [ 5E1FFDA03ADF716325B3EEBDA320AD70 ] \Device\Harddisk0\DR0\Partition1
23:03:36.0944 1528 \Device\Harddisk0\DR0\Partition1 - ok
23:03:36.0959 1528 [ F0DB76EEA7384EAFEFA271B4C132FE2D ] \Device\Harddisk1\DR1\Partition1
23:03:36.0959 1528 \Device\Harddisk1\DR1\Partition1 - ok
23:03:36.0959 1528 [ 2CA56DCF83E1A4BF11BF562A88793243 ] \Device\Harddisk6\DR6\Partition1
23:03:36.0959 1528 \Device\Harddisk6\DR6\Partition1 - ok
23:03:36.0959 1528 ============================================================
23:03:36.0959 1528 Scan finished
23:03:36.0959 1528 ============================================================
23:03:36.0975 5116 Detected object count: 1
23:03:36.0975 5116 Actual detected object count: 1
23:05:26.0097 5116 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
23:05:26.0097 5116 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
23:05:43.0413 3392 Deinitialize success
-
Excellent! All working fine now... Thank you!
-
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-07-2013 01
Ran by SYSTEM at 2013-07-09 22:47:48 Run:1
Running from H:\
Boot Mode: Recovery
==============================================
C:\Users\Les\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Les\AppData\Roaming\skype.ini => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1 => Moved successfully.
HKU\Les\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
==== End of Fixlog ==== -
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2013 01
Ran by SYSTEM on 09-07-2013 22:18:57
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet002
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-07-28] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [Maps4PC_0c Browser Plugin Loader] - C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbrmon.exe [30096 2011-09-28] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [FUFAXRCV] - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [495616 2011-03-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [856064 2011-03-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-28] (AVG Technologies CZ, s.r.o.)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\Les\...\Run: [skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18708224 2013-01-08] (Skype Technologies S.A.)
HKU\Les\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7525 Series" [241280 2013-02-23] (SEIKO EPSON CORPORATION)
HKU\Les\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2013-04-19] (Google Inc.)
HKU\Les\...\Winlogon: [shell] explorer.exe,C:\Users\Les\AppData\Roaming\skype.dat [70144 2011-11-16] () <==== ATTENTION
HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll [22592 2013-06-22] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL c:\progra~3\browse~2\261339~1.144\{c16c1~1\browse~1.dll C:\PROGRA~2\MUSICT~1\Datamngr\mgrldr.dll [18496 2013-06-22] ()
IMEO\audibledownloadhelper.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\bingdesktop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\extendscript toolkit.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\firefox.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\photoshop elements 8.0.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\photoshopelementseditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\photoshopelementsorganizer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IMEO\rim.desktop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Les\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Services (Whitelisted) =================
S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1428472 2013-04-10] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-13] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-17] (AVG Technologies CZ, s.r.o.)
S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
S2 DatamngrCoordinator; C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3179584 2013-06-22] (iMesh Inc.)
S2 Maps4PC_0cService; C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe [42504 2011-08-22] (COMPANYVERS_NAME)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S4 MyWebSearchService; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320 2011-09-27] (MyWebSearch.com)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148216 2012-08-23] (AVG)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
==================== Drivers (Whitelisted) ====================
S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-28] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-07] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-07] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-07] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-07] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-07] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-20] (AVG Technologies CZ, s.r.o.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-07-18] (Duplex Secure Ltd.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-09 22:18 - 2013-07-09 22:18 - 00000000 ____D C:\FRST
2013-07-08 08:25 - 2013-07-08 11:37 - 00000004 ____A C:\Users\Les\AppData\Roaming\skype.ini
2013-07-07 08:32 - 2013-07-07 09:15 - 00000866 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-07 08:31 - 2013-07-07 08:31 - 14391552 ____A (PortableApps.com) C:\Users\Les\Desktop\Java_Portable_6_Update_21_online.paf.exe
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\Delta
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\BabSolution
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Local\Wajam
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____A C:\END
2013-07-05 01:58 - 2013-07-05 01:58 - 00002360 ____A C:\Users\Les\Desktop\Google Chrome.lnk
2013-06-29 14:55 - 2013-06-29 14:55 - 00000000 ____D C:\ProgramData\Browser Manager
2013-06-29 12:38 - 2013-06-29 12:39 - 00021504 ____A C:\Users\Les\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-29 12:36 - 2013-06-29 12:36 - 00000000 ____D C:\Users\Les\AppData\Roaming\MusicNet
2013-06-29 12:35 - 2013-06-29 12:35 - 00000000 ____D C:\Users\Les\Documents\My Received Files
2013-06-29 12:34 - 2013-06-29 12:34 - 00000000 ____D C:\ProgramData\Wincert
2013-06-29 12:33 - 2013-07-08 11:37 - 00000000 ____D C:\ProgramData\Datamngr
2013-06-29 12:33 - 2013-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\Music Toolbar
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\Les\AppData\Roaming\AVG2013
2013-06-29 01:23 - 2013-06-29 01:23 - 00001003 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-29 01:20 - 2013-06-29 01:25 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-29 01:18 - 2013-06-29 09:44 - 00000000 ____D C:\Users\Les\AppData\Local\Avg2013
2013-06-29 01:18 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\MFAData
2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\Program Files\iTunes
2013-06-28 09:32 - 2013-06-28 09:33 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-28 09:32 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iPod
2013-06-28 04:59 - 2013-06-28 04:59 - 02238976 ____N C:\Users\Les\Documents\IBA Manual of Deal Pages.xls
2013-06-26 18:06 - 2013-06-26 18:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-26 18:06 - 2013-06-26 18:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-26 18:06 - 2013-06-26 18:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-26 18:06 - 2013-06-26 18:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-26 18:06 - 2013-06-26 18:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-26 18:06 - 2013-06-26 18:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-26 18:06 - 2013-06-26 18:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-26 18:06 - 2013-06-26 18:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-26 18:04 - 2013-06-26 18:10 - 00007201 ____A C:\Windows\IE10_main.log
2013-06-26 16:01 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-26 16:01 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-26 16:01 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-26 16:01 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-26 16:01 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-26 15:59 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-26 15:59 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-26 15:58 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-26 15:58 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-26 15:58 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-26 15:58 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-26 15:58 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-26 15:58 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-26 15:58 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-26 15:58 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-26 15:58 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-26 15:58 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-26 15:56 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-26 15:56 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
==================== One Month Modified Files and Folders =======
2013-07-09 22:18 - 2013-07-09 22:18 - 00000000 ____D C:\FRST
2013-07-08 11:38 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-08 11:38 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-08 11:37 - 2013-07-08 08:25 - 00000004 ____A C:\Users\Les\AppData\Roaming\skype.ini
2013-07-08 11:37 - 2013-06-29 12:33 - 00000000 ____D C:\ProgramData\Datamngr
2013-07-08 11:37 - 2011-05-21 07:12 - 01968896 ____A C:\Windows\WindowsUpdate.log
2013-07-08 11:36 - 2011-07-16 02:36 - 00009852 ____A C:\Users\Les\Sti_Trace.log
2013-07-08 11:34 - 2013-01-26 17:00 - 00005594 ____A C:\Windows\setupact.log
2013-07-08 11:34 - 2012-11-17 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-08 11:34 - 2011-09-06 07:00 - 00000310 __ASH C:\Windows\Tasks\unzynxnxke.job
2013-07-08 11:34 - 2011-05-21 14:20 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-08 11:34 - 2011-05-21 07:32 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs
2013-07-08 11:34 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-08 11:16 - 2011-05-21 14:20 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-08 11:14 - 2011-05-21 08:21 - 00000000 ____D C:\ProgramData\MFAData
2013-07-08 11:12 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-08 11:09 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-07-08 08:41 - 2011-06-06 14:01 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352994947-2355220423-3568772355-1001UA.job
2013-07-08 08:28 - 2010-11-20 19:47 - 00189192 ____A C:\Windows\PFRO.log
2013-07-08 08:28 - 2009-07-13 21:08 - 00032636 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-08 07:53 - 2011-05-21 08:00 - 00000000 ____D C:\Users\Les\Documents\Outlook Files
2013-07-08 07:51 - 2012-07-16 08:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 05:41 - 2011-06-06 14:01 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352994947-2355220423-3568772355-1001Core.job
2013-07-07 09:15 - 2013-07-07 08:32 - 00000866 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-07 09:11 - 2011-06-12 10:06 - 00003125 ____A C:\Users\Les\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-07-07 08:31 - 2013-07-07 08:31 - 14391552 ____A (PortableApps.com) C:\Users\Les\Desktop\Java_Portable_6_Update_21_online.paf.exe
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\Delta
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Roaming\BabSolution
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Users\Les\AppData\Local\Wajam
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-07 08:31 - 2013-07-07 08:31 - 00000000 ____A C:\END
2013-07-06 04:47 - 2011-05-21 08:05 - 00000000 ____D C:\Users\Les\AppData\Roaming\Skype
2013-07-05 01:58 - 2013-07-05 01:58 - 00002360 ____A C:\Users\Les\Desktop\Google Chrome.lnk
2013-06-29 14:55 - 2013-06-29 14:55 - 00000000 ____D C:\ProgramData\Browser Manager
2013-06-29 12:39 - 2013-06-29 12:38 - 00021504 ____A C:\Users\Les\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-29 12:36 - 2013-06-29 12:36 - 00000000 ____D C:\Users\Les\AppData\Roaming\MusicNet
2013-06-29 12:35 - 2013-06-29 12:35 - 00000000 ____D C:\Users\Les\Documents\My Received Files
2013-06-29 12:34 - 2013-06-29 12:34 - 00000000 ____D C:\ProgramData\Wincert
2013-06-29 12:33 - 2013-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\Music Toolbar
2013-06-29 12:17 - 2013-05-01 12:53 - 00000000 ____D C:\Users\Les\Documents\Mr Ohms Logos
2013-06-29 09:44 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\Avg2013
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\Les\AppData\Roaming\AVG2013
2013-06-29 09:43 - 2011-05-21 08:41 - 00000000 ____D C:\Program Files (x86)\AVG
2013-06-29 01:25 - 2013-06-29 01:20 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-29 01:23 - 2013-06-29 01:23 - 00001003 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-29 01:23 - 2012-10-27 01:07 - 00000000 ____D C:\Users\Les\AppData\Roaming\TuneUp Software
2013-06-29 01:22 - 2011-09-24 00:30 - 00000000 ___HD C:\$AVG
2013-06-29 01:18 - 2013-06-29 01:18 - 00000000 ____D C:\Users\Les\AppData\Local\MFAData
2013-06-28 17:50 - 2011-05-21 08:42 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2013-06-28 09:36 - 2011-05-23 03:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iTunes
2013-06-28 09:33 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-28 09:33 - 2012-11-03 08:42 - 00001821 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-28 09:32 - 2013-06-28 09:32 - 00000000 ____D C:\Program Files\iPod
2013-06-28 04:59 - 2013-06-28 04:59 - 02238976 ____N C:\Users\Les\Documents\IBA Manual of Deal Pages.xls
2013-06-26 23:37 - 2011-05-21 14:20 - 00000000 ____D C:\Users\Les\AppData\Local\Google
2013-06-26 19:09 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-26 18:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-26 18:10 - 2013-06-26 18:04 - 00007201 ____A C:\Windows\IE10_main.log
2013-06-26 18:06 - 2013-06-26 18:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-26 18:06 - 2013-06-26 18:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-26 18:06 - 2013-06-26 18:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-26 18:06 - 2013-06-26 18:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-26 18:06 - 2013-06-26 18:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-26 18:06 - 2013-06-26 18:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-26 18:06 - 2013-06-26 18:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-26 18:06 - 2013-06-26 18:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-26 18:06 - 2013-06-26 18:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-26 18:06 - 2013-06-26 18:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-26 18:06 - 2013-06-26 18:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-26 18:06 - 2013-06-26 18:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-26 18:01 - 2011-06-01 02:55 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-26 16:51 - 2012-04-14 17:44 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-26 16:51 - 2011-05-21 14:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3352994947-2355220423-3568772355-1001\$46bdc989289dea48ab74525a3982e5a1
Files to move or delete:
====================
C:\Users\Les\AppData\Roaming\skype.dat
C:\Users\Les\AppData\Roaming\skype.ini
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 24%
Total physical RAM: 2047.18 MB
Available physical RAM: 1555.31 MB
Total Pagefile: 2047.18 MB
Available Pagefile: 1543 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:451.11 GB) (Free:350.12 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:278.54 GB) NTFS (Disk=1 Partition=1)
Drive e: (PQSERVICE) (Fixed) (Total:14.65 GB) (Free:6.95 GB) NTFS (Disk=0 Partition=1)
Drive h: (KINGSTON) (Removable) (Total:7.44 GB) (Free:7.34 GB) FAT32 (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E04C1E5F)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=451 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 7B9C243B)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 65901243)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
LastRegBack: 2013-07-02 15:06
==================== End Of Log ============================Farbar Recovery Scan Tool (x64) Version: 09-07-2013 01
Ran by SYSTEM at 2013-07-09 22:21:08
Running from H:\
Boot Mode: Recovery
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
====== End Of Search ====== -
I have got a computer that has been infected with ransomware. I have even tried to book to safe mode but as soon as I boot to safe it auto restarts!
I have downloaded FRST64.exe as recommended from previous posts on here but now I need help in how to remove the virus, I can post the 2 logs here...
Ramsomware removal
in Resolved Malware Removal Logs
Posted
Yes... The main drive died (old pc) so had to get new HDD...... Thank you for your help anyway