Jump to content

Sirefef trojan removal


Recommended Posts

I've acquired the Sirefef trojan. Couldn't start Security Essentials. Uninstalled Security Essentials. Reinstalled Security Essentials. It kept detecting and restarting. I have since then removed it again until I can get a true fix.

Thanks!

Link to post
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1

Run by mcasciano at 20:38:10 on 2012-07-28

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8118.3866 [GMT -4:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k NetworkService

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe

C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\inetsrv\inetinfo.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe

C:\Program Files\DellTPad\Apoint.exe

-netsvcs

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\conhost.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe

C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe

C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\bin\msmdsrv.exe

C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\bin\msmdsrv.exe

C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\sqlservr.exe

C:\app\mcasciano\product\11.2.0\client_1\bin\omtsreco.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe

C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

C:\Windows\SysWOW64\vmnat.exe

c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\SysWOW64\vmnetdhcp.exe

C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe

C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe

C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdhost.exe

C:\Windows\system32\conhost.exe

c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\notepad.exe

"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} - mscoree.dll

EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [Google Update] "C:\Users\mcasciano\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized

StartupFolder: C:\Users\MCASCI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\mcasciano\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\MCASCI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

mPolicies-system: HideFastUserSwitching = 1 (0x1)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Open with XmlPad - C:\Program Files (x86)\WMHelp Software\WMHelp XmlPad\WmhASPP.dll/101

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: mswsock.dll

LSP: %SystemRoot%\system32\vsocklib.dll

Trusted Zone: arkesystems.com

Trusted Zone: arkesystems.com\portal

Trusted Zone: microsoftonline.com

Trusted Zone: microsoftonline.com\login

Trusted Zone: sharepoint.com\arkesystems1

Trusted Zone: sharepoint.com\arkesystems1-admin

Trusted Zone: sharepoint.com\arkesystems1-my

Trusted Zone: xrmlive.com\gsga

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://my.magmutual.com/vdesk/terminal/f5tunsrv.cab#version=6031,2010,617,2013

DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - C:\Users\MCASCI~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab

DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} - hxxp://gfg-nor-crm01.gfg.local/Reserved.ReportViewerWebControl.axd?ReportSession=45ds42551dfqhi453j0h1v55&Culture=1033&CultureOverrides=True&UICulture=1033&UICultureOverrides=True&ReportStack=1&ControlID=d7fe4076b23d4682b7b08a1ec3c31fd6&OpType=PrintCab&Arch=X86

DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574}

DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://my.magmutual.com/vdesk/terminal/urxhost.cab#version=6031,2010,617,2005

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC}\1427B6563597374756D637 : DhcpNameServer = 192.168.1.56 192.168.1.57

TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC}\2457666616C6F6121312 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{D2C4B2F3-3972-434C-A6BB-AE4E6C4723EC}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wmh - {A1428E78-2D00-4590-A071-0CC9700A7768} - C:\Program Files (x86)\WMHelp Software\WMHelp XmlPad\WmhASPP.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

EB-X64: {3142c289-f319-47f5-a594-a827028714c9} - No File

EB-X64: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - No File

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized

IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\mcasciano\AppData\Roaming\Mozilla\Firefox\Profiles\xas03yjw.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll

FF - plugin: C:\Users\mcasciano\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\Firefox\Profiles\xas03yjw.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll

FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\Firefox\Profiles\xas03yjw.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll

FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\mcasciano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 NEOFLTR_650_17883;Juniper Networks TDI Filter Driver (NEOFLTR_650_17883);\??\C:\Windows\system32\Drivers\NEOFLTR_650_17883.SYS --> C:\Windows\system32\Drivers\NEOFLTR_650_17883.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-4-30 104872]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-4-30 123816]

R2 CrmSqlStartupSvc;SQL Server (CRM) On-Demand Shutdown;C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe [2012-4-26 24168]

R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-9-26 375208]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]

R2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2011-6-17 210784]

R2 MsDtsServer110;SQL Server Integration Services 11.0;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [2012-2-11 218200]

R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2011-9-28 2078112]

R2 MSOLAP$MSSQL2012;SQL Server Analysis Services (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\bin\msmdsrv.exe [2012-2-11 61538904]

R2 MSOLAP$SQLSERVER08;SQL Server Analysis Services (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\bin\msmdsrv.exe [2011-6-17 54791520]

R2 MSSQL$MSSQL2012;SQL Server (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe [2012-2-11 191064]

R2 MSSQL$SQLSERVER08;SQL Server (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\sqlservr.exe [2011-6-17 62111072]

R2 ReportServer$MSSQL2012;SQL Server Reporting Services (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2012-2-11 2348632]

R2 ReportServer$SQLSERVER08;SQL Server Reporting Services (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-6-17 2180960]

R2 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-5-18 127488]

R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-12 2984832]

R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]

R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-4-23 478672]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]

R3 MSSQLFDLauncher$MSSQL2012;SQL Full-text Filter Daemon Launcher (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe [2012-2-11 49752]

R3 MSSQLFDLauncher$SQLSERVER08;SQL Full-text Filter Daemon Launcher (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe [2010-4-3 32096]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S1 haycmkae;haycmkae;\??\C:\Windows\system32\drivers\haycmkae.sys --> C:\Windows\system32\drivers\haycmkae.sys [?]

S1 rfdedaei;rfdedaei;\??\C:\Windows\system32\drivers\rfdedaei.sys --> C:\Windows\system32\drivers\rfdedaei.sys [?]

S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]

S2 MSCRMAsyncService$client;Microsoft CRM Asynchronous Processing Service (client);C:\Program Files (x86)\Microsoft Dynamics CRM Data Migration Manager\DMClient\bin\CrmAsyncService.exe [2009-1-31 165728]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]

S2 vtigercrmMysql530;vtigercrmMysql530;"C:\Program Files (x86)\vtigercrm-5.3.0\mysql\bin\mysqld-nt" "--defaults-file=C:\Program Files (x86)\vtigercrm-5.3.0\mysql\my.ini" vtigercrmMysql530 --> C:\Program Files (x86)\vtigercrm-5.3.0\mysql\bin\mysqld-nt [?]

S3 acsock;acsock;C:\Windows\system32\DRIVERS\acsock64.sys --> C:\Windows\system32\DRIVERS\acsock64.sys [?]

S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2011-12-9 15768]

S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service;C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-5-18 139776]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 113120]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 SQLAgent$MSSQL2012;SQL Server Agent (MSSQL2012);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\SQLAGENT.EXE [2012-2-11 597080]

S3 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]

S3 SQLAgent$SQLSERVER08;SQL Server Agent (SQLSERVER08);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\SQLAGENT.EXE [2011-6-17 431456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-1-18 68440]

S3 VSPerfDrv110;Performance Tools Driver 11.0;C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2012-4-1 71960]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

S3 WMSVC;Web Management Service;C:\Windows\system32\inetsrv\wmsvc.exe --> C:\Windows\system32\inetsrv\wmsvc.exe [?]

S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]

S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]

S4 RsFx0151;RsFx0151 Driver;C:\Windows\system32\DRIVERS\RsFx0151.sys --> C:\Windows\system32\DRIVERS\RsFx0151.sys [?]

S4 RsFx0200;RsFx0200 Driver;C:\Windows\system32\DRIVERS\RsFx0200.sys --> C:\Windows\system32\DRIVERS\RsFx0200.sys [?]

SUnknown aygclmzm;aygclmzm; [x]

SUnknown ghbmoeel;ghbmoeel; [x]

.

=============== Created Last 30 ================

.

2012-07-29 00:00:47 50392 ----a-w- C:\Windows\System32\drivers\haycmkae.sys

2012-07-29 00:00:35 50392 ----a-w- C:\Windows\System32\drivers\rfdedaei.sys

2012-07-28 23:53:38 50392 ----a-w- C:\Windows\System32\drivers\zcmgxigb.sys

2012-07-28 23:53:38 328704 ----a-w- C:\Windows\System32\services.exe.56C209A3DD986DD9

2012-07-28 23:45:20 328704 ----a-w- C:\Windows\System32\services.exe.2A92AD4B0F3DDB43

2012-07-28 23:37:43 328704 ----a-w- C:\Windows\System32\services.exe.E42FC75A3C369E50

2012-07-28 23:30:47 328704 ----a-w- C:\Windows\System32\services.exe.26430573A87966B9

2012-07-28 23:23:34 328704 ----a-w- C:\Windows\System32\services.exe.7FCF0B494E963437

2012-07-28 23:16:31 328704 ----a-w- C:\Windows\System32\services.exe.1999BE9AE75136EE

2012-07-28 23:08:17 328704 ----a-w- C:\Windows\System32\services.exe.1E1F619D2908A1A4

2012-07-28 23:01:16 328704 ----a-w- C:\Windows\System32\services.exe.C4E23341788E07BB

2012-07-28 22:54:15 328704 ----a-w- C:\Windows\System32\services.exe.05725DB954EA9E95

2012-07-28 22:45:02 328704 ----a-w- C:\Windows\System32\services.exe.EE2B73359C35E472

2012-07-28 22:32:20 328704 ----a-w- C:\Windows\System32\services.exe.818C7ACFB9B77717

2012-07-28 22:22:25 328704 ----a-w- C:\Windows\System32\services.exe.17CD3B4823F34B15

2012-07-28 22:10:14 328704 ----a-w- C:\Windows\System32\services.exe.A588D620D3432E31

2012-07-28 21:57:42 328704 ----a-w- C:\Windows\System32\services.exe.5EC65854F93167D7

2012-07-28 21:44:09 20480 ------w- C:\Windows\svchost.exe

2012-07-28 09:44:02 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-07-26 21:52:46 -------- d-----w- C:\Users\mcasciano\AppData\Roaming\Malwarebytes

2012-07-26 21:52:20 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-26 21:52:17 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-26 21:52:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-26 12:54:02 10240 ----a-w- C:\SharePointFarmSolutionExtractor.exe

2012-07-24 19:33:09 -------- d-----w- C:\Program Files (x86)\Microsoft Web Tooling Extensions

2012-07-24 19:22:57 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll

2012-07-24 19:22:25 -------- d-----w- C:\Program Files (x86)\Microsoft Expression

2012-07-24 19:22:14 -------- d-----w- C:\Program Files (x86)\WPF Toolkit

2012-07-24 19:15:29 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll

2012-07-24 19:15:29 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll

2012-07-24 19:15:29 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll

2012-07-24 19:15:29 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll

2012-07-24 19:15:28 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll

2012-07-24 19:15:27 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll

2012-07-24 19:14:05 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll

2012-07-24 19:14:05 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll

2012-07-24 19:13:43 -------- d-----w- C:\Windows\SysWow64\xlive

2012-07-24 19:13:41 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2012-07-24 19:13:16 -------- d-----w- C:\Program Files (x86)\Microsoft XNA

2012-07-24 19:08:43 204224 ----a-w- C:\ProgramData\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll

2012-07-24 19:02:57 -------- d-----w- C:\Program Files (x86)\Microsoft XDE

2012-07-24 19:02:47 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2012-07-24 19:02:47 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2012-07-24 19:02:22 2582888 ----a-w- C:\Windows\System32\D3DCompiler_42.dll

2012-07-24 19:02:22 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll

2012-07-24 14:09:29 -------- d-----w- C:\Users\mcasciano\AppData\Roaming\ElectricMobileSim

2012-07-24 14:08:50 94208 ----a-w- C:\Windows\SysWow64\eSellerateControl365.dll

2012-07-24 14:08:50 360580 --s-a-w- C:\Windows\SysWow64\eSellerateEngine.dll

2012-07-24 14:08:44 -------- d-----w- C:\Program Files (x86)\Electric Plum

2012-07-24 13:34:12 -------- d-----w- C:\Users\mcasciano\net

2012-07-24 13:30:25 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion

2012-07-24 13:29:24 -------- d-----w- C:\Program Files (x86)\Research In Motion

2012-07-24 13:01:19 -------- d-----w- C:\Users\mcasciano\AppData\Local\VMware

2012-07-23 19:25:30 31384 ----a-w- C:\Windows\System32\drivers\VMparport.sys

2012-07-23 19:25:29 63128 ----a-w- C:\Windows\System32\drivers\vmx86.sys

2012-07-23 19:24:54 354456 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe

2012-07-23 19:24:52 433816 ----a-w- C:\Windows\SysWow64\vmnat.exe

2012-07-23 19:24:51 30360 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys

2012-07-23 19:24:45 942744 ----a-w- C:\Windows\System32\vnetlib64.dll

2012-07-23 19:24:42 32920 ----a-w- C:\Windows\System32\drivers\VMkbd.sys

2012-07-23 19:24:40 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys

2012-07-23 19:23:49 -------- d-----w- C:\Program Files\Common Files\VMware

2012-07-11 07:08:51 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 05:30:10 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-07-11 05:29:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-07-10 20:22:47 -------- d--h--w- C:\Users\mcasciano\InstallAnywhere

2012-06-29 02:26:42 396432 ----a-w- C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\Web\Microsoft.Web.Publishing.Tasks.dll

.

==================== Find3M ====================

.

2012-07-12 17:24:23 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2012-07-12 17:24:23 80800 ----a-w- C:\Windows\System32\LMIinit.dll

2012-07-12 17:24:23 34720 ----a-w- C:\Windows\System32\LMIport.dll

2012-06-21 20:12:26 60304 ----a-w- C:\Users\mcasciano\g2mdlhlpx.exe

2012-06-09 04:29:42 252056 ----a-w- C:\Windows\SysWow64\vmnc.dll

2012-06-09 03:52:20 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll

2012-06-09 03:52:20 48752 ----a-w- C:\Windows\System32\vnetinst.dll

2012-06-09 03:52:20 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys

2012-06-09 03:52:20 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys

2012-06-09 03:52:20 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-05-21 22:14:50 685968 ----a-w- C:\Windows\System32\vsjitdebugger.exe

2012-05-19 01:47:20 98752 ----a-w- C:\Windows\SysWow64\vfrdvcompat.dll

2012-05-19 01:47:20 164168 ----a-w- C:\Windows\SysWow64\vrfcore.dll

2012-05-19 01:47:16 87312 ----a-w- C:\Windows\SysWow64\vfcompat.dll

2012-05-19 01:47:16 81560 ----a-w- C:\Windows\SysWow64\vfnet.dll

2012-05-19 01:47:16 40120 ----a-w- C:\Windows\SysWow64\vfntlmless.dll

2012-05-19 01:47:16 367360 ----a-w- C:\Windows\SysWow64\vfprintpthelper.dll

2012-05-19 01:47:16 351248 ----a-w- C:\Windows\SysWow64\vfbasics.dll

2012-05-19 01:47:16 306552 ----a-w- C:\Windows\SysWow64\vfprint.dll

2012-05-19 01:47:16 242736 ----a-w- C:\Windows\SysWow64\vfluapriv.dll

2012-05-19 01:47:16 21432 ----a-w- C:\Windows\SysWow64\cuzzapi.dll

2012-05-19 01:47:14 61352 ----a-w- C:\Windows\SysWow64\vfnws.dll

2012-05-19 01:47:14 52016 ----a-w- C:\Windows\SysWow64\vfcuzz.dll

2012-05-19 01:47:14 173504 ----a-w- C:\Windows\SysWow64\appverif.exe

2012-05-19 01:42:00 59304 ----a-w- C:\Windows\SysWow64\VSD3DRefDebug.dll

2012-05-19 01:41:48 712616 ----a-w- C:\Windows\SysWow64\d3d11_1sdklayers.dll

2012-05-19 01:41:48 608680 ----a-w- C:\Windows\SysWow64\d3d11ref.dll

2012-05-19 01:41:48 590248 ----a-w- C:\Windows\SysWow64\d3d11sdklayers.dll

2012-05-19 01:41:48 461224 ----a-w- C:\Windows\SysWow64\d3d10sdklayers.dll

2012-05-19 01:41:48 383912 ----a-w- C:\Windows\SysWow64\d3dref9.dll

2012-05-19 01:41:48 365480 ----a-w- C:\Windows\SysWow64\d3d10ref.dll

2012-05-19 01:41:48 276904 ----a-w- C:\Windows\SysWow64\d2d1debug1.dll

2012-05-19 01:41:48 270248 ----a-w- C:\Windows\SysWow64\dxcpl.exe

2012-05-19 01:41:48 101800 ----a-w- C:\Windows\SysWow64\dxgidebug.dll

2012-05-19 01:18:54 78760 ----a-w- C:\Windows\System32\VSD3DRefDebug.dll

2012-05-19 01:18:40 886184 ----a-w- C:\Windows\System32\d3d11_1sdklayers.dll

2012-05-19 01:18:40 748456 ----a-w- C:\Windows\System32\d3d11ref.dll

2012-05-19 01:18:40 713128 ----a-w- C:\Windows\System32\d3d11sdklayers.dll

2012-05-19 01:18:40 597416 ----a-w- C:\Windows\System32\d3d10sdklayers.dll

2012-05-19 01:18:40 461224 ----a-w- C:\Windows\System32\d3d10ref.dll

2012-05-19 01:18:40 446376 ----a-w- C:\Windows\System32\d3dref9.dll

2012-05-19 01:18:40 340904 ----a-w- C:\Windows\System32\d2d1debug1.dll

2012-05-19 01:18:40 287144 ----a-w- C:\Windows\System32\dxcpl.exe

2012-05-19 01:18:40 126376 ----a-w- C:\Windows\System32\dxgidebug.dll

2012-05-19 01:17:32 29096 ----a-w- C:\Windows\System32\microsoft.windows.softwarelogo.showdesktop.exe

2012-05-17 16:48:38 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-30 22:17:40 860064 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll

2012-04-30 22:17:40 503200 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll

2012-04-30 22:17:40 27544 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll

2012-04-30 22:17:40 17280 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll

2012-04-30 21:14:54 862104 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll

2012-04-30 21:14:54 617368 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll

2012-04-30 21:14:54 29592 ----a-w- C:\Windows\System32\aspnet_counters.dll

2012-04-30 21:14:54 17280 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll

.

============= FINISH: 20:41:23.54 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 10/10/2011 8:34:15 AM

System Uptime: 7/28/2012 7:54:39 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0667CC

Processor: Intel® Core i5 CPU M 520 @ 2.40GHz | CPU 1 | 2400/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 232 GiB total, 48.515 GiB free.

D: is CDROM ()

E: is CDROM (CDFS)

F: is Removable

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description:

Device ID: ACPI\SMO8800\1

Manufacturer:

Name:

PNP Device ID: ACPI\SMO8800\1

Service:

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter for 64-bit Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter for 64-bit Windows

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Device ID: ROOT\NET\0001

Manufacturer: Cisco Systems

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

PNP Device ID: ROOT\NET\0001

Service: vpnva

.

Class GUID:

Description: Broadcom USH

Device ID: USB\VID_0A5C&PID_5800&MI_00\7&66DE6C9&0&0000

Manufacturer:

Name: Broadcom USH

PNP Device ID: USB\VID_0A5C&PID_5800&MI_00\7&66DE6C9&0&0000

Service:

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: VMware Virtual Ethernet Adapter for VMnet1

Device ID: ROOT\VMWARE\0000

Manufacturer: VMware, Inc.

Name: VMware Virtual Ethernet Adapter for VMnet1

PNP Device ID: ROOT\VMWARE\0000

Service: VMnetAdapter

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: VMware Virtual Ethernet Adapter for VMnet8

Device ID: ROOT\VMWARE\0001

Manufacturer: VMware, Inc.

Name: VMware Virtual Ethernet Adapter for VMnet8

PNP Device ID: ROOT\VMWARE\0001

Service: VMnetAdapter

.

==== System Restore Points ===================

.

RP231: 7/21/2012 4:40:18 AM - Windows Update

RP232: 7/24/2012 6:10:26 AM - Windows Update

RP233: 7/24/2012 9:28:54 AM - Installed BlackBerry Smartphone Simulators 6.0.0.431 (9650-Verizon)

RP234: 7/24/2012 3:02:02 PM - Installed DirectX

RP235: 7/24/2012 3:02:30 PM - Installed DirectX

RP236: 7/24/2012 3:13:47 PM - Installed DirectX

RP237: 7/24/2012 3:15:05 PM - Installed DirectX

RP238: 7/24/2012 3:22:38 PM - Installed DirectX

RP239: 7/26/2012 5:43:35 PM - Removed Microsoft Lync 2010

RP240: 7/27/2012 6:42:44 PM - Windows Update

.

==== Installed Programs ======================

.

.

Tools for .Net 3.5

A-PDF Restrictions Remover 1.6

Adobe AIR

Adobe Reader X (10.1.3)

Advanced XML Converter 2.33

AnkhSVN 2.3.10509.1073

Apple Application Support

Apple Software Update

Aptana Studio 3

BlackBerry Smartphone Simulators 6.0.0.431 (9650-Verizon)

Blend for Visual Studio

Blend for Visual Studio ENU resources

CamStudio

Cisco AnyConnect Diagnostics and Reporting Tool

Cisco AnyConnect Secure Mobility Client

Cisco AnyConnect Secure Mobility Client

Cisco AnyConnect Start Before Login Module

Crystal Reports for Visual Studio

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dotfuscator and Analytics Community Edition

Dotfuscator Software Services - Community Edition

Dropbox

DVD Shrink 3.2

Electric Mobile Simulator Lite version v1.4a

Fiddler Syntax-Highlighting Addons

Fiddler2

FileZilla Client 3.5.1

Flashpoint

GIMP 2.6.12-2

Google Chrome

Google Talk Plugin

GoToMeeting 5.2.0.952

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2522890)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2529927)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2542054)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2548139)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2549864)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2581019)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2591016)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2635973)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)

Java Auto Updater

Java 7 Update 4

JavaFX 2.1.0

join.me

Juniper Networks Network Connect 7.1.0

Juniper Networks Secure Application Manager

Juniper Networks, Inc. Setup Client

Juniper Networks, Inc. Setup Client Activex Control

LocalESPC

LocalESPCui for en-us

LogMeIn

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5 RC Multi-Targeting Pack

Microsoft .NET Framework 4.5 RC SDK

Microsoft Advertising SDK for Windows Phone - ENU

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft ASP.NET MVC 3

Microsoft ASP.NET MVC 3 - Visual Studio 11 Tools Update

Microsoft ASP.NET MVC 3 - Visual Studio 2010 Tools Update

Microsoft ASP.NET MVC 4

Microsoft ASP.NET MVC 4 - Visual Studio 11 Tools

Microsoft ASP.NET MVC 4 - Visual Studio 2010 Tools

Microsoft ASP.NET MVC 4 Runtime

Microsoft ASP.NET Web Pages

Microsoft ASP.NET Web Pages - Visual Studio 11 Tools

Microsoft ASP.NET Web Pages - Visual Studio 2010 Tools

Microsoft ASP.NET Web Pages 2 - Visual Studio 11 Tools

Microsoft ASP.NET Web Pages 2 - Visual Studio 2010 Tools

Microsoft ASP.NET Web Pages 2 Runtime

Microsoft Dynamics CRM 2011 English (United States) Language Pack

Microsoft Dynamics CRM 2011 for Microsoft Office Outlook

Microsoft Dynamics CRM Data Migration Manager

Microsoft Dynamics CRM Report Authoring Extension

Microsoft Expression Blend 3 SDK

Microsoft Expression Blend 4

Microsoft Expression Blend 4 Add-in for Adobe FXG Import

Microsoft Expression Blend SDK for .NET 4

Microsoft Expression Blend SDK for Silverlight 4

Microsoft Expression Blend SDK for Windows Phone 7

Microsoft Expression Blend SDK for Windows Phone OS 7.1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Help Viewer 2.0 RC

Microsoft LightSwitch for Visual Studio 2012 RC Core

Microsoft LightSwitch for Visual Studio 2012 RC CoreRes - ENU

Microsoft Office 2003 Web Components

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access database engine 2007 (English)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Visio 2010

Microsoft Office Visio MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Online Services Sign In

Microsoft Portable Library Multi-Targeting Pack

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu

Microsoft Report Viewer 2012 Runtime

Microsoft Report Viewer Add-On for Visual Studio 2012

Microsoft Report Viewer Redistributable 2008 (KB971119)

Microsoft Report Viewer Redistributable 2008 SP1

Microsoft ReportViewer 2010 Redistributable

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft Silverlight 5 SDK

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Books Online (English)

Microsoft SQL Server 2005 Notification Services

Microsoft SQL Server 2005 Tools

Microsoft SQL Server 2008 R2 Books Online

Microsoft SQL Server 2008 R2 Data-Tier Application Framework

Microsoft SQL Server 2008 R2 Data-Tier Application Project

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 R2 Policies

Microsoft SQL Server 2008 R2 Transact-SQL Language Service

Microsoft SQL Server 2012 Data-Tier App Framework

Microsoft SQL Server 2012 Management Objects

Microsoft SQL Server 2012 Policies

Microsoft SQL Server 2012 T-SQL Language Service

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU

Microsoft SQL Server Data Tools - enu (11.1.20425.00)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20425.00)

Microsoft SQL Server Data Tools – Database Projects – Web installer entry point

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server System CLR Types

Microsoft Sync Framework SDK v1.0 SP1

Microsoft System CLR Types for SQL Server 2012

Microsoft Visio 2010 Service Pack 1 (SP1)

Microsoft Visio Professional 2010

Microsoft Visual C++ Compilers 2010 Standard - enu - x86

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50522

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50522

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50522

Microsoft Visual C++ Compilers 2012

Microsoft Visual C++ Compilers 2012 - ENU Resources

Microsoft Visual C++ Core Libraries 2012

Microsoft Visual C++ Extended Libraries 2012

Microsoft Visual C++ Microsoft Foundation Class Libraries 2012

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2005 Premier Partner Edition - ENU

Microsoft Visual Studio 2005 Premier Partner Edition - ENU Service Pack 1 (KB926601)

Microsoft Visual Studio 2008 Shell (integrated mode) - ENU

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU

Microsoft Visual Studio 2010 Premium - ENU

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio 2010 Shell (Isolated) - ENU

Microsoft Visual Studio 2012 Devenv

Microsoft Visual Studio 2012 Devenv Resources

Microsoft Visual Studio 2012 IntelliTrace Core x86

Microsoft Visual Studio 2012 IntelliTrace Front End x86

Microsoft Visual Studio 2012 RC Preparation

Microsoft Visual Studio 2012 SharePoint Developer Tools RC

Microsoft Visual Studio 2012 SharePoint Developer Tools RC enu Language Pack

Microsoft Visual Studio 2012 Shell (Minimum)

Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies

Microsoft Visual Studio 2012 Shell (Minimum) Resources

Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 RC ENU

Microsoft Visual Studio Macro Tools

Microsoft Visual Studio Premium 2012 RC

Microsoft Visual Studio Premium 2012 RC - ENU

Microsoft Visual Studio Professional 2012 RC

Microsoft Visual Studio Professional 2012 RC - ENU

Microsoft Visual Studio Team Foundation Server 2012 RC Team Explorer

Microsoft Visual Studio Team Foundation Server 2012 RC Team Explorer Language Pack - ENU

Microsoft Visual Studio Tools for Applications 2.0 - ENU

Microsoft Visual Studio Tools for Applications Design-Time 3.0

Microsoft Visual Studio Tools for Applications x86 Runtime 3.0

Microsoft Visual Studio Ultimate 2012 RC

Microsoft Visual Studio Ultimate 2012 RC - ENU

Microsoft Visual Studio Ultimate 2012 RC XAML UI Designer Core

Microsoft Visual Studio Ultimate 2012 RC XAML UI Designer enu Resources

Microsoft Web Deploy dbSqlPackage Provider - enu

Microsoft Web Tooling Extensions - Visual Studio 11

Microsoft XNA Framework Redistributable 4.0 Refresh

Microsoft XNA Game Studio 4.0 (XnaLiveProxy)

Microsoft XNA Game Studio 4.0 Refresh

Microsoft XNA Game Studio 4.0 Refresh (ARP entry)

Microsoft XNA Game Studio 4.0 Refresh (Redists)

Microsoft XNA Game Studio 4.0 Refresh (Shared Components)

Microsoft XNA Game Studio 4.0 Refresh (Visual Studio)

Microsoft XNA Game Studio Platform Tools

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MySQL Workbench 5.2 CE

No-IP DUC

Notepad++

NuGet

ODAC Documentation for Visual Studio 2008

ODAC Documentation for Visual Studio 2010

OpenOffice.org 3.4

Pidgin

PreEmptive Analytics Visual Studio Components

Prerequisites for SSDT

QuickTime

Safari

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio 2010 (KB2553374) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

Security Update for Microsoft Visual Studio 2005 Premier Partner Edition - ENU (KB2251481)

Security Update for Microsoft Visual Studio 2010 Premium - ENU (KB2645410)

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

Service Pack 2 for SQL Server Database Services 2005 ENU (KB921896)

Service Pack 2 for SQL Server Notification Services 2005 ENU (KB921896)

Service Pack 2 for SQL Server Tools and Workstation Components 2005 ENU (KB921896)

Sitecore 6.4.1 rev. 110720 - Onco

Skype™ 5.8

SQL Server Browser for SQL Server 2012

SQL Server Data Framework Tools - enu

Team Development for Sitecore (VS2010)

TeamViewer 7

TotalExcelConverter

TreeSize Free V2.7

Update for Microsoft Dynamics CRM for Outlook (KB2645912)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft Visual Studio 2005 Premier Partner Edition - ENU (KB932232)

Update Rollup 6 for Microsoft Dynamics CRM for Outlook (KB2600640)

Update Rollup 6 for Microsoft Dynamics CRM Report Authoring Extension (KB2600640)

Update Rollup 7 for Microsoft Dynamics CRM for Outlook (KB2600643)

Update Rollup 7 for Microsoft Dynamics CRM Report Authoring Extension (KB2600643)

Update Rollup 8 for Microsoft Dynamics CRM for Outlook (KB2600644)

Update Rollup 8 for Microsoft Dynamics CRM Report Authoring Extension (KB2600644)

Visual Linq query builder

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

Visual Studio Extensions for Windows Library for JavaScript

VLC media player 1.1.11

VMware Player

VMware Remote Console Plug-in

WampServer 2.2

WCF Data Services 5.0 (for OData v3) Metro Support

WCF Data Services 5.0 (for OData v3) Primary Components

WCF Data Services SDK for Windows Phone

WCF Data Services Tools for Visual Studio 11

WCF RIA Services V1.0 SP2

Windows App Certification Kit x64

Windows Azure Tools for Microsoft Visual Studio 2010 - November 2011

Windows Azure Tools for Microsoft Visual Studio 2010 1.6

Windows Azure Tools for Microsoft Visual Studio 2010 Core

Windows Phone SDK 7.1 - ENU

Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU

Windows Phone SDK 7.1 Assemblies

Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0

Windows Runtime Intellisense Content - en-us

Windows Software Development Kit

Windows Software Development Kit DirectX x86 Remote

Windows Software Development Kit for Metro style Apps

Windows Software Development Kit for Metro style Apps DirectX x86 Remote

WinRAR 4.01 (32-bit)

WMHelp XmlPad

Wondershare Video Converter Ultimate(Build 5.7.1.1)

WPF Toolkit February 2010 (Version 3.5.50211.1)

.

==== Event Viewer Messages From Past Week ========

.

7/28/2012 8:18:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

7/28/2012 7:59:59 PM, Error: Service Control Manager [7000] - The vtigercrmMysql530 service failed to start due to the following error: The system cannot find the file specified.

7/28/2012 7:59:28 PM, Error: Service Control Manager [7001] - The SQL Server Agent (MSSQLSERVER) service depends on the SQL Server (MSSQLSERVER) service which failed to start because of the following error: The service did not start due to a logon failure.

7/28/2012 7:59:03 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

7/28/2012 7:58:38 PM, Error: Service Control Manager [7038] - The MSSQLSERVER service was unable to log on as ARKESYSTEMS\mcasciano with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

7/28/2012 7:58:38 PM, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.

7/28/2012 7:57:26 PM, Error: Service Control Manager [7038] - The msftesql service was unable to log on as ARKESYSTEMS\mcasciano with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

7/28/2012 7:57:26 PM, Error: Service Control Manager [7000] - The SQL Server FullText Search (MSSQLSERVER) service failed to start due to the following error: The service did not start due to a logon failure.

7/28/2012 7:56:47 PM, Error: Service Control Manager [7038] - The MSCRMAsyncService$client service was unable to log on as ARKESYSTEMS\mcasciano with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

7/28/2012 7:56:47 PM, Error: Service Control Manager [7000] - The Microsoft CRM Asynchronous Processing Service (client) service failed to start due to the following error: The service did not start due to a logon failure.

7/28/2012 7:56:40 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

7/28/2012 7:56:30 PM, Error: Microsoft-Windows-GroupPolicy [1053] - The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

7/28/2012 7:56:15 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

7/28/2012 7:56:14 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

7/28/2012 7:56:13 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain ARKESYSTEMS due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

7/28/2012 7:42:45 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

7/28/2012 6:44:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

7/28/2012 6:37:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the OracleMTSRecoveryService service to connect.

7/28/2012 6:37:28 PM, Error: Service Control Manager [7000] - The OracleMTSRecoveryService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/28/2012 6:26:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server Integration Services 10.0 service to connect.

7/28/2012 6:26:06 PM, Error: Service Control Manager [7000] - The SQL Server Integration Services 10.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/28/2012 6:22:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1726" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

7/28/2012 6:17:49 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

7/28/2012 6:17:49 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.

7/28/2012 6:17:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

7/28/2012 5:50:09 PM, Error: Microsoft Antimalware [2001] -

7/28/2012 4:57:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002c737ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072812-72961-01.

7/25/2012 12:50:50 PM, Error: Microsoft-Windows-GroupPolicy [1058] - The processing of Group Policy failed. Windows attempted to read the file \\arkesystems.com\SysVol\arkesystems.com\Policies\{97B8B7F3-9F31-4CCF-89E8-15D4F4356D6A}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled.

7/25/2012 12:17:42 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.

7/23/2012 3:25:02 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{9AC75C0C-956C-4A56-A698-105BCFDBB719} because another computer on the network has the same name. The server could not start.

7/23/2012 1:45:59 PM, Error: Schannel [36888] - The following fatal alert was generated: 48. The internal error state is 552.

7/23/2012 1:45:59 PM, Error: Schannel [36882] - The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

.

==== End Of File ===========================

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

Link to post
Share on other sites

RogueKiller V7.6.4 [07/17/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: mcasciano [Admin rights]

Mode: Scan -- Date: 07/28/2012 20:59:40

¤¤¤ Bad processes: 1 ¤¤¤

[sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 12 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FILE] @ : c:\windows\installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\@ --> FOUND

[ZeroAccess][FOLDER] U : c:\windows\installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U --> FOUND

[ZeroAccess][FOLDER] L : c:\windows\installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L --> FOUND

[ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_32\desktop.ini --> FOUND

[ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_64\desktop.ini --> FOUND

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEKT-75A25T0 +++++

--- User ---

[MBR] e13f048914289d0eb39df0f753698a37

[bSP] acbff0650422c537e769a078b5148611 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 321536 | Size: 750 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1857536 | Size: 237567 Mo

User != LL1 ... KO!

--- LL1 ---

[MBR] b7a66cae2edd678732226ecfcd339a16

[bSP] acbff0650422c537e769a078b5148611 : Windows 7 MBR Code

Partition table:

1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 321536 | Size: 750 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1857536 | Size: 237567 Mo

User != LL2 ... KO!

--- LL2 ---

[MBR] b7a66cae2edd678732226ecfcd339a16

[bSP] acbff0650422c537e769a078b5148611 : Windows 7 MBR Code

Partition table:

1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 156 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 321536 | Size: 750 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1857536 | Size: 237567 Mo

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Your computer is infected with a nasty rootkit. Please read the following information first.

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall

http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

Please make sure system restore is running and create a new restore point before continuing!

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:



    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

    [*]Select Command Prompt

    [*]In the command window type in notepad and press Enter.

    [*]The notepad opens. Under File menu select Open.

    [*]Select "Computer" and find your flash drive letter and close the notepad.

    [*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

    Note: Replace letter e with the drive letter of your flash drive.

    [*]The tool will start to run.

    [*]When the tool opens click Yes to disclaimer.

    [*]Press Scan button.

    [*]FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:

    services.exe

    [*]Now press the Search button

    [*]When the search is complete, search.txt will also be written to your USB

    [*]Type exit and reboot the computer normally

    [*]Please copy and paste both logs in your reply.(FRST.txt and Search.txt)

MrC

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool Version: 25-07-2012 01

Ran by SYSTEM at 28-07-2012 21:36:52

Running from G:\

Windows 7 Ultimate (X64) OS Language: English(US)

The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2011-09-16] (LogMeIn, Inc.)

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)

HKLM\...\Run: [igfxTray] C:\Windows\system32\igfxtray.exe [167704 2011-10-21] (Intel Corporation)

HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392472 2011-10-21] (Intel Corporation)

HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [416024 2011-10-21] (Intel Corporation)

HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [522704 2012-04-23] (Cisco Systems, Inc.)

HKU\mcasciano\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [4910912 2011-08-01] (DT Soft Ltd)

HKU\mcasciano\...\Run: [Google Update] "C:\Users\mcasciano\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-08] (Google Inc.)

Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Startup: C:\Users\All Users\Start Menu\Programs\Startup\vpngui.exe.lnk

ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()

Startup: C:\Users\mcasciano\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> (No File)

Startup: C:\Users\mcasciano\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ======

3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)

2 CrmSqlStartupSvc; "C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe" [24168 2012-04-26] (Microsoft Corporation)

2 CVPND; "C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe" [1528616 2010-03-23] (Cisco Systems, Inc.)

3 fussvc; "C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe" [139776 2012-05-18] (Microsoft Corporation)

2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)

2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375208 2012-07-12] (LogMeIn, Inc.)

2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147368 2012-07-12] (LogMeIn, Inc.)

2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2011-09-16] (LogMeIn, Inc.)

2 MSCRMAsyncService$client; "C:\Program Files (x86)\Microsoft Dynamics CRM Data Migration Manager\DMClient\bin\CrmAsyncService.exe" MSCRMAsyncService$client [165728 2009-01-30] (Microsoft Corporation)

2 MsDtsServer100; "C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe" [210784 2011-06-17] (Microsoft Corporation)

2 MsDtsServer110; "C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe" [218200 2012-02-11] (Microsoft Corporation)

2 msoidsvc; "C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE" [2078112 2011-09-28] (Microsoft Corp.)

2 MSSQL$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe" -sMSSQL2012 [191064 2012-02-11] (Microsoft Corporation)

2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [58345832 2011-09-22] (Microsoft Corporation)

2 MSSQL$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\sqlservr.exe" -sSQLSERVER08 [62111072 2011-06-17] (Microsoft Corporation)

2 MSSQLSERVER; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER [29178224 2007-02-10] (Microsoft Corporation)

2 OracleMTSRecoveryService; C:\app\mcasciano\product\11.2.0\client_1\bin\omtsreco.exe "OracleMTSRecoveryService" [69632 2011-09-28] (Oracle Corporation)

2 ReportServer$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe" [2348632 2012-02-11] (Microsoft Corporation)

2 ReportServer$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe" [2180960 2011-06-17] (Microsoft Corporation)

3 SQLAgent$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\SQLAGENT.EXE" -i MSSQL2012 [597080 2012-02-11] (Microsoft Corporation)

3 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [431464 2011-09-22] (Microsoft Corporation)

3 SQLAgent$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\SQLAGENT.EXE" -i SQLSERVER08 [431456 2011-06-17] (Microsoft Corporation)

2 SQLSERVERAGENT; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i MSSQLSERVER [344944 2007-02-10] (Microsoft Corporation)

2 Te.Service; "C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe" [127488 2012-05-18] (Microsoft Corporation)

2 vpnagent; "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe" [478672 2012-04-23] (Cisco Systems, Inc.)

2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

2 W3SVC; C:\Windows\SysWow64\inetsrv\iisw3adm.dll [397824 2010-11-20] (Microsoft Corporation)

2 wampapache; "C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" -k runservice [21504 2011-09-26] (Apache Software Foundation)

3 wampmysqld; C:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe wampmysqld [9665536 2011-09-26] ()

3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)

2 msftesql; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:MSSQLSERVER [x]

2 MSOLAP$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS11.MSSQL2012\OLAP\Config" [x]

2 MSOLAP$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS10_50.SQLSERVER08\OLAP\Config" [x]

3 MSSQLFDLauncher$MSSQL2012; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.MSSQL2012 [x]

3 MSSQLFDLauncher$SQLSERVER08; "C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe" -s MSSQL10_50.SQLSERVER08 [x]

========================== Drivers (Whitelisted) =============

3 acsock; C:\Windows\System32\DRIVERS\acsock64.sys [107432 2012-04-23] (Cisco Systems, Inc.)

3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA64.sys [14992 2010-02-08] (Cisco Systems, Inc.)

3 CVPNDRVA; C:\Windows\System32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()

3 DNE; C:\Windows\System32\DRIVERS\dne64x.sys [157968 2008-11-16] (Deterministic Networks, Inc.)

1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [270912 2011-10-10] (DT Soft Ltd)

3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [293552 2009-11-05] (Intel Corporation)

1 haycmkae; C:\Windows\System32\Drivers\haycmkae.sys [50392 2012-07-28] (Microsoft Corporation)

2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2011-09-16] (LogMeIn, Inc.)

3 lmimirr; C:\Windows\System32\Drivers\lmimirr.sys [11552 2011-09-16] (LogMeIn, Inc.)

2 LMIRfsDriver; C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216 2011-09-16] (LogMeIn, Inc.)

1 NEOFLTR_650_17883; C:\Windows\System32\Drivers\NEOFLTR_650_17883.sys [100472 2011-03-10] (Juniper Networks)

1 rfdedaei; C:\Windows\System32\Drivers\rfdedaei.sys [50392 2012-07-28] (Microsoft Corporation)

4 RsFx0151; C:\Windows\System32\Drivers\RsFx0151.sys [313696 2011-06-17] (Microsoft Corporation)

4 RsFx0200; C:\Windows\System32\Drivers\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)

2 VMparport; C:\Windows\System32\Drivers\VMparport.sys [31384 2012-06-08] (VMware, Inc.)

3 VSPerfDrv110; \??\C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [71960 2012-04-01] (Microsoft Corporation)

1 bcrnbbuu; \??\C:\Windows\system32\drivers\bcrnbbuu.sys [x]

4 LMIRfsClientNP; [x]

3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]

3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]

3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

2 vtigercrmMysql530; "C:\Program Files (x86)\vtigercrm-5.3.0\mysql\bin\mysqld-nt" "--defaults-file=C:\Program Files (x86)\vtigercrm-5.3.0\mysql\my.ini" vtigercrmMysql530 [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-07-28 17:08 - 2012-07-28 17:08 - 01438391 ____A (Farbar) C:\Users\mcasciano\Downloads\FRST64.exe

2012-07-28 16:59 - 2012-07-28 16:59 - 00003209 ____A C:\Users\mcasciano\Desktop\RKreport[1].txt

2012-07-28 16:59 - 2012-07-28 16:59 - 00000000 ____D C:\Users\mcasciano\Desktop\RK_Quarantine

2012-07-28 16:58 - 2012-07-28 16:58 - 01552384 ____A C:\Users\mcasciano\Downloads\RogueKiller.exe

2012-07-28 16:47 - 2012-07-28 16:47 - 00034802 ____A C:\Users\mcasciano\Desktop\DDS.txt

2012-07-28 16:47 - 2012-07-28 16:47 - 00028189 ____A C:\Users\mcasciano\Desktop\Attach.txt

2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____R (Swearware) C:\Users\mcasciano\Downloads\dds.com

2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____A (Swearware) C:\Users\mcasciano\Downloads\dds.scr

2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfdedaei.sys

2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\haycmkae.sys

2012-07-28 15:53 - 2012-07-28 15:53 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.56C209A3DD986DD9

2012-07-28 15:53 - 2012-07-28 15:53 - 00050392 ____A C:\Windows\System32\Drivers\zcmgxigb.sys

2012-07-28 15:45 - 2012-07-28 15:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.2A92AD4B0F3DDB43

2012-07-28 15:37 - 2012-07-28 15:37 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.E42FC75A3C369E50

2012-07-28 15:30 - 2012-07-28 15:30 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.26430573A87966B9

2012-07-28 15:23 - 2012-07-28 15:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7FCF0B494E963437

2012-07-28 15:16 - 2012-07-28 15:16 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1999BE9AE75136EE

2012-07-28 15:08 - 2012-07-28 15:08 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1E1F619D2908A1A4

2012-07-28 15:01 - 2012-07-28 15:01 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.C4E23341788E07BB

2012-07-28 14:54 - 2012-07-28 14:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.05725DB954EA9E95

2012-07-28 14:45 - 2012-07-28 14:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.EE2B73359C35E472

2012-07-28 14:32 - 2012-07-28 14:32 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.818C7ACFB9B77717

2012-07-28 14:22 - 2012-07-28 14:22 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.17CD3B4823F34B15

2012-07-28 14:10 - 2012-07-28 14:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A588D620D3432E31

2012-07-28 13:57 - 2012-07-28 13:57 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.5EC65854F93167D7

2012-07-28 13:44 - 2009-07-13 17:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe

2012-07-28 13:34 - 2012-07-28 13:34 - 12621696 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\mseinstall.exe

2012-07-28 12:56 - 2012-07-28 12:57 - 00262144 ____A C:\Windows\Minidump\072812-72961-01.dmp

2012-07-28 01:44 - 2012-07-28 01:44 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%

2012-07-27 17:12 - 2012-07-27 17:12 - 00723658 ____A C:\Users\mcasciano\Downloads\NAMB_Traj_07-27-12.zip

2012-07-27 08:27 - 2012-07-27 08:27 - 00432898 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27(1).xml

2012-07-27 07:05 - 2012-07-27 07:05 - 00016055 ____A C:\Users\mcasciano\Downloads\cctm_site.cctm.json

2012-07-27 06:04 - 2012-07-27 06:05 - 02964790 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27.xml

2012-07-26 13:52 - 2012-07-26 13:52 - 00000000 ____D C:\Users\mcasciano\AppData\Roaming\Malwarebytes

2012-07-26 13:52 - 2012-07-26 13:52 - 00000000 ____D C:\Users\All Users\Malwarebytes

2012-07-26 13:52 - 2012-07-26 13:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-26 13:52 - 2012-07-03 09:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2012-07-26 13:51 - 2012-07-26 13:51 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\mcasciano\Downloads\mbam-setup-1.62.0.1300.exe

2012-07-26 10:47 - 2012-07-26 10:47 - 00329345 ____A C:\Users\mcasciano\Downloads\GFG_1_2_managed.zip

2012-07-26 04:54 - 2009-09-14 12:36 - 00010240 ____A (MS) C:\SharePointFarmSolutionExtractor.exe

2012-07-26 04:51 - 2012-07-24 08:30 - 00034498 ____A C:\GFG Sales Reporting Web Part.wsp

2012-07-25 03:44 - 2012-07-27 07:22 - 00000000 ____D C:\Users\mcasciano\Desktop\ReadyGAFiles

2012-07-24 11:33 - 2012-07-24 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tooling Extensions

2012-07-24 11:27 - 2012-07-24 11:27 - 00104672 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\WebToolsExtensionVS2012.3f.3f.3fnew.exe

2012-07-24 11:22 - 2012-07-24 11:22 - 00000000 ____D C:\Program Files (x86)\WPF Toolkit

2012-07-24 11:22 - 2012-07-24 11:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression

2012-07-24 11:22 - 2008-07-12 04:18 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2012-07-24 11:15 - 2010-02-04 06:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll

2012-07-24 11:15 - 2010-02-04 06:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll

2012-07-24 11:15 - 2010-02-04 06:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll

2012-07-24 11:15 - 2010-02-04 06:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll

2012-07-24 11:15 - 2009-03-09 11:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll

2012-07-24 11:15 - 2007-03-12 12:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll

2012-07-24 11:14 - 2009-09-04 13:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll

2012-07-24 11:14 - 2007-04-04 14:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll

2012-07-24 11:13 - 2012-07-24 11:13 - 00000000 ____D C:\Windows\SysWOW64\xlive

2012-07-24 11:13 - 2012-07-24 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA

2012-07-24 11:13 - 2012-07-24 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2012-07-24 11:02 - 2012-07-24 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE

2012-07-24 11:02 - 2009-09-04 13:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll

2012-07-24 11:02 - 2009-09-04 13:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

2012-07-24 11:02 - 2009-09-04 13:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll

2012-07-24 11:02 - 2009-09-04 13:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll

2012-07-24 08:32 - 2012-07-24 08:32 - 00000000 ____D C:\Users\mcasciano\Desktop\GFG Sales Reporting Web Part

2012-07-24 06:09 - 2012-07-24 06:09 - 00000000 ____D C:\Users\mcasciano\AppData\Roaming\ElectricMobileSim

2012-07-24 06:08 - 2012-07-24 06:08 - 00000000 ____D C:\Users\mcasciano\Downloads\electric_simulator_lite_4a

2012-07-24 06:08 - 2012-07-24 06:08 - 00000000 ____D C:\Program Files (x86)\Electric Plum

2012-07-24 06:08 - 2010-09-29 16:29 - 00360580 ___AS (eSellerate Inc.) C:\Windows\SysWOW64\eSellerateEngine.dll

2012-07-24 06:08 - 2010-09-29 16:29 - 00094208 ____A (eSellerate Inc.) C:\Windows\SysWOW64\eSellerateControl365.dll

2012-07-24 06:07 - 2012-01-11 04:26 - 15465628 ____A (Electric Plum, LLC ) C:\Users\mcasciano\Downloads\setup.exe

2012-07-24 06:06 - 2012-07-24 06:06 - 15443507 ____A C:\Users\mcasciano\Downloads\electric_simulator_lite_4a.zip

2012-07-24 05:34 - 2012-07-24 05:34 - 00000000 ____D C:\Users\mcasciano\net

2012-07-24 05:29 - 2012-07-24 05:29 - 00000000 ____D C:\Program Files (x86)\Research In Motion

2012-07-24 05:22 - 2012-07-24 05:25 - 181825357 ____A (Research In Motion) C:\Users\mcasciano\Downloads\BlackBerry_Simulators_6.0.0.431_9650-Verizon.exe

2012-07-24 05:01 - 2012-07-24 05:13 - 00000000 ____D C:\Users\mcasciano\AppData\Local\VMware

2012-07-24 04:31 - 2012-07-24 04:31 - 00021694 ____A C:\Users\mcasciano\Downloads\customizations (2).zip

2012-07-23 11:25 - 2012-06-08 22:37 - 00063128 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys

2012-07-23 11:25 - 2012-06-08 22:37 - 00031384 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMparport.sys

2012-07-23 11:24 - 2012-06-08 22:37 - 00942744 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll

2012-07-23 11:24 - 2012-06-08 22:37 - 00433816 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

2012-07-23 11:24 - 2012-06-08 22:36 - 00354456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

2012-07-23 11:24 - 2012-06-08 22:36 - 00032920 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMkbd.sys

2012-07-23 11:24 - 2012-06-08 22:35 - 00030360 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys

2012-07-23 11:24 - 2011-08-29 19:11 - 00039024 ____A (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys

2012-07-23 11:23 - 2012-07-23 11:23 - 00000000 ____D C:\Program Files\Common Files\VMware

2012-07-23 11:10 - 2012-07-23 11:13 - 122064248 ____A (VMware, Inc.) C:\Users\mcasciano\Downloads\VMware-player-4.0.4-744019.exe

2012-07-21 12:13 - 2012-07-21 12:13 - 00005250 ____A C:\Users\mcasciano\Desktop\Applebees_Free_Coupon.html

2012-07-21 12:10 - 2012-07-21 12:11 - 00004958 ____A C:\Users\mcasciano\Desktop\Applebees_10_Coupon.html

2012-07-19 07:39 - 2012-07-19 07:42 - 80400424 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\CRM2011-Server-KB2600640-ENU-amd64.exe

2012-07-18 09:36 - 2012-07-18 09:37 - 00000000 ____D C:\Users\mcasciano\Desktop\extract

2012-07-18 05:20 - 2012-07-18 12:10 - 1447546368 ____A C:\crm.bak

2012-07-11 06:58 - 2012-07-11 06:58 - 00000000 ____D C:\Users\mcasciano\Desktop\NAMB Trajectory

2012-07-10 23:08 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-07-10 23:02 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-07-10 23:02 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-07-10 23:02 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-07-10 23:02 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-07-10 23:02 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-07-10 23:02 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-07-10 23:02 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-07-10 23:02 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-07-10 23:02 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-07-10 23:02 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-07-10 23:01 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-07-10 23:01 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-07-10 23:01 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-07-10 23:01 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-07-10 23:01 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-07-10 23:01 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-07-10 23:01 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-07-10 23:01 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-07-10 23:01 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-07-10 23:01 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-07-10 23:01 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-07-10 23:01 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-07-10 23:01 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-07-10 23:01 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-07-10 23:01 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-07-10 23:01 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-07-10 23:01 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-07-10 23:01 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-07-10 21:30 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2012-07-10 21:30 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2012-07-10 21:30 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2012-07-10 21:30 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll

2012-07-10 21:30 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2012-07-10 21:30 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2012-07-10 21:30 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys

2012-07-10 21:30 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys

2012-07-10 21:30 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2012-07-10 21:30 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll

2012-07-10 21:30 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

2012-07-10 21:30 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2012-07-10 21:30 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2012-07-10 21:30 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll

2012-07-10 21:30 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2012-07-10 21:29 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll

2012-07-10 21:29 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2012-07-10 21:29 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2012-07-10 21:29 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2012-07-10 12:23 - 2012-07-10 12:23 - 00000000 ____D C:\Users\mcasciano\Documents\Blackberry

2012-07-10 12:22 - 2012-07-10 12:22 - 00000000 ___HD C:\Users\mcasciano\InstallAnywhere

2012-07-10 12:14 - 2012-07-10 12:17 - 353224366 ____A (Flexera Software) C:\Users\mcasciano\Downloads\BlackBerry10Simulator-Installer-BB10_0_04-195-Win-201204262359.exe

2012-07-10 10:39 - 2012-07-19 10:34 - 00003931 ____A C:\Users\mcasciano\Downloads\customizations (1).zip

2012-07-10 06:51 - 2012-07-10 06:51 - 00890027 ____A C:\Users\mcasciano\Downloads\wapple-architect.4.1.zip

2012-07-09 13:13 - 2012-07-09 13:13 - 00116725 ____A C:\Users\mcasciano\Downloads\customizations.zip

2012-07-09 06:46 - 2012-07-09 06:46 - 00680361 ____A C:\Users\mcasciano\Downloads\adminimize.1.7.27.zip

2012-07-09 06:25 - 2012-07-09 06:25 - 00381330 ____A C:\Users\mcasciano\Downloads\user-access-manager.1.2.2.zip

2012-07-06 04:05 - 2012-07-06 04:07 - 00000000 ____D C:\Users\mcasciano\Downloads\CRMPluginTestingTools-0.8

2012-07-06 04:05 - 2012-07-06 04:05 - 00137537 ____A C:\Users\mcasciano\Downloads\CRMPluginTestingTools-0.8.zip

2012-07-05 09:12 - 2012-07-05 09:12 - 92955868 ____A C:\Users\mcasciano\Desktop\GFG.NewRenewalOnDeactivation.zip

2012-07-05 08:42 - 2012-07-05 08:42 - 00000000 ____D C:\Users\mcasciano\Desktop\Plugin Registration

2012-07-05 05:17 - 2012-07-05 05:20 - 77021032 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\MicrosoftDynamicsCRM2011SDK(1).exe

2012-07-04 16:09 - 2012-07-04 16:20 - 386541568 ____A C:\ACT_OF_VALOR.ISO

2012-07-02 05:37 - 2012-07-02 05:37 - 00012495 ____A C:\Users\mcasciano\Downloads\MSCRM Plug-in.zip

2012-07-02 05:37 - 2012-07-02 05:37 - 00000000 ____D C:\Users\mcasciano\Downloads\MSCRM Plug-in

2012-07-02 05:37 - 2008-10-17 13:13 - 00005962 ____A C:\Users\mcasciano\Downloads\plugin.cs

2012-07-02 05:37 - 2008-10-17 13:13 - 00003189 ____A C:\Users\mcasciano\Downloads\MSCRM Plug-in.csproj

2012-07-02 05:37 - 2008-10-17 13:13 - 00001139 ____A C:\Users\mcasciano\Downloads\MyTemplate.vstemplate

2012-07-02 05:37 - 2008-10-17 13:13 - 00000000 ____D C:\Users\mcasciano\Downloads\Properties

2012-07-02 04:08 - 2012-07-02 04:08 - 00000000 ____D C:\Users\mcasciano\Downloads\CRM2Maps_2-0

2012-07-02 04:07 - 2012-07-02 04:07 - 00000000 ____D C:\Users\mcasciano\Downloads\WebResources

2012-07-02 04:07 - 2011-08-25 13:33 - 00070900 ____N C:\Users\mcasciano\Downloads\customizations.xml

2012-07-02 04:07 - 2011-08-25 13:33 - 00004448 ____N C:\Users\mcasciano\Downloads\solution.xml

2012-07-02 04:07 - 2011-08-25 13:33 - 00000726 ____N C:\Users\mcasciano\Downloads\[Content_Types].xml

2012-06-29 11:00 - 2012-07-27 07:22 - 00000000 ____D C:\Users\mcasciano\Desktop\ReadyGA

2012-06-28 09:50 - 2012-06-28 09:51 - 00000000 ____D C:\Users\mcasciano\Desktop\AaronsStoreLocatorPlugin

2012-06-28 09:50 - 2012-06-28 09:50 - 00000000 ____D C:\Users\mcasciano\AppData\Roaming\NuGet

============ 3 Months Modified Files ========================

2012-07-28 17:29 - 2009-07-13 20:45 - 00014816 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-07-28 17:29 - 2009-07-13 20:45 - 00014816 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-07-28 17:25 - 2011-10-10 07:33 - 01685369 ____A C:\Windows\WindowsUpdate.log

2012-07-28 17:13 - 2009-07-13 21:13 - 01502276 ____A C:\Windows\System32\PerfStringBackup.INI

2012-07-28 17:08 - 2012-07-28 17:08 - 01438391 ____A (Farbar) C:\Users\mcasciano\Downloads\FRST64.exe

2012-07-28 16:59 - 2012-07-28 16:59 - 00003209 ____A C:\Users\mcasciano\Desktop\RKreport[1].txt

2012-07-28 16:58 - 2012-07-28 16:58 - 01552384 ____A C:\Users\mcasciano\Downloads\RogueKiller.exe

2012-07-28 16:52 - 2011-12-08 06:31 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-543643520-1619288963-483190240-4152UA.job

2012-07-28 16:47 - 2012-07-28 16:47 - 00034802 ____A C:\Users\mcasciano\Desktop\DDS.txt

2012-07-28 16:47 - 2012-07-28 16:47 - 00028189 ____A C:\Users\mcasciano\Desktop\Attach.txt

2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____R (Swearware) C:\Users\mcasciano\Downloads\dds.com

2012-07-28 16:29 - 2012-07-28 16:29 - 00607260 ____A (Swearware) C:\Users\mcasciano\Downloads\dds.scr

2012-07-28 16:01 - 2011-12-06 06:41 - 00001945 ____A C:\Windows\epplauncher.mif

2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfdedaei.sys

2012-07-28 16:00 - 2012-07-28 16:00 - 00050392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\haycmkae.sys

2012-07-28 15:56 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-07-28 15:55 - 2009-07-13 20:51 - 00077726 ____A C:\Windows\setupact.log

2012-07-28 15:53 - 2012-07-28 15:53 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.56C209A3DD986DD9

2012-07-28 15:53 - 2012-07-28 15:53 - 00050392 ____A C:\Windows\System32\Drivers\zcmgxigb.sys

2012-07-28 15:45 - 2012-07-28 15:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.2A92AD4B0F3DDB43

2012-07-28 15:37 - 2012-07-28 15:37 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.E42FC75A3C369E50

2012-07-28 15:30 - 2012-07-28 15:30 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.26430573A87966B9

2012-07-28 15:23 - 2012-07-28 15:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7FCF0B494E963437

2012-07-28 15:16 - 2012-07-28 15:16 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1999BE9AE75136EE

2012-07-28 15:08 - 2012-07-28 15:08 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.1E1F619D2908A1A4

2012-07-28 15:01 - 2012-07-28 15:01 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.C4E23341788E07BB

2012-07-28 14:54 - 2012-07-28 14:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.05725DB954EA9E95

2012-07-28 14:45 - 2012-07-28 14:45 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.EE2B73359C35E472

2012-07-28 14:32 - 2012-07-28 14:32 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.818C7ACFB9B77717

2012-07-28 14:22 - 2012-07-28 14:22 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.17CD3B4823F34B15

2012-07-28 14:10 - 2012-07-28 14:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A588D620D3432E31

2012-07-28 13:57 - 2012-07-28 13:57 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.5EC65854F93167D7

2012-07-28 13:49 - 2011-10-24 10:16 - 01524612 ____A C:\Windows\SysWOW64\PerfStringBackup.INI

2012-07-28 13:42 - 2011-10-10 15:03 - 00529976 ____A C:\Windows\PFRO.log

2012-07-28 13:34 - 2012-07-28 13:34 - 12621696 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\mseinstall.exe

2012-07-28 13:34 - 2011-10-11 11:07 - 00002048 ___AH C:\Users\mcasciano\Documents\Default.rdp

2012-07-28 12:57 - 2012-07-28 12:56 - 00262144 ____A C:\Windows\Minidump\072812-72961-01.dmp

2012-07-28 12:56 - 2011-11-29 04:29 - 986676100 ____A C:\Windows\MEMORY.DMP

2012-07-28 06:52 - 2011-12-08 06:31 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-543643520-1619288963-483190240-4152Core.job

2012-07-27 17:12 - 2012-07-27 17:12 - 00723658 ____A C:\Users\mcasciano\Downloads\NAMB_Traj_07-27-12.zip

2012-07-27 10:55 - 2011-10-10 05:58 - 00000921 ____A C:\Users\mcasciano\Desktop\today.txt

2012-07-27 10:17 - 2011-10-10 05:23 - 00000136 ____A C:\Windows\System32\config\netlogon.ftl

2012-07-27 08:27 - 2012-07-27 08:27 - 00432898 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27(1).xml

2012-07-27 07:05 - 2012-07-27 07:05 - 00016055 ____A C:\Users\mcasciano\Downloads\cctm_site.cctm.json

2012-07-27 06:05 - 2012-07-27 06:04 - 02964790 ____A C:\Users\mcasciano\Downloads\sudia.wordpress.2012-07-27.xml

2012-07-26 13:51 - 2012-07-26 13:51 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\mcasciano\Downloads\mbam-setup-1.62.0.1300.exe

2012-07-26 10:47 - 2012-07-26 10:47 - 00329345 ____A C:\Users\mcasciano\Downloads\GFG_1_2_managed.zip

2012-07-25 11:20 - 2011-11-01 11:46 - 00219980 ___AH C:\Windows\SysWOW64\mlfcache.dat

2012-07-24 12:19 - 2009-07-13 20:45 - 00487920 ____A C:\Windows\System32\FNTCACHE.DAT

2012-07-24 11:27 - 2012-07-24 11:27 - 00104672 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\WebToolsExtensionVS2012.3f.3f.3fnew.exe

2012-07-24 11:25 - 2011-10-10 06:47 - 00128208 ____A C:\Users\mcasciano\AppData\Local\GDIPFONTCACHEV1.DAT

2012-07-24 08:30 - 2012-07-26 04:51 - 00034498 ____A C:\GFG Sales Reporting Web Part.wsp

2012-07-24 06:06 - 2012-07-24 06:06 - 15443507 ____A C:\Users\mcasciano\Downloads\electric_simulator_lite_4a.zip

2012-07-24 05:25 - 2012-07-24 05:22 - 181825357 ____A (Research In Motion) C:\Users\mcasciano\Downloads\BlackBerry_Simulators_6.0.0.431_9650-Verizon.exe

2012-07-24 04:31 - 2012-07-24 04:31 - 00021694 ____A C:\Users\mcasciano\Downloads\customizations (2).zip

2012-07-23 11:13 - 2012-07-23 11:10 - 122064248 ____A (VMware, Inc.) C:\Users\mcasciano\Downloads\VMware-player-4.0.4-744019.exe

2012-07-23 06:19 - 2011-11-22 11:37 - 00000600 ____A C:\Users\mcasciano\AppData\Local\PUTTY.RND

2012-07-21 12:13 - 2012-07-21 12:13 - 00005250 ____A C:\Users\mcasciano\Desktop\Applebees_Free_Coupon.html

2012-07-21 12:11 - 2012-07-21 12:10 - 00004958 ____A C:\Users\mcasciano\Desktop\Applebees_10_Coupon.html

2012-07-19 10:34 - 2012-07-10 10:39 - 00003931 ____A C:\Users\mcasciano\Downloads\customizations (1).zip

2012-07-19 07:42 - 2012-07-19 07:39 - 80400424 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\CRM2011-Server-KB2600640-ENU-amd64.exe

2012-07-18 12:10 - 2012-07-18 05:20 - 1447546368 ____A C:\crm.bak

2012-07-12 09:24 - 2011-10-10 16:06 - 00087488 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll

2012-07-12 09:24 - 2011-10-10 16:06 - 00080800 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll

2012-07-12 09:24 - 2011-10-10 16:06 - 00034720 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll

2012-07-10 23:03 - 2011-10-10 06:36 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2012-07-10 12:17 - 2012-07-10 12:14 - 353224366 ____A (Flexera Software) C:\Users\mcasciano\Downloads\BlackBerry10Simulator-Installer-BB10_0_04-195-Win-201204262359.exe

2012-07-10 06:51 - 2012-07-10 06:51 - 00890027 ____A C:\Users\mcasciano\Downloads\wapple-architect.4.1.zip

2012-07-09 13:13 - 2012-07-09 13:13 - 00116725 ____A C:\Users\mcasciano\Downloads\customizations.zip

2012-07-09 06:46 - 2012-07-09 06:46 - 00680361 ____A C:\Users\mcasciano\Downloads\adminimize.1.7.27.zip

2012-07-09 06:25 - 2012-07-09 06:25 - 00381330 ____A C:\Users\mcasciano\Downloads\user-access-manager.1.2.2.zip

2012-07-06 04:05 - 2012-07-06 04:05 - 00137537 ____A C:\Users\mcasciano\Downloads\CRMPluginTestingTools-0.8.zip

2012-07-05 09:12 - 2012-07-05 09:12 - 92955868 ____A C:\Users\mcasciano\Desktop\GFG.NewRenewalOnDeactivation.zip

2012-07-05 05:20 - 2012-07-05 05:17 - 77021032 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\MicrosoftDynamicsCRM2011SDK(1).exe

2012-07-04 16:20 - 2012-07-04 16:09 - 386541568 ____A C:\ACT_OF_VALOR.ISO

2012-07-03 09:46 - 2012-07-26 13:52 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2012-07-02 05:37 - 2012-07-02 05:37 - 00012495 ____A C:\Users\mcasciano\Downloads\MSCRM Plug-in.zip

2012-06-27 12:13 - 2012-06-27 12:12 - 00001964 ____A C:\Users\mcasciano\Downloads\Opportunities by Sales Stage.xml

2012-06-27 11:41 - 2012-06-27 11:41 - 00028335 ____A C:\Users\mcasciano\Downloads\shiba-media-library.zip

2012-06-27 06:07 - 2012-06-27 06:07 - 02941604 ____A C:\Users\mcasciano\Downloads\LINQPad4.zip

2012-06-27 04:44 - 2012-06-27 04:44 - 02247680 ____A C:\Users\mcasciano\Downloads\VLinqSetup.msi

2012-06-26 10:05 - 2012-06-26 10:05 - 00121032 ____A C:\Users\mcasciano\Downloads\gridthemeresponsive.zip

2012-06-26 09:57 - 2012-06-26 09:57 - 00352636 ____A C:\Users\mcasciano\Downloads\responsive.1.6.7.zip

2012-06-23 18:02 - 2012-06-23 18:02 - 00000020 ___SH C:\Users\ReportServer$MSSQL2012\ntuser.ini

2012-06-23 18:02 - 2012-06-23 18:02 - 00000020 ___SH C:\Users\MSOLAP$MSSQL2012\ntuser.ini

2012-06-23 18:01 - 2012-06-23 18:01 - 00000020 ___SH C:\Users\MSSQLFDLauncher$MSSQL2012\ntuser.ini

2012-06-23 18:01 - 2012-06-23 18:01 - 00000020 ___SH C:\Users\MSSQL$MSSQL2012\ntuser.ini

2012-06-23 18:01 - 2012-06-23 18:01 - 00000020 ___SH C:\Users\MsDtsServer110\ntuser.ini

2012-06-23 15:50 - 2012-06-23 15:03 - 214679552 ____A C:\Users\mcasciano\Downloads\SQLFULL_ENU.iso

2012-06-22 16:21 - 2012-06-22 12:56 - 97489160 ____A C:\Users\mcasciano\Downloads\Windows8-ReleasePreview-32bit-English.iso

2012-06-22 12:05 - 2012-06-22 10:12 - 2305174756 ____A C:\Users\mcasciano\Downloads\Windows8-ReleasePreview-32bit-English.iso.part

2012-06-22 09:50 - 2012-06-22 09:50 - 00269191 ____A C:\Users\mcasciano\Downloads\growmap-anti-spambot-plugin.1.1.1.zip

2012-06-22 09:22 - 2012-06-22 09:22 - 01283336 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\vs_ultimate.exe

2012-06-21 17:17 - 2012-06-21 17:17 - 01031885 ____A C:\Users\mcasciano\Downloads\customizations (4).zip

2012-06-21 12:45 - 2012-06-21 12:45 - 00327376 ____A C:\Users\mcasciano\Downloads\GFG_1_19_managed.zip

2012-06-21 12:12 - 2012-06-21 12:12 - 00060304 ____A C:\Users\mcasciano\g2mdlhlpx.exe

2012-06-19 03:50 - 2012-06-19 03:50 - 00104672 ____A (Microsoft Corporation) C:\Users\mcasciano\Downloads\mvc4vs2010.3f.3f.3fnew.exe

2012-06-15 07:39 - 2012-06-15 07:39 - 00001099 ____A C:\Users\eric\Desktop\Flashpoint Audio.lnk

2012-06-15 07:39 - 2012-06-15 07:39 - 00001069 ____A C:\Users\eric\Desktop\Flashpoint.lnk

2012-06-13 05:36 - 2012-06-13 05:34 - 111850720 ____A C:\Users\mcasciano\Downloads\PhpStorm-4.0.2.exe

2012-06-11 19:08 - 2012-07-10 23:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-06-11 07:22 - 2012-06-11 07:22 - 00174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2012-06-11 07:22 - 2012-06-11 07:22 - 00174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2012-06-08 22:37 - 2012-07-23 11:25 - 00063128 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys

2012-06-08 22:37 - 2012-07-23 11:25 - 00031384 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMparport.sys

2012-06-08 22:37 - 2012-07-23 11:24 - 00942744 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll

2012-06-08 22:37 - 2012-07-23 11:24 - 00433816 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

2012-06-08 22:36 - 2012-07-23 11:24 - 00354456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

2012-06-08 22:36 - 2012-07-23 11:24 - 00032920 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMkbd.sys

2012-06-08 22:35 - 2012-07-23 11:24 - 00030360 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys

2012-06-08 21:43 - 2012-07-10 21:30 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2012-06-08 20:41 - 2012-07-10 21:30 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2012-06-08 20:29 - 2012-06-08 20:29 - 00252056 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnc.dll

2012-06-08 19:52 - 2012-06-08 19:52 - 00062064 ____A (VMware, Inc.) C:\Windows\System32\vmnetbridge.dll

2012-06-08 19:52 - 2012-06-08 19:52 - 00048752 ____A (VMware, Inc.) C:\Windows\System32\vnetinst.dll

2012-06-08 19:52 - 2012-06-08 19:52 - 00045680 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetbridge.sys

2012-06-08 19:52 - 2012-06-08 19:52 - 00024176 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnet.sys

2012-06-08 19:52 - 2012-06-08 19:52 - 00020080 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetadapter.sys

2012-06-05 22:06 - 2012-07-10 21:30 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2012-06-05 22:06 - 2012-07-10 21:30 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll

2012-06-05 22:02 - 2012-07-10 21:29 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll

2012-06-05 21:05 - 2012-07-10 21:30 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2012-06-05 21:05 - 2012-07-10 21:30 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2012-06-05 21:03 - 2012-07-10 21:29 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2012-06-02 14:19 - 2012-06-21 03:02 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll

2012-06-02 14:19 - 2012-06-21 03:02 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe

2012-06-02 14:19 - 2012-06-21 03:02 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll

2012-06-02 14:19 - 2012-06-21 03:01 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll

2012-06-02 14:19 - 2012-06-21 03:01 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll

2012-06-02 14:15 - 2012-06-21 03:02 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll

2012-06-02 14:15 - 2012-06-21 03:01 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll

2012-06-02 11:19 - 2012-06-21 03:01 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll

2012-06-02 11:15 - 2012-06-21 03:01 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

2012-06-02 04:49 - 2012-07-10 23:01 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-06-02 04:17 - 2012-07-10 23:01 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-06-02 04:12 - 2012-07-10 23:01 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-06-02 04:05 - 2012-07-10 23:02 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-06-02 04:05 - 2012-07-10 23:01 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-06-02 04:04 - 2012-07-10 23:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-06-02 04:04 - 2012-07-10 23:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-06-02 04:03 - 2012-07-10 23:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-06-02 04:01 - 2012-07-10 23:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-06-02 04:00 - 2012-07-10 23:01 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-06-02 03:59 - 2012-07-10 23:02 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-06-02 03:57 - 2012-07-10 23:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-06-02 03:57 - 2012-07-10 23:02 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-06-02 03:54 - 2012-07-10 23:01 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-06-02 01:07 - 2012-07-10 23:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-06-02 00:43 - 2012-07-10 23:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-06-02 00:33 - 2012-07-10 23:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-06-02 00:26 - 2012-07-10 23:02 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-06-02 00:25 - 2012-07-10 23:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-06-02 00:25 - 2012-07-10 23:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-06-02 00:23 - 2012-07-10 23:02 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-06-02 00:21 - 2012-07-10 23:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-06-02 00:20 - 2012-07-10 23:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-06-02 00:19 - 2012-07-10 23:02 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-06-02 00:19 - 2012-07-10 23:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-06-02 00:17 - 2012-07-10 23:02 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-06-02 00:16 - 2012-07-10 23:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-06-02 00:14 - 2012-07-10 23:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-06-01 21:50 - 2012-07-10 21:30 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys

2012-06-01 21:48 - 2012-07-10 21:30 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys

2012-06-01 21:48 - 2012-07-10 21:30 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2012-06-01 21:45 - 2012-07-10 21:30 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll

2012-06-01 21:44 - 2012-07-10 21:30 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

2012-06-01 20:40 - 2012-07-10 21:30 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2012-06-01 20:40 - 2012-07-10 21:29 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2012-06-01 20:39 - 2012-07-10 21:30 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2012-06-01 20:34 - 2012-07-10 21:29 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2012-06-01 19:16 - 2012-06-01 19:15 - 00686932 ____A ( ) C:\Users\mcasciano\Downloads\CodecTweakTool_534.exe

2012-06-01 19:10 - 2012-06-01 19:10 - 01117491 ____A (DVD Shrink ) C:\Users\mcasciano\Documents\dvdshrink32setup.exe

2012-06-01 18:55 - 2012-06-01 18:54 - 01094021 ____A C:\Users\mcasciano\Downloads\dvdshrink32setup1.zip

2012-05-31 17:14 - 2012-05-31 17:14 - 00009565 ____A C:\Users\mcasciano\Documents\bills.xlsx

2012-05-25 10:05 - 2012-05-25 11:28 - 00331470 ___AT C:\Users\mcasciano\Documents\CopyofChurchPlanterGrowthProjectorFINALBLANK.html

2012-05-24 23:04 - 2011-12-09 13:37 - 00001566 ____A C:\Windows\CrmClient.mif

2012-05-24 07:56 - 2012-05-24 07:56 - 00037410 ____N C:\Users\mcasciano\Documents\Church Planter Growth Projector BLANK.xlsx

2012-05-24 06:13 - 2012-05-24 06:13 - 01020511 ____A C:\Users\mcasciano\Downloads\CRM2Maps_2-0.zip

2012-05-23 04:12 - 2012-05-23 04:10 - 151801119 ____A C:\Users\mcasciano\Downloads\Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe

2012-05-21 17:17 - 2012-05-21 17:17 - 08355192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110ud.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 08284024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 04495728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 04445560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110u.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 01995168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsHelper.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 01691520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00864120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00806784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcamp110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00797560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00689040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00656272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsjitdebugger.exe

2012-05-21 17:17 - 2012-05-21 17:17 - 00500600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00319872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcamp110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00240008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00219008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VSPerf110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00174976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VSCover110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00156024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\atl110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00145792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcomp110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00116608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vcomp110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00113016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110d.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00112512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110ud.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00084344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110u.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00084344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00074112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110deu.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00074104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110fra.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00073088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110esn.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00072064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110ita.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00070016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110rus.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00064384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110enu.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00053120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110jpn.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00052608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110kor.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00045440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110cht.dll

2012-05-21 17:17 - 2012-05-21 17:17 - 00045440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc110chs.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 11080576 ____A (Microsoft Corporation) C:\Windows\System32\mfc110ud.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 11006840 ____A (Microsoft Corporation) C:\Windows\System32\mfc110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 05705080 ____A (Microsoft Corporation) C:\Windows\System32\mfc110u.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 05677424 ____A (Microsoft Corporation) C:\Windows\System32\mfc110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 01957248 ____A (Microsoft Corporation) C:\Windows\System32\msvcr110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 01072512 ____A (Microsoft Corporation) C:\Windows\System32\msvcp110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 01032064 ____A (Microsoft Corporation) C:\Windows\System32\vcamp110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00933256 ____A (Microsoft Corporation) C:\Windows\System32\vccorlib110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00852856 ____A (Microsoft Corporation) C:\Windows\System32\msvcr110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00685968 ____A (Microsoft Corporation) C:\Windows\System32\vsjitdebugger.exe

2012-05-21 14:14 - 2012-05-21 14:14 - 00612728 ____A (Microsoft Corporation) C:\Windows\System32\msvcp110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00380792 ____A (Microsoft Corporation) C:\Windows\System32\vcamp110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00322440 ____A (Microsoft Corporation) C:\Windows\System32\vccorlib110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00251776 ____A (Microsoft Corporation) C:\Windows\System32\VSPerf110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\VSCover110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00179568 ____A (Microsoft Corporation) C:\Windows\System32\atl110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00153984 ____A (Microsoft Corporation) C:\Windows\System32\vcomp110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00125312 ____A (Microsoft Corporation) C:\Windows\System32\vcomp110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00123256 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110d.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00122240 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110ud.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00092032 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110u.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00092024 ____A (Microsoft Corporation) C:\Windows\System32\mfcm110.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\mfc110fra.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\mfc110deu.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00073088 ____A (Microsoft Corporation) C:\Windows\System32\mfc110esn.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00072064 ____A (Microsoft Corporation) C:\Windows\System32\mfc110ita.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00070016 ____A (Microsoft Corporation) C:\Windows\System32\mfc110rus.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00064384 ____A (Microsoft Corporation) C:\Windows\System32\mfc110enu.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\mfc110jpn.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00052608 ____A (Microsoft Corporation) C:\Windows\System32\mfc110kor.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00045440 ____A (Microsoft Corporation) C:\Windows\System32\mfc110cht.dll

2012-05-21 14:14 - 2012-05-21 14:14 - 00045440 ____A (Microsoft Corporation) C:\Windows\System32\mfc110chs.dll

2012-05-21 07:30 - 2012-05-21 07:29 - 38494576 ____A (Apple Inc.) C:\Users\mcasciano\Downloads\SafariSetup.exe

2012-05-18 17:47 - 2012-05-18 17:47 - 00367360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfprintpthelper.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00351248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfbasics.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00306552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfprint.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00242736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfluapriv.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00173504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appverif.exe

2012-05-18 17:47 - 2012-05-18 17:47 - 00164168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vrfcore.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00098752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfrdvcompat.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00087312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfcompat.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00081560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfnet.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00061352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfnws.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00052016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfcuzz.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00040120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfntlmless.dll

2012-05-18 17:47 - 2012-05-18 17:47 - 00021432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cuzzapi.dll

2012-05-18 17:42 - 2012-05-18 17:42 - 00059304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DRefDebug.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00712616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11_1sdklayers.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00608680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11ref.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00590248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11sdklayers.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00461224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10sdklayers.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00383912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dref9.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00365480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10ref.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00276904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1debug1.dll

2012-05-18 17:41 - 2012-05-18 17:41 - 00270248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxcpl.exe

2012-05-18 17:41 - 2012-05-18 17:41 - 00101800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgidebug.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00711280 ____A (Microsoft Corporation) C:\Windows\System32\vfprintpthelper.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00433344 ____A (Microsoft Corporation) C:\Windows\System32\vfprint.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00404760 ____A (Microsoft Corporation) C:\Windows\System32\vfbasics.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00281616 ____A (Microsoft Corporation) C:\Windows\System32\vfluapriv.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00216776 ____A (Microsoft Corporation) C:\Windows\System32\appverif.exe

2012-05-18 17:24 - 2012-05-18 17:24 - 00183528 ____A (Microsoft Corporation) C:\Windows\System32\vrfcore.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00109688 ____A (Microsoft Corporation) C:\Windows\System32\vfrdvcompat.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00105016 ____A (Microsoft Corporation) C:\Windows\System32\vfnet.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00090440 ____A (Microsoft Corporation) C:\Windows\System32\vfcompat.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00083216 ____A (Microsoft Corporation) C:\Windows\System32\vfnws.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00048944 ____A (Microsoft Corporation) C:\Windows\System32\vfcuzz.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00045296 ____A (Microsoft Corporation) C:\Windows\System32\vfntlmless.dll

2012-05-18 17:24 - 2012-05-18 17:24 - 00023032 ____A (Microsoft Corporation) C:\Windows\System32\cuzzapi.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00886184 ____A (Microsoft Corporation) C:\Windows\System32\d3d11_1sdklayers.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00748456 ____A (Microsoft Corporation) C:\Windows\System32\d3d11ref.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00713128 ____A (Microsoft Corporation) C:\Windows\System32\d3d11sdklayers.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00597416 ____A (Microsoft Corporation) C:\Windows\System32\d3d10sdklayers.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00461224 ____A (Microsoft Corporation) C:\Windows\System32\d3d10ref.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00446376 ____A (Microsoft Corporation) C:\Windows\System32\d3dref9.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00340904 ____A (Microsoft Corporation) C:\Windows\System32\d2d1debug1.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00287144 ____A (Microsoft Corporation) C:\Windows\System32\dxcpl.exe

2012-05-18 17:18 - 2012-05-18 17:18 - 00126376 ____A (Microsoft Corporation) C:\Windows\System32\dxgidebug.dll

2012-05-18 17:18 - 2012-05-18 17:18 - 00078760 ____A (Microsoft Corporation) C:\Windows\System32\VSD3DRefDebug.dll

2012-05-18 17:17 - 2012-05-18 17:17 - 00029096 ____A (Microsoft Corporation) C:\Windows\System32\microsoft.windows.softwarelogo.showdesktop.exe

2012-05-17 15:38 - 2011-10-10 16:06 - 00001024 ____A C:\.rnd

2012-05-17 15:33 - 2012-05-17 15:26 - 532150008 ____A (VMware, Inc.) C:\Users\mcasciano\Downloads\VMware-server-2.0.1-156745.exe

2012-05-17 08:48 - 2011-10-10 16:06 - 00087456 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll.000.bak

2012-05-04 03:06 - 2012-06-12 20:24 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2012-05-04 02:03 - 2012-06-12 20:24 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2012-05-04 02:03 - 2012-06-12 20:24 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2012-04-30 21:40 - 2012-06-12 20:24 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll

2012-04-30 14:17 - 2012-04-30 14:17 - 00860064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll

2012-04-30 14:17 - 2012-04-30 14:17 - 00503200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll

2012-04-30 14:17 - 2012-04-30 14:17 - 00027544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll

2012-04-30 14:17 - 2012-04-30 14:17 - 00017280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll

2012-04-30 14:05 - 2012-04-30 14:05 - 00000068 ____A C:\Users\mcasciano\Downloads\A5nK3y7t.part

2012-04-30 13:14 - 2012-04-30 13:14 - 00862104 ____A (Microsoft Corporation) C:\Windows\System32\msvcr110_clr0400.dll

2012-04-30 13:14 - 2012-04-30 13:14 - 00617368 ____A (Microsoft Corporation) C:\Windows\System32\msvcp110_clr0400.dll

2012-04-30 13:14 - 2012-04-30 13:14 - 00029592 ____A (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll

2012-04-30 13:14 - 2012-04-30 13:14 - 00017280 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll

2012-04-30 04:06 - 2012-04-30 04:06 - 00000165 ___AH C:\Users\mcasciano\Desktop\~$Church Plant Growth Projector.xlsx

ZeroAccess:

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L\00000004.@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\L\201d3dde

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\00000004.@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\00000008.@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\000000cb.@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\80000000.@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\80000032.@

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}\U\80000064.@

ZeroAccess:

C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:

C:\Windows\assembly\GAC_64\Desktop.ini

Possible partition infection:

C:\Windows\svchost.exe

========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 11%

Total physical RAM: 8117.83 MB

Available physical RAM: 7163.74 MB

Total Pagefile: 8115.98 MB

Available Pagefile: 7157.25 MB

Total Virtual: 8192 MB

Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:232 GB) (Free:49.45 GB) NTFS

3 Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

4 Drive g: (Cruzer) (Removable) (Total:3.74 GB) (Free:2.92 GB) FAT32

5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

6 Drive y: (RECOVERY) (Fixed) (Total:0.73 GB) (Free:0.5 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 0 B

Disk 1 Online 3835 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 156 MB 31 KB

Partition 2 Primary 750 MB 157 MB

Partition 3 Primary 231 GB 907 MB

==================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 5 FAT Partition 156 MB Healthy Hidden

==================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 Y RECOVERY NTFS Partition 750 MB Healthy

==================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 C NTFS Partition 231 GB Healthy

==================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 3827 MB 19 KB

==================================================================================

Disk: 1

Partition 1

Type : 0B

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 G Cruzer FAT32 Removable 3827 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-07-28 05:17

======================= End Of Log ==========================

Farbar Recovery Scan Tool Version: 25-07-2012 01

Ran by SYSTEM at 2012-07-28 21:38:41

Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe

[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

Link to post
Share on other sites

OK, here you go......Please carefully carry out this procedure!!!!!!

Open notepad. Make sure "word wrap" under Format is unchecked! Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt


C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

MrC

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 25-07-2012 01

Ran by SYSTEM at 2012-07-28 22:15:08 Run:1

Running from G:\

==============================================

C:\Windows\Installer\{26edb7fe-067f-cc71-841e-dc4b2b9b5382} moved successfully.

C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.

C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.

C:\Windows\System32\services.exe moved successfully.

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

Link to post
Share on other sites

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Link to post
Share on other sites

11:08:46.0996 2084 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

11:08:48.0316 2084 ============================================================

11:08:48.0316 2084 Current date / time: 2012/07/29 11:08:48.0316

11:08:48.0316 2084 SystemInfo:

11:08:48.0316 2084

11:08:48.0316 2084 OS Version: 6.1.7601 ServicePack: 1.0

11:08:48.0316 2084 Product type: Workstation

11:08:48.0316 2084 ComputerName: CASCIANO

11:08:48.0316 2084 UserName: mcasciano

11:08:48.0316 2084 Windows directory: C:\Windows

11:08:48.0316 2084 System windows directory: C:\Windows

11:08:48.0316 2084 Running under WOW64

11:08:48.0316 2084 Processor architecture: Intel x64

11:08:48.0316 2084 Number of processors: 4

11:08:48.0316 2084 Page size: 0x1000

11:08:48.0316 2084 Boot type: Normal boot

11:08:48.0316 2084 ============================================================

11:08:49.0541 2084 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:08:49.0545 2084 Drive \Device\Harddisk1\DR1 - Size: 0xEFBFFE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

11:08:49.0547 2084 ============================================================

11:08:49.0547 2084 \Device\Harddisk0\DR0:

11:08:49.0547 2084 MBR partitions:

11:08:49.0547 2084 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x4E800, BlocksNum 0x177000

11:08:49.0547 2084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C5800, BlocksNum 0x1CFFF800

11:08:49.0547 2084 \Device\Harddisk1\DR1:

11:08:49.0548 2084 MBR partitions:

11:08:49.0548 2084 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2

11:08:49.0548 2084 ============================================================

11:08:49.0573 2084 C: <-> \Device\Harddisk0\DR0\Partition1

11:08:49.0573 2084 ============================================================

11:08:49.0573 2084 Initialize success

11:08:49.0573 2084 ============================================================

11:09:21.0350 6604 ============================================================

11:09:21.0350 6604 Scan started

11:09:21.0350 6604 Mode: Manual; SigCheck; TDLFS;

11:09:21.0350 6604 ============================================================

11:09:27.0310 6604 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

11:09:27.0395 6604 1394ohci - ok

11:09:27.0425 6604 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

11:09:27.0448 6604 ACPI - ok

11:09:27.0470 6604 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

11:09:27.0542 6604 AcpiPmi - ok

11:09:27.0616 6604 acsock (e5568164c070a4988bd79c896920b3c6) C:\Windows\system32\DRIVERS\acsock64.sys

11:09:27.0676 6604 acsock - ok

11:09:27.0778 6604 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

11:09:27.0785 6604 AdobeARMservice - ok

11:09:27.0835 6604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

11:09:27.0863 6604 adp94xx - ok

11:09:27.0892 6604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

11:09:27.0918 6604 adpahci - ok

11:09:27.0942 6604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

11:09:27.0963 6604 adpu320 - ok

11:09:27.0999 6604 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

11:09:28.0136 6604 AeLookupSvc - ok

11:09:28.0216 6604 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

11:09:28.0273 6604 AFD - ok

11:09:28.0288 6604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

11:09:28.0301 6604 agp440 - ok

11:09:28.0320 6604 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

11:09:28.0378 6604 ALG - ok

11:09:28.0390 6604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

11:09:28.0404 6604 aliide - ok

11:09:28.0409 6604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

11:09:28.0423 6604 amdide - ok

11:09:28.0439 6604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

11:09:28.0510 6604 AmdK8 - ok

11:09:28.0527 6604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

11:09:28.0556 6604 AmdPPM - ok

11:09:28.0772 6604 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

11:09:28.0799 6604 amdsata - ok

11:09:28.0832 6604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

11:09:28.0848 6604 amdsbs - ok

11:09:28.0889 6604 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

11:09:28.0902 6604 amdxata - ok

11:09:28.0953 6604 ApfiltrService (8655a2983a86d6675135b1ff6892055d) C:\Windows\system32\DRIVERS\Apfiltr.sys

11:09:28.0968 6604 ApfiltrService - ok

11:09:29.0055 6604 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll

11:09:29.0091 6604 AppHostSvc - ok

11:09:29.0125 6604 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

11:09:29.0273 6604 AppID - ok

11:09:29.0302 6604 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

11:09:29.0371 6604 AppIDSvc - ok

11:09:29.0440 6604 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

11:09:29.0494 6604 Appinfo - ok

11:09:29.0578 6604 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll

11:09:29.0655 6604 AppMgmt - ok

11:09:29.0688 6604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

11:09:29.0702 6604 arc - ok

11:09:29.0751 6604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

11:09:29.0763 6604 arcsas - ok

11:09:29.0915 6604 aspnet_state (b3fc1e4760175cc9d0deff38aef96e99) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

11:09:29.0928 6604 aspnet_state - ok

11:09:29.0958 6604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

11:09:30.0006 6604 AsyncMac - ok

11:09:30.0065 6604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

11:09:30.0075 6604 atapi - ok

11:09:30.0131 6604 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

11:09:30.0245 6604 AudioEndpointBuilder - ok

11:09:30.0252 6604 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

11:09:30.0304 6604 AudioSrv - ok

11:09:30.0344 6604 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

11:09:30.0410 6604 AxInstSV - ok

11:09:30.0459 6604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

11:09:30.0499 6604 b06bdrv - ok

11:09:30.0535 6604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

11:09:30.0574 6604 b57nd60a - ok

11:09:30.0651 6604 bcrnbbuu - ok

11:09:30.0674 6604 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

11:09:30.0716 6604 BDESVC - ok

11:09:30.0731 6604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

11:09:30.0810 6604 Beep - ok

11:09:30.0852 6604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

11:09:30.0885 6604 blbdrive - ok

11:09:30.0914 6604 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

11:09:30.0941 6604 bowser - ok

11:09:30.0955 6604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

11:09:31.0020 6604 BrFiltLo - ok

11:09:31.0080 6604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

11:09:31.0099 6604 BrFiltUp - ok

11:09:31.0131 6604 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

11:09:31.0206 6604 Browser - ok

11:09:31.0240 6604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

11:09:31.0282 6604 Brserid - ok

11:09:31.0303 6604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

11:09:31.0325 6604 BrSerWdm - ok

11:09:31.0337 6604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

11:09:31.0362 6604 BrUsbMdm - ok

11:09:31.0373 6604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

11:09:31.0395 6604 BrUsbSer - ok

11:09:31.0413 6604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

11:09:31.0451 6604 BTHMODEM - ok

11:09:31.0470 6604 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

11:09:31.0539 6604 bthserv - ok

11:09:31.0607 6604 c2wts - ok

11:09:31.0618 6604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

11:09:31.0678 6604 cdfs - ok

11:09:31.0720 6604 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

11:09:31.0753 6604 cdrom - ok

11:09:31.0789 6604 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

11:09:31.0850 6604 CertPropSvc - ok

11:09:31.0867 6604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

11:09:31.0886 6604 circlass - ok

11:09:31.0919 6604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

11:09:31.0937 6604 CLFS - ok

11:09:31.0993 6604 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:09:32.0003 6604 clr_optimization_v2.0.50727_32 - ok

11:09:32.0060 6604 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:09:32.0070 6604 clr_optimization_v2.0.50727_64 - ok

11:09:32.0153 6604 clr_optimization_v4.0.30319_32 (1ebe1854d94b704d1c0eefaef4711151) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:09:32.0169 6604 clr_optimization_v4.0.30319_32 - ok

11:09:32.0193 6604 clr_optimization_v4.0.30319_64 (f44a20931fdd77ebfc36b263fd795959) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:09:32.0210 6604 clr_optimization_v4.0.30319_64 - ok

11:09:32.0263 6604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

11:09:32.0317 6604 CmBatt - ok

11:09:32.0378 6604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

11:09:32.0420 6604 cmdide - ok

11:09:32.0498 6604 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

11:09:32.0535 6604 CNG - ok

11:09:32.0566 6604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

11:09:32.0577 6604 Compbatt - ok

11:09:32.0851 6604 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

11:09:32.0898 6604 CompositeBus - ok

11:09:32.0913 6604 COMSysApp - ok

11:09:32.0931 6604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

11:09:32.0946 6604 crcdisk - ok

11:09:33.0094 6604 CrmSqlStartupSvc (02769c8eff729afea7db14ae04394741) C:\Program Files (x86)\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe

11:09:33.0104 6604 CrmSqlStartupSvc - ok

11:09:33.0153 6604 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

11:09:33.0191 6604 CryptSvc - ok

11:09:33.0242 6604 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

11:09:33.0325 6604 CSC - ok

11:09:33.0378 6604 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll

11:09:33.0430 6604 CscService - ok

11:09:33.0462 6604 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys

11:09:33.0469 6604 CVirtA - ok

11:09:33.0597 6604 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

11:09:33.0651 6604 CVPND - ok

11:09:33.0792 6604 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys

11:09:33.0808 6604 CVPNDRVA - ok

11:09:33.0901 6604 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

11:09:33.0972 6604 DcomLaunch - ok

11:09:34.0037 6604 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

11:09:34.0153 6604 defragsvc - ok

11:09:34.0210 6604 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

11:09:34.0264 6604 DfsC - ok

11:09:34.0330 6604 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

11:09:34.0444 6604 Dhcp - ok

11:09:34.0504 6604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

11:09:34.0552 6604 discache - ok

11:09:34.0875 6604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

11:09:34.0886 6604 Disk - ok

11:09:34.0950 6604 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys

11:09:34.0964 6604 DNE - ok

11:09:35.0002 6604 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

11:09:35.0038 6604 Dnscache - ok

11:09:35.0087 6604 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

11:09:35.0131 6604 dot3svc - ok

11:09:35.0166 6604 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

11:09:35.0211 6604 DPS - ok

11:09:35.0256 6604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

11:09:35.0300 6604 drmkaud - ok

11:09:35.0341 6604 dsNcAdpt (3eef0b3489edbf725564e17c77cabafd) C:\Windows\system32\DRIVERS\dsNcAdpt.sys

11:09:35.0368 6604 dsNcAdpt - ok

11:09:35.0473 6604 dsNcService (c2845afa59bd29ab8d4a52700abb4017) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe

11:09:35.0518 6604 dsNcService - ok

11:09:35.0597 6604 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

11:09:35.0607 6604 dtsoftbus01 - ok

11:09:35.0731 6604 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

11:09:35.0754 6604 DXGKrnl - ok

11:09:35.0811 6604 e1kexpress (711405da1fbc40b820db5a2b4dd939f0) C:\Windows\system32\DRIVERS\e1k62x64.sys

11:09:35.0824 6604 e1kexpress - ok

11:09:35.0884 6604 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

11:09:35.0939 6604 EapHost - ok

11:09:36.0214 6604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

11:09:36.0310 6604 ebdrv - ok

11:09:36.0439 6604 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

11:09:36.0484 6604 EFS - ok

11:09:36.0544 6604 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

11:09:36.0649 6604 ehRecvr - ok

11:09:36.0680 6604 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

11:09:36.0707 6604 ehSched - ok

11:09:36.0777 6604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

11:09:36.0799 6604 elxstor - ok

11:09:36.0823 6604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

11:09:36.0838 6604 ErrDev - ok

11:09:36.0882 6604 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

11:09:36.0959 6604 EventSystem - ok

11:09:37.0141 6604 EvtEng (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

11:09:37.0197 6604 EvtEng - ok

11:09:37.0345 6604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

11:09:37.0396 6604 exfat - ok

11:09:37.0445 6604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

11:09:37.0499 6604 fastfat - ok

11:09:37.0782 6604 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

11:09:37.0858 6604 Fax - ok

11:09:37.0876 6604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

11:09:37.0897 6604 fdc - ok

11:09:37.0930 6604 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

11:09:37.0965 6604 fdPHost - ok

11:09:37.0972 6604 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

11:09:38.0018 6604 FDResPub - ok

11:09:38.0034 6604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

11:09:38.0043 6604 FileInfo - ok

11:09:38.0057 6604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

11:09:38.0092 6604 Filetrace - ok

11:09:38.0117 6604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

11:09:38.0127 6604 flpydisk - ok

11:09:38.0160 6604 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

11:09:38.0184 6604 FltMgr - ok

11:09:38.0273 6604 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

11:09:38.0319 6604 FontCache - ok

11:09:38.0390 6604 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:09:38.0398 6604 FontCache3.0.0.0 - ok

11:09:38.0428 6604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

11:09:38.0439 6604 FsDepends - ok

11:09:38.0478 6604 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

11:09:38.0486 6604 Fs_Rec - ok

11:09:38.0667 6604 fussvc (f5705a48ac81842bb6c1689e365c2af4) C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe

11:09:38.0696 6604 fussvc ( UnsignedFile.Multi.Generic ) - warning

11:09:38.0696 6604 fussvc - detected UnsignedFile.Multi.Generic (1)

11:09:38.0752 6604 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

11:09:38.0767 6604 fvevol - ok

11:09:38.0801 6604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

11:09:38.0811 6604 gagp30kx - ok

11:09:38.0886 6604 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

11:09:38.0987 6604 gpsvc - ok

11:09:39.0016 6604 haycmkae - ok

11:09:39.0089 6604 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys

11:09:39.0096 6604 hcmon - ok

11:09:39.0125 6604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

11:09:39.0162 6604 hcw85cir - ok

11:09:39.0208 6604 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

11:09:39.0228 6604 HdAudAddService - ok

11:09:39.0260 6604 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

11:09:39.0297 6604 HDAudBus - ok

11:09:39.0350 6604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

11:09:39.0372 6604 HidBatt - ok

11:09:39.0379 6604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

11:09:39.0456 6604 HidBth - ok

11:09:39.0460 6604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

11:09:39.0509 6604 HidIr - ok

11:09:39.0537 6604 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

11:09:39.0586 6604 hidserv - ok

11:09:39.0629 6604 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

11:09:39.0643 6604 HidUsb - ok

11:09:39.0677 6604 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

11:09:39.0737 6604 hkmsvc - ok

11:09:39.0767 6604 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

11:09:39.0790 6604 HomeGroupListener - ok

11:09:39.0824 6604 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

11:09:39.0850 6604 HomeGroupProvider - ok

11:09:39.0873 6604 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

11:09:39.0883 6604 HpSAMD - ok

11:09:39.0946 6604 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

11:09:40.0014 6604 HTTP - ok

11:09:40.0028 6604 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

11:09:40.0038 6604 hwpolicy - ok

11:09:40.0051 6604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

11:09:40.0063 6604 i8042prt - ok

11:09:40.0105 6604 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

11:09:40.0120 6604 iaStorV - ok

11:09:40.0216 6604 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:09:40.0249 6604 idsvc - ok

11:09:40.0978 6604 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys

11:09:41.0295 6604 igfx - ok

11:09:41.0455 6604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

11:09:41.0466 6604 iirsp - ok

11:09:41.0515 6604 IISADMIN (ab55b8a9b13130f638546881ce4425f8) C:\Windows\system32\inetsrv\inetinfo.exe

11:09:41.0550 6604 IISADMIN - ok

11:09:41.0624 6604 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

11:09:41.0728 6604 IKEEXT - ok

11:09:41.0791 6604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

11:09:41.0800 6604 intelide - ok

11:09:41.0825 6604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

11:09:41.0844 6604 intelppm - ok

11:09:41.0871 6604 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

11:09:41.0906 6604 IPBusEnum - ok

11:09:41.0941 6604 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:09:41.0983 6604 IpFilterDriver - ok

11:09:42.0009 6604 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

11:09:42.0025 6604 IPMIDRV - ok

11:09:42.0045 6604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

11:09:42.0086 6604 IPNAT - ok

11:09:42.0096 6604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

11:09:42.0149 6604 IRENUM - ok

11:09:42.0174 6604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

11:09:42.0186 6604 isapnp - ok

11:09:42.0224 6604 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

11:09:42.0240 6604 iScsiPrt - ok

11:09:42.0275 6604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

11:09:42.0284 6604 kbdclass - ok

11:09:42.0316 6604 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

11:09:42.0342 6604 kbdhid - ok

11:09:42.0382 6604 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:09:42.0393 6604 KeyIso - ok

11:09:42.0434 6604 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

11:09:42.0447 6604 KSecDD - ok

11:09:42.0498 6604 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

11:09:42.0510 6604 KSecPkg - ok

11:09:42.0522 6604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

11:09:42.0570 6604 ksthunk - ok

11:09:42.0697 6604 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

11:09:42.0782 6604 KtmRm - ok

11:09:43.0087 6604 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

11:09:43.0140 6604 LanmanServer - ok

11:09:43.0164 6604 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

11:09:43.0203 6604 LanmanWorkstation - ok

11:09:43.0229 6604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

11:09:43.0264 6604 lltdio - ok

11:09:44.0397 6604 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

11:09:44.0462 6604 lltdsvc - ok

11:09:44.0717 6604 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

11:09:44.0783 6604 lmhosts - ok

11:09:45.0685 6604 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

11:09:45.0723 6604 LMIGuardianSvc - ok

11:09:45.0932 6604 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys

11:09:45.0944 6604 LMIInfo - ok

11:09:46.0563 6604 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

11:09:46.0572 6604 LMIMaint - ok

11:09:46.0648 6604 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys

11:09:46.0655 6604 lmimirr - ok

11:09:46.0713 6604 LMIRfsClientNP - ok

11:09:46.0742 6604 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys

11:09:46.0749 6604 LMIRfsDriver - ok

11:09:46.0805 6604 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

11:09:46.0821 6604 LogMeIn - ok

11:09:46.0865 6604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

11:09:46.0879 6604 LSI_FC - ok

11:09:46.0907 6604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

11:09:46.0918 6604 LSI_SAS - ok

11:09:46.0937 6604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

11:09:46.0950 6604 LSI_SAS2 - ok

11:09:46.0975 6604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

11:09:46.0988 6604 LSI_SCSI - ok

11:09:47.0021 6604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

11:09:47.0076 6604 luafv - ok

11:09:47.0108 6604 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

11:09:47.0122 6604 Mcx2Svc - ok

11:09:47.0150 6604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

11:09:47.0162 6604 megasas - ok

11:09:47.0201 6604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

11:09:47.0229 6604 MegaSR - ok

11:09:47.0295 6604 Microsoft SharePoint Workspace Audit Service - ok

11:09:47.0326 6604 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:09:47.0394 6604 MMCSS - ok

11:09:47.0431 6604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

11:09:47.0472 6604 Modem - ok

11:09:47.0541 6604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

11:09:47.0565 6604 monitor - ok

11:09:47.0588 6604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

11:09:47.0597 6604 mouclass - ok

11:09:47.0609 6604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

11:09:47.0623 6604 mouhid - ok

11:09:47.0692 6604 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

11:09:47.0704 6604 mountmgr - ok

11:09:47.0798 6604 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

11:09:47.0809 6604 MozillaMaintenance - ok

11:09:47.0871 6604 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

11:09:47.0887 6604 mpio - ok

11:09:47.0924 6604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

11:09:47.0971 6604 mpsdrv - ok

11:09:48.0061 6604 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

11:09:48.0097 6604 MRxDAV - ok

11:09:48.0163 6604 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:09:48.0232 6604 mrxsmb - ok

11:09:48.0283 6604 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:09:48.0320 6604 mrxsmb10 - ok

11:09:48.0351 6604 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:09:48.0362 6604 mrxsmb20 - ok

11:09:48.0379 6604 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

11:09:48.0393 6604 msahci - ok

11:09:48.0454 6604 MSCRMAsyncService$client (c35985fd2320d8e8d87ae3760ae1b431) C:\Program Files (x86)\Microsoft Dynamics CRM Data Migration Manager\DMClient\bin\CrmAsyncService.exe

11:09:48.0467 6604 MSCRMAsyncService$client - ok

11:09:48.0491 6604 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

11:09:48.0508 6604 msdsm - ok

11:09:48.0537 6604 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

11:09:48.0558 6604 MSDTC - ok

11:09:48.0688 6604 MsDtsServer100 (f7a0ba64036ea2b3dfb569e4dc9986e7) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe

11:09:48.0700 6604 MsDtsServer100 - ok

11:09:48.0849 6604 MsDtsServer110 (40be2c09ace1bed16a343662e6fdf241) C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe

11:09:48.0869 6604 MsDtsServer110 - ok

11:09:48.0903 6604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

11:09:48.0938 6604 Msfs - ok

11:09:49.0091 6604 msftesql (f7e0900f9a8e3f71f2c16a932f0e03e0) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe

11:09:49.0101 6604 msftesql - ok

11:09:49.0152 6604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

11:09:49.0188 6604 mshidkmdf - ok

11:09:49.0211 6604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

11:09:49.0224 6604 msisadrv - ok

11:09:49.0272 6604 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

11:09:49.0329 6604 MSiSCSI - ok

11:09:49.0333 6604 msiserver - ok

11:09:49.0353 6604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

11:09:49.0400 6604 MSKSSRV - ok

11:09:49.0563 6604 msoidsvc (3d9df5c79abe835e58df426b14600a33) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE

11:09:49.0628 6604 msoidsvc - ok

11:09:49.0733 6604 MSOLAP$MSSQL2012 - ok

11:09:49.0787 6604 MSOLAP$SQLSERVER08 - ok

11:09:49.0886 6604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

11:09:49.0933 6604 MSPCLOCK - ok

11:09:49.0945 6604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

11:09:49.0998 6604 MSPQM - ok

11:09:50.0033 6604 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

11:09:50.0049 6604 MsRPC - ok

11:09:50.0090 6604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

11:09:50.0102 6604 mssmbios - ok

11:09:50.0170 6604 MSSQL$MSSQL2012 (3ae13c9869b7ce1135bcf21c0aaa68ed) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\sqlservr.exe

11:09:50.0190 6604 MSSQL$MSSQL2012 - ok

11:09:50.0212 6604 MSSQL$SQLEXPRESS - ok

11:09:50.0241 6604 MSSQL$SQLSERVER08 - ok

11:09:50.0293 6604 MSSQLFDLauncher$MSSQL2012 (f4991c8c070c86082e6f0597f73e02d0) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\fdlauncher.exe

11:09:50.0305 6604 MSSQLFDLauncher$MSSQL2012 - ok

11:09:50.0320 6604 MSSQLFDLauncher$SQLSERVER08 (aa511eb28672011a1d832f73e302f0a0) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\fdlauncher.exe

11:09:50.0330 6604 MSSQLFDLauncher$SQLSERVER08 - ok

11:09:50.0404 6604 MSSQLSERVER - ok

11:09:50.0469 6604 MSSQLServerADHelper (adaf062116b4e6d96e44d26486a87af6) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe

11:09:50.0478 6604 MSSQLServerADHelper - ok

11:09:50.0540 6604 MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

11:09:50.0553 6604 MSSQLServerADHelper100 - ok

11:09:50.0564 6604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

11:09:50.0642 6604 MSTEE - ok

11:09:50.0696 6604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

11:09:50.0722 6604 MTConfig - ok

11:09:50.0766 6604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

11:09:50.0776 6604 Mup - ok

11:09:50.0823 6604 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

11:09:50.0897 6604 napagent - ok

11:09:50.0947 6604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

11:09:50.0994 6604 NativeWifiP - ok

11:09:51.0069 6604 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

11:09:51.0133 6604 NDIS - ok

11:09:51.0151 6604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

11:09:51.0203 6604 NdisCap - ok

11:09:51.0223 6604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

11:09:51.0288 6604 NdisTapi - ok

11:09:51.0313 6604 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

11:09:51.0369 6604 Ndisuio - ok

11:09:51.0393 6604 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

11:09:51.0453 6604 NdisWan - ok

11:09:51.0477 6604 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

11:09:51.0527 6604 NDProxy - ok

11:09:51.0583 6604 NEOFLTR_650_17883 (97e32d6f430d49644728f7173aad0ae0) C:\Windows\system32\Drivers\NEOFLTR_650_17883.SYS

11:09:51.0594 6604 NEOFLTR_650_17883 - ok

11:09:51.0609 6604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

11:09:51.0677 6604 NetBIOS - ok

11:09:51.0723 6604 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

11:09:51.0777 6604 NetBT - ok

11:09:51.0823 6604 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:09:51.0838 6604 Netlogon - ok

11:09:51.0888 6604 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

11:09:51.0956 6604 Netman - ok

11:09:52.0058 6604 NetMsmqActivator (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:09:52.0073 6604 NetMsmqActivator - ok

11:09:52.0078 6604 NetPipeActivator (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:09:52.0095 6604 NetPipeActivator - ok

11:09:52.0136 6604 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

11:09:52.0218 6604 netprofm - ok

11:09:52.0222 6604 NetTcpActivator (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:09:52.0239 6604 NetTcpActivator - ok

11:09:52.0243 6604 NetTcpPortSharing (f50c405c5fce480d39c882205eba26a8) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:09:52.0259 6604 NetTcpPortSharing - ok

11:09:52.0558 6604 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys

11:09:52.0765 6604 NETw5s64 - ok

11:09:53.0134 6604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

11:09:53.0145 6604 nfrd960 - ok

11:09:53.0574 6604 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

11:09:53.0637 6604 NlaSvc - ok

11:09:53.0656 6604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

11:09:53.0706 6604 Npfs - ok

11:09:53.0717 6604 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

11:09:53.0781 6604 nsi - ok

11:09:53.0799 6604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

11:09:53.0861 6604 nsiproxy - ok

11:09:53.0962 6604 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

11:09:54.0031 6604 Ntfs - ok

11:09:54.0094 6604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

11:09:54.0161 6604 Null - ok

11:09:54.0205 6604 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

11:09:54.0222 6604 nvraid - ok

11:09:54.0274 6604 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

11:09:54.0290 6604 nvstor - ok

11:09:54.0326 6604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

11:09:54.0341 6604 nv_agp - ok

11:09:54.0364 6604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

11:09:54.0391 6604 ohci1394 - ok

11:09:54.0512 6604 OracleMTSRecoveryService - ok

11:09:54.0584 6604 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:09:54.0598 6604 ose - ok

11:09:54.0831 6604 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

11:09:54.0976 6604 osppsvc - ok

11:09:55.0090 6604 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

11:09:55.0129 6604 p2pimsvc - ok

11:09:55.0161 6604 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

11:09:55.0184 6604 p2psvc - ok

11:09:55.0243 6604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

11:09:55.0253 6604 Parport - ok

11:09:55.0301 6604 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

11:09:55.0314 6604 partmgr - ok

11:09:55.0334 6604 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

11:09:55.0374 6604 PcaSvc - ok

11:09:55.0409 6604 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

11:09:55.0423 6604 pci - ok

11:09:55.0440 6604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

11:09:55.0451 6604 pciide - ok

11:09:55.0478 6604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

11:09:55.0497 6604 pcmcia - ok

11:09:55.0517 6604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

11:09:55.0528 6604 pcw - ok

11:09:55.0573 6604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

11:09:55.0624 6604 PEAUTH - ok

11:09:55.0708 6604 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll

11:09:55.0764 6604 PeerDistSvc - ok

11:09:55.0826 6604 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

11:09:55.0847 6604 PerfHost - ok

11:09:55.0986 6604 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

11:09:56.0052 6604 pla - ok

11:09:56.0090 6604 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

11:09:56.0129 6604 PlugPlay - ok

11:09:56.0147 6604 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

11:09:56.0168 6604 PNRPAutoReg - ok

11:09:56.0197 6604 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

11:09:56.0210 6604 PNRPsvc - ok

11:09:56.0253 6604 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

11:09:56.0314 6604 PolicyAgent - ok

11:09:56.0343 6604 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

11:09:56.0392 6604 Power - ok

11:09:56.0436 6604 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

11:09:56.0487 6604 PptpMiniport - ok

11:09:56.0521 6604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

11:09:56.0548 6604 Processor - ok

11:09:56.0598 6604 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

11:09:56.0650 6604 ProfSvc - ok

11:09:56.0697 6604 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:09:56.0710 6604 ProtectedStorage - ok

11:09:56.0741 6604 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

11:09:56.0796 6604 Psched - ok

11:09:56.0889 6604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

11:09:56.0951 6604 ql2300 - ok

11:09:57.0026 6604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

11:09:57.0037 6604 ql40xx - ok

11:09:57.0069 6604 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

11:09:57.0089 6604 QWAVE - ok

11:09:57.0102 6604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

11:09:57.0133 6604 QWAVEdrv - ok

11:09:57.0150 6604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

11:09:57.0191 6604 RasAcd - ok

11:09:57.0227 6604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

11:09:57.0262 6604 RasAgileVpn - ok

11:09:57.0274 6604 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

11:09:57.0324 6604 RasAuto - ok

11:09:57.0356 6604 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:09:57.0403 6604 Rasl2tp - ok

11:09:57.0456 6604 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

11:09:57.0521 6604 RasMan - ok

11:09:57.0532 6604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

11:09:57.0583 6604 RasPppoe - ok

11:09:57.0600 6604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

11:09:57.0641 6604 RasSstp - ok

11:09:57.0677 6604 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

11:09:57.0744 6604 rdbss - ok

11:09:57.0755 6604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

11:09:57.0778 6604 rdpbus - ok

11:09:57.0794 6604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:09:57.0846 6604 RDPCDD - ok

11:09:57.0881 6604 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

11:09:57.0899 6604 RDPDR - ok

11:09:57.0929 6604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

11:09:57.0973 6604 RDPENCDD - ok

11:09:57.0993 6604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

11:09:58.0035 6604 RDPREFMP - ok

11:09:58.0093 6604 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

11:09:58.0133 6604 RdpVideoMiniport - ok

11:09:58.0183 6604 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

11:09:58.0208 6604 RDPWD - ok

11:09:58.0245 6604 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

11:09:58.0257 6604 rdyboost - ok

11:09:58.0369 6604 RegSrvc (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

11:09:58.0392 6604 RegSrvc - ok

11:09:58.0425 6604 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

11:09:58.0488 6604 RemoteAccess - ok

11:09:58.0528 6604 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

11:09:58.0592 6604 RemoteRegistry - ok

11:10:00.0337 6604 ReportServer$MSSQL2012 (4a4ff2146140bd6001a60a7ca3a63e47) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe

11:10:00.0470 6604 ReportServer$MSSQL2012 - ok

11:10:00.0808 6604 ReportServer$SQLSERVER08 (b08d6b6785b947fc97f18027a7a88f86) C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLSERVER08\Reporting Services\ReportServer\bin\ReportingServicesService.exe

11:10:00.0898 6604 ReportServer$SQLSERVER08 - ok

11:10:01.0888 6604 rfdedaei - ok

11:10:01.0926 6604 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

11:10:01.0988 6604 RpcEptMapper - ok

11:10:02.0023 6604 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

11:10:02.0051 6604 RpcLocator - ok

11:10:02.0102 6604 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

11:10:02.0146 6604 RpcSs - ok

11:10:02.0214 6604 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys

11:10:02.0244 6604 RsFx0105 - ok

11:10:02.0308 6604 RsFx0151 (c606c5f712a3761896ceffa4af6b1268) C:\Windows\system32\DRIVERS\RsFx0151.sys

11:10:02.0321 6604 RsFx0151 - ok

11:10:03.0404 6604 RsFx0200 (5aa85332cb1694871b2f0704e0fc9113) C:\Windows\system32\DRIVERS\RsFx0200.sys

11:10:03.0440 6604 RsFx0200 - ok

11:10:03.0476 6604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

11:10:03.0511 6604 rspndr - ok

11:10:03.0556 6604 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

11:10:03.0600 6604 s3cap - ok

11:10:03.0646 6604 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:10:03.0655 6604 SamSs - ok

11:10:03.0984 6604 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

11:10:04.0293 6604 sbp2port - ok

11:10:04.0323 6604 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

11:10:04.0392 6604 SCardSvr - ok

11:10:04.0439 6604 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

11:10:04.0478 6604 scfilter - ok

11:10:04.0580 6604 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

11:10:04.0656 6604 Schedule - ok

11:10:04.0687 6604 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

11:10:04.0719 6604 SCPolicySvc - ok

11:10:04.0747 6604 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

11:10:04.0777 6604 sdbus - ok

11:10:04.0810 6604 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

11:10:04.0848 6604 SDRSVC - ok

11:10:04.0873 6604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

11:10:04.0923 6604 secdrv - ok

11:10:04.0948 6604 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

11:10:05.0010 6604 seclogon - ok

11:10:05.0035 6604 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

11:10:05.0088 6604 SENS - ok

11:10:05.0104 6604 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

11:10:05.0140 6604 SensrSvc - ok

11:10:05.0567 6604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

11:10:05.0598 6604 Serenum - ok

11:10:05.0746 6604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

11:10:05.0758 6604 Serial - ok

11:10:05.0901 6604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

11:10:05.0920 6604 sermouse - ok

11:10:05.0961 6604 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

11:10:06.0020 6604 SessionEnv - ok

11:10:06.0032 6604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

11:10:06.0057 6604 sffdisk - ok

11:10:06.0072 6604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

11:10:06.0088 6604 sffp_mmc - ok

11:10:06.0091 6604 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys

11:10:06.0114 6604 sffp_sd - ok

11:10:06.0130 6604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

11:10:06.0142 6604 sfloppy - ok

11:10:06.0196 6604 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

11:10:06.0312 6604 ShellHWDetection - ok

11:10:06.0337 6604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

11:10:06.0347 6604 SiSRaid2 - ok

11:10:06.0361 6604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

11:10:06.0371 6604 SiSRaid4 - ok

11:10:06.0557 6604 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe

11:10:06.0568 6604 SkypeUpdate - ok

11:10:06.0770 6604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

11:10:06.0840 6604 Smb - ok

11:10:06.0903 6604 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

11:10:06.0928 6604 SNMPTRAP - ok

11:10:06.0939 6604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

11:10:06.0951 6604 spldr - ok

11:10:06.0997 6604 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

11:10:07.0063 6604 Spooler - ok

11:10:07.0296 6604 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

11:10:07.0419 6604 sppsvc - ok

11:10:07.0658 6604 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

11:10:07.0723 6604 sppuinotify - ok

11:10:08.0648 6604 SQLAgent$MSSQL2012 (b70faf0c7c5737aa6973e14b45477730) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQL2012\MSSQL\Binn\SQLAGENT.EXE

11:10:08.0765 6604 SQLAgent$MSSQL2012 - ok

11:10:08.0844 6604 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

11:10:08.0872 6604 SQLAgent$SQLEXPRESS - ok

11:10:08.0949 6604 SQLAgent$SQLSERVER08 (3420e0482ad95120b471b7328a8d7d08) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLSERVER08\MSSQL\Binn\SQLAGENT.EXE

11:10:08.0987 6604 SQLAgent$SQLSERVER08 - ok

11:10:09.0163 6604 SQLBrowser (e9254892a2d74e537bad3092f0f8ee40) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

11:10:09.0188 6604 SQLBrowser - ok

11:10:09.0879 6604 SQLSERVERAGENT (a2b96e2e86e11f9aabf69fb199c28966) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE

11:10:09.0962 6604 SQLSERVERAGENT - ok

11:10:10.0040 6604 SQLWriter (ead5300c93946b0250a309e2bf2be4cf) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

11:10:10.0058 6604 SQLWriter - ok

11:10:10.0674 6604 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

11:10:10.0724 6604 srv - ok

11:10:10.0757 6604 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

11:10:10.0797 6604 srv2 - ok

11:10:10.0826 6604 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

11:10:10.0858 6604 srvnet - ok

11:10:11.0329 6604 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

11:10:11.0424 6604 SSDPSRV - ok

11:10:11.0508 6604 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

11:10:11.0562 6604 SstpSvc - ok

11:10:11.0589 6604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

11:10:11.0599 6604 stexstor - ok

11:10:11.0653 6604 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

11:10:11.0695 6604 stisvc - ok

11:10:11.0724 6604 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

11:10:11.0733 6604 storflt - ok

11:10:11.0747 6604 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

11:10:11.0757 6604 storvsc - ok

11:10:11.0772 6604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

11:10:11.0781 6604 swenum - ok

11:10:11.0813 6604 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

11:10:11.0874 6604 swprv - ok

11:10:11.0883 6604 Synth3dVsc - ok

11:10:11.0988 6604 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

11:10:12.0058 6604 SysMain - ok

11:10:12.0158 6604 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

11:10:12.0176 6604 TabletInputService - ok

11:10:12.0202 6604 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

11:10:12.0267 6604 TapiSrv - ok

11:10:12.0287 6604 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

11:10:12.0322 6604 TBS - ok

11:10:12.0766 6604 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

11:10:12.0829 6604 Tcpip - ok

11:10:13.0021 6604 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

11:10:13.0066 6604 TCPIP6 - ok

11:10:13.0419 6604 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

11:10:13.0486 6604 tcpipreg - ok

11:10:13.0675 6604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

11:10:13.0756 6604 TDPIPE - ok

11:10:13.0952 6604 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

11:10:14.0015 6604 TDTCP - ok

11:10:14.0039 6604 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

11:10:14.0075 6604 tdx - ok

11:10:14.0757 6604 Te.Service (f7be59881aebe72722b0ab669ef23bb4) C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe

11:10:14.0782 6604 Te.Service ( UnsignedFile.Multi.Generic ) - warning

11:10:14.0782 6604 Te.Service - detected UnsignedFile.Multi.Generic (1)

11:10:15.0285 6604 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

11:10:15.0359 6604 TeamViewer7 - ok

11:10:15.0795 6604 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

11:10:15.0805 6604 TermDD - ok

11:10:15.0861 6604 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

11:10:15.0932 6604 TermService - ok

11:10:15.0975 6604 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

11:10:16.0004 6604 Themes - ok

11:10:16.0050 6604 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:10:16.0131 6604 THREADORDER - ok

11:10:16.0161 6604 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

11:10:16.0217 6604 TrkWks - ok

11:10:16.0272 6604 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

11:10:16.0346 6604 TrustedInstaller - ok

11:10:16.0404 6604 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:10:16.0453 6604 tssecsrv - ok

11:10:16.0867 6604 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

11:10:17.0018 6604 TsUsbFlt - ok

11:10:17.0023 6604 tsusbhub - ok

11:10:17.0199 6604 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

11:10:17.0251 6604 tunnel - ok

11:10:17.0279 6604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

11:10:17.0290 6604 uagp35 - ok

11:10:17.0332 6604 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

11:10:17.0414 6604 udfs - ok

11:10:17.0444 6604 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

11:10:17.0456 6604 UI0Detect - ok

11:10:17.0488 6604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

11:10:17.0498 6604 uliagpkx - ok

11:10:17.0542 6604 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

11:10:17.0552 6604 umbus - ok

11:10:17.0589 6604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

11:10:17.0610 6604 UmPass - ok

11:10:17.0643 6604 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll

11:10:17.0684 6604 UmRdpService - ok

11:10:17.0718 6604 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

11:10:17.0775 6604 upnphost - ok

11:10:17.0818 6604 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

11:10:17.0837 6604 usbccgp - ok

11:10:17.0862 6604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

11:10:17.0876 6604 usbcir - ok

11:10:17.0895 6604 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

11:10:17.0918 6604 usbehci - ok

11:10:17.0948 6604 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

11:10:18.0005 6604 usbhub - ok

11:10:18.0018 6604 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

11:10:18.0044 6604 usbohci - ok

11:10:18.0058 6604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

11:10:18.0080 6604 usbprint - ok

11:10:18.0097 6604 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:10:18.0115 6604 USBSTOR - ok

11:10:18.0129 6604 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

11:10:18.0145 6604 usbuhci - ok

11:10:18.0163 6604 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

11:10:18.0210 6604 UxSms - ok

11:10:18.0254 6604 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:10:18.0264 6604 VaultSvc - ok

11:10:18.0274 6604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

11:10:18.0284 6604 vdrvroot - ok

11:10:18.0319 6604 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

11:10:18.0364 6604 vds - ok

11:10:18.0378 6604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

11:10:18.0395 6604 vga - ok

11:10:18.0410 6604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

11:10:18.0447 6604 VgaSave - ok

11:10:18.0476 6604 VGPU - ok

11:10:18.0490 6604 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

11:10:18.0507 6604 vhdmp - ok

11:10:18.0534 6604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

11:10:18.0544 6604 viaide - ok

11:10:18.0758 6604 VMAuthdService (1562a089b46c821487aff8d01ee5547e) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

11:10:18.0780 6604 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning

11:10:18.0780 6604 VMAuthdService - detected UnsignedFile.Multi.Generic (1)

11:10:18.0804 6604 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

11:10:18.0819 6604 vmbus - ok

11:10:18.0872 6604 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

11:10:18.0901 6604 VMBusHID - ok

11:10:18.0961 6604 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys

11:10:18.0969 6604 vmci - ok

11:10:19.0027 6604 vmkbd (de41918b7abae9056eb1e62540d229d3) C:\Windows\system32\drivers\VMkbd.sys

11:10:19.0033 6604 vmkbd - ok

11:10:19.0106 6604 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys

11:10:19.0117 6604 vmm - ok

11:10:19.0175 6604 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys

11:10:19.0183 6604 VMnetAdapter - ok

11:10:19.0196 6604 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys

11:10:19.0204 6604 VMnetBridge - ok

11:10:19.0218 6604 VMnetDHCP - ok

11:10:19.0229 6604 VMnetuserif (0ab32d9f175c015d97eb712f5e636313) C:\Windows\system32\drivers\vmnetuserif.sys

11:10:19.0235 6604 VMnetuserif - ok

11:10:19.0246 6604 VMparport (e75e68e58c5d3b1ae7ca34526f730a90) C:\Windows\system32\drivers\VMparport.sys

11:10:19.0252 6604 VMparport - ok

11:10:19.0343 6604 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

11:10:19.0394 6604 VMUSBArbService - ok

11:10:19.0400 6604 VMware NAT Service - ok

11:10:19.0458 6604 vmx86 (840dd8ad9b1e26f82c598242369ea770) C:\Windows\system32\drivers\vmx86.sys

11:10:19.0466 6604 vmx86 - ok

11:10:19.0484 6604 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

11:10:19.0494 6604 volmgr - ok

11:10:19.0572 6604 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

11:10:19.0589 6604 volmgrx - ok

11:10:19.0637 6604 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

11:10:19.0652 6604 volsnap - ok

11:10:19.0713 6604 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys

11:10:19.0726 6604 vpcbus - ok

11:10:19.0753 6604 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys

11:10:19.0770 6604 vpcnfltr - ok

11:10:19.0787 6604 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys

11:10:19.0808 6604 vpcusb - ok

11:10:19.0852 6604 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys

11:10:19.0867 6604 vpcvmm - ok

11:10:20.0058 6604 vpnagent (6a1dde20410ce789810408c31929ba15) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

11:10:20.0073 6604 vpnagent - ok

11:10:20.0115 6604 vpnva (be7fe15ac90b9f02cbe011ae2426dd0f) C:\Windows\system32\DRIVERS\vpnva64.sys

11:10:20.0122 6604 vpnva - ok

11:10:20.0161 6604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

11:10:20.0175 6604 vsmraid - ok

11:10:20.0327 6604 VSPerfDrv100 (ca64a8838b4674d14bdf88aba2f253ea) C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys

11:10:20.0340 6604 VSPerfDrv100 - ok

11:10:20.0657 6604 VSPerfDrv110 (ce5d3c26fd95e3bbd3381c25b9e1a8af) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys

11:10:20.0669 6604 VSPerfDrv110 - ok

11:10:20.0808 6604 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

11:10:20.0896 6604 VSS - ok

11:10:20.0928 6604 vtigercrmMysql530 - ok

11:10:21.0167 6604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

11:10:21.0192 6604 vwifibus - ok

11:10:21.0215 6604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

11:10:21.0232 6604 vwififlt - ok

11:10:21.0259 6604 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

11:10:21.0278 6604 vwifimp - ok

11:10:21.0325 6604 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

11:10:21.0387 6604 W32Time - ok

11:10:21.0464 6604 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll

11:10:21.0520 6604 W3SVC - ok

11:10:21.0543 6604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

11:10:21.0575 6604 WacomPen - ok

11:10:21.0641 6604 wampapache (5cf6e9a685199445fee02fe8c191c9ba) c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

11:10:21.0662 6604 wampapache ( UnsignedFile.Multi.Generic ) - warning

11:10:21.0662 6604 wampapache - detected UnsignedFile.Multi.Generic (1)

11:10:21.0700 6604 wampmysqld - ok

11:10:21.0753 6604 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:10:21.0805 6604 WANARP - ok

11:10:21.0820 6604 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:10:21.0864 6604 Wanarpv6 - ok

11:10:21.0897 6604 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll

11:10:21.0918 6604 WAS - ok

11:10:22.0044 6604 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

11:10:22.0083 6604 WatAdminSvc - ok

11:10:23.0163 6604 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

11:10:23.0295 6604 wbengine - ok

11:10:23.0622 6604 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

11:10:23.0654 6604 WbioSrvc - ok

11:10:23.0728 6604 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

11:10:23.0814 6604 wcncsvc - ok

11:10:23.0857 6604 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

11:10:23.0875 6604 WcsPlugInService - ok

11:10:23.0912 6604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

11:10:23.0922 6604 Wd - ok

11:10:23.0975 6604 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

11:10:23.0994 6604 WDC_SAM - ok

11:10:24.0035 6604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

11:10:24.0063 6604 Wdf01000 - ok

11:10:24.0102 6604 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

11:10:24.0168 6604 WdiServiceHost - ok

11:10:24.0172 6604 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

11:10:24.0202 6604 WdiSystemHost - ok

11:10:24.0269 6604 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

11:10:24.0346 6604 WebClient - ok

11:10:24.0373 6604 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

11:10:24.0445 6604 Wecsvc - ok

11:10:24.0465 6604 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

11:10:24.0532 6604 wercplsupport - ok

11:10:24.0567 6604 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

11:10:24.0615 6604 WerSvc - ok

11:10:24.0646 6604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

11:10:24.0705 6604 WfpLwf - ok

11:10:24.0722 6604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

11:10:24.0734 6604 WIMMount - ok

11:10:24.0745 6604 WinHttpAutoProxySvc - ok

11:10:24.0813 6604 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

11:10:24.0883 6604 Winmgmt - ok

11:10:25.0029 6604 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

11:10:25.0137 6604 WinRM - ok

11:10:25.0284 6604 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

11:10:25.0299 6604 WinUsb - ok

11:10:25.0374 6604 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

11:10:25.0429 6604 Wlansvc - ok

11:10:25.0666 6604 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:10:25.0751 6604 wlidsvc - ok

11:10:25.0873 6604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

11:10:25.0904 6604 WmiAcpi - ok

11:10:25.0966 6604 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

11:10:25.0998 6604 wmiApSrv - ok

11:10:26.0018 6604 WMPNetworkSvc - ok

11:10:26.0069 6604 WMSVC (b5bd872122a2ce82d196abf2d5d8d80a) C:\Windows\system32\inetsrv\wmsvc.exe

11:10:26.0114 6604 WMSVC - ok

11:10:26.0135 6604 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

11:10:26.0153 6604 WPCSvc - ok

11:10:26.0177 6604 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

11:10:26.0194 6604 WPDBusEnum - ok

11:10:26.0215 6604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

11:10:26.0272 6604 ws2ifsl - ok

11:10:26.0322 6604 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

11:10:26.0348 6604 WSDPrintDevice - ok

11:10:26.0352 6604 WSearch - ok

11:10:26.0389 6604 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

11:10:26.0459 6604 WudfPf - ok

11:10:26.0476 6604 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:10:26.0536 6604 WUDFRd - ok

11:10:26.0561 6604 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

11:10:26.0619 6604 wudfsvc - ok

11:10:26.0656 6604 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

11:10:26.0716 6604 WwanSvc - ok

11:10:26.0815 6604 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

11:10:26.0874 6604 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

11:10:26.0874 6604 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

11:10:26.0931 6604 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

11:10:26.0931 6604 \Device\Harddisk0\DR0 - detected TDSS File System (1)

11:10:26.0937 6604 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1

11:10:27.0038 6604 \Device\Harddisk1\DR1 - ok

11:10:27.0041 6604 Boot (0x1200) (1e99f161f2eeba0c378acd530b43af2b) \Device\Harddisk0\DR0\Partition0

11:10:27.0043 6604 \Device\Harddisk0\DR0\Partition0 - ok

11:10:27.0047 6604 Boot (0x1200) (c931212f353caa5bc6354424a6dac290) \Device\Harddisk0\DR0\Partition1

11:10:27.0048 6604 \Device\Harddisk0\DR0\Partition1 - ok

11:10:27.0052 6604 Boot (0x1200) (a3df57b4041395ecfe4ff93e30a6e6db) \Device\Harddisk1\DR1\Partition0

11:10:27.0053 6604 \Device\Harddisk1\DR1\Partition0 - ok

11:10:27.0054 6604 ============================================================

11:10:27.0054 6604 Scan finished

11:10:27.0054 6604 ============================================================

11:10:27.0068 4436 Detected object count: 6

11:10:27.0068 4436 Actual detected object count: 6

11:11:35.0515 4436 fussvc ( UnsignedFile.Multi.Generic ) - skipped by user

11:11:35.0515 4436 fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:11:35.0515 4436 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user

11:11:35.0515 4436 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:11:35.0515 4436 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user

11:11:35.0515 4436 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:11:35.0525 4436 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user

11:11:35.0525 4436 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:11:36.0215 4436 \Device\Harddisk0\DR0\# - copied to quarantine

11:11:36.0215 4436 \Device\Harddisk0\DR0 - copied to quarantine

11:11:36.0255 4436 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

11:11:36.0255 4436 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

11:11:36.0275 4436 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

11:11:36.0275 4436 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

11:11:36.0285 4436 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

11:11:36.0295 4436 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

11:11:36.0305 4436 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

11:11:36.0315 4436 \Device\Harddisk0\DR0 - ok

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

11:12:00.0526 7116 Deinitialize success

Link to post
Share on other sites

Run it again and choose Delete for this one only:

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:11:36.0315 4436 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

11:12:00.0526 7116 Deinitialize success

---------------------------------

Then.....

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.