Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

file contains a virus and has been deleted (Vista)


  • This topic is locked This topic is locked
31 replies to this topic

#1 daveshoot

daveshoot

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 19 June 2013 - 11:41 PM

I have been struggling with the ZeroAccess rootkit and have tried a number of remedies. This site has been quite the most helpful, wish I had landed here first.

 

HitmanPro seemed to be the most effective of the name brand downloads (which of course I had to do with a non-affected computer) but ESET and the ComboFix continued to root out issues. The tlrss download also identified issues but did not fully resolve them. I am happy to share details of other programs which claimed to be doing great things and didn't, or a popular option which didn't find a thing, but that may be another story and not necessarily welcome.

 

Following advice given to another poster, I ran the combofix and then dragged the notepad file over and ran it again. Final results follow:

 

ComboFix 13-06-18.02 - Dave 06/19/2013  21:15:33.2.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3071.1892 [GMT -7:00]
Running from: c:\users\Dave\Desktop\ComboFix.exe
Command switches used :: c:\users\Dave\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-20 to 2013-06-20  )))))))))))))))))))))))))))))))
.
.
2013-06-20 04:19 . 2013-06-20 04:19 -------- d-----w- c:\users\Dave\AppData\Local\temp
2013-06-20 04:19 . 2013-06-20 04:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-20 02:08 . 2013-06-20 02:08 -------- d-----w- c:\users\Dave\AppData\Roaming\Malwarebytes
2013-06-20 02:07 . 2013-06-20 02:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-20 02:07 . 2013-06-20 02:07 -------- d-----w- c:\programdata\Malwarebytes
2013-06-20 02:07 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-18 13:13 . 2013-06-18 13:13 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-06-18 13:06 . 2013-06-18 13:06 -------- d-----w- c:\program files\HitmanPro
2013-06-18 13:05 . 2013-06-18 13:13 -------- d-----w- c:\programdata\HitmanPro
2013-06-18 03:11 . 2013-06-18 03:11 -------- d-----w- c:\users\Dave\AppData\Roaming\LavasoftStatistics
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\programdata\Search Protection
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\programdata\Downloaded Installations
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\users\Dave\AppData\Local\adawarebp
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\programdata\blekko toolbars
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\programdata\adawaretb
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\program files\Toolbar Cleaner
2013-06-18 03:10 . 2013-06-18 03:10 -------- d-----w- c:\program files\adawaretb
2013-06-18 03:09 . 2013-06-18 03:09 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-06-18 03:09 . 2013-06-18 03:09 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-06-18 03:09 . 2013-06-18 03:09 -------- d-----w- c:\users\Dave\AppData\Roaming\Ad-Aware Antivirus
2013-06-18 02:51 . 2013-06-18 02:51 -------- d-----w- C:\FRST
2013-06-18 01:23 . 2013-06-18 01:23 110080 ----a-r- c:\users\Dave\AppData\Roaming\Microsoft\Installer\{E89498D8-1430-4A2B-A76A-4A71326981E9}\IconF7A21AF7.exe
2013-06-18 01:23 . 2013-06-18 01:23 110080 ----a-r- c:\users\Dave\AppData\Roaming\Microsoft\Installer\{E89498D8-1430-4A2B-A76A-4A71326981E9}\IconD7F16134.exe
2013-06-18 01:23 . 2013-06-18 01:23 110080 ----a-r- c:\users\Dave\AppData\Roaming\Microsoft\Installer\{E89498D8-1430-4A2B-A76A-4A71326981E9}\IconCF33A0CE.exe
2013-06-18 01:23 . 2013-06-18 01:23 -------- d-----w- c:\program files\Enigma Software Group
2013-06-18 01:23 . 2013-06-18 03:02 -------- d-----w- c:\windows\E89498D814304A2BA76A4A71326981E9.TMP
2013-06-18 01:23 . 2013-06-18 01:23 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-06-17 01:27 . 2013-06-17 01:27 -------- d-sh--w- c:\windows\system32\%APPDATA%
2013-06-16 18:08 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-16 18:08 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-16 17:26 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2013-06-16 17:26 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-06-16 17:26 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-06-16 17:16 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-06-16 17:16 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-06-16 17:16 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-06-16 17:16 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-06-16 17:16 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-06-16 17:14 . 2013-06-16 17:14 -------- d-----w- c:\users\UpdatusUser
2013-06-16 16:48 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-06-16 16:48 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2013-06-16 16:48 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2013-06-16 16:40 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-06-16 16:40 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-06-16 16:40 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2013-06-10 02:35 . 2013-06-10 02:35 -------- d-----w- c:\program files\GUMA2A8.tmp
2013-06-10 02:31 . 2013-06-17 02:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-10 02:31 . 2013-06-17 02:51 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-10 00:43 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-06-10 00:43 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-06-10 00:43 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-06-10 00:43 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-06-10 00:43 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-06-10 00:43 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe
2013-06-10 00:43 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2013-06-10 00:42 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-06-10 00:42 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-06-10 00:40 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2013-06-10 00:39 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2013-06-10 00:39 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2013-06-10 00:39 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2013-06-10 00:39 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
2013-06-10 00:39 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2013-06-10 00:39 . 2013-03-09 03:45 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-06-10 00:39 . 2013-03-09 01:28 64000 ----a-w- c:\windows\system32\smss.exe
2013-06-10 00:39 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2013-06-10 00:39 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2013-06-10 00:39 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-06-10 00:38 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2013-06-10 00:38 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2013-06-10 00:38 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2013-06-10 00:38 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-06-10 00:38 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2013-06-10 00:38 . 2010-06-17 16:16 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2013-06-10 00:38 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-06-10 00:38 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-06-10 00:38 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-06-10 00:38 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll
2013-06-10 00:38 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2013-06-10 00:37 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2013-06-10 00:37 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2013-06-10 00:37 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2013-06-10 00:36 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2013-06-10 00:36 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-06-10 00:36 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-06-10 00:36 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2013-06-10 00:36 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2013-06-10 00:36 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2013-06-10 00:36 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2013-06-10 00:36 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2013-06-10 00:34 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-06-10 00:34 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-06-10 00:34 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-06-10 00:34 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-06-10 00:34 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-06-10 00:34 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-06-10 00:34 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-06-10 00:34 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2013-06-10 00:34 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-06-10 00:33 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2013-06-10 00:33 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2013-06-10 00:33 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2013-06-10 00:33 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2013-06-10 00:33 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2013-06-10 00:33 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2013-06-10 00:33 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-06-10 00:31 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-06-10 00:31 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-06-10 00:31 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2013-06-10 00:31 . 2013-03-08 03:53 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-06-10 00:31 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-06-10 00:31 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-06-10 00:31 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2013-06-10 00:31 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2013-06-10 00:29 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-06-10 00:13 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-06-09 23:56 . 2013-06-09 23:56 -------- d-----w- c:\users\Dave\AppData\Roaming\Unity
2013-06-09 23:50 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2013-06-09 23:49 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-06-09 23:45 . 2013-06-09 23:45 -------- d-----w- c:\users\Dave\AppData\Local\Unity
2013-06-09 01:40 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-06-09 01:40 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-06-09 01:40 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-06-09 01:40 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-08 17:38 . 2013-06-08 17:38 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2013-05-16 13:55 87464 ----a-w- c:\program files\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\adawaretb\adawareDx.dll" [2013-05-16 87464]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-17 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-13 178712]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2007-12-17 660136]
"lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2007-12-17 16040]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-12-17 320168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-31 16200]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-05-15 554408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
VPN Client.lnk - c:\windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico -user_logon [2008-12-1 6144]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
Snapfish Media Detector.lnk - c:\program files\Snapfish Picture Mover\SnapfishMediaDetector.exe [2007-5-7 1273856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-10 02:44 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-10 02:51]
.
2013-06-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-17 02:35]
.
2013-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 23:26]
.
2013-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 23:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig?hl=en/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\2nr3l8n8.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-19 21:19
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-06-19  21:20:50
ComboFix-quarantined-files.txt  2013-06-20 04:20
ComboFix2.txt  2013-06-20 04:10
.
Pre-Run: 227,050,811,392 bytes free
Post-Run: 227,070,640,128 bytes free
.
- - End Of File - - 416D4F3FB0506A6C1A8CAF7B6D2BA0C2
81CD5EC01DB0CE57EDD853F82462EF27
 

 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 14,861 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:10 AM

Posted 23 June 2013 - 10:17 PM

Greetings Dave and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run the following programs for me so we can take stock of where we are at presently. Do not run any other programs or take any further instructions unless requested.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST log
  • Addition log

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 23 June 2013 - 11:03 PM

Thanks!
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-06-2013
Ran by Dave (administrator) on 23-06-2013 20:55:43
Running from C:\Users\Dave\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
() c:\hp\HPEZBTN\HPBtnSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Lexmark International, Inc.) C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdnserv.exe
( ) C:\Windows\system32\lxdncoms.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Windows\system32\PSIService.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
() C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.EXE
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" [660136 2007-12-17] ()
HKLM\...\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe" [16040 2007-12-17] ()
HKLM\...\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s [320168 2007-12-17] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] ()
HKLM\...\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [554408 2013-05-15] (Lavasoft)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-10] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [68856 2008-03-16] (Google Inc.)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun [ 2007-10-03] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun [ 2007-10-03] (Hewlett-Packard)
Startup: C:\ProgramData\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {07337973-20D9-4BF1-9234-50B1AD0B117B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {C2D3F250-B727-4EFC-9171-5B3303186840} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
HKCU SearchScopes: DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_0&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {07337973-20D9-4BF1-9234-50B1AD0B117B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {C2D3F250-B727-4EFC-9171-5B3303186840} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -  No File
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1262.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\2nr3l8n8.default
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pack.google.com/Google Updater;version=13 - C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\2nr3l8n8.default\Extensions\staged-xpis
FF Extension: No Name - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\2nr3l8n8.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig
CHR RestoreOnStartup: "hxxp://www.google.com/ig"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Unity Player) - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Angry Birds) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube Options) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.123_0
CHR Extension: (YouTube) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Quick Enable) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdcgoofnncikmfaloldflojhopfhepkf\0.0.0.1_0
CHR Extension: (Adblock Plus) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0
CHR Extension: (Google Search) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (World Time Buddy) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj\10_0
CHR Extension: (Personal Blocklist (by Google)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\2.4.1_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.8_0
CHR Extension: (Gmail) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
========================== Services (Whitelisted) =================
 
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1524512 2007-10-26] (Cisco Systems, Inc.)
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard)
R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] ()
R2 lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [98984 2007-12-05] (Lexmark International, Inc.)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [594600 2007-12-05] ( )
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2009-09-13] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [1245064 2007-11-28] ()
 
==================== Drivers (Whitelisted) ====================
 
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306300 2007-10-26] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [127376 2007-01-31] (Deterministic Networks, Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-06-17] (GFI Software)
R3 HSXHWBS3; C:\Windows\System32\DRIVERS\HSXHWBS3.sys [206336 2007-04-26] (Conexant Systems, Inc.)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [66344 2012-09-12] (GFI Software)
R3 xcbdaNtsc; C:\Windows\System32\DRIVERS\xcbda.sys [156928 2007-09-07] (ViXS Systems Inc.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 lgwnusbbus; system32\DRIVERS\lgwnusbbus.sys [x]
S3 lgwnusbmodem; system32\DRIVERS\lgwnusbmodem.sys [x]
S3 lgwnusbndis; system32\DRIVERS\lgwnusbndis51.sys [x]
S3 lgwnusbser01; system32\DRIVERS\lgwnusbser01.sys [x]
S3 lgwnusbser02; system32\DRIVERS\lgwnusbser02.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SymIM; system32\DRIVERS\SymIM.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-06-23 20:55 - 2013-06-23 20:55 - 01369655 ____A (Farbar) C:\Users\Dave\Downloads\FRST.exe
2013-06-22 06:15 - 2013-06-22 06:16 - 21107200 ____A C:\Users\Dave\Downloads\T-RBYAUSC.exe
2013-06-20 04:14 - 2013-06-23 06:55 - 00000374 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-06-19 21:20 - 2013-06-19 21:20 - 00019155 ____A C:\ComboFix.txt
2013-06-19 20:42 - 2013-06-19 21:20 - 00000000 ____D C:\Qoobox
2013-06-19 20:42 - 2011-06-25 23:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-19 20:42 - 2010-11-07 10:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-19 20:42 - 2009-04-19 21:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-19 20:42 - 2000-08-30 17:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-19 20:42 - 2000-08-30 17:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-19 20:42 - 2000-08-30 17:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-19 20:42 - 2000-08-30 17:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-19 20:42 - 2000-08-30 17:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-19 20:41 - 2013-06-19 21:09 - 00000000 ____D C:\Windows\erdnt
2013-06-19 20:41 - 2013-06-19 20:41 - 05081021 ____R (Swearware) C:\Users\Dave\Desktop\ComboFix.exe
2013-06-19 20:35 - 2013-06-19 20:35 - 00688992 ____A (Swearware) C:\Users\Dave\Downloads\dds.scr
2013-06-19 19:08 - 2013-06-19 19:08 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Malwarebytes
2013-06-19 19:07 - 2013-06-19 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-19 19:07 - 2013-06-19 19:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-19 19:07 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-19 19:06 - 2013-06-19 19:06 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Dave\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 06:13 - 2013-06-18 06:13 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-06-18 06:06 - 2013-06-18 06:06 - 00000000 ____D C:\Program Files\HitmanPro
2013-06-18 06:05 - 2013-06-18 06:13 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-18 05:56 - 2013-06-18 05:56 - 00000000 ____A C:\Users\Dave\Downloads\HitmanPro.exe
2013-06-17 20:11 - 2013-06-17 20:11 - 00000000 ____D C:\Users\Dave\AppData\Roaming\LavasoftStatistics
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\Users\Dave\AppData\Local\adawarebp
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\Search Protection
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\adawaretb
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\Program Files\Toolbar Cleaner
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\Program Files\adawaretb
2013-06-17 20:09 - 2013-06-17 20:09 - 00044424 ____A (GFI Software) C:\Windows\System32\sbbd.exe
2013-06-17 20:09 - 2013-06-17 20:09 - 00013560 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-17 20:09 - 2013-06-17 20:09 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Ad-Aware Antivirus
2013-06-17 19:51 - 2013-06-17 19:51 - 00000000 ____D C:\FRST
2013-06-17 19:17 - 2013-06-17 19:17 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-06-17 19:15 - 2013-06-17 22:36 - 00393361 ____A C:\Users\Dave\AppData\Local\census.cache
2013-06-17 19:15 - 2013-06-17 22:36 - 00207513 ____A C:\Users\Dave\AppData\Local\ars.cache
2013-06-17 19:06 - 2013-06-17 19:06 - 00000036 ____A C:\Users\Dave\AppData\Local\housecall.guid.cache
2013-06-17 18:23 - 2013-06-17 20:02 - 00000000 ____D C:\Windows\E89498D814304A2BA76A4A71326981E9.TMP
2013-06-17 18:23 - 2013-06-17 18:23 - 00002037 ____A C:\Users\Dave\Desktop\SpyHunter.lnk
2013-06-17 18:23 - 2013-06-17 18:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-17 18:23 - 2013-06-17 18:23 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-06-16 19:51 - 2013-06-23 20:19 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-16 18:27 - 2013-06-16 18:27 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-06-16 13:43 - 2013-05-16 16:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 13:43 - 2013-05-16 15:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 13:43 - 2013-05-16 15:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-16 13:43 - 2013-05-16 15:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-16 13:43 - 2013-05-16 15:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 13:43 - 2013-05-16 15:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-16 13:43 - 2013-05-16 15:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-16 13:43 - 2013-05-16 15:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-16 13:43 - 2013-05-16 15:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-16 13:43 - 2013-05-16 15:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-16 13:43 - 2013-05-16 15:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-16 13:43 - 2013-05-16 15:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-16 13:43 - 2013-05-16 15:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 13:43 - 2013-05-16 15:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-16 13:43 - 2013-05-16 15:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 13:43 - 2013-05-16 15:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 11:08 - 2013-05-02 15:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-16 11:08 - 2013-05-02 15:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-16 10:26 - 2012-02-29 08:11 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-06-16 10:26 - 2012-02-29 08:09 - 00157696 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-06-16 10:26 - 2012-02-29 06:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-06-16 10:16 - 2009-11-08 10:55 - 01130824 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2013-06-16 10:16 - 2009-11-08 10:55 - 00297808 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2013-06-16 10:16 - 2009-11-08 10:55 - 00295264 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2013-06-16 10:16 - 2009-11-08 10:55 - 00099176 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2013-06-16 10:16 - 2009-11-08 10:55 - 00049472 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2013-06-16 10:14 - 2013-06-16 10:14 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-06-16 10:14 - 2013-05-07 21:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-16 10:14 - 2013-05-01 21:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-16 10:14 - 2013-05-01 21:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-16 10:14 - 2009-04-27 03:03 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2013-06-16 10:13 - 2013-04-23 21:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-16 10:13 - 2013-04-23 21:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-16 10:13 - 2013-04-23 21:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-16 10:13 - 2013-04-23 21:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-16 10:13 - 2013-04-23 18:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-16 10:12 - 2013-01-18 07:20 - 02557728 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-06-16 10:12 - 2013-01-18 07:20 - 00062752 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-16 10:10 - 2013-02-26 00:22 - 00053024 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2013-06-16 10:08 - 2013-06-16 10:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-06-16 10:05 - 2013-06-16 10:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-06-16 09:48 - 2010-02-20 16:06 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\nshhttp.dll
2013-06-16 09:48 - 2010-02-20 16:05 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\httpapi.dll
2013-06-16 09:48 - 2010-02-20 13:53 - 00411648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-06-16 09:44 - 2013-06-16 13:40 - 00293144 ____A C:\Windows\msxml4-KB973688-enu.LOG
2013-06-16 09:40 - 2012-12-16 06:12 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-06-16 09:40 - 2012-12-16 03:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-06-16 09:40 - 2010-06-16 08:30 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-06-09 19:35 - 2013-06-09 19:35 - 00000000 ____D C:\Program Files\GUMA2A8.tmp
2013-06-09 19:32 - 2013-06-23 20:41 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-09 19:32 - 2013-06-20 04:45 - 00001966 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-09 19:31 - 2013-06-16 19:51 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-09 19:31 - 2013-06-16 19:51 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-09 17:43 - 2012-05-11 08:57 - 00623616 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-06-09 17:42 - 2010-09-13 08:46 - 10628096 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-06-09 17:42 - 2010-09-13 06:56 - 08147456 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-06-09 17:42 - 2009-07-10 04:47 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2013-06-09 17:41 - 2011-10-14 09:03 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\winmm.dll
2013-06-09 17:41 - 2011-10-14 09:00 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\mciseq.dll
2013-06-09 17:41 - 2011-07-29 09:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-06-09 17:41 - 2011-07-29 09:01 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-06-09 17:41 - 2011-07-29 09:00 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2013-06-09 17:41 - 2011-07-29 09:00 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2013-06-09 17:41 - 2011-04-14 07:59 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2013-06-09 17:41 - 2011-02-22 06:23 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-06-09 17:41 - 2010-12-28 08:55 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2013-06-09 17:41 - 2010-09-06 09:20 - 00125952 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2013-06-09 17:41 - 2010-09-06 09:19 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2013-06-09 17:41 - 2010-04-16 09:46 - 00502272 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-06-09 17:40 - 2012-09-25 09:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-06-09 17:40 - 2012-06-08 10:47 - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-06-09 17:40 - 2011-11-18 13:23 - 01205064 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-06-09 17:40 - 2011-07-06 08:31 - 00214016 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-06-09 17:40 - 2011-04-29 06:24 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-06-09 17:40 - 2011-04-29 06:24 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-06-09 17:40 - 2011-03-10 10:03 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-06-09 17:40 - 2011-03-10 10:03 - 01136640 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-06-09 17:40 - 2011-03-02 08:44 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-06-09 17:40 - 2011-03-02 08:44 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-06-09 17:40 - 2011-02-18 07:03 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-06-09 17:40 - 2010-05-27 13:08 - 00081920 ____A (Radius Inc.) C:\Windows\System32\iccvid.dll
2013-06-09 17:40 - 2009-05-04 02:59 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-06-09 17:39 - 2013-03-08 20:45 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-06-09 17:39 - 2013-03-08 18:28 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-06-09 17:39 - 2012-11-02 03:18 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-06-09 17:39 - 2012-11-02 01:26 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-06-09 17:39 - 2012-03-20 16:28 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-06-09 17:39 - 2011-10-14 09:02 - 00429056 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-06-09 17:39 - 2010-08-17 07:11 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2013-06-09 17:39 - 2010-06-28 10:00 - 01316864 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-06-09 17:39 - 2010-04-05 10:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2013-06-09 17:38 - 2013-04-15 07:20 - 00638328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-06-09 17:38 - 2013-04-13 03:56 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-06-09 17:38 - 2012-08-21 04:47 - 00224640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-06-09 17:38 - 2012-06-29 09:01 - 00467968 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-06-09 17:38 - 2011-04-29 06:25 - 00146432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-06-09 17:38 - 2011-04-29 06:25 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-06-09 17:38 - 2011-04-21 06:58 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-06-09 17:38 - 2010-12-14 07:49 - 01169408 ____A (Microsoft Corporation) C:\Windows\System32\sdclt.exe
2013-06-09 17:38 - 2010-08-26 09:37 - 00157184 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2013-06-09 17:38 - 2010-04-05 10:02 - 00317952 ____A (Microsoft Corporation) C:\Windows\System32\MP4SDECD.DLL
2013-06-09 17:37 - 2011-11-18 10:47 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-06-09 17:37 - 2010-08-31 08:46 - 00954752 ____A (Microsoft Corporation) C:\Windows\System32\mfc40.dll
2013-06-09 17:37 - 2010-08-31 08:46 - 00954288 ____A (Microsoft Corporation) C:\Windows\System32\mfc40u.dll
2013-06-09 17:36 - 2013-03-03 12:07 - 01082232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-06-09 17:36 - 2012-11-19 21:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-06-09 17:36 - 2012-09-28 09:11 - 00892928 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-09 17:36 - 2011-12-14 09:17 - 00680448 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-06-09 17:36 - 2010-12-29 11:28 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2013-06-09 17:36 - 2010-12-29 11:28 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\sbeio.dll
2013-06-09 17:36 - 2010-12-29 11:26 - 00177664 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-06-09 17:36 - 2010-08-20 09:05 - 00867328 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-06-09 17:36 - 2010-06-18 10:31 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2013-06-09 17:35 - 2012-11-07 20:48 - 01314816 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-06-09 17:35 - 2012-08-24 08:53 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-06-09 17:35 - 2011-05-02 10:16 - 00739328 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-06-09 17:35 - 2011-01-21 09:35 - 00353280 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2013-06-09 17:35 - 2010-11-04 11:56 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll
2013-06-09 17:35 - 2010-11-04 11:55 - 00601600 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-06-09 17:35 - 2010-11-04 11:55 - 00352768 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2013-06-09 17:35 - 2010-11-04 11:55 - 00270336 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2013-06-09 17:35 - 2010-11-04 09:34 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2013-06-09 17:35 - 2010-10-18 06:37 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-06-09 17:35 - 2010-02-18 06:30 - 00200704 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-06-09 17:35 - 2010-02-18 04:28 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2013-06-09 17:35 - 2010-01-21 08:05 - 00062464 ____A (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-06-09 17:35 - 2009-04-10 23:27 - 00220672 ____A (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codecp.acm
2013-06-09 17:34 - 2012-11-12 18:29 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-06-09 17:34 - 2012-11-02 03:19 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-09 17:34 - 2012-03-01 07:46 - 00219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-09 17:34 - 2012-03-01 07:46 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-09 17:34 - 2012-02-29 07:08 - 01172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-09 17:34 - 2012-02-29 06:44 - 00683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-09 17:34 - 2012-02-29 06:41 - 01069056 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-09 17:34 - 2011-10-25 08:58 - 00497152 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-06-09 17:34 - 2009-12-08 10:26 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-06-09 17:33 - 2013-04-08 18:36 - 02049024 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-06-09 17:33 - 2012-06-05 09:47 - 01248768 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-06-09 17:33 - 2011-11-16 09:23 - 00377344 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-06-09 17:33 - 2011-08-25 09:15 - 00555520 ____A (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2013-06-09 17:33 - 2011-08-25 09:14 - 00563712 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-06-09 17:33 - 2011-08-25 09:14 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-06-09 17:33 - 2011-08-25 06:31 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\oleaccrc.dll
2013-06-09 17:31 - 2013-03-07 20:53 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-06-09 17:31 - 2013-03-07 20:52 - 02067968 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-09 17:31 - 2012-05-01 07:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-06-09 17:31 - 2010-12-17 06:54 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-09 17:31 - 2009-10-07 04:36 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\rastls.dll
2013-06-09 17:31 - 2009-09-04 04:41 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2013-06-09 17:31 - 2009-08-10 05:35 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2013-06-09 17:30 - 2012-06-04 08:26 - 00440704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-06-09 17:30 - 2012-06-01 17:04 - 00278528 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-09 17:30 - 2011-11-16 09:23 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-06-09 17:30 - 2011-11-16 09:21 - 01259008 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-09 17:30 - 2011-11-16 07:12 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-06-09 17:30 - 2010-08-31 08:44 - 00531968 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-06-09 17:30 - 2010-05-04 12:13 - 00231424 ____A (Microsoft Corporation) C:\Windows\System32\msshsq.dll
2013-06-09 17:30 - 2009-12-04 11:30 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2013-06-09 17:30 - 2009-12-04 11:28 - 00123904 ____A (Microsoft Corporation) C:\Windows\System32\msvfw32.dll
2013-06-09 17:30 - 2009-12-04 11:28 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\mciavi32.dll
2013-06-09 17:30 - 2009-12-04 11:28 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2013-06-09 17:30 - 2009-12-04 11:28 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2013-06-09 17:30 - 2009-12-04 11:28 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2013-06-09 17:30 - 2009-12-04 11:28 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2013-06-09 17:30 - 2009-12-04 11:27 - 00091136 ____A (Microsoft Corporation) C:\Windows\System32\avifil32.dll
2013-06-09 17:30 - 2009-09-10 09:48 - 00218624 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2013-06-09 17:29 - 2013-02-11 18:57 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-06-09 17:13 - 2009-05-08 05:53 - 00604672 ____A (Microsoft Corporation) C:\Windows\System32\WMSPDMOD.DLL
2013-06-09 16:56 - 2013-06-09 16:56 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Unity
2013-06-09 16:50 - 2010-01-13 10:34 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2013-06-09 16:49 - 2012-01-09 08:54 - 00613376 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2013-06-09 16:45 - 2013-06-09 16:45 - 00000000 ____D C:\Users\Dave\AppData\Local\Unity
2013-06-09 16:26 - 2013-06-23 19:41 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-08 18:40 - 2012-06-02 15:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-08 18:40 - 2012-06-02 15:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-08 18:40 - 2012-06-02 15:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-06-08 18:40 - 2012-06-02 15:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-08 18:39 - 2012-06-02 15:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-08 18:39 - 2012-06-02 15:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-08 18:39 - 2012-06-02 15:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-06-08 18:39 - 2012-06-02 15:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-08 18:39 - 2012-06-02 15:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-08 10:40 - 2013-06-08 10:40 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-08 10:40 - 2013-06-08 10:40 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-08 10:40 - 2013-06-08 10:40 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-08 10:39 - 2013-06-08 10:39 - 02873344 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 01554432 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 01075712 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 01029120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00979456 ____A (Microsoft Corporation) C:\Windows\System32\MFH264Dec.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00847360 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00797184 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00667648 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
2013-06-08 10:39 - 2013-06-08 10:39 - 00586240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00357376 ____A (Microsoft Corporation) C:\Windows\System32\MFHEAACdec.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4src.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2013-06-08 10:39 - 2013-06-08 10:39 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelineprxy.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00974848 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00369664 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\dxdiag.exe
2013-06-08 10:38 - 2013-06-08 10:38 - 00195584 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00189440 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-08 10:36 - 2013-06-09 16:25 - 00004108 ____A C:\Windows\IE9_main.log
2013-06-08 09:00 - 2013-06-08 09:00 - 00125700 ____A C:\Users\Dave\Desktop\WinUpgradeReport.mht
2013-06-08 08:57 - 2013-06-08 08:57 - 00000000 ____D C:\Users\Dave\AppData\Local\Microsoft Corporation
2013-06-08 08:50 - 2013-06-08 08:50 - 00001979 ____A C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
2013-06-08 08:50 - 2013-06-08 08:50 - 00000000 ____D C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2013-06-08 07:32 - 2013-06-08 07:33 - 00000000 ____D C:\Windows\System32\vi-VN
2013-06-08 07:32 - 2013-06-08 07:33 - 00000000 ____D C:\Windows\System32\eu-ES
2013-06-08 07:32 - 2013-06-08 07:33 - 00000000 ____D C:\Windows\System32\ca-ES
2013-06-08 07:31 - 2013-06-08 07:31 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-06-08 07:14 - 2013-06-08 07:14 - 00000000 ____D C:\Windows\System32\EventProviders
 
==================== One Month Modified Files and Folders ========
 
2013-06-23 20:55 - 2013-06-23 20:55 - 01369655 ____A (Farbar) C:\Users\Dave\Downloads\FRST.exe
2013-06-23 20:55 - 2006-11-02 05:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-23 20:55 - 2006-11-02 05:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-23 20:41 - 2013-06-09 19:32 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-23 20:19 - 2013-06-16 19:51 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-23 19:41 - 2013-06-09 16:26 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-23 10:53 - 2009-03-23 21:01 - 00000868 ____A C:\Windows\Tasks\Google Software Updater.job
2013-06-23 07:02 - 2008-01-02 10:36 - 01123072 ____A C:\Windows\WindowsUpdate.log
2013-06-23 07:00 - 2006-11-02 03:33 - 00746968 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-23 06:55 - 2013-06-20 04:14 - 00000374 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-06-23 06:55 - 2007-11-28 13:54 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-23 06:55 - 2006-11-02 06:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-23 00:04 - 2006-11-02 06:01 - 00032582 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-22 21:30 - 2008-03-16 18:31 - 00000000 ____D C:\ProgramData\Google Updater
2013-06-22 06:16 - 2013-06-22 06:15 - 21107200 ____A C:\Users\Dave\Downloads\T-RBYAUSC.exe
2013-06-20 04:45 - 2013-06-09 19:32 - 00001966 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-20 04:14 - 2008-03-16 17:32 - 00160960 ____A C:\Windows\PFRO.log
2013-06-19 21:20 - 2013-06-19 21:20 - 00019155 ____A C:\ComboFix.txt
2013-06-19 21:20 - 2013-06-19 20:42 - 00000000 ____D C:\Qoobox
2013-06-19 21:19 - 2006-11-02 03:23 - 00000215 ____A C:\Windows\system.ini
2013-06-19 21:10 - 2006-11-02 04:18 - 00000000 __RHD C:\users\Default
2013-06-19 21:10 - 2006-11-02 04:18 - 00000000 ___RD C:\users\Public
2013-06-19 21:09 - 2013-06-19 20:41 - 00000000 ____D C:\Windows\erdnt
2013-06-19 20:49 - 2008-03-16 17:43 - 00000000 ____D C:\users\Dave
2013-06-19 20:41 - 2013-06-19 20:41 - 05081021 ____R (Swearware) C:\Users\Dave\Desktop\ComboFix.exe
2013-06-19 20:35 - 2013-06-19 20:35 - 00688992 ____A (Swearware) C:\Users\Dave\Downloads\dds.scr
2013-06-19 20:25 - 2008-04-17 21:45 - 00000000 ____D C:\Windows\Sun
2013-06-19 19:08 - 2013-06-19 19:08 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Malwarebytes
2013-06-19 19:07 - 2013-06-19 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-19 19:07 - 2013-06-19 19:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-19 19:06 - 2013-06-19 19:06 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Dave\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-19 18:30 - 2008-03-16 17:49 - 00076128 ____A C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-18 06:13 - 2013-06-18 06:13 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-06-18 06:13 - 2013-06-18 06:05 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-18 06:06 - 2013-06-18 06:06 - 00000000 ____D C:\Program Files\HitmanPro
2013-06-18 05:56 - 2013-06-18 05:56 - 00000000 ____A C:\Users\Dave\Downloads\HitmanPro.exe
2013-06-18 05:44 - 2006-11-02 05:47 - 00310280 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-17 22:42 - 2009-04-26 06:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-17 22:41 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\ShellNew
2013-06-17 22:40 - 2007-11-28 14:06 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-17 22:36 - 2013-06-17 19:15 - 00393361 ____A C:\Users\Dave\AppData\Local\census.cache
2013-06-17 22:36 - 2013-06-17 19:15 - 00207513 ____A C:\Users\Dave\AppData\Local\ars.cache
2013-06-17 20:11 - 2013-06-17 20:11 - 00000000 ____D C:\Users\Dave\AppData\Roaming\LavasoftStatistics
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\Users\Dave\AppData\Local\adawarebp
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\Search Protection
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\adawaretb
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\Program Files\Toolbar Cleaner
2013-06-17 20:10 - 2013-06-17 20:10 - 00000000 ____D C:\Program Files\adawaretb
2013-06-17 20:10 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-17 20:09 - 2013-06-17 20:09 - 00044424 ____A (GFI Software) C:\Windows\System32\sbbd.exe
2013-06-17 20:09 - 2013-06-17 20:09 - 00013560 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-17 20:09 - 2013-06-17 20:09 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Ad-Aware Antivirus
2013-06-17 20:02 - 2013-06-17 18:23 - 00000000 ____D C:\Windows\E89498D814304A2BA76A4A71326981E9.TMP
2013-06-17 19:51 - 2013-06-17 19:51 - 00000000 ____D C:\FRST
2013-06-17 19:17 - 2013-06-17 19:17 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-06-17 19:06 - 2013-06-17 19:06 - 00000036 ____A C:\Users\Dave\AppData\Local\housecall.guid.cache
2013-06-17 18:23 - 2013-06-17 18:23 - 00002037 ____A C:\Users\Dave\Desktop\SpyHunter.lnk
2013-06-17 18:23 - 2013-06-17 18:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-17 18:23 - 2013-06-17 18:23 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-06-17 18:14 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\config\Journal
2013-06-17 18:13 - 2006-11-02 05:52 - 00042234 ____A C:\Windows\setupact.log
2013-06-17 05:15 - 2008-03-16 18:32 - 00000000 ____D C:\Users\Dave\AppData\Local\Google
2013-06-16 19:51 - 2013-06-09 19:31 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-16 19:51 - 2013-06-09 19:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-16 18:27 - 2013-06-16 18:27 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-06-16 14:05 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2013-06-16 13:54 - 2009-06-27 08:16 - 00000000 ____D C:\Program Files\Canon
2013-06-16 13:54 - 2007-11-28 14:14 - 00000000 ____D C:\Program Files\Yahoo!
2013-06-16 13:53 - 2007-11-28 13:55 - 00000000 ____D C:\ProgramData\HP
2013-06-16 13:52 - 2009-03-26 05:26 - 00000000 ____D C:\Program Files\Citrix
2013-06-16 13:40 - 2013-06-16 09:44 - 00293144 ____A C:\Windows\msxml4-KB973688-enu.LOG
2013-06-16 13:40 - 2006-11-02 03:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-16 11:05 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-16 10:55 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-06-16 10:55 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-06-16 10:54 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2013-06-16 10:54 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\System
2013-06-16 10:15 - 2007-11-28 14:06 - 00000000 ____D C:\Program Files\Microsoft Works
2013-06-16 10:14 - 2013-06-16 10:14 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-06-16 10:14 - 2013-06-16 10:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-06-16 10:08 - 2013-06-16 10:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-06-09 19:35 - 2013-06-09 19:35 - 00000000 ____D C:\Program Files\GUMA2A8.tmp
2013-06-09 19:32 - 2008-03-16 19:31 - 00000000 ____D C:\Users\Dave\AppData\Local\Adobe
2013-06-09 19:32 - 2008-03-16 18:31 - 00000000 ____D C:\Program Files\Google
2013-06-09 16:56 - 2013-06-09 16:56 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Unity
2013-06-09 16:45 - 2013-06-09 16:45 - 00000000 ____D C:\Users\Dave\AppData\Local\Unity
2013-06-09 16:45 - 2009-03-26 05:25 - 00000000 ____D C:\Users\Dave\AppData\Local\Deployment
2013-06-09 16:28 - 2006-11-02 04:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-06-09 16:25 - 2013-06-08 10:36 - 00004108 ____A C:\Windows\IE9_main.log
2013-06-08 10:40 - 2013-06-08 10:40 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-08 10:40 - 2013-06-08 10:40 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-08 10:40 - 2013-06-08 10:40 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-08 10:40 - 2013-06-08 10:40 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-08 10:40 - 2013-06-08 10:40 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-08 10:40 - 2013-06-08 10:40 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-08 10:40 - 2006-11-01 23:32 - 00008798 ____A C:\Windows\System32\icrav03.rat
2013-06-08 10:40 - 2006-11-01 23:32 - 00001988 ____A C:\Windows\System32\ticrf.rat
2013-06-08 10:39 - 2013-06-08 10:39 - 02873344 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 01554432 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 01075712 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 01029120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00979456 ____A (Microsoft Corporation) C:\Windows\System32\MFH264Dec.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00847360 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00797184 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00667648 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
2013-06-08 10:39 - 2013-06-08 10:39 - 00586240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00357376 ____A (Microsoft Corporation) C:\Windows\System32\MFHEAACdec.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4src.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2013-06-08 10:39 - 2013-06-08 10:39 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-06-08 10:39 - 2013-06-08 10:39 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelineprxy.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00974848 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00369664 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\dxdiag.exe
2013-06-08 10:38 - 2013-06-08 10:38 - 00195584 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2013-06-08 10:38 - 2013-06-08 10:38 - 00189440 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-08 09:00 - 2013-06-08 09:00 - 00125700 ____A C:\Users\Dave\Desktop\WinUpgradeReport.mht
2013-06-08 08:57 - 2013-06-08 08:57 - 00000000 ____D C:\Users\Dave\AppData\Local\Microsoft Corporation
2013-06-08 08:50 - 2013-06-08 08:50 - 00001979 ____A C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
2013-06-08 08:50 - 2013-06-08 08:50 - 00000000 ____D C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2013-06-08 07:33 - 2013-06-08 07:32 - 00000000 ____D C:\Windows\System32\vi-VN
2013-06-08 07:33 - 2013-06-08 07:32 - 00000000 ____D C:\Windows\System32\eu-ES
2013-06-08 07:33 - 2013-06-08 07:32 - 00000000 ____D C:\Windows\System32\ca-ES
2013-06-08 07:33 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-06-08 07:33 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-06-08 07:33 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Defender
2013-06-08 07:33 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2013-06-08 07:33 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Calendar
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\zh-TW
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\zh-CN
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\uk-UA
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\th-TH
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\sv-SE
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\SLUI
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\sl-SI
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\sk-SK
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\ru-RU
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\ro-RO
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\pt-PT
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\pt-BR
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\pl-PL
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\nl-NL
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\nb-NO
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\lv-LV
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\lt-LT
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\ko-KR
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\ja-JP
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\it-IT
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\hu-HU
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\hr-HR
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\he-IL
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\fr-FR
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\fi-FI
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\et-EE
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\el-GR
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\bg-BG
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\ar-SA
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2013-06-08 07:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\IME
2013-06-08 07:31 - 2013-06-08 07:31 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-06-08 07:14 - 2013-06-08 07:14 - 00000000 ____D C:\Windows\System32\EventProviders
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-06-23 19:09
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-06-2013
Ran by Dave at 2013-06-23 21:02:18
Running from C:\Users\Dave\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
Ad-Aware Security Add-on (Version: 3.0.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader 8.1.6 (Version: 8.1.6)
Amazon MP3 Downloader 1.0.3
Apple Software Update (Version: 2.1.1.116)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000)
Call of Duty® 4 - Modern Warfare™ (Version: 1.4)
Call of Duty® 4 - Modern Warfare™ 1.4 Patch
Call of Duty® 4 - Modern Warfare™ 1.4 Patch (Version: 1.4)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.6.0.12)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.2.7)
Canon MOV Decoder (Version: 1.0.0.65)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.2.0.10)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Digital Photo Professional 3.5 (Version: 3.5.0.0)
Canon Utilities MyCamera (Version: 7.0.0.3)
Canon Utilities MyCamera DC (Version: 7.1.0.4)
Canon Utilities RemoteCapture DC (Version: 3.1.0.5)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.2.0.29)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.2.0.9)
Cisco Systems VPN Client 5.0.02.0090 (Version: 5.0.2)
Corel Paint Shop Pro Photo X2 (Version: 12.010.0000)
Crysis® (Version: 1.20.0000)
CyberLink DVD Suite Deluxe (Version: 5.5.1019)
Enhanced Multimedia Keyboard Solution
GIMP 2.4.6
Google Chrome (Version: 27.0.1453.116)
Google Earth (Version: 4.3.7284.3916)
Google SketchUp 6 (Version: 6.0.01313)
Google SketchUp 6 (Version: 6.4.112)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
Google Updater (Version: 2.4.1536.6592)
Hardware Diagnostic Tools (Version: 5.00.4589.14)
Hawke ChairGun Pro 1.0.0
Hewlett-Packard Active Check (Version: 1.1.11.0)
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5)
HitmanPro 3.7 (Version: 3.7.6.201)
HP Active Support Library (Version: 2.3.0.2)
HP Customer Experience Enhancements (Version: 5.4.0.2360)
HP Customer Feedback (Version: 1.0.0)
HP Easy Setup - Frontend (Version: 5.4.0.2430)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Product Detection (Version: 11.15.0008)
HP Product Detection (Version: 9.7.2)
HP Total Care Advisor (Version: 1.4.20.2435)
HP Update (Version: 4.000.007.003)
Intel® Matrix Storage Manager
iPod PC Transfer 3.7
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
JellyFish Light 3.5
Kyodai Mahjongg 2006 v1.42
LabelPrint (Version: 2.2.2209)
Lexmark 2600 Series
Lexmark Fax Solutions
Lexmark Toolbar (Version: 4.13.37.0)
LightScribe System Software  1.10.16.1 (Version: 1.10.16.1)
LightScribe Template Labeler (Version: 1.10.13.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox (3.5) (Version: 3.5 (en-US))
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.1 (Version: 6.10.050)
My HP Games (Version: HPCMPQ1902)
NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
NVIDIA Control Panel 311.06 (Version: 311.06)
NVIDIA Graphics Driver 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PCIe Soft Data Fax Modem with SmartCP
Power2Go (Version: 5.6.3417)
PowerDirector (Version: 6.5.2209)
PunkBuster Services (Version: 0.986)
Python 2.5 (Version: 2.5.150)
QuickTime (Version: 7.62.14.0)
Snapfish Picture Mover (Version: 1.9.0.16)
SpyHunter (Version: 4.13.6.4253)
System Requirements Lab
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
WeatherBug Gadget (Version: 1.0.0.6)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
WinZip 12.0 (Version: 12.0.8252)
 
==================== Restore Points  =========================
 
08-06-2013 14:15:37 Windows Vista™ Service Pack 2
08-06-2013 15:50:30 Installed Windows 7 Upgrade Advisor
08-06-2013 16:27:48 Installed HP Product Detection
08-06-2013 17:37:27 Windows Modules Installer
09-06-2013 01:39:04 Windows Update
09-06-2013 06:42:26 Windows Update
09-06-2013 11:45:22 Windows Update
09-06-2013 16:48:21 Windows Update
09-06-2013 21:51:18 Windows Update
16-06-2013 16:39:35 Windows Update
16-06-2013 20:39:18 Windows Update
19-06-2013 01:39:40 Scheduled Checkpoint
20-06-2013 01:26:57 Scheduled Checkpoint
20-06-2013 03:54:54 Windows Update
21-06-2013 02:38:17 Scheduled Checkpoint
22-06-2013 07:00:00 Scheduled Checkpoint
23-06-2013 16:48:52 Scheduled Checkpoint
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {207FEA1C-14A3-4FD8-BBBA-D1F4E85EF8D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {41A1C4A1-1F45-4292-8ABC-A7E7993C93E5} - System32\Tasks\JavaUpdateDave => C:\Windows\system32\jusched.exe No File
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {6D16E8C2-25DE-4549-860A-AEC8FFA874CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-16] (Adobe Systems Incorporated)
Task: {6E172DE2-1CBA-43C0-A709-F73452C498DC} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7D2CB684-6307-478C-8E5F-FBB5C30090CA} - System32\Tasks\PC-Doctor\Scheduled Maintanence => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2007-06-25] (PC-Doctor, Inc.)
Task: {82051949-052E-4BD8-B0A4-AEFB2060A462} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe No File
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AC7899BE-EDD6-4EC3-AE1B-DF650A7B9C5C} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-09] (Google)
Task: {C81A3072-C081-4AFD-9261-4624B3D163E0} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {D2632CF2-B5E8-454D-B63F-91C8B03C7309} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {D9F2A040-4FAA-4B5E-8509-4020F03FCEE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-09] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {E86F3AF2-5232-4DC8-82F3-17CC29C7E072} - System32\Tasks\User_Feed_Synchronization-{E5EA6324-53F0-4F61-8754-FD3D95BC785C} => C:\Windows\system32\msfeedssync.exe [2013-06-08] (Microsoft Corporation)
Task: {F5D8555C-71BC-4335-961F-62406FD4E0F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-09] (Google Inc.)
 
==================== Faulty Device Manager Devices =============
 
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/19/2013 09:19:27 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP5000> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:19:27 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP5000> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:17:45 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP3301> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\SOFTAV03> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\SOFTAV02> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\SOFTAV01> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP0303> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP0302> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP0301> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (06/19/2013 09:16:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP0300> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (06/23/2013 08:53:33 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/23/2013 08:52:29 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/23/2013 08:04:30 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/23/2013 07:42:54 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/23/2013 06:57:14 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
 
Error: (06/23/2013 06:56:58 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/22/2013 11:48:54 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/22/2013 09:30:12 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/22/2013 08:34:47 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (06/22/2013 07:44:49 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-20 06:48:37.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:37.271
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:37.186
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:37.105
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:37.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:36.941
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:36.800
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:36.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:36.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-20 06:48:36.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 53%
Total physical RAM: 3070.58 MB
Available physical RAM: 1428.8 MB
Total Pagefile: 6360.19 MB
Available Pagefile: 4622.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.43 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:288.38 GB) (Free:207.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.71 GB) (Free:1.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:298.09 GB) (Free:297.99 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=288 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 298 GB) (Disk ID: 925F5515)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 14,861 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:10 AM

Posted 24 June 2013 - 08:46 AM

Hi Dave, (I am assuming this is your computer and your name)

Let's start by doing these things. Also, I am including something for your consideration.

===================================================

Ad-aware No Longer Recommended

--------------------

MVPS.org is no longer recommending Ad-aware due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I would recommend you go to Start > Control Panel > Add/Remove Programs (or Programs and Features) and delete this program.

Please Reboot your computer prior to the next step.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Virustotal Online Virus Scanner

--------------------
  • Please go to Virustotal
  • Select Choose File
  • Navigate to the following file (if multiple files then one at a time), double click on it so the file name is populated, then click Scan it!
  • IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.

C:\Windows\system32\DRIVERS\lgwnusbser01.sys

  • Once completed, highlight the information in the address bar and copy then paste the link in your reply
virustotal.jpg

===================================================

Running TDSSKiller with Changed Parameters

--------------------
  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now

2012081514h0118.png

  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue

tds6.jpg

  • Click Reboot computer
  • Please zip and attach in your reply the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Virustotal link
  • TDSSKiller log (zipped)
  • Please describe the symptoms you are currently experiencing

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 24 June 2013 - 10:18 PM

I ran the ADW cleaner but haven't found the log after reboot. Here is the JRT log.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by Dave on Mon 06/24/2013 at 20:12:04.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{07337973-20D9-4BF1-9234-50B1AD0B117B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{07337973-20D9-4BF1-9234-50B1AD0B117B}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Dave\appdata\local\adawarebp"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/24/2013 at 20:13:15.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 14,861 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:10 AM

Posted 24 June 2013 - 10:28 PM

That's OK, continue on with the other steps which are actually more important.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 24 June 2013 - 10:29 PM

I don't appear to have file C:\Windows\system32\DRIVERS\lgwnusbser01.sys

but I ran the scan on the whole drivers folder.

 

https://www.virustotal.com/en/file/608d67357afddd538d2c12c93eb0793eca4eb3af2bab779e881c41f50e4ab911/analysis/1372130626/



#8 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 24 June 2013 - 10:38 PM

Forum error, "post too long". I will truncate the middle, as the results were pretty good.
 
20:33:22.0611 3540  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:33:23.0661 3540  ============================================================
20:33:23.0661 3540  Current date / time: 2013/06/24 20:33:23.0661
20:33:23.0661 3540  SystemInfo:
20:33:23.0661 3540  
20:33:23.0661 3540  OS Version: 6.0.6002 ServicePack: 2.0
20:33:23.0661 3540  Product type: Workstation
20:33:23.0661 3540  ComputerName: DAVE-PC
20:33:23.0662 3540  UserName: Dave
20:33:23.0662 3540  Windows directory: C:\Windows
20:33:23.0662 3540  System windows directory: C:\Windows
20:33:23.0662 3540  Processor architecture: Intel x86
20:33:23.0662 3540  Number of processors: 4
20:33:23.0662 3540  Page size: 0x1000
20:33:23.0662 3540  Boot type: Normal boot
20:33:23.0662 3540  ============================================================
20:33:23.0928 3540  BG loaded
20:33:24.0767 3540  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:33:24.0767 3540  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:33:24.0783 3540  ============================================================
20:33:24.0783 3540  \Device\Harddisk0\DR0:
20:33:24.0783 3540  MBR partitions:
20:33:24.0798 3540  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x240C028E
20:33:24.0798 3540  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x240C02CD, BlocksNum 0x136D3F4
20:33:24.0798 3540  \Device\Harddisk1\DR1:
20:33:24.0798 3540  MBR partitions:
20:33:24.0798 3540  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
20:33:24.0798 3540  ============================================================
20:33:24.0845 3540  C: <-> \Device\Harddisk0\DR0\Partition1
20:33:24.0845 3540  E: <-> \Device\Harddisk1\DR1\Partition1
20:33:25.0064 3540  D: <-> \Device\Harddisk0\DR0\Partition2
20:33:25.0064 3540  ============================================================
20:33:25.0064 3540  Initialize success
20:33:25.0064 3540  ============================================================
20:33:34.0455 2216  ============================================================
20:33:34.0455 2216  Scan started
20:33:34.0455 2216  Mode: Manual; 
20:33:34.0455 2216  ============================================================
20:33:38.0448 2216  ================ Scan system memory ========================
20:33:38.0448 2216  System memory - ok
20:33:38.0448 2216  ================ Scan services =============================
20:33:38.0823 2216  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:33:38.0823 2216  ACPI - ok
20:33:38.0916 2216  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:33:38.0932 2216  AdobeFlashPlayerUpdateSvc - ok
20:33:39.0072 2216  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:33:39.0072 2216  adp94xx - ok
20:33:39.0150 2216  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:33:39.0166 2216  adpahci - ok
20:33:39.0213 2216  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:33:39.0228 2216  adpu160m - ok
20:33:39.0260 2216  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:33:39.0275 2216  adpu320 - ok
20:33:39.0322 2216  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:33:39.0322 2216  AeLookupSvc - ok
20:33:39.0422 2216  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:33:39.0422 2216  AFD - ok
20:33:39.0487 2216  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:33:39.0487 2216  agp440 - ok
20:33:39.0517 2216  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:33:39.0537 2216  aic78xx - ok
20:33:39.0567 2216  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:33:39.0567 2216  ALG - ok
20:33:39.0582 2216  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:33:39.0597 2216  aliide - ok
20:33:39.0622 2216  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:33:39.0627 2216  amdagp - ok
20:33:39.0647 2216  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
20:33:39.0647 2216  amdide - ok
20:33:39.0712 2216  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:33:39.0712 2216  AmdK7 - ok
20:33:39.0737 2216  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:33:39.0737 2216  AmdK8 - ok
20:33:39.0842 2216  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:33:39.0842 2216  Appinfo - ok
20:33:39.0932 2216  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
20:33:39.0937 2216  arc - ok
20:33:39.0992 2216  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:33:39.0992 2216  arcsas - ok
20:33:40.0117 2216  [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:33:40.0127 2216  aspnet_state - ok
20:33:40.0192 2216  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:33:40.0197 2216  AsyncMac - ok
20:33:40.0237 2216  [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi           C:\Windows\system32\drivers\atapi.sys
20:33:40.0242 2216  atapi - ok
20:33:40.0302 2216  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:33:40.0302 2216  AudioEndpointBuilder - ok
20:33:40.0327 2216  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:33:40.0332 2216  Audiosrv - ok
20:33:40.0412 2216  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:33:40.0417 2216  Beep - ok
20:33:40.0487 2216  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
20:33:40.0492 2216  BFE - ok
20:33:40.0702 2216  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
20:33:40.0707 2216  BITS - ok
20:33:40.0712 2216  blbdrive - ok
20:33:40.0777 2216  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:33:40.0777 2216  bowser - ok
20:33:40.0832 2216  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:33:40.0832 2216  BrFiltLo - ok
20:33:40.0852 2216  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:33:40.0852 2216  BrFiltUp - ok
20:33:40.0872 2216  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:33:40.0872 2216  Browser - ok
20:33:40.0917 2216  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:33:40.0917 2216  Brserid - ok
20:33:40.0967 2216  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:33:40.0967 2216  BrSerWdm - ok
20:33:40.0987 2216  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:33:40.0987 2216  BrUsbMdm - ok
20:33:41.0012 2216  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:33:41.0012 2216  BrUsbSer - ok
20:33:41.0042 2216  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:33:41.0042 2216  BTHMODEM - ok
20:33:41.0072 2216  catchme - ok
20:33:41.0102 2216  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:33:41.0102 2216  cdfs - ok
20:33:41.0142 2216  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:33:41.0142 2216  cdrom - ok
20:33:41.0202 2216  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:33:41.0202 2216  CertPropSvc - ok
20:33:41.0237 2216  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:33:41.0237 2216  circlass - ok
20:33:41.0322 2216  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:33:41.0327 2216  CLFS - ok
20:33:41.0362 2216  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:41.0362 2216  clr_optimization_v2.0.50727_32 - ok
20:33:41.0402 2216  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:33:41.0412 2216  cmdide - ok
20:33:41.0432 2216  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:33:41.0432 2216  Compbatt - ok
20:33:41.0452 2216  COMSysApp - ok
20:33:41.0477 2216  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:33:41.0482 2216  crcdisk - ok
20:33:41.0497 2216  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:33:41.0502 2216  Crusoe - ok
20:33:41.0552 2216  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:33:41.0552 2216  CryptSvc - ok
20:33:41.0632 2216  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
20:33:41.0632 2216  CVirtA - ok
20:33:41.0907 2216  [ F432260E59AAE3284ED7E795264C16D0 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
20:33:41.0912 2216  CVPND - ok
20:33:41.0977 2216  [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
20:33:41.0982 2216  CVPNDRVA - ok
20:33:42.0067 2216  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:33:42.0072 2216  DcomLaunch - ok
20:33:42.0107 2216  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:33:42.0107 2216  DfsC - ok
20:33:42.0177 2216  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:33:42.0207 2216  DFSR - ok
20:33:42.0272 2216  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:33:42.0272 2216  Dhcp - ok
20:33:42.0322 2216  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:33:42.0327 2216  disk - ok
20:33:42.0382 2216  [ 7B4FDFBE97C047175E613AA96F3DE987 ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
20:33:42.0382 2216  DNE - ok
20:33:42.0437 2216  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:33:42.0437 2216  Dnscache - ok
20:33:42.0477 2216  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:33:42.0477 2216  dot3svc - ok
20:33:42.0527 2216  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:33:42.0527 2216  DPS - ok
20:33:42.0577 2216  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:33:42.0577 2216  drmkaud - ok
20:33:42.0627 2216  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:33:42.0627 2216  DXGKrnl - ok
20:33:42.0662 2216  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:33:42.0672 2216  E1G60 - ok
20:33:42.0727 2216  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:33:42.0727 2216  EapHost - ok
20:33:42.0802 2216  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:33:42.0802 2216  Ecache - ok
20:33:42.0887 2216  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:33:42.0887 2216  ehRecvr - ok
20:33:42.0907 2216  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:33:42.0907 2216  ehSched - ok
20:33:42.0917 2216  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:33:42.0917 2216  ehstart - ok
20:33:42.0997 2216  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:33:43.0012 2216  elxstor - ok
20:33:43.0062 2216  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:33:43.0062 2216  EMDMgmt - ok
20:33:43.0152 2216  EraserUtilRebootDrv - ok
20:33:43.0237 2216  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:33:43.0242 2216  EventSystem - ok
20:33:43.0302 2216  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:33:43.0302 2216  exfat - ok
20:33:43.0357 2216  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:33:43.0357 2216  fastfat - ok
20:33:43.0387 2216  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:33:43.0387 2216  fdc - ok
20:33:43.0412 2216  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:33:43.0412 2216  fdPHost - ok
20:33:43.0442 2216  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:33:43.0442 2216  FDResPub - ok
20:33:43.0497 2216  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:33:43.0497 2216  FileInfo - ok
20:33:43.0527 2216  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:33:43.0527 2216  Filetrace - ok
20:33:43.0577 2216  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:33:43.0617 2216  flpydisk - ok
20:33:43.0652 2216  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:33:43.0652 2216  FltMgr - ok
20:33:43.0742 2216  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
20:33:43.0747 2216  FontCache - ok
20:33:43.0847 2216  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:33:43.0867 2216  FontCache3.0.0.0 - ok
20:33:43.0887 2216  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:33:43.0887 2216  Fs_Rec - ok
20:33:43.0912 2216  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:33:43.0912 2216  gagp30kx - ok
20:33:43.0982 2216  [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
20:33:43.0987 2216  GameConsoleService - ok
20:33:44.0027 2216  [ 483924F92E55A5F9423201EC635E2CED ] gfibto          C:\Windows\system32\drivers\gfibto.sys
20:33:44.0037 2216  gfibto - ok
20:33:44.0077 2216  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:33:44.0082 2216  gpsvc - ok
20:33:44.0172 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:33:44.0172 2216  gupdate - ok
20:33:44.0217 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:33:44.0217 2216  gupdatem - ok
20:33:44.0257 2216  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:33:44.0262 2216  gusvc - ok
20:33:44.0287 2216  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:33:44.0287 2216  HdAudAddService - ok
20:33:44.0422 2216  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:33:44.0427 2216  HDAudBus - ok
20:33:44.0462 2216  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:33:44.0462 2216  HidBth - ok
20:33:44.0512 2216  [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:33:44.0512 2216  HidIr - ok
20:33:44.0572 2216  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
20:33:44.0572 2216  hidserv - ok
20:33:44.0612 2216  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:33:44.0612 2216  HidUsb - ok
20:33:44.0632 2216  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:33:44.0632 2216  hkmsvc - ok
20:33:44.0737 2216  [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
20:33:44.0762 2216  HP Health Check Service - ok
20:33:44.0827 2216  [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv        c:\hp\HPEZBTN\HPBtnSrv.exe
20:33:44.0827 2216  HPBtnSrv - ok
20:33:44.0882 2216  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:33:44.0892 2216  HpCISSs - ok
20:33:44.0997 2216  [ EB2991BFA5069E833A79B8766919FC94 ] HSF_DP          C:\Windows\system32\DRIVERS\HSX_DP.sys
20:33:45.0002 2216  HSF_DP - ok
20:33:45.0017 2216  [ 1884B7793D5DE4D9E63D5DB5223F2258 ] HSXHWBS3        C:\Windows\system32\DRIVERS\HSXHWBS3.sys
20:33:45.0022 2216  HSXHWBS3 - ok
20:33:45.0087 2216  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:33:45.0087 2216  HTTP - ok
20:33:45.0147 2216  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:33:45.0147 2216  i2omp - ok
20:33:45.0212 2216  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:33:45.0212 2216  i8042prt - ok
20:33:45.0372 2216  [ 204A73A56751C68C6031E9D5D611EC98 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:33:45.0377 2216  IAANTMON - ok
20:33:45.0432 2216  [ 2358C53F30CB9DCD1D3843C4E2F299B2 ] iaStor          C:\Windows\system32\drivers\iastor.sys
20:33:45.0432 2216  iaStor - ok
20:33:45.0482 2216  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:33:45.0502 2216  iaStorV - ok
20:33:45.0742 2216  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:33:45.0822 2216  idsvc - ok
20:33:45.0837 2216  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:33:45.0847 2216  iirsp - ok
20:33:45.0932 2216  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:33:45.0932 2216  IKEEXT - ok
20:33:46.0002 2216  IntcAzAudAddService - ok
20:33:46.0037 2216  [ 97469037714070E45194ED318D636401 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:33:46.0042 2216  intelide - ok
20:33:46.0107 2216  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:33:46.0107 2216  intelppm - ok
20:33:46.0167 2216  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:33:46.0167 2216  IPBusEnum - ok
20:33:46.0182 2216  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:33:46.0182 2216  IpFilterDriver - ok
20:33:46.0242 2216  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:33:46.0242 2216  iphlpsvc - ok
20:33:46.0247 2216  IpInIp - ok
20:33:46.0272 2216  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:33:46.0287 2216  IPMIDRV - ok
20:33:46.0347 2216  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:33:46.0347 2216  IPNAT - ok
20:33:46.0362 2216  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:33:46.0367 2216  IRENUM - ok
20:33:46.0392 2216  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:33:46.0392 2216  isapnp - ok
20:33:46.0422 2216  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:33:46.0427 2216  iScsiPrt - ok
20:33:46.0447 2216  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:33:46.0447 2216  iteatapi - ok
20:33:46.0462 2216  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:33:46.0462 2216  iteraid - ok
20:33:46.0487 2216  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:33:46.0492 2216  kbdclass - ok
20:33:46.0502 2216  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:33:46.0502 2216  kbdhid - ok
20:33:46.0532 2216  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:33:46.0532 2216  KeyIso - ok
20:33:46.0567 2216  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:33:46.0572 2216  KSecDD - ok
20:33:46.0652 2216  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:33:46.0657 2216  KtmRm - ok
20:33:46.0722 2216  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:33:46.0722 2216  LanmanServer - ok
20:33:46.0782 2216  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:33:46.0787 2216  LanmanWorkstation - ok
20:33:46.0842 2216  lgwnusbbus - ok
20:33:46.0847 2216  lgwnusbmodem - ok
20:33:46.0847 2216  lgwnusbndis - ok
20:33:46.0852 2216  lgwnusbser01 - ok
20:33:46.0857 2216  lgwnusbser02 - ok
20:33:46.0937 2216  [ 75AC54B996F7C8E17594EBC32B6614BD ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:33:46.0937 2216  LightScribeService - ok
20:33:46.0967 2216  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:33:46.0967 2216  lltdio - ok
20:33:46.0987 2216  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:33:46.0987 2216  lltdsvc - ok
20:33:47.0012 2216  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:33:47.0012 2216  lmhosts - ok
20:33:47.0042 2216  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:33:47.0047 2216  LSI_FC - ok
20:33:47.0067 2216  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:33:47.0067 2216  LSI_SAS - ok
20:33:47.0097 2216  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:33:47.0097 2216  LSI_SCSI - ok
20:33:47.0127 2216  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:33:47.0132 2216  luafv - ok
20:33:47.0217 2216  [ AB694FA24E02246F9DDCDD729D6B9278 ] lxdnCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
20:33:47.0217 2216  lxdnCATSCustConnectService - ok
20:33:47.0222 2216  lxdn_device - ok
20:33:47.0242 2216  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:33:47.0247 2216  Mcx2Svc - ok
20:33:47.0287 2216  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:33:47.0292 2216  mdmxsdk - ok
20:33:47.0347 2216  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
20:33:47.0347 2216  megasas - ok
20:33:47.0367 2216  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:33:47.0372 2216  MMCSS - ok
20:33:47.0387 2216  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:33:47.0387 2216  Modem - ok
20:33:47.0422 2216  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:33:47.0422 2216  monitor - ok
20:33:47.0437 2216  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:33:47.0437 2216  mouclass - ok
20:33:47.0472 2216  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:33:47.0472 2216  mouhid - ok
20:33:47.0487 2216  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:33:47.0492 2216  MountMgr - ok
20:33:47.0532 2216  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:33:47.0537 2216  mpio - ok
20:33:47.0557 2216  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:33:47.0557 2216  mpsdrv - ok
20:33:47.0617 2216  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:33:47.0622 2216  MpsSvc - ok
20:33:47.0692 2216  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:33:47.0692 2216  Mraid35x - ok
20:33:47.0712 2216  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:33:47.0712 2216  MRxDAV - ok
20:33:47.0737 2216  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:33:47.0737 2216  mrxsmb - ok
20:33:47.0772 2216  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:33:47.0772 2216  mrxsmb10 - ok
20:33:47.0797 2216  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:33:47.0802 2216  mrxsmb20 - ok
20:33:47.0812 2216  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:33:47.0817 2216  msahci - ok
20:33:47.0842 2216  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:33:47.0842 2216  msdsm - ok
20:33:47.0867 2216  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:33:47.0867 2216  MSDTC - ok
20:33:47.0907 2216  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:33:47.0907 2216  Msfs - ok
20:33:47.0972 2216  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:33:47.0972 2216  msisadrv - ok
20:33:47.0997 2216  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:33:48.0002 2216  MSiSCSI - ok
20:33:48.0002 2216  msiserver - ok
20:33:48.0022 2216  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:33:48.0022 2216  MSKSSRV - ok
20:33:48.0072 2216  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:33:48.0077 2216  MSPCLOCK - ok
20:33:48.0097 2216  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:33:48.0102 2216  MSPQM - ok
20:33:48.0127 2216  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:33:48.0127 2216  MsRPC - ok
20:33:48.0142 2216  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:33:48.0147 2216  mssmbios - ok
20:33:48.0152 2216  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:33:48.0157 2216  MSTEE - ok
20:33:48.0182 2216  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:33:48.0182 2216  Mup - ok
20:33:48.0217 2216  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:33:48.0222 2216  napagent - ok
20:33:48.0282 2216  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:33:48.0282 2216  NativeWifiP - ok
20:33:48.0322 2216  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:33:48.0332 2216  NDIS - ok
20:33:48.0357 2216  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:33:48.0357 2216  NdisTapi - ok
20:33:48.0377 2216  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:33:48.0377 2216  Ndisuio - ok
20:33:48.0397 2216  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:33:48.0397 2216  NdisWan - ok
20:33:48.0417 2216  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:33:48.0417 2216  NDProxy - ok
20:33:48.0437 2216  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:33:48.0437 2216  NetBIOS - ok
20:33:48.0462 2216  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:33:48.0467 2216  netbt - ok
20:33:48.0472 2216  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:33:48.0477 2216  Netlogon - ok
20:33:48.0517 2216  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:33:48.0522 2216  Netman - ok
20:33:48.0587 2216  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:33:48.0592 2216  netprofm - ok
20:33:48.0662 2216  [ 271AC1312EF1DDE187793183ABBFA8D0 ] netr73          C:\Windows\system32\DRIVERS\netr73.sys
20:33:48.0667 2216  netr73 - ok
20:33:48.0737 2216  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:33:48.0747 2216  NetTcpPortSharing - ok
20:33:48.0777 2216  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:33:48.0782 2216  nfrd960 - ok
20:33:48.0827 2216  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:33:48.0832 2216  NlaSvc - ok
20:33:48.0857 2216  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:33:48.0857 2216  Npfs - ok
20:33:48.0897 2216  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:33:48.0897 2216  nsi - ok
20:33:48.0917 2216  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:33:48.0917 2216  nsiproxy - ok
20:33:48.0997 2216  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:33:49.0017 2216  Ntfs - ok
20:33:49.0047 2216  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:33:49.0072 2216  ntrigdigi - ok
20:33:49.0107 2216  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:33:49.0107 2216  Null - ok
20:33:50.0822 2216  [ B69E6F70CE1151C8D62ABC9DEF64DFBE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:33:50.0867 2216  nvlddmkm - ok
20:33:50.0937 2216  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:33:50.0937 2216  nvraid - ok
20:33:50.0967 2216  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:33:50.0987 2216  nvstor - ok
20:33:51.0232 2216  [ E4284FCF99FEA13A7E1836F87AE356F6 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:33:51.0232 2216  nvsvc - ok
20:33:51.0417 2216  [ 03E60E0BFA53ED15DC984FA34B44BB0F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:33:51.0427 2216  nvUpdatusService - ok
20:33:51.0472 2216  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:33:51.0497 2216  nv_agp - ok
20:33:51.0502 2216  NwlnkFlt - ok
20:33:51.0507 2216  NwlnkFwd - ok
20:33:51.0657 2216  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:33:51.0667 2216  odserv - ok
20:33:51.0732 2216  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:33:51.0732 2216  ohci1394 - ok
20:33:51.0882 2216  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:33:51.0917 2216  ose - ok
20:33:51.0952 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:33:51.0957 2216  p2pimsvc - ok
20:33:52.0037 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:33:52.0042 2216  p2psvc - ok
20:33:52.0087 2216  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:33:52.0087 2216  Parport - ok
20:33:52.0127 2216  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:33:52.0127 2216  partmgr - ok
20:33:52.0142 2216  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:33:52.0142 2216  Parvdm - ok
20:33:52.0167 2216  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:33:52.0172 2216  PcaSvc - ok
20:33:52.0192 2216  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:33:52.0197 2216  pci - ok
20:33:52.0222 2216  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:33:52.0222 2216  pciide - ok
20:33:52.0237 2216  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:33:52.0242 2216  pcmcia - ok
20:33:52.0307 2216  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:33:52.0312 2216  PEAUTH - ok
20:33:52.0377 2216  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:33:52.0387 2216  pla - ok
20:33:52.0427 2216  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:33:52.0427 2216  PlugPlay - ok
20:33:52.0487 2216  [ 831883B107684301F48ACE752C963984 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
20:33:52.0487 2216  PnkBstrA - ok
20:33:52.0512 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:33:52.0517 2216  PNRPAutoReg - ok
20:33:52.0527 2216  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:33:52.0532 2216  PNRPsvc - ok
20:33:52.0547 2216  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:33:52.0552 2216  PolicyAgent - ok
20:33:52.0572 2216  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:33:52.0577 2216  PptpMiniport - ok
20:33:52.0602 2216  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
20:33:52.0602 2216  Processor - ok
20:33:52.0632 2216  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:33:52.0632 2216  ProfSvc - ok
20:33:52.0642 2216  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:33:52.0642 2216  ProtectedStorage - ok
20:33:52.0702 2216  [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
20:33:52.0702 2216  ProtexisLicensing - ok
20:33:52.0732 2216  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:33:52.0732 2216  PSched - ok
20:33:52.0777 2216  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:33:52.0792 2216  ql2300 - ok
20:33:52.0827 2216  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:33:52.0827 2216  ql40xx - ok
20:33:52.0862 2216  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:33:52.0862 2216  QWAVE - ok
20:33:52.0877 2216  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:33:52.0877 2216  QWAVEdrv - ok
20:33:52.0902 2216  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:33:52.0902 2216  RasAcd - ok
20:33:52.0907 2216  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:33:52.0912 2216  RasAuto - ok
20:33:52.0942 2216  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:33:52.0942 2216  Rasl2tp - ok
20:33:52.0987 2216  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:33:52.0992 2216  RasMan - ok
////IA Corporation\Display\nvuir.dll
20:34:00.0147 2216  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
20:34:00.0147 2216  [ 7BF23024EE34A48219AE8D6590C7E56E ] C:\Windows\System32\nvcpl.dll
20:34:00.0147 2216  C:\Windows\System32\nvcpl.dll - ok
20:34:00.0152 2216  [ C01CE209383399463B505D0A19E30AA0 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
20:34:00.0152 2216  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
20:34:00.0152 2216  [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
20:34:00.0152 2216  C:\Windows\System32\winrnr.dll - ok
20:34:00.0157 2216  [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
20:34:00.0157 2216  C:\Windows\System32\rasadhlp.dll - ok
20:34:00.0157 2216  [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
20:34:00.0157 2216  C:\Windows\System32\localspl.dll - ok
20:34:00.0162 2216  [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
20:34:00.0162 2216  C:\Windows\System32\sfc.dll - ok
20:34:00.0162 2216  [ 9CA922153E68AF68A20A191DBC49A6D9 ] C:\Windows\System32\lxdnlmpm.dll
20:34:00.0162 2216  C:\Windows\System32\lxdnlmpm.dll - ok
20:34:00.0167 2216  [ C50231C862536CB54DCEAAC60813B14F ] C:\Windows\System32\lxdncomc.dll
20:34:00.0167 2216  C:\Windows\System32\lxdncomc.dll - ok
20:34:00.0172 2216  [ 3B12BC56C19139A813083F35EE28CB79 ] C:\Windows\System32\lxdncoms.exe
20:34:00.0172 2216  C:\Windows\System32\lxdncoms.exe - ok
20:34:00.0172 2216  [ 4E16E778982E5F5744E279E5B1CBD253 ] C:\Windows\System32\lxdnserv.dll
20:34:00.0172 2216  C:\Windows\System32\lxdnserv.dll - ok
20:34:00.0177 2216  [ EB7DA1FA2A2EC9D5D6CEEF7BB5A687D8 ] C:\Windows\System32\lxdninpa.dll
20:34:00.0177 2216  C:\Windows\System32\lxdninpa.dll - ok
20:34:00.0177 2216  [ 19A15034DFFD042A3044455F6D89C374 ] C:\Windows\System32\lxdniesc.dll
20:34:00.0177 2216  C:\Windows\System32\lxdniesc.dll - ok
20:34:00.0182 2216  [ 70A7531D55B6E03AC51D63FEA8FCD3D0 ] C:\Windows\System32\lxdnusb1.dll
20:34:00.0182 2216  C:\Windows\System32\lxdnusb1.dll - ok
20:34:00.0182 2216  [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
20:34:00.0182 2216  C:\Windows\System32\rundll32.exe - ok
20:34:00.0187 2216  [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
20:34:00.0187 2216  C:\Windows\System32\shimeng.dll - ok
20:34:00.0187 2216  [ 51A4930AE13EC5B9A4B3C7D5F11DD676 ] C:\Windows\AppPatch\AcLayers.dll
20:34:00.0187 2216  C:\Windows\AppPatch\AcLayers.dll - ok
20:34:00.0192 2216  [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
20:34:00.0192 2216  C:\Windows\System32\cfgmgr32.dll - ok
20:34:00.0192 2216  [ 65B3DC54069845269B3C21C42421FB91 ] C:\Windows\System32\LXF3PMON.DLL
20:34:00.0192 2216  C:\Windows\System32\LXF3PMON.DLL - ok
20:34:00.0197 2216  [ 86C5AAC31EA7909121327701045F74BD ] C:\Windows\System32\IMGMAN32.DLL
20:34:00.0197 2216  C:\Windows\System32\IMGMAN32.DLL - ok
20:34:00.0197 2216  [ 9F22E3CE1639917EB07DCC730CD0D410 ] C:\Windows\System32\IM31IMG.DIL
20:34:00.0197 2216  C:\Windows\System32\IM31IMG.DIL - ok
20:34:00.0202 2216  [ 79F4250E099096C25797F1BAD35921FE ] C:\Windows\System32\IM31XPNG.DEL
20:34:00.0202 2216  C:\Windows\System32\IM31XPNG.DEL - ok
20:34:00.0202 2216  [ 6A858BCA55DBAB2E5884A1592B4EAEBB ] C:\Windows\System32\IM31XTIF.DEL
20:34:00.0202 2216  C:\Windows\System32\IM31XTIF.DEL - ok
20:34:00.0207 2216  [ 232565D4769CE44745A87CF466E91952 ] C:\Windows\System32\IMHOST32.DLL
20:34:00.0207 2216  C:\Windows\System32\IMHOST32.DLL - ok
20:34:00.0207 2216  [ 815CD2A760AA1D6003F4447B35D8EAB2 ] C:\Windows\System32\lxf3oem.dll
20:34:00.0207 2216  C:\Windows\System32\lxf3oem.dll - ok
20:34:00.0212 2216  [ BD719E858101A73CC2A5A4055A4431BA ] C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
20:34:00.0212 2216  C:\Program Files\Lexmark Fax Solutions\ipcmt.dll - ok
20:34:00.0212 2216  [ 36F201520057EF88AD6847B196235624 ] C:\Windows\System32\LXF3PMRC.DLL
20:34:00.0212 2216  C:\Windows\System32\LXF3PMRC.DLL - ok
20:34:00.0217 2216  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
20:34:00.0217 2216  C:\Windows\System32\msonpmon.dll - ok
20:34:00.0217 2216  [ B425B079CFF251AEAB63A9EE41371D1F ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcr80.dll
20:34:00.0217 2216  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcr80.dll - ok
20:34:00.0222 2216  [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
20:34:00.0222 2216  C:\Windows\System32\msi.dll - ok
20:34:00.0222 2216  [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
20:34:00.0222 2216  C:\Windows\System32\tcpmon.dll - ok
20:34:00.0227 2216  [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
20:34:00.0227 2216  C:\Windows\System32\snmpapi.dll - ok
20:34:00.0227 2216  [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
20:34:00.0227 2216  C:\Windows\System32\wsnmp32.dll - ok
20:34:00.0232 2216  [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
20:34:00.0232 2216  C:\Windows\System32\tcpmib.dll - ok
20:34:00.0232 2216  [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
20:34:00.0232 2216  C:\Windows\System32\mgmtapi.dll - ok
20:34:00.0237 2216  [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
20:34:00.0237 2216  C:\Windows\System32\usbmon.dll - ok
20:34:00.0237 2216  [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
20:34:00.0237 2216  C:\Windows\System32\WSDMon.dll - ok
20:34:00.0242 2216  [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
20:34:00.0242 2216  C:\Windows\System32\WSDApi.dll - ok
20:34:00.0242 2216  [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll
20:34:00.0242 2216  C:\Windows\System32\httpapi.dll - ok
20:34:00.0247 2216  [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
20:34:00.0247 2216  C:\Windows\System32\fundisc.dll - ok
20:34:00.0247 2216  [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
20:34:00.0247 2216  C:\Windows\System32\msxml3.dll - ok
20:34:00.0252 2216  [ ABE2078F412AE179660FF905BA7D9125 ] C:\Windows\System32\spool\prtprocs\w32x86\lxdndrpp.dll
20:34:00.0252 2216  C:\Windows\System32\spool\prtprocs\w32x86\lxdndrpp.dll - ok
20:34:00.0252 2216  [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
20:34:00.0252 2216  C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
20:34:00.0257 2216  [ A4E7946B71BBDF8708C7AC97FD9E9008 ] C:\Windows\System32\win32spl.dll
20:34:00.0257 2216  C:\Windows\System32\win32spl.dll - ok
20:34:00.0257 2216  [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
20:34:00.0257 2216  C:\Windows\System32\netrap.dll - ok
20:34:00.0262 2216  [ 2D3D47B93E0BE86EEBB261734AB5B6A1 ] C:\Windows\System32\printcom.dll
20:34:00.0262 2216  C:\Windows\System32\printcom.dll - ok
20:34:00.0262 2216  [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
20:34:00.0262 2216  C:\Windows\System32\SensApi.dll - ok
20:34:00.0267 2216  [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
20:34:00.0267 2216  C:\Windows\System32\inetpp.dll - ok
20:34:00.0267 2216  [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
20:34:00.0267 2216  C:\Windows\System32\cscapi.dll - ok
20:34:00.0272 2216  [ F432260E59AAE3284ED7E795264C16D0 ] C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
20:34:00.0272 2216  C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe - ok
20:34:00.0272 2216  [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
20:34:00.0272 2216  C:\Windows\System32\vssapi.dll - ok
20:34:00.0277 2216  [ 1A60302F6153B4A11B0510642333239C ] C:\Windows\System32\vpnapi.dll
20:34:00.0277 2216  C:\Windows\System32\vpnapi.dll - ok
20:34:00.0277 2216  [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
20:34:00.0277 2216  C:\Windows\System32\vsstrace.dll - ok
20:34:00.0282 2216  [ 9340105C246B16EE661FD8FCE579B117 ] C:\Windows\System32\cryptnet.dll
20:34:00.0282 2216  C:\Windows\System32\cryptnet.dll - ok
20:34:00.0282 2216  [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
20:34:00.0282 2216  C:\Windows\System32\wsock32.dll - ok
20:34:00.0287 2216  [ 992B1994668D8FB07EEBF610F41FEB0B ] C:\Windows\System32\msvcirt.dll
20:34:00.0287 2216  C:\Windows\System32\msvcirt.dll - ok
20:34:00.0287 2216  [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll
20:34:00.0287 2216  C:\Windows\System32\msvcp60.dll - ok
20:34:00.0292 2216  [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
20:34:00.0292 2216  C:\Windows\System32\mfc42.dll - ok
20:34:00.0292 2216  [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
20:34:00.0292 2216  C:\Windows\System32\odbc32.dll - ok
20:34:00.0297 2216  [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
20:34:00.0297 2216  C:\Windows\System32\odbcint.dll - ok
20:34:00.0302 2216  [ DEB82AF183F1CD06813D91ED104C645C ] C:\hp\HPEZBTN\HPBtnSrv.exe
20:34:00.0302 2216  C:\hp\HPEZBTN\HPBtnSrv.exe - ok
20:34:00.0302 2216  [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
20:34:00.0302 2216  C:\Windows\System32\taskschd.dll - ok
20:34:00.0307 2216  [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
20:34:00.0307 2216  C:\Windows\System32\wdscore.dll - ok
20:34:00.0307 2216  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\hp\HPEZBTN\MSVCP71.DLL
20:34:00.0307 2216  C:\hp\HPEZBTN\MSVCP71.DLL - ok
20:34:00.0312 2216  [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
20:34:00.0312 2216  C:\Windows\System32\diagperf.dll - ok
20:34:00.0312 2216  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\hp\HPEZBTN\MSVCR71.DLL
20:34:00.0312 2216  C:\hp\HPEZBTN\MSVCR71.DLL - ok
20:34:00.0317 2216  [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\hp\HPEZBTN\mfc71u.dll
20:34:00.0317 2216  C:\hp\HPEZBTN\mfc71u.dll - ok
20:34:00.0317 2216  [ 204A73A56751C68C6031E9D5D611EC98 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
20:34:00.0322 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
20:34:00.0322 2216  [ C0E7898090D81772EA927E9A3C71817C ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
20:34:00.0322 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
20:34:00.0327 2216  [ 87365FFA68CFFAF6E260677FF0ACFE7C ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
20:34:00.0327 2216  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
20:34:00.0327 2216  [ 75AC54B996F7C8E17594EBC32B6614BD ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:34:00.0327 2216  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
20:34:00.0332 2216  [ 8D000006E8752261757B01432D7D56B0 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
20:34:00.0332 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
20:34:00.0332 2216  [ 1CB81B6BD906BDA8A3A95E30B626B710 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
20:34:00.0332 2216  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
20:34:00.0337 2216  [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
20:34:00.0337 2216  C:\Windows\System32\wbem\wbemprox.dll - ok
20:34:00.0337 2216  [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
20:34:00.0337 2216  C:\Windows\System32\wbemcomn.dll - ok
20:34:00.0342 2216  [ 6402F7CB401216C108A1A04829CD9ADA ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcp80.dll
20:34:00.0342 2216  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcp80.dll - ok
20:34:00.0342 2216  [ AB694FA24E02246F9DDCDD729D6B9278 ] C:\Windows\System32\spool\drivers\w32x86\3\lxdnserv.exe
20:34:00.0342 2216  C:\Windows\System32\spool\drivers\w32x86\3\lxdnserv.exe - ok
20:34:00.0347 2216  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
20:34:00.0347 2216  C:\Windows\System32\drivers\mdmxsdk.sys - ok
20:34:00.0347 2216  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
20:34:00.0347 2216  C:\Windows\System32\ncsi.dll - ok
20:34:00.0352 2216  [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
20:34:00.0352 2216  C:\Windows\System32\drivers\PEAuth.sys - ok
20:34:00.0352 2216  [ 831883B107684301F48ACE752C963984 ] C:\Windows\System32\PnkBstrA.exe
20:34:00.0352 2216  C:\Windows\System32\PnkBstrA.exe - ok
20:34:00.0357 2216  [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
20:34:00.0357 2216  C:\Windows\System32\IPSECSVC.DLL - ok
20:34:00.0357 2216  [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
20:34:00.0357 2216  C:\Windows\System32\ssdpapi.dll - ok
20:34:00.0362 2216  [ F115AF58ABE5605D7D709CBFBD83F418 ] C:\Windows\System32\PSIService.exe
20:34:00.0362 2216  C:\Windows\System32\PSIService.exe - ok
20:34:00.0362 2216  [ 8FDA02E3E944E203E118F3DABA7C026D ] C:\Windows\System32\PSIKey.dll
20:34:00.0362 2216  C:\Windows\System32\PSIKey.dll - ok
20:34:00.0367 2216  [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
20:34:00.0367 2216  C:\Windows\System32\FwRemoteSvr.dll - ok
20:34:00.0367 2216  [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
20:34:00.0367 2216  C:\Windows\System32\drivers\secdrv.sys - ok
20:34:00.0372 2216  [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
20:34:00.0372 2216  C:\Windows\System32\drivers\tcpipreg.sys - ok
20:34:00.0372 2216  [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
20:34:00.0372 2216  C:\Windows\System32\icaapi.dll - ok
20:34:00.0377 2216  [ B26C0D2B2186AC508B5EFF976BB7FF9D ] C:\Windows\System32\PortableDeviceApi.dll
20:34:00.0377 2216  C:\Windows\System32\PortableDeviceApi.dll - ok
20:34:00.0377 2216  [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
20:34:00.0377 2216  C:\Windows\System32\wiatrace.dll - ok
20:34:00.0382 2216  [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
20:34:00.0382 2216  C:\Windows\System32\tquery.dll - ok
20:34:00.0382 2216  [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
20:34:00.0382 2216  C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:34:00.0387 2216  [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
20:34:00.0387 2216  C:\Windows\System32\wsdchngr.dll - ok
20:34:00.0387 2216  [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
20:34:00.0387 2216  C:\Windows\System32\mssrch.dll - ok
20:34:00.0392 2216  [ 13B5F255E90624A5BA0441D39CFB6BE2 ] C:\Windows\System32\drivers\WUDFPf.sys
20:34:00.0392 2216  C:\Windows\System32\drivers\WUDFPf.sys - ok
20:34:00.0392 2216  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] C:\Windows\System32\drivers\WUDFRd.sys
20:34:00.0392 2216  C:\Windows\System32\drivers\WUDFRd.sys - ok
20:34:00.0397 2216  [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
20:34:00.0397 2216  C:\Windows\System32\dbghelp.dll - ok
20:34:00.0397 2216  [ 8AEC47366A9E8FDCDC35B93101677288 ] C:\Windows\System32\drivers\XAudio.sys
20:34:00.0397 2216  C:\Windows\System32\drivers\XAudio.sys - ok
20:34:00.0402 2216  [ CEB492CBB58A5F0194A4DCF4CAF3B20E ] C:\Windows\System32\drivers\XAudio.exe
20:34:00.0402 2216  C:\Windows\System32\drivers\XAudio.exe - ok
20:34:00.0407 2216  [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
20:34:00.0407 2216  C:\Windows\System32\msidle.dll - ok
20:34:00.0407 2216  [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
20:34:00.0407 2216  C:\Windows\System32\Query.dll - ok
20:34:00.0407 2216  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
20:34:00.0407 2216  C:\Windows\System32\netprofm.dll - ok
20:34:00.0412 2216  [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
20:34:00.0412 2216  C:\Windows\System32\npmproxy.dll - ok
20:34:00.0412 2216  [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
20:34:00.0412 2216  C:\Windows\System32\sqmapi.dll - ok
20:34:00.0417 2216  [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
20:34:00.0417 2216  C:\Windows\System32\rastapi.dll - ok
20:34:00.0417 2216  [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
20:34:00.0417 2216  C:\Windows\System32\hnetcfg.dll - ok
20:34:00.0422 2216  [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
20:34:00.0422 2216  C:\Windows\System32\unimdm.tsp - ok
20:34:00.0422 2216  [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
20:34:00.0422 2216  C:\Windows\System32\uniplat.dll - ok
20:34:00.0427 2216  [ 570DDCF8D16B39F46A440C2817C52E21 ] C:\Windows\System32\wiafbdrv.dll
20:34:00.0427 2216  C:\Windows\System32\wiafbdrv.dll - ok
20:34:00.0427 2216  [ 2CD321E2A7B05CAFAF4C98667454C057 ] C:\Windows\System32\lxdndrs.dll
20:34:00.0427 2216  C:\Windows\System32\lxdndrs.dll - ok
20:34:00.0432 2216  [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
20:34:00.0432 2216  C:\Windows\System32\wbem\wbemcore.dll - ok
20:34:00.0432 2216  [ 31C0134FA601985F9F329976A36A85FB ] C:\Windows\System32\LXDNcfg.dll
20:34:00.0432 2216  C:\Windows\System32\LXDNcfg.dll - ok
20:34:00.0437 2216  [ B8EC01E783B2100F1A894CC2EDB759FB ] C:\Windows\System32\lxdncaps.dll
20:34:00.0437 2216  C:\Windows\System32\lxdncaps.dll - ok
20:34:00.0437 2216  [ 768397F3C645F6A29C1413AACC8C0981 ] C:\Windows\System32\lxdncnv4.dll
20:34:00.0437 2216  C:\Windows\System32\lxdncnv4.dll - ok
20:34:00.0442 2216  [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
20:34:00.0442 2216  C:\Windows\System32\wbem\esscli.dll - ok
20:34:00.0442 2216  [ 09C7859269563C240AB2AAAB574483DD ] C:\Windows\System32\WUDFHost.exe
20:34:00.0442 2216  C:\Windows\System32\WUDFHost.exe - ok
20:34:00.0447 2216  [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
20:34:00.0447 2216  C:\Windows\System32\wbem\fastprox.dll - ok
20:34:00.0447 2216  [ 2E837F3D406224DF131C34BC8F71621E ] C:\Windows\System32\modemui.dll
20:34:00.0447 2216  C:\Windows\System32\modemui.dll - ok
20:34:00.0452 2216  [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll
20:34:00.0452 2216  C:\Windows\System32\unimdmat.dll - ok
20:34:00.0452 2216  [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
20:34:00.0452 2216  C:\Windows\System32\en-US\tquery.dll.mui - ok
20:34:00.0457 2216  [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
20:34:00.0457 2216  C:\Windows\System32\wbem\repdrvfs.dll - ok
20:34:00.0457 2216  [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
20:34:00.0457 2216  C:\Windows\System32\wbem\wbemsvc.dll - ok
20:34:00.0462 2216  [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
20:34:00.0462 2216  C:\Windows\System32\wbem\wmiutils.dll - ok
20:34:00.0462 2216  [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
20:34:00.0462 2216  C:\Windows\System32\kmddsp.tsp - ok
20:34:00.0467 2216  [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
20:34:00.0467 2216  C:\Windows\System32\esent.dll - ok
20:34:00.0467 2216  [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
20:34:00.0467 2216  C:\Windows\System32\hidphone.tsp - ok
20:34:00.0472 2216  [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
20:34:00.0472 2216  C:\Windows\System32\ndptsp.tsp - ok
20:34:00.0472 2216  [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
20:34:00.0472 2216  C:\Windows\System32\rasppp.dll - ok
20:34:00.0477 2216  [ 4B72B5B342ADA4DE8DEEA39CCE465B58 ] C:\Windows\System32\WUDFx.dll
20:34:00.0477 2216  C:\Windows\System32\WUDFx.dll - ok
20:34:00.0477 2216  [ 45A9B22EF9A4FADFA02D60ACCB4E8202 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
20:34:00.0477 2216  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
20:34:00.0482 2216  [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
20:34:00.0482 2216  C:\Windows\System32\mprapi.dll - ok
20:34:00.0482 2216  [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL
20:34:00.0482 2216  C:\Windows\System32\WMVCORE.DLL - ok
20:34:00.0487 2216  [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
20:34:00.0487 2216  C:\Windows\System32\QUTIL.DLL - ok
20:34:00.0487 2216  [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
20:34:00.0487 2216  C:\Windows\System32\rasqec.dll - ok
20:34:00.0492 2216  [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
20:34:00.0492 2216  C:\Windows\System32\cryptui.dll - ok
20:34:00.0492 2216  [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
20:34:00.0492 2216  C:\Windows\System32\msscb.dll - ok
20:34:00.0497 2216  [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:34:00.0497 2216  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:34:00.0497 2216  [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
20:34:00.0497 2216  C:\Windows\System32\wbem\wbemess.dll - ok
20:34:00.0502 2216  [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL
20:34:00.0502 2216  C:\Windows\System32\WMASF.DLL - ok
20:34:00.0502 2216  [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
20:34:00.0502 2216  C:\Windows\System32\netshell.dll - ok
20:34:00.0507 2216  [ 5A87FD90634C9A05157469DA2441EBB4 ] C:\Windows\System32\PortableDeviceClassExtension.dll
20:34:00.0507 2216  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
20:34:00.0507 2216  [ 290A5AA84C6F06E0B82E94F419FEE9C5 ] C:\Windows\System32\PortableDeviceTypes.dll
20:34:00.0507 2216  C:\Windows\System32\PortableDeviceTypes.dll - ok
20:34:00.0512 2216  [ B288FF7C1987A736726E87C79148C360 ] C:\Windows\System32\PortableDeviceWiaCompat.dll
20:34:00.0512 2216  C:\Windows\System32\PortableDeviceWiaCompat.dll - ok
20:34:00.0517 2216  [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
20:34:00.0517 2216  C:\Windows\System32\upnp.dll - ok
20:34:00.0517 2216  [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
20:34:00.0517 2216  C:\Windows\System32\taskeng.exe - ok
20:34:00.0522 2216  [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
20:34:00.0522 2216  C:\Windows\System32\pautoenr.dll - ok
20:34:00.0522 2216  [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
20:34:00.0522 2216  C:\Windows\System32\TSChannel.dll - ok
20:34:00.0527 2216  [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll
20:34:00.0527 2216  C:\Windows\System32\certcli.dll - ok
20:34:00.0527 2216  [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll
20:34:00.0527 2216  C:\Windows\System32\CertEnroll.dll - ok
20:34:00.0532 2216  [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
20:34:00.0532 2216  C:\Windows\System32\mssprxy.dll - ok
20:34:00.0532 2216  [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
20:34:00.0532 2216  C:\Windows\System32\pnpts.dll - ok
20:34:00.0537 2216  [ 8793643A67B42CEC66490B2A0CF92D68 ] C:\Windows\System32\drivers\ipnat.sys
20:34:00.0537 2216  C:\Windows\System32\drivers\ipnat.sys - ok
20:34:00.0537 2216  [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
20:34:00.0537 2216  C:\Windows\System32\pcadm.dll - ok
20:34:00.0542 2216  [ 01EBD21968ADBCDEF68E41CD8591DC9E ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
20:34:00.0542 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
20:34:00.0542 2216  [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] C:\Windows\System32\drivers\CVPNDRVA.sys
20:34:00.0542 2216  C:\Windows\System32\drivers\CVPNDRVA.sys - ok
20:34:00.0547 2216  [ 03500AD3001A71D3C01F2A5E053FEEF2 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
20:34:00.0547 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
20:34:00.0547 2216  [ A9086FD97C26976DFE54848C8B6DB104 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
20:34:00.0547 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
20:34:00.0552 2216  [ 4B3841A78EC7C6BD7D463AE89D1C2489 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
20:34:00.0552 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
20:34:00.0557 2216  [ AB15F6916593210DC6D95B328DD13F1C ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
20:34:00.0557 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
20:34:00.0562 2216  [ 1182F47930ED9AEC09F0DD410C67E69F ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
20:34:00.0562 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
20:34:00.0562 2216  [ 7487E14B2FA3457E8A4A4B51CF36B3F2 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
20:34:00.0562 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
20:34:00.0567 2216  [ B3E0C20A53D6A55590468B33AA9BC525 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
20:34:00.0567 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
20:34:00.0567 2216  [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
20:34:00.0567 2216  C:\Windows\System32\dot3api.dll - ok
20:34:00.0572 2216  [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll
20:34:00.0572 2216  C:\Windows\System32\wlanhlp.dll - ok
20:34:00.0572 2216  [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
20:34:00.0572 2216  C:\Windows\System32\wlanapi.dll - ok
20:34:00.0577 2216  [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
20:34:00.0577 2216  C:\Windows\System32\rasdlg.dll - ok
20:34:00.0577 2216  [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
20:34:00.0577 2216  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
20:34:00.0582 2216  [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll
20:34:00.0582 2216  C:\Windows\System32\ci.dll - ok
20:34:00.0582 2216  [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
20:34:00.0582 2216  C:\Windows\System32\SearchProtocolHost.exe - ok
20:34:00.0587 2216  [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
20:34:00.0587 2216  C:\Windows\System32\msshooks.dll - ok
20:34:00.0587 2216  [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
20:34:00.0587 2216  C:\Windows\System32\mssvp.dll - ok
20:34:00.0592 2216  [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
20:34:00.0592 2216  C:\Windows\System32\mapi32.dll - ok
20:34:00.0592 2216  [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
20:34:00.0592 2216  C:\Windows\System32\mssph.dll - ok
20:34:00.0597 2216  [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL
20:34:00.0597 2216  C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok
20:34:00.0597 2216  [ B81388E9FE895065FD5CEAF3C11FDC3F ] C:\Windows\System32\ieframe.dll
20:34:00.0597 2216  C:\Windows\System32\ieframe.dll - ok
20:34:00.0602 2216  [ C2CDBB424CF2461199322D6825F7B426 ] C:\Windows\System32\msfeeds.dll
20:34:00.0602 2216  C:\Windows\System32\msfeeds.dll - ok
20:34:00.0602 2216  [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
20:34:00.0602 2216  C:\Windows\System32\SearchFilterHost.exe - ok
20:34:00.0607 2216  [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
20:34:00.0607 2216  C:\Windows\System32\ntshrui.dll - ok
20:34:00.0607 2216  [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
20:34:00.0607 2216  C:\Windows\System32\actxprxy.dll - ok
20:34:00.0612 2216  [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
20:34:00.0612 2216  C:\Windows\System32\NaturalLanguage6.dll - ok
20:34:00.0617 2216  [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
20:34:00.0617 2216  C:\Windows\System32\NlsData0009.dll - ok
20:34:00.0617 2216  [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
20:34:00.0617 2216  C:\Windows\System32\NlsLexicons0009.dll - ok
20:34:00.0622 2216  [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
20:34:00.0622 2216  C:\Windows\System32\dllhost.exe - ok
20:34:00.0622 2216  [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
20:34:00.0622 2216  C:\Windows\System32\AtBroker.exe - ok
20:34:00.0627 2216  [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
20:34:00.0627 2216  C:\Windows\System32\userinit.exe - ok
20:34:00.0627 2216  [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
20:34:00.0627 2216  C:\Windows\System32\HotStartUserAgent.dll - ok
20:34:00.0632 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:00.0632 2216  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
20:34:00.0632 2216  [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
20:34:00.0632 2216  C:\Windows\System32\PlaySndSrv.dll - ok
20:34:00.0637 2216  [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
20:34:00.0637 2216  C:\Windows\explorer.exe - ok
20:34:00.0637 2216  [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
20:34:00.0637 2216  C:\Windows\System32\MsCtfMonitor.dll - ok
20:34:00.0642 2216  [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
20:34:00.0642 2216  C:\Windows\System32\msutb.dll - ok
20:34:00.0642 2216  [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
20:34:00.0642 2216  C:\Windows\System32\dwmredir.dll - ok
20:34:00.0647 2216  [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
20:34:00.0647 2216  C:\Windows\System32\milcore.dll - ok
20:34:00.0647 2216  [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
20:34:00.0647 2216  C:\Windows\System32\d3d9.dll - ok
20:34:00.0652 2216  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
20:34:00.0652 2216  C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
20:34:00.0652 2216  [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
20:34:00.0652 2216  C:\Windows\System32\TMM.dll - ok
20:34:00.0657 2216  [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
20:34:00.0657 2216  C:\Windows\System32\d3d8thk.dll - ok
20:34:00.0657 2216  [ 6D83BFF2F6D051E48408394850A9C7A2 ] C:\Windows\System32\nvd3dum.dll
20:34:00.0657 2216  C:\Windows\System32\nvd3dum.dll - ok
20:34:00.0662 2216  [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
20:34:00.0662 2216  C:\Windows\System32\uDWM.dll - ok
20:34:00.0662 2216  [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
20:34:00.0662 2216  C:\Windows\System32\QAGENT.DLL - ok
20:34:00.0667 2216  [ F18756D6C311DBC1A1942E5E1858ABFE ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
20:34:00.0667 2216  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
20:34:00.0667 2216  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
20:34:00.0667 2216  C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
20:34:00.0672 2216  [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
20:34:00.0672 2216  C:\Windows\System32\shdocvw.dll - ok
20:34:00.0672 2216  [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
20:34:00.0672 2216  C:\Windows\System32\browseui.dll - ok
20:34:00.0677 2216  [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
20:34:00.0677 2216  C:\Windows\System32\EhStorShell.dll - ok
20:34:00.0677 2216  [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
20:34:00.0677 2216  C:\Windows\System32\imageres.dll - ok
20:34:00.0682 2216  [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
20:34:00.0682 2216  C:\Windows\System32\IconCodecService.dll - ok
20:34:00.0687 2216  [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll
20:34:00.0687 2216  C:\Windows\System32\mstask.dll - ok
20:34:00.0687 2216  [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
20:34:00.0687 2216  C:\Windows\System32\runonce.exe - ok
20:34:00.0692 2216  [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
20:34:00.0692 2216  C:\Windows\System32\cmd.exe - ok
20:34:00.0692 2216  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Dave\AppData\Local\temp\EB7C4DB4-F38E-49E0-A4CF-AFB86B26E0F5.exe
20:34:00.0692 2216  C:\Users\Dave\AppData\Local\temp\EB7C4DB4-F38E-49E0-A4CF-AFB86B26E0F5.exe - ok
20:34:00.0697 2216  [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
20:34:00.0697 2216  C:\Windows\System32\p2pcollab.dll - ok
20:34:00.0697 2216  [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
20:34:00.0697 2216  C:\Windows\System32\wbem\NCProv.dll - ok
20:34:00.0702 2216  [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
20:34:00.0702 2216  C:\Windows\System32\wbem\wbemcons.dll - ok
20:34:00.0707 2216  [ 47C9EF1600EDD9EBD8155EB6B5206B6B ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
20:34:00.0707 2216  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
20:34:00.0707 2216  [ 1E93BBD87BC0B60CE7FADCD40744CF16 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
20:34:00.0707 2216  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
20:34:00.0712 2216  [ 518016E58CAD3F28E011B1524C4B0E98 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
20:34:00.0712 2216  C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok
20:34:00.0712 2216  [ B50DCC5B874FA8A1DB0D0A35A3978B9A ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
20:34:00.0712 2216  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
20:34:00.0717 2216  [ 11AFB3767663997E0CE911CD015599C9 ] C:\Program Files\Google\Update\1.3.21.145\goopdateres_en.dll
20:34:00.0717 2216  C:\Program Files\Google\Update\1.3.21.145\goopdateres_en.dll - ok
20:34:00.0717 2216  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:34:00.0717 2216  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
20:34:00.0722 2216  [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
20:34:00.0722 2216  C:\Windows\System32\msdtckrm.dll - ok
20:34:00.0722 2216  [ 03E60E0BFA53ED15DC984FA34B44BB0F ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:34:00.0722 2216  C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
20:34:00.0727 2216  [ FE0E2DF1F7FFF327A40F6BE92135F35A ] C:\Windows\AppPatch\AcGenral.dll
20:34:00.0727 2216  C:\Windows\AppPatch\AcGenral.dll - ok
20:34:00.0727 2216  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
20:34:00.0727 2216  C:\Windows\System32\sfc_os.dll - ok
20:34:00.0732 2216  [ AA11943FE1A04739AD91442CBAF56681 ] C:\ProgramData\NVIDIA\Updatus\Packages\0000175b\drsupdate.14225440_RUNASUSER.exe
20:34:00.0732 2216  C:\ProgramData\NVIDIA\Updatus\Packages\0000175b\drsupdate.14225440_RUNASUSER.exe - ok
20:34:00.0732 2216  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
20:34:00.0732 2216  C:\Windows\System32\shfolder.dll - ok
20:34:00.0737 2216  [ D567695B43CACCE685C223BE74073A39 ] C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
20:34:00.0737 2216  C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe - ok
20:34:00.0737 2216  [ C17103AE9072A06DA581DEC998343FC1 ] C:\Users\UPDATU~1\AppData\Local\temp\nsv7ADA.tmp\System.dll
20:34:00.0737 2216  C:\Users\UPDATU~1\AppData\Local\temp\nsv7ADA.tmp\System.dll - ok
20:34:00.0742 2216  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
20:34:00.0742 2216  C:\Windows\System32\wuapi.dll - ok
20:34:00.0742 2216  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
20:34:00.0742 2216  C:\Windows\System32\wups.dll - ok
20:34:00.0747 2216  [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
20:34:00.0747 2216  C:\Windows\System32\mspatcha.dll - ok
20:34:00.0747 2216  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
20:34:00.0747 2216  C:\Windows\System32\wups2.dll - ok
20:34:00.0752 2216  [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
20:34:00.0752 2216  C:\Windows\System32\ie4uinit.exe - ok
20:34:00.0752 2216  [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
20:34:00.0752 2216  C:\Windows\System32\iedkcs32.dll - ok
20:34:00.0757 2216  [ 45D4135CFA747CDFCF7CB247A6399002 ] C:\Windows\System32\timedate.cpl
20:34:00.0757 2216  C:\Windows\System32\timedate.cpl - ok
20:34:00.0757 2216  [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
20:34:00.0757 2216  C:\Windows\System32\msshsq.dll - ok
20:34:00.0762 2216  [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
20:34:00.0762 2216  C:\Windows\System32\linkinfo.dll - ok
20:34:00.0762 2216  [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
20:34:00.0762 2216  C:\Windows\System32\networkexplorer.dll - ok
20:34:00.0767 2216  [ 9A4322EE420D6FACD4D4B1FF6CB856B1 ] C:\hp\support\hpsysdrv.exe
20:34:00.0767 2216  C:\hp\support\hpsysdrv.exe - ok
20:34:00.0767 2216  [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
20:34:00.0767 2216  C:\Windows\System32\thumbcache.dll - ok
20:34:00.0772 2216  [ 204D63206C093F04EDAC558A043EAE26 ] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
20:34:00.0772 2216  C:\Program Files\Lexmark 2600 Series\lxdnmon.exe - ok
20:34:00.0777 2216  [ 1FF6C24219DF90A657737F31A448EAD4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
20:34:00.0777 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
20:34:00.0777 2216  [ 2E23A76E822C8F392262D8D156A18D3D ] C:\Program Files\Lexmark 2600 Series\lxdnscw.dll
20:34:00.0777 2216  C:\Program Files\Lexmark 2600 Series\lxdnscw.dll - ok
20:34:00.0782 2216  [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
20:34:00.0782 2216  C:\Windows\System32\msiltcfg.dll - ok
20:34:00.0782 2216  [ 5EB280B62F4A93115BFD920B13D8C3F4 ] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe
20:34:00.0782 2216  C:\Program Files\Lexmark 2600 Series\lxdnamon.exe - ok
20:34:00.0787 2216  [ 00D5ECC1E528530613AF8D7DB64BF6C6 ] C:\Program Files\Lexmark 2600 Series\dotnetchecker.dll
20:34:00.0787 2216  C:\Program Files\Lexmark 2600 Series\dotnetchecker.dll - ok
20:34:00.0787 2216  [ 2914DA72CC26F5A74F05EF75543507EE ] C:\Program Files\Lexmark Fax Solutions\fm3032.exe
20:34:00.0787 2216  C:\Program Files\Lexmark Fax Solutions\fm3032.exe - ok
20:34:00.0792 2216  [ 31C0134FA601985F9F329976A36A85FB ] C:\Program Files\Lexmark 2600 Series\LXDNcfg.dll
20:34:00.0792 2216  C:\Program Files\Lexmark 2600 Series\LXDNcfg.dll - ok
20:34:00.0792 2216  [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
20:34:00.0792 2216  C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
20:34:00.0797 2216  [ 59C9FF05BE6F3BF709D92FAE2E8D7192 ] C:\Windows\System32\spool\drivers\w32x86\3\lxdndatr.dll
20:34:00.0797 2216  C:\Windows\System32\spool\drivers\w32x86\3\lxdndatr.dll - ok
20:34:00.0797 2216  [ BF26D9CF26D7E915EB152631847A9E0B ] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
20:34:00.0797 2216  C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe - ok
20:34:00.0802 2216  [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
20:34:00.0802 2216  C:\Windows\System32\ExplorerFrame.dll - ok
20:34:00.0807 2216  [ 54CB57442F5AC8BA5E98A7745D455C18 ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
20:34:00.0807 2216  C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe - ok
20:34:00.0807 2216  [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
20:34:00.0807 2216  C:\Windows\System32\control.exe - ok
20:34:00.0812 2216  [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
20:34:00.0812 2216  C:\Program Files\Windows Sidebar\sidebar.exe - ok
20:34:00.0812 2216  [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
20:34:00.0812 2216  C:\Windows\System32\mlang.dll - ok
20:34:00.0817 2216  [ BF08674925F151BD4537B89A493E3E0C ] C:\Windows\ehome\ehtray.exe
20:34:00.0817 2216  C:\Windows\ehome\ehtray.exe - ok
20:34:00.0817 2216  [ 6163C0EE9781E3DF79A18D82FCA0AA26 ] C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe
20:34:00.0817 2216  C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe - ok
20:34:00.0822 2216  [ 0F4195B9B348DE5CF9B822F81704B20E ] C:\Windows\ehome\ehmsas.exe
20:34:00.0822 2216  C:\Windows\ehome\ehmsas.exe - ok
20:34:00.0822 2216  [ E616A6A6E91B0A86F2F6217CDE835FFE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:34:00.0822 2216  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
20:34:00.0827 2216  [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
20:34:00.0827 2216  C:\Program Files\Windows Calendar\WinCal.exe - ok
20:34:00.0827 2216  [ 9490ABBFEF7A38AADE248D73A83ECD2A ] C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
20:34:00.0827 2216  C:\Program Files\Cisco Systems\VPN Client\vpngui.exe - ok
20:34:00.0832 2216  [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
20:34:00.0832 2216  C:\Program Files\Windows Mail\wab.exe - ok
20:34:00.0832 2216  [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
20:34:00.0832 2216  C:\Program Files\Movie Maker\DVDMaker.exe - ok
20:34:00.0837 2216  [ FE56C0DA05F4C3B8BEAB297C486FF737 ] C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll
20:34:00.0837 2216  C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll - ok
20:34:00.0842 2216  [ 4A938E44BEB41641B70175DACAB1BBB0 ] C:\Windows\ehome\ehProxy.dll
20:34:00.0842 2216  C:\Windows\ehome\ehProxy.dll - ok
20:34:00.0842 2216  [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe
20:34:00.0842 2216  C:\Windows\ehome\ehshell.exe - ok
20:34:00.0847 2216  [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
20:34:00.0847 2216  C:\Program Files\Windows Collaboration\WinCollab.exe - ok
20:34:00.0847 2216  [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
20:34:00.0847 2216  C:\Program Files\Movie Maker\MOVIEMK.exe - ok
20:34:00.0852 2216  [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
20:34:00.0852 2216  C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
20:34:00.0857 2216  [ 91B24B338716F858A4DA128C254A0B4D ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
20:34:00.0857 2216  C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll - ok
20:34:00.0857 2216  [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
20:34:00.0857 2216  C:\Windows\System32\wuapp.exe - ok
20:34:00.0862 2216  [ 00ACC11DD0D9CC960D23A043F2DAEECE ] C:\Program Files\WinZip\WINZIP32.EXE
20:34:00.0862 2216  C:\Program Files\WinZip\WINZIP32.EXE - ok
20:34:00.0862 2216  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\74434949.sys
20:34:00.0862 2216  C:\Windows\System32\drivers\74434949.sys - ok
20:34:00.0867 2216  [ CD06CDFD78510C7F5EB6D63973D4A6FE ] C:\Program Files\WinZip\WZ32.DLL
20:34:00.0867 2216  C:\Program Files\WinZip\WZ32.DLL - ok
20:34:00.0867 2216  [ 7CAD67158699E976ABE0E5218638EEB7 ] C:\Program Files\Lexmark Fax Solutions\fm3032d.dll
20:34:00.0867 2216  C:\Program Files\Lexmark Fax Solutions\fm3032d.dll - ok
20:34:00.0872 2216  [ 6F60A5FC2BBB193E3AE569712928164B ] C:\Program Files\Lexmark 2600 Series\lxdncomx.dll
20:34:00.0872 2216  C:\Program Files\Lexmark 2600 Series\lxdncomx.dll - ok
20:34:00.0872 2216  [ 93BD4A6DBD33E107BA59FE190AF779C6 ] C:\Windows\System32\spool\drivers\w32x86\3\lxdncats.dll
20:34:00.0872 2216  C:\Windows\System32\spool\drivers\w32x86\3\lxdncats.dll - ok
20:34:00.0877 2216  [ 8A4D1CF9BD1DF0BDE65156BB09D6E2B1 ] C:\Program Files\Lexmark Fax Solutions\dtidb.dll
20:34:00.0877 2216  C:\Program Files\Lexmark Fax Solutions\dtidb.dll - ok
20:34:00.0877 2216  [ 2CD321E2A7B05CAFAF4C98667454C057 ] C:\Program Files\Lexmark 2600 Series\lxdndrs.dll
20:34:00.0877 2216  C:\Program Files\Lexmark 2600 Series\lxdndrs.dll - ok
20:34:00.0882 2216  [ B411215104EC77C4DC68ADD130875589 ] C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe
20:34:00.0902 2216  C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe - ok
20:34:00.0902 2216  [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
20:34:00.0902 2216  C:\Windows\System32\mscoree.dll - ok
20:34:00.0907 2216  [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
20:34:00.0907 2216  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
20:34:00.0907 2216  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
20:34:00.0907 2216  C:\Windows\System32\riched20.dll - ok
20:34:00.0912 2216  [ B8EC01E783B2100F1A894CC2EDB759FB ] C:\Program Files\Lexmark 2600 Series\lxdncaps.dll
20:34:00.0912 2216  C:\Program Files\Lexmark 2600 Series\lxdncaps.dll - ok
20:34:00.0912 2216  [ 768397F3C645F6A29C1413AACC8C0981 ] C:\Program Files\Lexmark 2600 Series\lxdncnv4.dll
20:34:00.0917 2216  C:\Program Files\Lexmark 2600 Series\lxdncnv4.dll - ok
20:34:00.0917 2216  [ C50231C862536CB54DCEAAC60813B14F ] C:\Program Files\Lexmark 2600 Series\lxdncomc.dll
20:34:00.0917 2216  C:\Program Files\Lexmark 2600 Series\lxdncomc.dll - ok
20:34:00.0922 2216  [ B5E5F391E7C77EBEF8992416CA7477DA ] C:\Program Files\Lexmark 2600 Series\lxdnmonr.dll
20:34:00.0922 2216  C:\Program Files\Lexmark 2600 Series\lxdnmonr.dll - ok
20:34:00.0922 2216  [ 72594EB194F7F795B89BA6D8628AEC8C ] C:\Program Files\Lexmark Fax Solutions\lexctrls.dll
20:34:00.0922 2216  C:\Program Files\Lexmark Fax Solutions\lexctrls.dll - ok
20:34:00.0927 2216  [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll
20:34:00.0927 2216  C:\Windows\System32\wer.dll - ok
20:34:00.0927 2216  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
20:34:00.0927 2216  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
20:34:00.0932 2216  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
20:34:00.0932 2216  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
20:34:00.0937 2216  [ 67EE46FD4D3B56531C5DD1BDC149275A ] C:\Program Files\Internet Explorer\iexplore.exe
20:34:00.0937 2216  C:\Program Files\Internet Explorer\iexplore.exe - ok
20:34:00.0937 2216  [ B0D16BC319E37E875C4B491460807051 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
20:34:00.0937 2216  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll - ok
20:34:00.0942 2216  [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
20:34:00.0942 2216  C:\Windows\System32\stobject.dll - ok
20:34:00.0942 2216  [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
20:34:00.0942 2216  C:\Windows\System32\batmeter.dll - ok
20:34:00.0947 2216  [ FECC6977944FC212772173C86AA9B0C0 ] C:\Program Files\Lexmark Fax Solutions\ltwvc215u.dll
20:34:00.0947 2216  C:\Program Files\Lexmark Fax Solutions\ltwvc215u.dll - ok
20:34:00.0947 2216  [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
20:34:00.0947 2216  C:\Windows\System32\SndVolSSO.dll - ok
20:34:00.0952 2216  [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\Windows\ehome\ehSSO.dll
20:34:00.0952 2216  C:\Windows\ehome\ehSSO.dll - ok
20:34:00.0957 2216  [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
20:34:00.0957 2216  C:\Windows\System32\pnidui.dll - ok
20:34:00.0957 2216  [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll
20:34:00.0957 2216  C:\Windows\System32\fdProxy.dll - ok
20:34:00.0962 2216  [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll
20:34:00.0962 2216  C:\Windows\System32\fdWSD.dll - ok
20:34:00.0962 2216  [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:34:00.0962 2216  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:34:00.0962 2216  [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll
20:34:00.0962 2216  C:\Windows\System32\fdSSDP.dll - ok
20:34:00.0967 2216  [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
20:34:00.0967 2216  C:\Windows\System32\AltTab.dll - ok
20:34:00.0967 2216  [ A216F1C708CA4CBB7E1EB096C3A7EC5F ] C:\Windows\System32\WPDShServiceObj.dll
20:34:00.0967 2216  C:\Windows\System32\WPDShServiceObj.dll - ok
20:34:00.0972 2216  [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
20:34:00.0972 2216  C:\Windows\System32\srchadmin.dll - ok
20:34:00.0977 2216  [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:34:00.0977 2216  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:34:00.0977 2216  [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
20:34:00.0977 2216  C:\Windows\System32\webcheck.dll - ok
20:34:00.0982 2216  [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
20:34:00.0982 2216  C:\Windows\System32\SyncCenter.dll - ok
20:34:00.0982 2216  [ 8274C87726D4561EE8750D883764ACC1 ] C:\Windows\System32\wbem\unsecapp.exe
20:34:00.0982 2216  C:\Windows\System32\wbem\unsecapp.exe - ok
20:34:00.0987 2216  [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
20:34:00.0987 2216  C:\Windows\System32\drivers\cdfs.sys - ok
20:34:00.0987 2216  [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
20:34:00.0987 2216  C:\Windows\System32\imapi2.dll - ok
20:34:00.0992 2216  [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
20:34:00.0992 2216  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
20:34:00.0992 2216  [ 75DE43A4302967C786A0DA65C649F1A0 ] C:\Program Files\Lexmark Fax Solutions\ltkrn15u.dll
20:34:00.0992 2216  C:\Program Files\Lexmark Fax Solutions\ltkrn15u.dll - ok
20:34:00.0997 2216  [ 815CD2A760AA1D6003F4447B35D8EAB2 ] C:\Program Files\Lexmark Fax Solutions\oem.dll
20:34:00.0997 2216  C:\Program Files\Lexmark Fax Solutions\oem.dll - ok
20:34:01.0002 2216  [ 8F16D86E7603C7260ECE2E512E6B82A7 ] C:\Program Files\Lexmark Fax Solutions\fm3032rc.dll
20:34:01.0002 2216  C:\Program Files\Lexmark Fax Solutions\fm3032rc.dll - ok
20:34:01.0002 2216  [ E32BBFE65E25E78B9A6FB95999AA36DB ] C:\Program Files\Lexmark Fax Solutions\im32fax.dil
20:34:01.0002 2216  C:\Program Files\Lexmark Fax Solutions\im32fax.dil - ok
20:34:01.0007 2216  [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
20:34:01.0007 2216  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
20:34:01.0007 2216  [ 92D1B7E3981A24B8F3093CE42AB31C68 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
20:34:01.0007 2216  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll - ok
20:34:01.0012 2216  [ FA6C50A3F71D79463D5740811B975156 ] C:\Program Files\Lexmark 2600 Series\app4r.monitor.common.dll
20:34:01.0012 2216  C:\Program Files\Lexmark 2600 Series\app4r.monitor.common.dll - ok
20:34:01.0012 2216  [ 567AABB44F12BC1233CE6D2AA083EE36 ] C:\Program Files\Lexmark 2600 Series\app4r.monitor.core.dll
20:34:01.0012 2216  C:\Program Files\Lexmark 2600 Series\app4r.monitor.core.dll - ok
20:34:01.0017 2216  [ 108C49BB443E08DBE065A66DE758B5BA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
20:34:01.0017 2216  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll - ok
20:34:01.0022 2216  [ 1D3D0925F0098E664CAB414D4E507792 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
20:34:01.0022 2216  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll - ok
20:34:01.0022 2216  [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
20:34:01.0022 2216  C:\Windows\System32\wbem\cimwin32.dll - ok
20:34:01.0027 2216  [ FD8058C6C9A016C3DB56FDC78A0C2965 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
20:34:01.0027 2216  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll - ok
20:34:01.0027 2216  [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
20:34:01.0027 2216  C:\Windows\System32\framedynos.dll - ok
20:34:01.0032 2216  [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
20:34:01.0032 2216  C:\Windows\System32\security.dll - ok
20:34:01.0032 2216  [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:34:01.0032 2216  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:34:01.0037 2216  [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll
20:34:01.0037 2216  C:\Windows\System32\dssenh.dll - ok
20:34:01.0042 2216  [ 961359F17AE51A7E2D105F7A2B3F4ACE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
20:34:01.0042 2216  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll - ok
20:34:01.0042 2216  [ 0F308FD7005AA6971D62051F65F9A3BD ] C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
20:34:01.0042 2216  C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll - ok
20:34:01.0047 2216  [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
20:34:01.0047 2216  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
20:34:01.0052 2216  [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
20:34:01.0052 2216  C:\Windows\System32\wbem\wmiprov.dll - ok
20:34:01.0052 2216  [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
20:34:01.0052 2216  C:\Windows\System32\wmi.dll - ok
20:34:01.0057 2216  [ EB748041675833B7D74286C8CA00D220 ] C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll
20:34:01.0057 2216  C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll - ok
20:34:01.0057 2216  [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll
20:34:01.0057 2216  C:\Windows\System32\wbem\wmipcima.dll - ok
20:34:01.0062 2216  [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll
20:34:01.0062 2216  C:\Windows\System32\wmpmde.dll - ok
20:34:01.0062 2216  [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll
20:34:01.0062 2216  C:\Windows\System32\mf.dll - ok
20:34:01.0067 2216  [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
20:34:01.0067 2216  C:\Windows\System32\bthprops.cpl - ok
20:34:01.0067 2216  [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll
20:34:01.0067 2216  C:\Windows\System32\evr.dll - ok
20:34:01.0072 2216  [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll
20:34:01.0072 2216  C:\Windows\System32\wmdrmsdk.dll - ok
20:34:01.0072 2216  [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll
20:34:01.0072 2216  C:\Windows\System32\dxva2.dll - ok
20:34:01.0077 2216  [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll
20:34:01.0077 2216  C:\Windows\System32\wmp.dll - ok
20:34:01.0077 2216  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\Lexmark 2600 Series\mfc71.dll
20:34:01.0077 2216  C:\Program Files\Lexmark 2600 Series\mfc71.dll - ok
20:34:01.0082 2216  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Lexmark 2600 Series\msvcr71.dll
20:34:01.0082 2216  C:\Program Files\Lexmark 2600 Series\msvcr71.dll - ok
20:34:01.0082 2216  [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
20:34:01.0082 2216  C:\Windows\System32\msvfw32.dll - ok
20:34:01.0087 2216  ============================================================
20:34:01.0087 2216  Scan finished
20:34:01.0087 2216  ============================================================
20:34:01.0092 3152  Detected object count: 0
20:34:01.0092 3152  Actual detected object count: 0
 

 



#9 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 24 June 2013 - 10:42 PM

oops, attachment.

Attached Files



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 14,861 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:10 AM

Posted 25 June 2013 - 08:06 AM

Hi Dave,

Can you describe your current symptoms please.

Let's get an antivirus program on your computer and extract some additional information for us to evaluate.

===================================================

No Antivirus Program Installed

-------------------
  • Please download and install an antivirus program, and make sure that you keep it updated.
  • New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software. Two good antivirus programs free for non-commercial home use are avast! Free Antivirus and Avira AntiVir Personal - Free Antivirus.
  • You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
===================================================

Obtaining ComboFix Qoobox Log

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type cmd
  • In the list of results, right-click Command Prompt, and then click Run as administrator
  • If you are prompted for an administrator password or confirmation, type the password or provide confirmation
  • Copy/paste the following line in the run box and click OK

dir /a/s/b C:\QooBox >log.txt & log.txt

  • A text file will open. Please copy/paste that information in your reply.
===================================================

SystemLook by jpshortstuff

--------------------
  • Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:dir
C:\Windows\System32\%APPDATA% /s
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Is an antivirus program installed?
  • Qoobox log
  • SystemLook log
  • What are your current symptoms?

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 25 June 2013 - 10:54 AM

No specific symptoms at present. I jumped the gun before my original post, and ran through some of the steps you described to other members, which seem to have solved the apparent problems (and thanks so much for being there).

 

Had an expired Norton and remnants of an ISP hosted MacAfee which are now all gone as you noted. I will not be at the computer again until tonight and will look for a new AV immediately.

 

I don't mind paying if it's better protection. I would be interested in any further AV recommendations you may have.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 14,861 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:10 AM

Posted 25 June 2013 - 02:37 PM

Personally I use Avast Free and along with being careful I have never had an issue.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 25 June 2013 - 08:37 PM

Ok, Avast is installed.

 

Info log:

 

C:\QooBox\Add-Remove Programs.txt
C:\QooBox\BackEnv
C:\QooBox\CFScript_used_2013-06-19_21.14.29.txt
C:\QooBox\ComboFix-quarantined-files.txt
C:\QooBox\ComboFix2.txt
C:\QooBox\Quarantine
C:\QooBox\Quarantine\C
C:\QooBox\Quarantine\catchme.log
C:\QooBox\Quarantine\catchme.txt
C:\QooBox\Quarantine\MBR_HardDisk0.mbr
C:\QooBox\Quarantine\Registry_backups
C:\QooBox\Quarantine\C\ProgramData
C:\QooBox\Quarantine\C\Users
C:\QooBox\Quarantine\C\Windows
C:\QooBox\Quarantine\C\ProgramData\SPL6064.tmp.vir
C:\QooBox\Quarantine\C\Users\Dave
C:\QooBox\Quarantine\C\Users\Dave\g2mdlhlpx.exe.vir
C:\QooBox\Quarantine\C\Windows\System32
C:\QooBox\Quarantine\C\Windows\System32\drivers
C:\QooBox\Quarantine\C\Windows\System32\jucheck.exe.vir
C:\QooBox\Quarantine\C\Windows\System32\jusched.exe.vir
C:\QooBox\Quarantine\C\Windows\System32\drivers\etc
C:\QooBox\Quarantine\C\Windows\System32\drivers\etc\hosts.ics.vir
C:\QooBox\Quarantine\Registry_backups\HKCU-Run-attcm.exe.reg.dat
C:\QooBox\Quarantine\Registry_backups\HKLM-Run-Corel Photo Downloader.reg.dat
C:\QooBox\Quarantine\Registry_backups\SafeBoot-MCODS.reg.dat
C:\QooBox\Quarantine\Registry_backups\tcpip.reg
 
Then, SystemLook. Not sure if this is what is expected:
 
SystemLook 30.07.11 by jpshortstuff
Log created at 18:35 on 25/06/2013 by Dave
Administrator - Elevation successful
 
========== dir ==========
 
C:\Windows\System32\C:\Users\Dave\AppData\Roaming - Unable to find folder.
 
-= EOF =-

 



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 14,861 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:10 AM

Posted 25 June 2013 - 08:41 PM

Did you run the exact script I provided for SystemLook?
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 daveshoot

daveshoot
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 25 June 2013 - 08:54 PM

Copied and pasted, I don't appear to have a "Roaming" directory.

 

:dir
C
:\Windows\System32\%APPDATA% /s

 

I checked Windows Explorer directly...

 

========== dir ==========
 
C:\Windows\System32\C:\Users\Dave\AppData\Roaming - Unable to find folder.
 
-= EOF =-





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users