Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nothing Will Open On Computer


  • This topic is locked This topic is locked
29 replies to this topic

#16 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 26 May 2013 - 03:24 PM

I did the scans. Here are the logs:

 

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Keith [Admin rights]
Mode : Remove -- Date : 05/26/2013 16:16:39
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] MusicManager.exe -- C:\Users\Keith\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MusicManager ("C:\Users\Keith\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") [-] -> DELETED
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe  -> DELETED
[TASK][ROGUE ST] 4682 : wscript.exe C:\Users\Keith\AppData\Local\Temp\launchie.vbs //B -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: TOSHIBA MK1655GSX ATA Device +++++
--- User ---
[MBR] 58f595e6f6d512dfc1f9e29c57c29a84
[BSP] abed930995b09610907d11db3f536f6c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 140232 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[2]_D_05262013_02d1616.txt >>
RKreport[1]_S_05262013_02d1611.txt ; RKreport[2]_D_05262013_02d1616.txt
 
 
 

 

16:20:51.0990 4588  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:20:52.0443 4588  ============================================================
16:20:52.0443 4588  Current date / time: 2013/05/26 16:20:52.0443
16:20:52.0443 4588  SystemInfo:
16:20:52.0443 4588  
16:20:52.0443 4588  OS Version: 6.1.7601 ServicePack: 1.0
16:20:52.0443 4588  Product type: Workstation
16:20:52.0443 4588  ComputerName: KEITH-PC
16:20:52.0443 4588  UserName: Keith
16:20:52.0443 4588  Windows directory: C:\Windows
16:20:52.0443 4588  System windows directory: C:\Windows
16:20:52.0443 4588  Running under WOW64
16:20:52.0443 4588  Processor architecture: Intel x64
16:20:52.0443 4588  Number of processors: 1
16:20:52.0443 4588  Page size: 0x1000
16:20:52.0443 4588  Boot type: Normal boot
16:20:52.0443 4588  ============================================================
16:20:53.0722 4588  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:53.0753 4588  ============================================================
16:20:53.0753 4588  \Device\Harddisk0\DR0:
16:20:53.0753 4588  MBR partitions:
16:20:53.0753 4588  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
16:20:53.0753 4588  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x111E4784
16:20:53.0753 4588  ============================================================
16:20:53.0800 4588  C: <-> \Device\Harddisk0\DR0\Partition2
16:20:53.0800 4588  ============================================================
16:20:53.0800 4588  Initialize success
16:20:53.0800 4588  ============================================================
16:20:59.0182 6680  ============================================================
16:20:59.0182 6680  Scan started
16:20:59.0182 6680  Mode: Manual; 
16:20:59.0182 6680  ============================================================
16:21:00.0009 6680  ================ Scan system memory ========================
16:21:00.0009 6680  System memory - ok
16:21:00.0009 6680  ================ Scan services =============================
16:21:00.0477 6680  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:21:00.0477 6680  1394ohci - ok
16:21:00.0586 6680  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:21:00.0586 6680  ACPI - ok
16:21:00.0664 6680  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:21:00.0664 6680  AcpiPmi - ok
16:21:01.0054 6680  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:21:01.0070 6680  AdobeARMservice - ok
16:21:01.0304 6680  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:01.0319 6680  AdobeFlashPlayerUpdateSvc - ok
16:21:01.0444 6680  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:21:01.0444 6680  adp94xx - ok
16:21:01.0522 6680  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:21:01.0538 6680  adpahci - ok
16:21:01.0584 6680  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:21:01.0584 6680  adpu320 - ok
16:21:01.0709 6680  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:21:01.0709 6680  AeLookupSvc - ok
16:21:01.0834 6680  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:21:01.0850 6680  AFD - ok
16:21:01.0959 6680  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:21:01.0974 6680  agp440 - ok
16:21:03.0020 6680  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
16:21:03.0020 6680  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
16:21:03.0035 6680  Akamai ( HiddenFile.Multi.Generic ) - warning
16:21:03.0035 6680  Akamai - detected HiddenFile.Multi.Generic (1)
16:21:03.0082 6680  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:21:03.0082 6680  ALG - ok
16:21:03.0160 6680  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:21:03.0160 6680  aliide - ok
16:21:03.0222 6680  [ F238BE4FA4E55EB67F17281FADF69851 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:21:03.0238 6680  AMD External Events Utility - ok
16:21:03.0316 6680  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:21:03.0316 6680  amdide - ok
16:21:03.0410 6680  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:21:03.0425 6680  AmdK8 - ok
16:21:03.0488 6680  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:21:03.0488 6680  AmdPPM - ok
16:21:03.0597 6680  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:21:03.0597 6680  amdsata - ok
16:21:03.0628 6680  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:21:03.0644 6680  amdsbs - ok
16:21:03.0675 6680  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:21:03.0675 6680  amdxata - ok
16:21:03.0722 6680  [ C79C86A0395689045710E24D64E5E086 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
16:21:03.0737 6680  ApfiltrService - ok
16:21:03.0800 6680  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:21:03.0800 6680  AppID - ok
16:21:03.0878 6680  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:21:03.0878 6680  AppIDSvc - ok
16:21:03.0987 6680  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:21:04.0002 6680  Appinfo - ok
16:21:04.0236 6680  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:04.0252 6680  Apple Mobile Device - ok
16:21:04.0346 6680  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:21:04.0346 6680  arc - ok
16:21:04.0377 6680  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:21:04.0377 6680  arcsas - ok
16:21:04.0767 6680  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:21:04.0767 6680  aspnet_state - ok
16:21:04.0923 6680  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
16:21:04.0923 6680  aswFsBlk - ok
16:21:05.0016 6680  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:21:05.0016 6680  aswMonFlt - ok
16:21:05.0157 6680  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
16:21:05.0157 6680  aswRdr - ok
16:21:05.0219 6680  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:21:05.0219 6680  aswRvrt - ok
16:21:05.0406 6680  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:21:05.0406 6680  aswSnx - ok
16:21:05.0500 6680  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:21:05.0500 6680  aswSP - ok
16:21:05.0578 6680  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:21:05.0578 6680  aswTdi - ok
16:21:05.0656 6680  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:21:05.0672 6680  aswVmm - ok
16:21:05.0750 6680  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:05.0750 6680  AsyncMac - ok
16:21:05.0843 6680  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:21:05.0843 6680  atapi - ok
16:21:06.0077 6680  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:21:06.0093 6680  athr - ok
16:21:06.0670 6680  [ 2DB9047AAC9D981F59CE06D04D70C4D8 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:06.0764 6680  atikmdag - ok
16:21:06.0810 6680  [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
16:21:06.0810 6680  AtiPcie - ok
16:21:06.0982 6680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:06.0998 6680  AudioEndpointBuilder - ok
16:21:07.0013 6680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:21:07.0029 6680  AudioSrv - ok
16:21:07.0388 6680  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:21:07.0388 6680  avast! Antivirus - ok
16:21:07.0700 6680  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:21:07.0700 6680  AxInstSV - ok
16:21:07.0871 6680  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:21:07.0871 6680  b06bdrv - ok
16:21:07.0934 6680  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:21:07.0934 6680  b57nd60a - ok
16:21:07.0996 6680  BBSvc - ok
16:21:08.0043 6680  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:21:08.0043 6680  BDESVC - ok
16:21:08.0090 6680  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:21:08.0090 6680  Beep - ok
16:21:08.0199 6680  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:21:08.0214 6680  BFE - ok
16:21:08.0246 6680  BingDesktopUpdate - ok
16:21:08.0511 6680  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
16:21:08.0526 6680  BITS - ok
16:21:08.0589 6680  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:21:08.0589 6680  blbdrive - ok
16:21:08.0854 6680  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:08.0870 6680  Bonjour Service - ok
16:21:08.0932 6680  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:21:08.0932 6680  bowser - ok
16:21:08.0994 6680  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:21:08.0994 6680  BrFiltLo - ok
16:21:09.0010 6680  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:21:09.0010 6680  BrFiltUp - ok
16:21:09.0104 6680  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:21:09.0119 6680  BridgeMP - ok
16:21:09.0182 6680  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:21:09.0182 6680  Browser - ok
16:21:09.0260 6680  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
16:21:09.0275 6680  Brserid - ok
16:21:09.0338 6680  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:21:09.0338 6680  BrSerWdm - ok
16:21:09.0416 6680  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:21:09.0416 6680  BrUsbMdm - ok
16:21:09.0494 6680  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
16:21:09.0494 6680  BrUsbSer - ok
16:21:09.0572 6680  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:21:09.0587 6680  BTHMODEM - ok
16:21:09.0650 6680  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:21:09.0665 6680  bthserv - ok
16:21:09.0696 6680  catchme - ok
16:21:09.0728 6680  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:21:09.0728 6680  cdfs - ok
16:21:09.0852 6680  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:21:09.0868 6680  cdrom - ok
16:21:09.0962 6680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:21:09.0962 6680  CertPropSvc - ok
16:21:10.0008 6680  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:21:10.0008 6680  circlass - ok
16:21:10.0102 6680  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:21:10.0102 6680  CLFS - ok
16:21:10.0180 6680  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:10.0196 6680  clr_optimization_v2.0.50727_32 - ok
16:21:10.0274 6680  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:21:10.0274 6680  clr_optimization_v2.0.50727_64 - ok
16:21:10.0430 6680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:21:10.0445 6680  clr_optimization_v4.0.30319_32 - ok
16:21:10.0523 6680  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:21:10.0523 6680  clr_optimization_v4.0.30319_64 - ok
16:21:10.0570 6680  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:10.0570 6680  CmBatt - ok
16:21:10.0632 6680  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:21:10.0632 6680  cmdide - ok
16:21:10.0773 6680  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
16:21:10.0788 6680  CNG - ok
16:21:10.0929 6680  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:21:10.0929 6680  Compbatt - ok
16:21:10.0991 6680  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:21:10.0991 6680  CompositeBus - ok
16:21:11.0022 6680  COMSysApp - ok
16:21:11.0069 6680  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:21:11.0069 6680  crcdisk - ok
16:21:11.0178 6680  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:21:11.0178 6680  CryptSvc - ok
16:21:11.0319 6680  CrystalSysInfo - ok
16:21:11.0522 6680  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:21:11.0537 6680  cvhsvc - ok
16:21:11.0646 6680  [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:21:11.0646 6680  dc3d - ok
16:21:11.0771 6680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:21:11.0771 6680  DcomLaunch - ok
16:21:11.0849 6680  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:21:11.0849 6680  defragsvc - ok
16:21:11.0943 6680  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:21:11.0943 6680  DfsC - ok
16:21:12.0068 6680  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:21:12.0083 6680  Dhcp - ok
16:21:12.0146 6680  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:21:12.0146 6680  discache - ok
16:21:12.0224 6680  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:21:12.0224 6680  Disk - ok
16:21:12.0473 6680  [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr         C:\Windows\syswow64\Drivers\DKbFltr.sys
16:21:12.0473 6680  DKbFltr - ok
16:21:12.0551 6680  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:21:12.0551 6680  Dnscache - ok
16:21:12.0614 6680  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:21:12.0629 6680  dot3svc - ok
16:21:12.0723 6680  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:21:12.0723 6680  DPS - ok
16:21:12.0801 6680  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:21:12.0801 6680  drmkaud - ok
16:21:12.0910 6680  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:21:12.0926 6680  DXGKrnl - ok
16:21:12.0988 6680  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:21:13.0004 6680  EapHost - ok
16:21:13.0238 6680  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:21:13.0300 6680  ebdrv - ok
16:21:13.0394 6680  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:21:13.0409 6680  EFS - ok
16:21:13.0565 6680  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:21:13.0565 6680  ehRecvr - ok
16:21:13.0643 6680  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:21:13.0643 6680  ehSched - ok
16:21:13.0784 6680  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
16:21:13.0784 6680  ElbyCDIO - ok
16:21:13.0862 6680  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:21:13.0862 6680  elxstor - ok
16:21:14.0049 6680  [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:21:14.0064 6680  ePowerSvc - ok
16:21:14.0142 6680  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:21:14.0142 6680  ErrDev - ok
16:21:14.0252 6680  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:21:14.0252 6680  EventSystem - ok
16:21:14.0283 6680  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:21:14.0283 6680  exfat - ok
16:21:14.0345 6680  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:21:14.0345 6680  fastfat - ok
16:21:14.0423 6680  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:21:14.0439 6680  Fax - ok
16:21:14.0470 6680  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:21:14.0470 6680  fdc - ok
16:21:14.0517 6680  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:21:14.0517 6680  fdPHost - ok
16:21:14.0532 6680  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:21:14.0548 6680  FDResPub - ok
16:21:14.0579 6680  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:21:14.0579 6680  FileInfo - ok
16:21:14.0626 6680  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:21:14.0626 6680  Filetrace - ok
16:21:14.0766 6680  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:21:14.0782 6680  FLEXnet Licensing Service - ok
16:21:14.0954 6680  [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:21:14.0969 6680  FlipShare Service - ok
16:21:15.0125 6680  [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:21:15.0156 6680  FlipShareServer - ok
16:21:15.0219 6680  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:15.0219 6680  flpydisk - ok
16:21:15.0312 6680  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:21:15.0312 6680  FltMgr - ok
16:21:15.0437 6680  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:21:15.0453 6680  FontCache - ok
16:21:15.0531 6680  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:21:15.0531 6680  FontCache3.0.0.0 - ok
16:21:15.0609 6680  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:21:15.0609 6680  FsDepends - ok
16:21:15.0718 6680  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:21:15.0718 6680  fssfltr - ok
16:21:15.0905 6680  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:21:15.0921 6680  fsssvc - ok
16:21:15.0999 6680  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:21:15.0999 6680  Fs_Rec - ok
16:21:16.0092 6680  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:21:16.0092 6680  fvevol - ok
16:21:16.0155 6680  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:21:16.0155 6680  gagp30kx - ok
16:21:16.0280 6680  [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
16:21:16.0295 6680  GameConsoleService - ok
16:21:16.0389 6680  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:21:16.0389 6680  GEARAspiWDM - ok
16:21:16.0498 6680  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:21:16.0514 6680  gpsvc - ok
16:21:16.0654 6680  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
16:21:16.0670 6680  Greg_Service - ok
16:21:16.0872 6680  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:16.0872 6680  gupdate - ok
16:21:16.0919 6680  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:16.0919 6680  gupdatem - ok
16:21:16.0982 6680  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:16.0997 6680  gusvc - ok
16:21:17.0075 6680  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:21:17.0075 6680  hcw85cir - ok
16:21:17.0169 6680  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:17.0184 6680  HdAudAddService - ok
16:21:17.0231 6680  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:21:17.0231 6680  HDAudBus - ok
16:21:17.0294 6680  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:21:17.0294 6680  HidBatt - ok
16:21:17.0340 6680  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:21:17.0340 6680  HidBth - ok
16:21:17.0372 6680  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:21:17.0387 6680  HidIr - ok
16:21:17.0434 6680  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:21:17.0434 6680  hidserv - ok
16:21:17.0528 6680  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:21:17.0528 6680  HidUsb - ok
16:21:17.0621 6680  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:21:17.0637 6680  hkmsvc - ok
16:21:17.0699 6680  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:21:17.0715 6680  HomeGroupListener - ok
16:21:17.0777 6680  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:21:17.0793 6680  HomeGroupProvider - ok
16:21:17.0871 6680  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:21:17.0871 6680  HpSAMD - ok
16:21:17.0964 6680  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:21:17.0980 6680  HTTP - ok
16:21:18.0074 6680  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:21:18.0074 6680  hwpolicy - ok
16:21:18.0152 6680  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:21:18.0152 6680  i8042prt - ok
16:21:18.0245 6680  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:21:18.0245 6680  iaStorV - ok
16:21:18.0339 6680  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:21:18.0354 6680  idsvc - ok
16:21:18.0417 6680  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:21:18.0417 6680  iirsp - ok
16:21:18.0510 6680  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:21:18.0526 6680  IKEEXT - ok
16:21:18.0635 6680  [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:21:18.0666 6680  IntcAzAudAddService - ok
16:21:18.0682 6680  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:21:18.0682 6680  intelide - ok
16:21:18.0744 6680  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:21:18.0744 6680  intelppm - ok
16:21:18.0791 6680  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:21:18.0791 6680  IPBusEnum - ok
16:21:18.0869 6680  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:18.0869 6680  IpFilterDriver - ok
16:21:18.0963 6680  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:21:18.0978 6680  iphlpsvc - ok
16:21:19.0041 6680  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:21:19.0041 6680  IPMIDRV - ok
16:21:19.0119 6680  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:21:19.0119 6680  IPNAT - ok
16:21:19.0337 6680  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:21:19.0353 6680  iPod Service - ok
16:21:19.0384 6680  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:21:19.0384 6680  IRENUM - ok
16:21:19.0446 6680  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:21:19.0446 6680  isapnp - ok
16:21:19.0493 6680  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:21:19.0493 6680  iScsiPrt - ok
16:21:19.0556 6680  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:21:19.0556 6680  kbdclass - ok
16:21:19.0587 6680  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:21:19.0587 6680  kbdhid - ok
16:21:19.0602 6680  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:21:19.0618 6680  KeyIso - ok
16:21:19.0743 6680  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:21:19.0758 6680  KSecDD - ok
16:21:19.0836 6680  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:21:19.0852 6680  KSecPkg - ok
16:21:19.0946 6680  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:21:19.0946 6680  ksthunk - ok
16:21:20.0008 6680  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:21:20.0024 6680  KtmRm - ok
16:21:20.0086 6680  [ 9C46A5421DE9D116C47155317CABB522 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:21:20.0102 6680  L1C - ok
16:21:20.0195 6680  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:21:20.0211 6680  LanmanServer - ok
16:21:20.0304 6680  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:20.0304 6680  LanmanWorkstation - ok
16:21:20.0367 6680  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:21:20.0367 6680  lltdio - ok
16:21:20.0414 6680  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:21:20.0429 6680  lltdsvc - ok
16:21:20.0460 6680  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:21:20.0460 6680  lmhosts - ok
16:21:20.0538 6680  LMIInfo - ok
16:21:20.0601 6680  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
16:21:20.0601 6680  lmimirr - ok
16:21:20.0632 6680  LMIRfsClientNP - ok
16:21:20.0663 6680  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
16:21:20.0663 6680  LMIRfsDriver - ok
16:21:20.0741 6680  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:21:20.0741 6680  LSI_FC - ok
16:21:20.0772 6680  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:21:20.0788 6680  LSI_SAS - ok
16:21:20.0850 6680  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:21:20.0850 6680  LSI_SAS2 - ok
16:21:20.0913 6680  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:21:20.0913 6680  LSI_SCSI - ok
16:21:20.0975 6680  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:21:20.0975 6680  luafv - ok
16:21:21.0053 6680  [ 4DB7D24F69354073A1C13F5889E63208 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
16:21:21.0069 6680  lvpopf64 - ok
16:21:21.0178 6680  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:21:21.0178 6680  LVPr2M64 - ok
16:21:21.0225 6680  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:21:21.0225 6680  LVPr2Mon - ok
16:21:21.0365 6680  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
16:21:21.0365 6680  LVRS64 - ok
16:21:21.0880 6680  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
16:21:21.0927 6680  LVUVC64 - ok
16:21:21.0989 6680  [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
16:21:21.0989 6680  ManyCam - ok
16:21:22.0052 6680  [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
16:21:22.0052 6680  mcaudrv_simple - ok
16:21:22.0130 6680  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:21:22.0130 6680  Mcx2Svc - ok
16:21:22.0208 6680  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:21:22.0208 6680  megasas - ok
16:21:22.0410 6680  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:21:22.0426 6680  MegaSR - ok
16:21:22.0535 6680  Microsoft SharePoint Workspace Audit Service - ok
16:21:22.0629 6680  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:21:22.0629 6680  MMCSS - ok
16:21:22.0707 6680  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:21:22.0707 6680  Modem - ok
16:21:22.0738 6680  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:21:22.0738 6680  monitor - ok
16:21:22.0832 6680  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:21:22.0832 6680  mouclass - ok
16:21:22.0894 6680  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:21:22.0894 6680  mouhid - ok
16:21:22.0972 6680  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:21:22.0972 6680  mountmgr - ok
16:21:23.0081 6680  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:21:23.0081 6680  mpio - ok
16:21:23.0128 6680  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:21:23.0144 6680  mpsdrv - ok
16:21:23.0237 6680  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:21:23.0253 6680  MpsSvc - ok
16:21:23.0315 6680  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:21:23.0315 6680  MRxDAV - ok
16:21:23.0393 6680  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:23.0393 6680  mrxsmb - ok
16:21:23.0502 6680  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:23.0518 6680  mrxsmb10 - ok
16:21:23.0596 6680  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:23.0596 6680  mrxsmb20 - ok
16:21:23.0674 6680  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:21:23.0674 6680  msahci - ok
16:21:23.0705 6680  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:21:23.0705 6680  msdsm - ok
16:21:23.0752 6680  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:21:23.0752 6680  MSDTC - ok
16:21:23.0830 6680  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:21:23.0830 6680  Msfs - ok
16:21:23.0908 6680  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:21:23.0924 6680  mshidkmdf - ok
16:21:23.0986 6680  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:21:24.0002 6680  msisadrv - ok
16:21:24.0080 6680  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:21:24.0095 6680  MSiSCSI - ok
16:21:24.0126 6680  msiserver - ok
16:21:24.0189 6680  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:21:24.0189 6680  MSKSSRV - ok
16:21:24.0236 6680  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:24.0236 6680  MSPCLOCK - ok
16:21:24.0282 6680  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:21:24.0282 6680  MSPQM - ok
16:21:24.0360 6680  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:21:24.0360 6680  MsRPC - ok
16:21:24.0423 6680  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:21:24.0423 6680  mssmbios - ok
16:21:24.0626 6680  MSSQL$SQLEXPRESS - ok
16:21:24.0860 6680  [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:21:24.0860 6680  MSSQLServerADHelper100 - ok
16:21:24.0922 6680  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:21:24.0922 6680  MSTEE - ok
16:21:24.0969 6680  msvsmon90 - ok
16:21:25.0000 6680  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:21:25.0000 6680  MTConfig - ok
16:21:25.0031 6680  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:21:25.0031 6680  Mup - ok
16:21:25.0203 6680  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:21:25.0218 6680  napagent - ok
16:21:25.0312 6680  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:21:25.0312 6680  NativeWifiP - ok
16:21:25.0515 6680  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:21:25.0515 6680  NDIS - ok
16:21:25.0562 6680  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:21:25.0562 6680  NdisCap - ok
16:21:25.0608 6680  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:25.0608 6680  NdisTapi - ok
16:21:25.0671 6680  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:25.0671 6680  Ndisuio - ok
16:21:25.0796 6680  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:25.0796 6680  NdisWan - ok
16:21:25.0889 6680  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:21:25.0889 6680  NDProxy - ok
16:21:25.0952 6680  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:21:25.0952 6680  NetBIOS - ok
16:21:26.0030 6680  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:21:26.0030 6680  NetBT - ok
16:21:26.0076 6680  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:21:26.0076 6680  Netlogon - ok
16:21:26.0154 6680  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:21:26.0154 6680  Netman - ok
16:21:26.0310 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0310 6680  NetMsmqActivator - ok
16:21:26.0357 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0357 6680  NetPipeActivator - ok
16:21:26.0451 6680  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:21:26.0482 6680  netprofm - ok
16:21:26.0529 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0529 6680  NetTcpActivator - ok
16:21:26.0544 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0544 6680  NetTcpPortSharing - ok
16:21:26.0607 6680  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:21:26.0607 6680  nfrd960 - ok
16:21:26.0732 6680  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:21:26.0747 6680  NlaSvc - ok
16:21:26.0794 6680  NMSAccess - ok
16:21:26.0841 6680  nnfwdk - ok
16:21:26.0888 6680  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:21:26.0888 6680  Npfs - ok
16:21:26.0934 6680  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:21:26.0934 6680  nsi - ok
16:21:26.0950 6680  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:21:26.0966 6680  nsiproxy - ok
16:21:27.0231 6680  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:21:27.0246 6680  Ntfs - ok
16:21:27.0340 6680  [ 317020D31F1696334679B9D0416EB62E ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
16:21:27.0340 6680  NuidFltr - ok
16:21:27.0402 6680  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:21:27.0402 6680  Null - ok
16:21:27.0512 6680  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:21:27.0512 6680  nvraid - ok
16:21:27.0605 6680  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:21:27.0621 6680  nvstor - ok
16:21:27.0792 6680  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:21:27.0808 6680  nv_agp - ok
16:21:27.0902 6680  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:21:27.0902 6680  ohci1394 - ok
16:21:28.0104 6680  [ FF93D67903FDEABCD4470CD82F44ACFA ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:28.0104 6680  ose - ok
16:21:29.0040 6680  [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:21:29.0087 6680  osppsvc - ok
16:21:29.0150 6680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:21:29.0165 6680  p2pimsvc - ok
16:21:29.0212 6680  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:21:29.0243 6680  p2psvc - ok
16:21:29.0274 6680  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:21:29.0290 6680  Parport - ok
16:21:29.0368 6680  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:21:29.0384 6680  partmgr - ok
16:21:29.0446 6680  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:21:29.0462 6680  PcaSvc - ok
16:21:29.0493 6680  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:21:29.0493 6680  pci - ok
16:21:29.0555 6680  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:21:29.0555 6680  pciide - ok
16:21:29.0602 6680  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:21:29.0618 6680  pcmcia - ok
16:21:29.0633 6680  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:21:29.0633 6680  pcw - ok
16:21:29.0711 6680  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:21:29.0711 6680  PEAUTH - ok
16:21:29.0867 6680  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:21:29.0867 6680  PerfHost - ok
16:21:30.0070 6680  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:21:30.0086 6680  pla - ok
16:21:30.0179 6680  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:21:30.0195 6680  PlugPlay - ok
16:21:30.0242 6680  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:21:30.0242 6680  PNRPAutoReg - ok
16:21:30.0273 6680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:21:30.0288 6680  PNRPsvc - ok
16:21:30.0366 6680  [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:21:30.0366 6680  Point64 - ok
16:21:30.0491 6680  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:21:30.0507 6680  PolicyAgent - ok
16:21:30.0616 6680  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:21:30.0632 6680  Power - ok
16:21:30.0725 6680  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:21:30.0725 6680  PptpMiniport - ok
16:21:30.0834 6680  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:21:30.0850 6680  Processor - ok
16:21:31.0022 6680  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:21:31.0053 6680  ProfSvc - ok
16:21:31.0084 6680  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:31.0100 6680  ProtectedStorage - ok
16:21:31.0178 6680  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:21:31.0193 6680  Psched - ok
16:21:31.0302 6680  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:21:31.0302 6680  PxHlpa64 - ok
16:21:31.0490 6680  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:21:31.0536 6680  ql2300 - ok
16:21:31.0599 6680  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:21:31.0599 6680  ql40xx - ok
16:21:31.0661 6680  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:21:31.0677 6680  QWAVE - ok
16:21:31.0692 6680  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:21:31.0692 6680  QWAVEdrv - ok
16:21:31.0739 6680  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:21:31.0739 6680  RasAcd - ok
16:21:31.0817 6680  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:21:31.0817 6680  RasAgileVpn - ok
16:21:31.0880 6680  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:21:31.0880 6680  RasAuto - ok
16:21:31.0973 6680  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:31.0989 6680  Rasl2tp - ok
16:21:32.0192 6680  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:21:32.0285 6680  RasMan - ok
16:21:32.0363 6680  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:32.0379 6680  RasPppoe - ok
16:21:32.0410 6680  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:21:32.0426 6680  RasSstp - ok
16:21:32.0488 6680  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:21:32.0504 6680  rdbss - ok
16:21:32.0613 6680  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:21:32.0613 6680  rdpbus - ok
16:21:32.0644 6680  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:32.0644 6680  RDPCDD - ok
16:21:32.0738 6680  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:21:32.0738 6680  RDPENCDD - ok
16:21:32.0784 6680  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:21:32.0784 6680  RDPREFMP - ok
16:21:32.0909 6680  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:21:32.0909 6680  RdpVideoMiniport - ok
16:21:33.0065 6680  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:21:33.0065 6680  RDPWD - ok
16:21:33.0174 6680  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:21:33.0174 6680  rdyboost - ok
16:21:33.0221 6680  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:21:33.0237 6680  RemoteAccess - ok
16:21:33.0268 6680  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:21:33.0268 6680  RemoteRegistry - ok
16:21:33.0315 6680  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:21:33.0330 6680  RpcEptMapper - ok
16:21:33.0362 6680  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:21:33.0377 6680  RpcLocator - ok
16:21:33.0486 6680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
16:21:33.0502 6680  RpcSs - ok
16:21:33.0564 6680  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:21:33.0564 6680  rspndr - ok
16:21:33.0705 6680  [ FB39AF63D6617F028BA0EBC21B83360D ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
16:21:33.0705 6680  RSUSBSTOR - ok
16:21:33.0720 6680  RtsUIR - ok
16:21:33.0752 6680  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:21:33.0752 6680  SamSs - ok
16:21:33.0876 6680  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:21:33.0876 6680  sbp2port - ok
16:21:33.0939 6680  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:21:33.0954 6680  SCardSvr - ok
16:21:34.0001 6680  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:21:34.0032 6680  scfilter - ok
16:21:34.0126 6680  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:21:34.0142 6680  Schedule - ok
16:21:34.0220 6680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:21:34.0220 6680  SCPolicySvc - ok
16:21:34.0329 6680  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:21:34.0344 6680  SDRSVC - ok
16:21:34.0407 6680  SeaPort - ok
16:21:34.0485 6680  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:21:34.0485 6680  secdrv - ok
16:21:34.0563 6680  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:21:34.0563 6680  seclogon - ok
16:21:34.0610 6680  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
16:21:34.0610 6680  SENS - ok
16:21:34.0656 6680  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:21:34.0656 6680  SensrSvc - ok
16:21:34.0719 6680  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:21:34.0719 6680  Serenum - ok
16:21:34.0781 6680  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:21:34.0781 6680  Serial - ok
16:21:34.0844 6680  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:21:34.0859 6680  sermouse - ok
16:21:35.0000 6680  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:21:35.0015 6680  SessionEnv - ok
16:21:35.0078 6680  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:21:35.0078 6680  sffdisk - ok
16:21:35.0109 6680  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:21:35.0109 6680  sffp_mmc - ok
16:21:35.0140 6680  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:21:35.0140 6680  sffp_sd - ok
16:21:35.0202 6680  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:21:35.0218 6680  sfloppy - ok
16:21:35.0343 6680  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:21:35.0358 6680  Sftfs - ok
16:21:35.0670 6680  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:21:35.0686 6680  sftlist - ok
16:21:35.0780 6680  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:21:35.0780 6680  Sftplay - ok
16:21:35.0858 6680  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:21:35.0858 6680  Sftredir - ok
16:21:35.0889 6680  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:21:35.0889 6680  Sftvol - ok
16:21:36.0029 6680  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:21:36.0045 6680  sftvsa - ok
16:21:36.0123 6680  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:21:36.0138 6680  SharedAccess - ok
16:21:36.0216 6680  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:36.0216 6680  ShellHWDetection - ok
16:21:36.0263 6680  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:21:36.0263 6680  SiSRaid2 - ok
16:21:36.0341 6680  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:21:36.0341 6680  SiSRaid4 - ok
16:21:36.0638 6680  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:21:36.0638 6680  SkypeUpdate - ok
16:21:36.0700 6680  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:21:36.0700 6680  Smb - ok
16:21:36.0778 6680  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:21:36.0794 6680  SNMPTRAP - ok
16:21:36.0840 6680  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:21:36.0840 6680  spldr - ok
16:21:36.0934 6680  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:21:36.0934 6680  Spooler - ok
16:21:37.0152 6680  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:21:37.0246 6680  sppsvc - ok
16:21:37.0293 6680  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:21:37.0308 6680  sppuinotify - ok
16:21:37.0496 6680  [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:21:37.0496 6680  SQLAgent$SQLEXPRESS - ok
16:21:37.0636 6680  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:21:37.0636 6680  SQLBrowser - ok
16:21:37.0761 6680  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:21:37.0761 6680  SQLWriter - ok
16:21:37.0854 6680  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:21:37.0854 6680  srv - ok
16:21:37.0932 6680  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:21:37.0932 6680  srv2 - ok
16:21:37.0995 6680  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:21:37.0995 6680  srvnet - ok
16:21:38.0042 6680  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:21:38.0057 6680  SSDPSRV - ok
16:21:38.0073 6680  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:21:38.0088 6680  SstpSvc - ok
16:21:38.0135 6680  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:21:38.0135 6680  stexstor - ok
16:21:38.0213 6680  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:21:38.0244 6680  stisvc - ok
16:21:38.0322 6680  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:21:38.0322 6680  swenum - ok
16:21:38.0369 6680  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:21:38.0385 6680  swprv - ok
16:21:38.0494 6680  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:21:38.0525 6680  SysMain - ok
16:21:38.0588 6680  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:38.0603 6680  TabletInputService - ok
16:21:38.0634 6680  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:21:38.0650 6680  TapiSrv - ok
16:21:38.0681 6680  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:21:38.0697 6680  TBS - ok
16:21:38.0837 6680  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:21:38.0868 6680  Tcpip - ok
16:21:38.0962 6680  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:21:38.0978 6680  TCPIP6 - ok
16:21:39.0056 6680  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:21:39.0056 6680  tcpipreg - ok
16:21:39.0118 6680  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:21:39.0118 6680  TDPIPE - ok
16:21:39.0180 6680  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:21:39.0180 6680  TDTCP - ok
16:21:39.0290 6680  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:21:39.0290 6680  tdx - ok
16:21:39.0461 6680  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:21:39.0461 6680  TermDD - ok
16:21:39.0586 6680  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:21:39.0586 6680  TermService - ok
16:21:39.0680 6680  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:21:39.0695 6680  Themes - ok
16:21:39.0742 6680  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:21:39.0758 6680  THREADORDER - ok
16:21:39.0804 6680  [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
16:21:39.0804 6680  TIEHDUSB - ok
16:21:39.0851 6680  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:21:39.0851 6680  TrkWks - ok
16:21:39.0945 6680  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:39.0945 6680  TrustedInstaller - ok
16:21:40.0054 6680  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:40.0070 6680  tssecsrv - ok
16:21:40.0132 6680  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:21:40.0132 6680  TsUsbFlt - ok
16:21:40.0257 6680  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:21:40.0257 6680  tunnel - ok
16:21:40.0444 6680  [ AAF458CC200326BEF602B5339400BF86 ] tvnserver       C:\Program Files (x86)\TightVNC\tvnserver.exe
16:21:40.0460 6680  tvnserver - ok
16:21:40.0522 6680  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:21:40.0522 6680  uagp35 - ok
16:21:40.0647 6680  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:21:40.0647 6680  udfs - ok
16:21:40.0725 6680  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:21:40.0725 6680  UI0Detect - ok
16:21:40.0818 6680  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:21:40.0818 6680  uliagpkx - ok
16:21:40.0865 6680  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:21:40.0865 6680  umbus - ok
16:21:40.0896 6680  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:21:40.0896 6680  UmPass - ok
16:21:41.0130 6680  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:21:41.0130 6680  UMVPFSrv - ok
16:21:41.0302 6680  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:21:41.0302 6680  Updater Service - ok
16:21:41.0380 6680  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:21:41.0396 6680  upnphost - ok
16:21:41.0458 6680  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:21:41.0458 6680  USBAAPL64 - ok
16:21:41.0567 6680  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:21:41.0567 6680  usbaudio - ok
16:21:41.0630 6680  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:41.0645 6680  usbccgp - ok
16:21:41.0661 6680  USBCCID - ok
16:21:41.0723 6680  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:21:41.0739 6680  usbcir - ok
16:21:41.0770 6680  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:21:41.0770 6680  usbehci - ok
16:21:41.0801 6680  [ 6648C6D7323A2CE0C4776C36CEFBCB14 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
16:21:41.0817 6680  usbfilter - ok
16:21:41.0910 6680  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:21:41.0926 6680  usbhub - ok
16:21:42.0020 6680  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:21:42.0020 6680  usbohci - ok
16:21:42.0113 6680  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:21:42.0113 6680  usbprint - ok
16:21:42.0176 6680  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:21:42.0176 6680  usbscan - ok
16:21:42.0269 6680  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:42.0269 6680  USBSTOR - ok
16:21:42.0347 6680  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:21:42.0347 6680  usbuhci - ok
16:21:42.0472 6680  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:21:42.0472 6680  usbvideo - ok
16:21:42.0534 6680  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:21:42.0534 6680  UxSms - ok
16:21:42.0581 6680  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:21:42.0597 6680  VaultSvc - ok
16:21:42.0628 6680  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
16:21:42.0628 6680  VClone - ok
16:21:42.0690 6680  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:21:42.0690 6680  vdrvroot - ok
16:21:42.0768 6680  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:21:42.0784 6680  vds - ok
16:21:42.0846 6680  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:42.0846 6680  vga - ok
16:21:42.0893 6680  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:21:42.0893 6680  VgaSave - ok
16:21:43.0034 6680  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:21:43.0034 6680  vhdmp - ok
16:21:43.0143 6680  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:21:43.0143 6680  viaide - ok
16:21:43.0190 6680  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:21:43.0190 6680  volmgr - ok
16:21:43.0252 6680  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:21:43.0268 6680  volmgrx - ok
16:21:43.0346 6680  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:21:43.0346 6680  volsnap - ok
16:21:43.0392 6680  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:21:43.0408 6680  vsmraid - ok
16:21:43.0892 6680  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:21:43.0954 6680  VSS - ok
16:21:44.0016 6680  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:44.0016 6680  vwifibus - ok
16:21:44.0048 6680  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:44.0048 6680  vwififlt - ok
16:21:44.0110 6680  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:44.0110 6680  vwifimp - ok
16:21:44.0219 6680  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:21:44.0235 6680  W32Time - ok
16:21:44.0282 6680  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:21:44.0297 6680  WacomPen - ok
16:21:44.0360 6680  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:21:44.0360 6680  WANARP - ok
16:21:44.0375 6680  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:21:44.0391 6680  Wanarpv6 - ok
16:21:44.0516 6680  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:21:44.0547 6680  WatAdminSvc - ok
16:21:44.0937 6680  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:21:45.0015 6680  wbengine - ok
16:21:45.0218 6680  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:21:45.0249 6680  WbioSrvc - ok
16:21:45.0483 6680  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:21:45.0483 6680  wcncsvc - ok
16:21:45.0545 6680  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:45.0561 6680  WcsPlugInService - ok
16:21:45.0592 6680  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:21:45.0608 6680  Wd - ok
16:21:45.0701 6680  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:21:45.0701 6680  Wdf01000 - ok
16:21:45.0732 6680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:21:45.0748 6680  WdiServiceHost - ok
16:21:45.0764 6680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:21:45.0764 6680  WdiSystemHost - ok
16:21:45.0857 6680  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:21:45.0873 6680  WebClient - ok
16:21:45.0920 6680  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:21:45.0935 6680  Wecsvc - ok
16:21:45.0966 6680  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:21:45.0998 6680  wercplsupport - ok
16:21:46.0060 6680  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:21:46.0060 6680  WerSvc - ok
16:21:46.0169 6680  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:46.0185 6680  WfpLwf - ok
16:21:46.0247 6680  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:21:46.0263 6680  WIMMount - ok
16:21:46.0388 6680  WinDefend - ok
16:21:46.0450 6680  WinHttpAutoProxySvc - ok
16:21:46.0544 6680  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:21:46.0544 6680  Winmgmt - ok
16:21:46.0715 6680  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:21:46.0809 6680  WinRM - ok
16:21:46.0949 6680  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:21:46.0949 6680  WinUsb - ok
16:21:47.0121 6680  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:21:47.0152 6680  Wlansvc - ok
16:21:47.0214 6680  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:21:47.0214 6680  wlcrasvc - ok
16:21:47.0417 6680  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:47.0448 6680  wlidsvc - ok
16:21:47.0526 6680  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:21:47.0526 6680  WmiAcpi - ok
16:21:47.0573 6680  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:21:47.0589 6680  wmiApSrv - ok
16:21:47.0636 6680  WMPNetworkSvc - ok
16:21:47.0667 6680  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:21:47.0698 6680  WPCSvc - ok
16:21:47.0760 6680  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:21:47.0792 6680  WPDBusEnum - ok
16:21:47.0854 6680  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:21:47.0854 6680  ws2ifsl - ok
16:21:47.0948 6680  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:21:47.0948 6680  wscsvc - ok
16:21:47.0963 6680  WSearch - ok
16:21:48.0088 6680  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:21:48.0135 6680  wuauserv - ok
16:21:48.0197 6680  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:21:48.0213 6680  WudfPf - ok
16:21:48.0260 6680  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:48.0260 6680  WUDFRd - ok
16:21:48.0338 6680  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:21:48.0338 6680  wudfsvc - ok
16:21:48.0384 6680  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:21:48.0384 6680  WwanSvc - ok
16:21:48.0525 6680  [ 98F3FBEC87352CEF3EF5D9298E389468 ] WysePocketCloud C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
16:21:48.0540 6680  WysePocketCloud - ok
16:21:48.0681 6680  [ 161F8FB21C088124F4D591AEBBDF8C57 ] WyseRemoteAccess C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
16:21:48.0696 6680  WyseRemoteAccess - ok
16:21:48.0743 6680  ================ Scan global ===============================
16:21:48.0774 6680  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:21:48.0852 6680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:21:48.0884 6680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:21:48.0930 6680  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:21:48.0962 6680  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:21:48.0977 6680  [Global] - ok
16:21:48.0977 6680  ================ Scan MBR ==================================
16:21:49.0024 6680  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:21:49.0398 6680  \Device\Harddisk0\DR0 - ok
16:21:49.0398 6680  ================ Scan VBR ==================================
16:21:49.0430 6680  [ 1A8A099F2A59E026318B2CEC336262BC ] \Device\Harddisk0\DR0\Partition1
16:21:49.0430 6680  \Device\Harddisk0\DR0\Partition1 - ok
16:21:49.0523 6680  [ AF4A52B34399F7E78659855D0F5EAAAF ] \Device\Harddisk0\DR0\Partition2
16:21:49.0523 6680  \Device\Harddisk0\DR0\Partition2 - ok
16:21:49.0539 6680  ============================================================
16:21:49.0539 6680  Scan finished
16:21:49.0539 6680  ============================================================
16:21:49.0586 5476  Detected object count: 1
16:21:49.0586 5476  Actual detected object count: 1
16:22:05.0997 5476  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:22:05.0997 5476  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
16:22:15.0950 5524  Deinitialize success


BC AdBot (Login to Remove)

 


#17 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 26 May 2013 - 03:44 PM

How is your computer running?  Do you see any obvious symptoms?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#18 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 27 May 2013 - 03:32 PM

Here are the logs:

 

 

16:20:51.0990 4588  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:20:52.0443 4588  ============================================================
16:20:52.0443 4588  Current date / time: 2013/05/26 16:20:52.0443
16:20:52.0443 4588  SystemInfo:
16:20:52.0443 4588  
16:20:52.0443 4588  OS Version: 6.1.7601 ServicePack: 1.0
16:20:52.0443 4588  Product type: Workstation
16:20:52.0443 4588  ComputerName: KEITH-PC
16:20:52.0443 4588  UserName: Keith
16:20:52.0443 4588  Windows directory: C:\Windows
16:20:52.0443 4588  System windows directory: C:\Windows
16:20:52.0443 4588  Running under WOW64
16:20:52.0443 4588  Processor architecture: Intel x64
16:20:52.0443 4588  Number of processors: 1
16:20:52.0443 4588  Page size: 0x1000
16:20:52.0443 4588  Boot type: Normal boot
16:20:52.0443 4588  ============================================================
16:20:53.0722 4588  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:53.0753 4588  ============================================================
16:20:53.0753 4588  \Device\Harddisk0\DR0:
16:20:53.0753 4588  MBR partitions:
16:20:53.0753 4588  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
16:20:53.0753 4588  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x111E4784
16:20:53.0753 4588  ============================================================
16:20:53.0800 4588  C: <-> \Device\Harddisk0\DR0\Partition2
16:20:53.0800 4588  ============================================================
16:20:53.0800 4588  Initialize success
16:20:53.0800 4588  ============================================================
16:20:59.0182 6680  ============================================================
16:20:59.0182 6680  Scan started
16:20:59.0182 6680  Mode: Manual; 
16:20:59.0182 6680  ============================================================
16:21:00.0009 6680  ================ Scan system memory ========================
16:21:00.0009 6680  System memory - ok
16:21:00.0009 6680  ================ Scan services =============================
16:21:00.0477 6680  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:21:00.0477 6680  1394ohci - ok
16:21:00.0586 6680  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:21:00.0586 6680  ACPI - ok
16:21:00.0664 6680  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:21:00.0664 6680  AcpiPmi - ok
16:21:01.0054 6680  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:21:01.0070 6680  AdobeARMservice - ok
16:21:01.0304 6680  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:01.0319 6680  AdobeFlashPlayerUpdateSvc - ok
16:21:01.0444 6680  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:21:01.0444 6680  adp94xx - ok
16:21:01.0522 6680  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:21:01.0538 6680  adpahci - ok
16:21:01.0584 6680  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:21:01.0584 6680  adpu320 - ok
16:21:01.0709 6680  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:21:01.0709 6680  AeLookupSvc - ok
16:21:01.0834 6680  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:21:01.0850 6680  AFD - ok
16:21:01.0959 6680  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:21:01.0974 6680  agp440 - ok
16:21:03.0020 6680  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
16:21:03.0020 6680  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
16:21:03.0035 6680  Akamai ( HiddenFile.Multi.Generic ) - warning
16:21:03.0035 6680  Akamai - detected HiddenFile.Multi.Generic (1)
16:21:03.0082 6680  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:21:03.0082 6680  ALG - ok
16:21:03.0160 6680  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:21:03.0160 6680  aliide - ok
16:21:03.0222 6680  [ F238BE4FA4E55EB67F17281FADF69851 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:21:03.0238 6680  AMD External Events Utility - ok
16:21:03.0316 6680  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:21:03.0316 6680  amdide - ok
16:21:03.0410 6680  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:21:03.0425 6680  AmdK8 - ok
16:21:03.0488 6680  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:21:03.0488 6680  AmdPPM - ok
16:21:03.0597 6680  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:21:03.0597 6680  amdsata - ok
16:21:03.0628 6680  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:21:03.0644 6680  amdsbs - ok
16:21:03.0675 6680  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:21:03.0675 6680  amdxata - ok
16:21:03.0722 6680  [ C79C86A0395689045710E24D64E5E086 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
16:21:03.0737 6680  ApfiltrService - ok
16:21:03.0800 6680  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:21:03.0800 6680  AppID - ok
16:21:03.0878 6680  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:21:03.0878 6680  AppIDSvc - ok
16:21:03.0987 6680  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:21:04.0002 6680  Appinfo - ok
16:21:04.0236 6680  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:04.0252 6680  Apple Mobile Device - ok
16:21:04.0346 6680  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:21:04.0346 6680  arc - ok
16:21:04.0377 6680  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:21:04.0377 6680  arcsas - ok
16:21:04.0767 6680  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:21:04.0767 6680  aspnet_state - ok
16:21:04.0923 6680  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
16:21:04.0923 6680  aswFsBlk - ok
16:21:05.0016 6680  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:21:05.0016 6680  aswMonFlt - ok
16:21:05.0157 6680  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
16:21:05.0157 6680  aswRdr - ok
16:21:05.0219 6680  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:21:05.0219 6680  aswRvrt - ok
16:21:05.0406 6680  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:21:05.0406 6680  aswSnx - ok
16:21:05.0500 6680  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:21:05.0500 6680  aswSP - ok
16:21:05.0578 6680  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:21:05.0578 6680  aswTdi - ok
16:21:05.0656 6680  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:21:05.0672 6680  aswVmm - ok
16:21:05.0750 6680  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:05.0750 6680  AsyncMac - ok
16:21:05.0843 6680  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:21:05.0843 6680  atapi - ok
16:21:06.0077 6680  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:21:06.0093 6680  athr - ok
16:21:06.0670 6680  [ 2DB9047AAC9D981F59CE06D04D70C4D8 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:06.0764 6680  atikmdag - ok
16:21:06.0810 6680  [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
16:21:06.0810 6680  AtiPcie - ok
16:21:06.0982 6680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:06.0998 6680  AudioEndpointBuilder - ok
16:21:07.0013 6680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:21:07.0029 6680  AudioSrv - ok
16:21:07.0388 6680  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:21:07.0388 6680  avast! Antivirus - ok
16:21:07.0700 6680  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:21:07.0700 6680  AxInstSV - ok
16:21:07.0871 6680  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:21:07.0871 6680  b06bdrv - ok
16:21:07.0934 6680  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:21:07.0934 6680  b57nd60a - ok
16:21:07.0996 6680  BBSvc - ok
16:21:08.0043 6680  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:21:08.0043 6680  BDESVC - ok
16:21:08.0090 6680  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:21:08.0090 6680  Beep - ok
16:21:08.0199 6680  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:21:08.0214 6680  BFE - ok
16:21:08.0246 6680  BingDesktopUpdate - ok
16:21:08.0511 6680  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
16:21:08.0526 6680  BITS - ok
16:21:08.0589 6680  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:21:08.0589 6680  blbdrive - ok
16:21:08.0854 6680  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:08.0870 6680  Bonjour Service - ok
16:21:08.0932 6680  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:21:08.0932 6680  bowser - ok
16:21:08.0994 6680  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:21:08.0994 6680  BrFiltLo - ok
16:21:09.0010 6680  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:21:09.0010 6680  BrFiltUp - ok
16:21:09.0104 6680  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:21:09.0119 6680  BridgeMP - ok
16:21:09.0182 6680  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:21:09.0182 6680  Browser - ok
16:21:09.0260 6680  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
16:21:09.0275 6680  Brserid - ok
16:21:09.0338 6680  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:21:09.0338 6680  BrSerWdm - ok
16:21:09.0416 6680  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:21:09.0416 6680  BrUsbMdm - ok
16:21:09.0494 6680  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
16:21:09.0494 6680  BrUsbSer - ok
16:21:09.0572 6680  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:21:09.0587 6680  BTHMODEM - ok
16:21:09.0650 6680  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:21:09.0665 6680  bthserv - ok
16:21:09.0696 6680  catchme - ok
16:21:09.0728 6680  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:21:09.0728 6680  cdfs - ok
16:21:09.0852 6680  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:21:09.0868 6680  cdrom - ok
16:21:09.0962 6680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:21:09.0962 6680  CertPropSvc - ok
16:21:10.0008 6680  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:21:10.0008 6680  circlass - ok
16:21:10.0102 6680  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:21:10.0102 6680  CLFS - ok
16:21:10.0180 6680  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:10.0196 6680  clr_optimization_v2.0.50727_32 - ok
16:21:10.0274 6680  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:21:10.0274 6680  clr_optimization_v2.0.50727_64 - ok
16:21:10.0430 6680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:21:10.0445 6680  clr_optimization_v4.0.30319_32 - ok
16:21:10.0523 6680  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:21:10.0523 6680  clr_optimization_v4.0.30319_64 - ok
16:21:10.0570 6680  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:10.0570 6680  CmBatt - ok
16:21:10.0632 6680  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:21:10.0632 6680  cmdide - ok
16:21:10.0773 6680  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
16:21:10.0788 6680  CNG - ok
16:21:10.0929 6680  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:21:10.0929 6680  Compbatt - ok
16:21:10.0991 6680  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:21:10.0991 6680  CompositeBus - ok
16:21:11.0022 6680  COMSysApp - ok
16:21:11.0069 6680  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:21:11.0069 6680  crcdisk - ok
16:21:11.0178 6680  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:21:11.0178 6680  CryptSvc - ok
16:21:11.0319 6680  CrystalSysInfo - ok
16:21:11.0522 6680  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:21:11.0537 6680  cvhsvc - ok
16:21:11.0646 6680  [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:21:11.0646 6680  dc3d - ok
16:21:11.0771 6680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:21:11.0771 6680  DcomLaunch - ok
16:21:11.0849 6680  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:21:11.0849 6680  defragsvc - ok
16:21:11.0943 6680  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:21:11.0943 6680  DfsC - ok
16:21:12.0068 6680  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:21:12.0083 6680  Dhcp - ok
16:21:12.0146 6680  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:21:12.0146 6680  discache - ok
16:21:12.0224 6680  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:21:12.0224 6680  Disk - ok
16:21:12.0473 6680  [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr         C:\Windows\syswow64\Drivers\DKbFltr.sys
16:21:12.0473 6680  DKbFltr - ok
16:21:12.0551 6680  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:21:12.0551 6680  Dnscache - ok
16:21:12.0614 6680  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:21:12.0629 6680  dot3svc - ok
16:21:12.0723 6680  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:21:12.0723 6680  DPS - ok
16:21:12.0801 6680  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:21:12.0801 6680  drmkaud - ok
16:21:12.0910 6680  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:21:12.0926 6680  DXGKrnl - ok
16:21:12.0988 6680  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:21:13.0004 6680  EapHost - ok
16:21:13.0238 6680  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:21:13.0300 6680  ebdrv - ok
16:21:13.0394 6680  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:21:13.0409 6680  EFS - ok
16:21:13.0565 6680  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:21:13.0565 6680  ehRecvr - ok
16:21:13.0643 6680  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:21:13.0643 6680  ehSched - ok
16:21:13.0784 6680  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
16:21:13.0784 6680  ElbyCDIO - ok
16:21:13.0862 6680  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:21:13.0862 6680  elxstor - ok
16:21:14.0049 6680  [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:21:14.0064 6680  ePowerSvc - ok
16:21:14.0142 6680  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:21:14.0142 6680  ErrDev - ok
16:21:14.0252 6680  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:21:14.0252 6680  EventSystem - ok
16:21:14.0283 6680  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:21:14.0283 6680  exfat - ok
16:21:14.0345 6680  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:21:14.0345 6680  fastfat - ok
16:21:14.0423 6680  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:21:14.0439 6680  Fax - ok
16:21:14.0470 6680  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:21:14.0470 6680  fdc - ok
16:21:14.0517 6680  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:21:14.0517 6680  fdPHost - ok
16:21:14.0532 6680  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:21:14.0548 6680  FDResPub - ok
16:21:14.0579 6680  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:21:14.0579 6680  FileInfo - ok
16:21:14.0626 6680  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:21:14.0626 6680  Filetrace - ok
16:21:14.0766 6680  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:21:14.0782 6680  FLEXnet Licensing Service - ok
16:21:14.0954 6680  [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:21:14.0969 6680  FlipShare Service - ok
16:21:15.0125 6680  [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:21:15.0156 6680  FlipShareServer - ok
16:21:15.0219 6680  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:15.0219 6680  flpydisk - ok
16:21:15.0312 6680  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:21:15.0312 6680  FltMgr - ok
16:21:15.0437 6680  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:21:15.0453 6680  FontCache - ok
16:21:15.0531 6680  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:21:15.0531 6680  FontCache3.0.0.0 - ok
16:21:15.0609 6680  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:21:15.0609 6680  FsDepends - ok
16:21:15.0718 6680  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:21:15.0718 6680  fssfltr - ok
16:21:15.0905 6680  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:21:15.0921 6680  fsssvc - ok
16:21:15.0999 6680  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:21:15.0999 6680  Fs_Rec - ok
16:21:16.0092 6680  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:21:16.0092 6680  fvevol - ok
16:21:16.0155 6680  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:21:16.0155 6680  gagp30kx - ok
16:21:16.0280 6680  [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
16:21:16.0295 6680  GameConsoleService - ok
16:21:16.0389 6680  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:21:16.0389 6680  GEARAspiWDM - ok
16:21:16.0498 6680  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:21:16.0514 6680  gpsvc - ok
16:21:16.0654 6680  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
16:21:16.0670 6680  Greg_Service - ok
16:21:16.0872 6680  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:16.0872 6680  gupdate - ok
16:21:16.0919 6680  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:16.0919 6680  gupdatem - ok
16:21:16.0982 6680  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:16.0997 6680  gusvc - ok
16:21:17.0075 6680  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:21:17.0075 6680  hcw85cir - ok
16:21:17.0169 6680  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:17.0184 6680  HdAudAddService - ok
16:21:17.0231 6680  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:21:17.0231 6680  HDAudBus - ok
16:21:17.0294 6680  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:21:17.0294 6680  HidBatt - ok
16:21:17.0340 6680  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:21:17.0340 6680  HidBth - ok
16:21:17.0372 6680  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:21:17.0387 6680  HidIr - ok
16:21:17.0434 6680  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:21:17.0434 6680  hidserv - ok
16:21:17.0528 6680  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:21:17.0528 6680  HidUsb - ok
16:21:17.0621 6680  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:21:17.0637 6680  hkmsvc - ok
16:21:17.0699 6680  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:21:17.0715 6680  HomeGroupListener - ok
16:21:17.0777 6680  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:21:17.0793 6680  HomeGroupProvider - ok
16:21:17.0871 6680  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:21:17.0871 6680  HpSAMD - ok
16:21:17.0964 6680  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:21:17.0980 6680  HTTP - ok
16:21:18.0074 6680  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:21:18.0074 6680  hwpolicy - ok
16:21:18.0152 6680  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:21:18.0152 6680  i8042prt - ok
16:21:18.0245 6680  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:21:18.0245 6680  iaStorV - ok
16:21:18.0339 6680  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:21:18.0354 6680  idsvc - ok
16:21:18.0417 6680  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:21:18.0417 6680  iirsp - ok
16:21:18.0510 6680  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:21:18.0526 6680  IKEEXT - ok
16:21:18.0635 6680  [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:21:18.0666 6680  IntcAzAudAddService - ok
16:21:18.0682 6680  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:21:18.0682 6680  intelide - ok
16:21:18.0744 6680  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:21:18.0744 6680  intelppm - ok
16:21:18.0791 6680  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:21:18.0791 6680  IPBusEnum - ok
16:21:18.0869 6680  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:18.0869 6680  IpFilterDriver - ok
16:21:18.0963 6680  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:21:18.0978 6680  iphlpsvc - ok
16:21:19.0041 6680  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:21:19.0041 6680  IPMIDRV - ok
16:21:19.0119 6680  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:21:19.0119 6680  IPNAT - ok
16:21:19.0337 6680  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:21:19.0353 6680  iPod Service - ok
16:21:19.0384 6680  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:21:19.0384 6680  IRENUM - ok
16:21:19.0446 6680  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:21:19.0446 6680  isapnp - ok
16:21:19.0493 6680  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:21:19.0493 6680  iScsiPrt - ok
16:21:19.0556 6680  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:21:19.0556 6680  kbdclass - ok
16:21:19.0587 6680  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:21:19.0587 6680  kbdhid - ok
16:21:19.0602 6680  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:21:19.0618 6680  KeyIso - ok
16:21:19.0743 6680  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:21:19.0758 6680  KSecDD - ok
16:21:19.0836 6680  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:21:19.0852 6680  KSecPkg - ok
16:21:19.0946 6680  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:21:19.0946 6680  ksthunk - ok
16:21:20.0008 6680  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:21:20.0024 6680  KtmRm - ok
16:21:20.0086 6680  [ 9C46A5421DE9D116C47155317CABB522 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:21:20.0102 6680  L1C - ok
16:21:20.0195 6680  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:21:20.0211 6680  LanmanServer - ok
16:21:20.0304 6680  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:20.0304 6680  LanmanWorkstation - ok
16:21:20.0367 6680  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:21:20.0367 6680  lltdio - ok
16:21:20.0414 6680  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:21:20.0429 6680  lltdsvc - ok
16:21:20.0460 6680  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:21:20.0460 6680  lmhosts - ok
16:21:20.0538 6680  LMIInfo - ok
16:21:20.0601 6680  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
16:21:20.0601 6680  lmimirr - ok
16:21:20.0632 6680  LMIRfsClientNP - ok
16:21:20.0663 6680  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
16:21:20.0663 6680  LMIRfsDriver - ok
16:21:20.0741 6680  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:21:20.0741 6680  LSI_FC - ok
16:21:20.0772 6680  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:21:20.0788 6680  LSI_SAS - ok
16:21:20.0850 6680  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:21:20.0850 6680  LSI_SAS2 - ok
16:21:20.0913 6680  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:21:20.0913 6680  LSI_SCSI - ok
16:21:20.0975 6680  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:21:20.0975 6680  luafv - ok
16:21:21.0053 6680  [ 4DB7D24F69354073A1C13F5889E63208 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
16:21:21.0069 6680  lvpopf64 - ok
16:21:21.0178 6680  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:21:21.0178 6680  LVPr2M64 - ok
16:21:21.0225 6680  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:21:21.0225 6680  LVPr2Mon - ok
16:21:21.0365 6680  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
16:21:21.0365 6680  LVRS64 - ok
16:21:21.0880 6680  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
16:21:21.0927 6680  LVUVC64 - ok
16:21:21.0989 6680  [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
16:21:21.0989 6680  ManyCam - ok
16:21:22.0052 6680  [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
16:21:22.0052 6680  mcaudrv_simple - ok
16:21:22.0130 6680  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:21:22.0130 6680  Mcx2Svc - ok
16:21:22.0208 6680  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:21:22.0208 6680  megasas - ok
16:21:22.0410 6680  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:21:22.0426 6680  MegaSR - ok
16:21:22.0535 6680  Microsoft SharePoint Workspace Audit Service - ok
16:21:22.0629 6680  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:21:22.0629 6680  MMCSS - ok
16:21:22.0707 6680  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:21:22.0707 6680  Modem - ok
16:21:22.0738 6680  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:21:22.0738 6680  monitor - ok
16:21:22.0832 6680  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:21:22.0832 6680  mouclass - ok
16:21:22.0894 6680  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:21:22.0894 6680  mouhid - ok
16:21:22.0972 6680  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:21:22.0972 6680  mountmgr - ok
16:21:23.0081 6680  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:21:23.0081 6680  mpio - ok
16:21:23.0128 6680  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:21:23.0144 6680  mpsdrv - ok
16:21:23.0237 6680  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:21:23.0253 6680  MpsSvc - ok
16:21:23.0315 6680  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:21:23.0315 6680  MRxDAV - ok
16:21:23.0393 6680  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:23.0393 6680  mrxsmb - ok
16:21:23.0502 6680  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:23.0518 6680  mrxsmb10 - ok
16:21:23.0596 6680  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:23.0596 6680  mrxsmb20 - ok
16:21:23.0674 6680  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:21:23.0674 6680  msahci - ok
16:21:23.0705 6680  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:21:23.0705 6680  msdsm - ok
16:21:23.0752 6680  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:21:23.0752 6680  MSDTC - ok
16:21:23.0830 6680  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:21:23.0830 6680  Msfs - ok
16:21:23.0908 6680  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:21:23.0924 6680  mshidkmdf - ok
16:21:23.0986 6680  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:21:24.0002 6680  msisadrv - ok
16:21:24.0080 6680  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:21:24.0095 6680  MSiSCSI - ok
16:21:24.0126 6680  msiserver - ok
16:21:24.0189 6680  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:21:24.0189 6680  MSKSSRV - ok
16:21:24.0236 6680  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:24.0236 6680  MSPCLOCK - ok
16:21:24.0282 6680  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:21:24.0282 6680  MSPQM - ok
16:21:24.0360 6680  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:21:24.0360 6680  MsRPC - ok
16:21:24.0423 6680  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:21:24.0423 6680  mssmbios - ok
16:21:24.0626 6680  MSSQL$SQLEXPRESS - ok
16:21:24.0860 6680  [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:21:24.0860 6680  MSSQLServerADHelper100 - ok
16:21:24.0922 6680  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:21:24.0922 6680  MSTEE - ok
16:21:24.0969 6680  msvsmon90 - ok
16:21:25.0000 6680  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:21:25.0000 6680  MTConfig - ok
16:21:25.0031 6680  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:21:25.0031 6680  Mup - ok
16:21:25.0203 6680  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:21:25.0218 6680  napagent - ok
16:21:25.0312 6680  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:21:25.0312 6680  NativeWifiP - ok
16:21:25.0515 6680  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:21:25.0515 6680  NDIS - ok
16:21:25.0562 6680  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:21:25.0562 6680  NdisCap - ok
16:21:25.0608 6680  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:25.0608 6680  NdisTapi - ok
16:21:25.0671 6680  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:25.0671 6680  Ndisuio - ok
16:21:25.0796 6680  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:25.0796 6680  NdisWan - ok
16:21:25.0889 6680  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:21:25.0889 6680  NDProxy - ok
16:21:25.0952 6680  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:21:25.0952 6680  NetBIOS - ok
16:21:26.0030 6680  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:21:26.0030 6680  NetBT - ok
16:21:26.0076 6680  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:21:26.0076 6680  Netlogon - ok
16:21:26.0154 6680  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:21:26.0154 6680  Netman - ok
16:21:26.0310 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0310 6680  NetMsmqActivator - ok
16:21:26.0357 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0357 6680  NetPipeActivator - ok
16:21:26.0451 6680  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:21:26.0482 6680  netprofm - ok
16:21:26.0529 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0529 6680  NetTcpActivator - ok
16:21:26.0544 6680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:26.0544 6680  NetTcpPortSharing - ok
16:21:26.0607 6680  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:21:26.0607 6680  nfrd960 - ok
16:21:26.0732 6680  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:21:26.0747 6680  NlaSvc - ok
16:21:26.0794 6680  NMSAccess - ok
16:21:26.0841 6680  nnfwdk - ok
16:21:26.0888 6680  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:21:26.0888 6680  Npfs - ok
16:21:26.0934 6680  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:21:26.0934 6680  nsi - ok
16:21:26.0950 6680  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:21:26.0966 6680  nsiproxy - ok
16:21:27.0231 6680  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:21:27.0246 6680  Ntfs - ok
16:21:27.0340 6680  [ 317020D31F1696334679B9D0416EB62E ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
16:21:27.0340 6680  NuidFltr - ok
16:21:27.0402 6680  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:21:27.0402 6680  Null - ok
16:21:27.0512 6680  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:21:27.0512 6680  nvraid - ok
16:21:27.0605 6680  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:21:27.0621 6680  nvstor - ok
16:21:27.0792 6680  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:21:27.0808 6680  nv_agp - ok
16:21:27.0902 6680  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:21:27.0902 6680  ohci1394 - ok
16:21:28.0104 6680  [ FF93D67903FDEABCD4470CD82F44ACFA ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:28.0104 6680  ose - ok
16:21:29.0040 6680  [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:21:29.0087 6680  osppsvc - ok
16:21:29.0150 6680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:21:29.0165 6680  p2pimsvc - ok
16:21:29.0212 6680  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:21:29.0243 6680  p2psvc - ok
16:21:29.0274 6680  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:21:29.0290 6680  Parport - ok
16:21:29.0368 6680  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:21:29.0384 6680  partmgr - ok
16:21:29.0446 6680  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:21:29.0462 6680  PcaSvc - ok
16:21:29.0493 6680  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:21:29.0493 6680  pci - ok
16:21:29.0555 6680  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:21:29.0555 6680  pciide - ok
16:21:29.0602 6680  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:21:29.0618 6680  pcmcia - ok
16:21:29.0633 6680  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:21:29.0633 6680  pcw - ok
16:21:29.0711 6680  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:21:29.0711 6680  PEAUTH - ok
16:21:29.0867 6680  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:21:29.0867 6680  PerfHost - ok
16:21:30.0070 6680  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:21:30.0086 6680  pla - ok
16:21:30.0179 6680  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:21:30.0195 6680  PlugPlay - ok
16:21:30.0242 6680  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:21:30.0242 6680  PNRPAutoReg - ok
16:21:30.0273 6680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:21:30.0288 6680  PNRPsvc - ok
16:21:30.0366 6680  [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:21:30.0366 6680  Point64 - ok
16:21:30.0491 6680  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:21:30.0507 6680  PolicyAgent - ok
16:21:30.0616 6680  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:21:30.0632 6680  Power - ok
16:21:30.0725 6680  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:21:30.0725 6680  PptpMiniport - ok
16:21:30.0834 6680  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:21:30.0850 6680  Processor - ok
16:21:31.0022 6680  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:21:31.0053 6680  ProfSvc - ok
16:21:31.0084 6680  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:31.0100 6680  ProtectedStorage - ok
16:21:31.0178 6680  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:21:31.0193 6680  Psched - ok
16:21:31.0302 6680  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:21:31.0302 6680  PxHlpa64 - ok
16:21:31.0490 6680  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:21:31.0536 6680  ql2300 - ok
16:21:31.0599 6680  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:21:31.0599 6680  ql40xx - ok
16:21:31.0661 6680  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:21:31.0677 6680  QWAVE - ok
16:21:31.0692 6680  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:21:31.0692 6680  QWAVEdrv - ok
16:21:31.0739 6680  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:21:31.0739 6680  RasAcd - ok
16:21:31.0817 6680  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:21:31.0817 6680  RasAgileVpn - ok
16:21:31.0880 6680  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:21:31.0880 6680  RasAuto - ok
16:21:31.0973 6680  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:31.0989 6680  Rasl2tp - ok
16:21:32.0192 6680  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:21:32.0285 6680  RasMan - ok
16:21:32.0363 6680  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:32.0379 6680  RasPppoe - ok
16:21:32.0410 6680  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:21:32.0426 6680  RasSstp - ok
16:21:32.0488 6680  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:21:32.0504 6680  rdbss - ok
16:21:32.0613 6680  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:21:32.0613 6680  rdpbus - ok
16:21:32.0644 6680  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:32.0644 6680  RDPCDD - ok
16:21:32.0738 6680  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:21:32.0738 6680  RDPENCDD - ok
16:21:32.0784 6680  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:21:32.0784 6680  RDPREFMP - ok
16:21:32.0909 6680  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:21:32.0909 6680  RdpVideoMiniport - ok
16:21:33.0065 6680  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:21:33.0065 6680  RDPWD - ok
16:21:33.0174 6680  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:21:33.0174 6680  rdyboost - ok
16:21:33.0221 6680  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:21:33.0237 6680  RemoteAccess - ok
16:21:33.0268 6680  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:21:33.0268 6680  RemoteRegistry - ok
16:21:33.0315 6680  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:21:33.0330 6680  RpcEptMapper - ok
16:21:33.0362 6680  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:21:33.0377 6680  RpcLocator - ok
16:21:33.0486 6680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
16:21:33.0502 6680  RpcSs - ok
16:21:33.0564 6680  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:21:33.0564 6680  rspndr - ok
16:21:33.0705 6680  [ FB39AF63D6617F028BA0EBC21B83360D ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
16:21:33.0705 6680  RSUSBSTOR - ok
16:21:33.0720 6680  RtsUIR - ok
16:21:33.0752 6680  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:21:33.0752 6680  SamSs - ok
16:21:33.0876 6680  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:21:33.0876 6680  sbp2port - ok
16:21:33.0939 6680  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:21:33.0954 6680  SCardSvr - ok
16:21:34.0001 6680  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:21:34.0032 6680  scfilter - ok
16:21:34.0126 6680  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:21:34.0142 6680  Schedule - ok
16:21:34.0220 6680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:21:34.0220 6680  SCPolicySvc - ok
16:21:34.0329 6680  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:21:34.0344 6680  SDRSVC - ok
16:21:34.0407 6680  SeaPort - ok
16:21:34.0485 6680  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:21:34.0485 6680  secdrv - ok
16:21:34.0563 6680  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:21:34.0563 6680  seclogon - ok
16:21:34.0610 6680  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
16:21:34.0610 6680  SENS - ok
16:21:34.0656 6680  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:21:34.0656 6680  SensrSvc - ok
16:21:34.0719 6680  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:21:34.0719 6680  Serenum - ok
16:21:34.0781 6680  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:21:34.0781 6680  Serial - ok
16:21:34.0844 6680  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:21:34.0859 6680  sermouse - ok
16:21:35.0000 6680  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:21:35.0015 6680  SessionEnv - ok
16:21:35.0078 6680  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:21:35.0078 6680  sffdisk - ok
16:21:35.0109 6680  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:21:35.0109 6680  sffp_mmc - ok
16:21:35.0140 6680  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:21:35.0140 6680  sffp_sd - ok
16:21:35.0202 6680  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:21:35.0218 6680  sfloppy - ok
16:21:35.0343 6680  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:21:35.0358 6680  Sftfs - ok
16:21:35.0670 6680  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:21:35.0686 6680  sftlist - ok
16:21:35.0780 6680  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:21:35.0780 6680  Sftplay - ok
16:21:35.0858 6680  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:21:35.0858 6680  Sftredir - ok
16:21:35.0889 6680  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:21:35.0889 6680  Sftvol - ok
16:21:36.0029 6680  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:21:36.0045 6680  sftvsa - ok
16:21:36.0123 6680  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:21:36.0138 6680  SharedAccess - ok
16:21:36.0216 6680  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:36.0216 6680  ShellHWDetection - ok
16:21:36.0263 6680  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:21:36.0263 6680  SiSRaid2 - ok
16:21:36.0341 6680  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:21:36.0341 6680  SiSRaid4 - ok
16:21:36.0638 6680  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:21:36.0638 6680  SkypeUpdate - ok
16:21:36.0700 6680  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:21:36.0700 6680  Smb - ok
16:21:36.0778 6680  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:21:36.0794 6680  SNMPTRAP - ok
16:21:36.0840 6680  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:21:36.0840 6680  spldr - ok
16:21:36.0934 6680  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:21:36.0934 6680  Spooler - ok
16:21:37.0152 6680  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:21:37.0246 6680  sppsvc - ok
16:21:37.0293 6680  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:21:37.0308 6680  sppuinotify - ok
16:21:37.0496 6680  [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:21:37.0496 6680  SQLAgent$SQLEXPRESS - ok
16:21:37.0636 6680  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:21:37.0636 6680  SQLBrowser - ok
16:21:37.0761 6680  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:21:37.0761 6680  SQLWriter - ok
16:21:37.0854 6680  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:21:37.0854 6680  srv - ok
16:21:37.0932 6680  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:21:37.0932 6680  srv2 - ok
16:21:37.0995 6680  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:21:37.0995 6680  srvnet - ok
16:21:38.0042 6680  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:21:38.0057 6680  SSDPSRV - ok
16:21:38.0073 6680  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:21:38.0088 6680  SstpSvc - ok
16:21:38.0135 6680  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:21:38.0135 6680  stexstor - ok
16:21:38.0213 6680  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:21:38.0244 6680  stisvc - ok
16:21:38.0322 6680  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:21:38.0322 6680  swenum - ok
16:21:38.0369 6680  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:21:38.0385 6680  swprv - ok
16:21:38.0494 6680  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:21:38.0525 6680  SysMain - ok
16:21:38.0588 6680  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:38.0603 6680  TabletInputService - ok
16:21:38.0634 6680  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:21:38.0650 6680  TapiSrv - ok
16:21:38.0681 6680  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:21:38.0697 6680  TBS - ok
16:21:38.0837 6680  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:21:38.0868 6680  Tcpip - ok
16:21:38.0962 6680  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:21:38.0978 6680  TCPIP6 - ok
16:21:39.0056 6680  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:21:39.0056 6680  tcpipreg - ok
16:21:39.0118 6680  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:21:39.0118 6680  TDPIPE - ok
16:21:39.0180 6680  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:21:39.0180 6680  TDTCP - ok
16:21:39.0290 6680  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:21:39.0290 6680  tdx - ok
16:21:39.0461 6680  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:21:39.0461 6680  TermDD - ok
16:21:39.0586 6680  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:21:39.0586 6680  TermService - ok
16:21:39.0680 6680  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:21:39.0695 6680  Themes - ok
16:21:39.0742 6680  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:21:39.0758 6680  THREADORDER - ok
16:21:39.0804 6680  [ 199C2E87D9A5EC58D0BCD94E893BF629 ] TIEHDUSB        C:\Windows\system32\DRIVERS\tiehdusb.sys
16:21:39.0804 6680  TIEHDUSB - ok
16:21:39.0851 6680  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:21:39.0851 6680  TrkWks - ok
16:21:39.0945 6680  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:39.0945 6680  TrustedInstaller - ok
16:21:40.0054 6680  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:40.0070 6680  tssecsrv - ok
16:21:40.0132 6680  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:21:40.0132 6680  TsUsbFlt - ok
16:21:40.0257 6680  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:21:40.0257 6680  tunnel - ok
16:21:40.0444 6680  [ AAF458CC200326BEF602B5339400BF86 ] tvnserver       C:\Program Files (x86)\TightVNC\tvnserver.exe
16:21:40.0460 6680  tvnserver - ok
16:21:40.0522 6680  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:21:40.0522 6680  uagp35 - ok
16:21:40.0647 6680  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:21:40.0647 6680  udfs - ok
16:21:40.0725 6680  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:21:40.0725 6680  UI0Detect - ok
16:21:40.0818 6680  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:21:40.0818 6680  uliagpkx - ok
16:21:40.0865 6680  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:21:40.0865 6680  umbus - ok
16:21:40.0896 6680  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:21:40.0896 6680  UmPass - ok
16:21:41.0130 6680  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:21:41.0130 6680  UMVPFSrv - ok
16:21:41.0302 6680  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:21:41.0302 6680  Updater Service - ok
16:21:41.0380 6680  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:21:41.0396 6680  upnphost - ok
16:21:41.0458 6680  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:21:41.0458 6680  USBAAPL64 - ok
16:21:41.0567 6680  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:21:41.0567 6680  usbaudio - ok
16:21:41.0630 6680  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:41.0645 6680  usbccgp - ok
16:21:41.0661 6680  USBCCID - ok
16:21:41.0723 6680  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:21:41.0739 6680  usbcir - ok
16:21:41.0770 6680  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:21:41.0770 6680  usbehci - ok
16:21:41.0801 6680  [ 6648C6D7323A2CE0C4776C36CEFBCB14 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
16:21:41.0817 6680  usbfilter - ok
16:21:41.0910 6680  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:21:41.0926 6680  usbhub - ok
16:21:42.0020 6680  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:21:42.0020 6680  usbohci - ok
16:21:42.0113 6680  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:21:42.0113 6680  usbprint - ok
16:21:42.0176 6680  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:21:42.0176 6680  usbscan - ok
16:21:42.0269 6680  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:42.0269 6680  USBSTOR - ok
16:21:42.0347 6680  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:21:42.0347 6680  usbuhci - ok
16:21:42.0472 6680  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:21:42.0472 6680  usbvideo - ok
16:21:42.0534 6680  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:21:42.0534 6680  UxSms - ok
16:21:42.0581 6680  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:21:42.0597 6680  VaultSvc - ok
16:21:42.0628 6680  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
16:21:42.0628 6680  VClone - ok
16:21:42.0690 6680  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:21:42.0690 6680  vdrvroot - ok
16:21:42.0768 6680  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:21:42.0784 6680  vds - ok
16:21:42.0846 6680  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:42.0846 6680  vga - ok
16:21:42.0893 6680  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:21:42.0893 6680  VgaSave - ok
16:21:43.0034 6680  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:21:43.0034 6680  vhdmp - ok
16:21:43.0143 6680  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:21:43.0143 6680  viaide - ok
16:21:43.0190 6680  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:21:43.0190 6680  volmgr - ok
16:21:43.0252 6680  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:21:43.0268 6680  volmgrx - ok
16:21:43.0346 6680  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:21:43.0346 6680  volsnap - ok
16:21:43.0392 6680  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:21:43.0408 6680  vsmraid - ok
16:21:43.0892 6680  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:21:43.0954 6680  VSS - ok
16:21:44.0016 6680  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:44.0016 6680  vwifibus - ok
16:21:44.0048 6680  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:44.0048 6680  vwififlt - ok
16:21:44.0110 6680  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:44.0110 6680  vwifimp - ok
16:21:44.0219 6680  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:21:44.0235 6680  W32Time - ok
16:21:44.0282 6680  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:21:44.0297 6680  WacomPen - ok
16:21:44.0360 6680  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:21:44.0360 6680  WANARP - ok
16:21:44.0375 6680  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:21:44.0391 6680  Wanarpv6 - ok
16:21:44.0516 6680  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:21:44.0547 6680  WatAdminSvc - ok
16:21:44.0937 6680  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:21:45.0015 6680  wbengine - ok
16:21:45.0218 6680  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:21:45.0249 6680  WbioSrvc - ok
16:21:45.0483 6680  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:21:45.0483 6680  wcncsvc - ok
16:21:45.0545 6680  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:45.0561 6680  WcsPlugInService - ok
16:21:45.0592 6680  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:21:45.0608 6680  Wd - ok
16:21:45.0701 6680  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:21:45.0701 6680  Wdf01000 - ok
16:21:45.0732 6680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:21:45.0748 6680  WdiServiceHost - ok
16:21:45.0764 6680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:21:45.0764 6680  WdiSystemHost - ok
16:21:45.0857 6680  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:21:45.0873 6680  WebClient - ok
16:21:45.0920 6680  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:21:45.0935 6680  Wecsvc - ok
16:21:45.0966 6680  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:21:45.0998 6680  wercplsupport - ok
16:21:46.0060 6680  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:21:46.0060 6680  WerSvc - ok
16:21:46.0169 6680  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:46.0185 6680  WfpLwf - ok
16:21:46.0247 6680  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:21:46.0263 6680  WIMMount - ok
16:21:46.0388 6680  WinDefend - ok
16:21:46.0450 6680  WinHttpAutoProxySvc - ok
16:21:46.0544 6680  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:21:46.0544 6680  Winmgmt - ok
16:21:46.0715 6680  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:21:46.0809 6680  WinRM - ok
16:21:46.0949 6680  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:21:46.0949 6680  WinUsb - ok
16:21:47.0121 6680  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:21:47.0152 6680  Wlansvc - ok
16:21:47.0214 6680  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:21:47.0214 6680  wlcrasvc - ok
16:21:47.0417 6680  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:47.0448 6680  wlidsvc - ok
16:21:47.0526 6680  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:21:47.0526 6680  WmiAcpi - ok
16:21:47.0573 6680  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:21:47.0589 6680  wmiApSrv - ok
16:21:47.0636 6680  WMPNetworkSvc - ok
16:21:47.0667 6680  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:21:47.0698 6680  WPCSvc - ok
16:21:47.0760 6680  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:21:47.0792 6680  WPDBusEnum - ok
16:21:47.0854 6680  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:21:47.0854 6680  ws2ifsl - ok
16:21:47.0948 6680  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:21:47.0948 6680  wscsvc - ok
16:21:47.0963 6680  WSearch - ok
16:21:48.0088 6680  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:21:48.0135 6680  wuauserv - ok
16:21:48.0197 6680  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:21:48.0213 6680  WudfPf - ok
16:21:48.0260 6680  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:48.0260 6680  WUDFRd - ok
16:21:48.0338 6680  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:21:48.0338 6680  wudfsvc - ok
16:21:48.0384 6680  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:21:48.0384 6680  WwanSvc - ok
16:21:48.0525 6680  [ 98F3FBEC87352CEF3EF5D9298E389468 ] WysePocketCloud C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
16:21:48.0540 6680  WysePocketCloud - ok
16:21:48.0681 6680  [ 161F8FB21C088124F4D591AEBBDF8C57 ] WyseRemoteAccess C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
16:21:48.0696 6680  WyseRemoteAccess - ok
16:21:48.0743 6680  ================ Scan global ===============================
16:21:48.0774 6680  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:21:48.0852 6680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:21:48.0884 6680  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:21:48.0930 6680  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:21:48.0962 6680  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:21:48.0977 6680  [Global] - ok
16:21:48.0977 6680  ================ Scan MBR ==================================
16:21:49.0024 6680  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:21:49.0398 6680  \Device\Harddisk0\DR0 - ok
16:21:49.0398 6680  ================ Scan VBR ==================================
16:21:49.0430 6680  [ 1A8A099F2A59E026318B2CEC336262BC ] \Device\Harddisk0\DR0\Partition1
16:21:49.0430 6680  \Device\Harddisk0\DR0\Partition1 - ok
16:21:49.0523 6680  [ AF4A52B34399F7E78659855D0F5EAAAF ] \Device\Harddisk0\DR0\Partition2
16:21:49.0523 6680  \Device\Harddisk0\DR0\Partition2 - ok
16:21:49.0539 6680  ============================================================
16:21:49.0539 6680  Scan finished
16:21:49.0539 6680  ============================================================
16:21:49.0586 5476  Detected object count: 1
16:21:49.0586 5476  Actual detected object count: 1
16:22:05.0997 5476  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:22:05.0997 5476  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
16:22:15.0950 5524  Deinitialize success
 

 

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Keith [Admin rights]
Mode : Remove -- Date : 05/26/2013 16:16:39
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] MusicManager.exe -- C:\Users\Keith\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MusicManager ("C:\Users\Keith\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") [-] -> DELETED
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe  -> DELETED
[TASK][ROGUE ST] 4682 : wscript.exe C:\Users\Keith\AppData\Local\Temp\launchie.vbs //B -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: TOSHIBA MK1655GSX ATA Device +++++
--- User ---
[MBR] 58f595e6f6d512dfc1f9e29c57c29a84
[BSP] abed930995b09610907d11db3f536f6c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 140232 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[2]_D_05262013_02d1616.txt >>
RKreport[1]_S_05262013_02d1611.txt ; RKreport[2]_D_05262013_02d1616.txt


#19 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 27 May 2013 - 03:36 PM

How is your computer running?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#20 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 27 May 2013 - 04:26 PM

Oh disregard my last post, your recent post wasn't showing up.

 

It does seem like my computer's state has improved. It will boot up and not allow me to click anything still but if I wait awhile it seems to eventually work.



#21 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 27 May 2013 - 04:31 PM

Hi Keith,

Let's take a broader snapshot of your computer. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST) in Normal or Safe Mode

--------------------
  • Download Farbar Recover Scan Tool for 64 bit systems and save it to your desktop
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Attach.txt pop up screen
  • 2 Notepad documents should now be open on your desktop
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#22 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 27 May 2013 - 04:51 PM

Here are the logs:

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-05-2013
Ran by Keith (administrator) on 27-05-2013 17:43:45
Running from C:\Users\Keith\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Wyse Technology Inc.) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Akamai Technologies, Inc.) C:\Users\Keith\AppData\Local\Akamai\netsession_win.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Users\Keith\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Akamai Technologies, Inc.) C:\Users\Keith\AppData\Local\Akamai\netsession_win.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
(Wyse Technology.) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
(Zhorn Software) C:\Users\Keith\Downloads\caffeine.exe
(Farbar) C:\Users\Keith\Desktop\FRST64.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [301056 2009-06-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [x]
HKLM\...\Run: [PocketCloud Location] "C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe" [935312 2012-11-05] (Wyse Technology Inc.)
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [x]
HKLM\...\Run: [IntelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2076272 2012-11-02] (Microsoft Corporation)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-08-21] (Google Inc.)
HKCU\...\Run: [Facebook Update] "C:\Users\Keith\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-01] (Facebook Inc.)
HKCU\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Keith\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19662744 2013-04-16] (Google)
HKCU\...\Run: [SkyDrive] "C:\Users\Keith\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [256600 2013-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-07-27] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [419112 2010-08-12] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [181480 2010-08-13] (Acer Corp.)
HKLM-x32\...\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave [828944 2011-08-03] (GlavSoft LLC.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [162336 2009-07-21] ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SPFS Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SPFS Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
PDF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
PDF: HKLM-x32 {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab
PDF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
PDF: HKLM-x32 {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab
PDF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab
PDF: HKLM-x32 {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
PDF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
 
FireFox:
========
FF ProfilePath: C:\Users\Keith\AppData\Roaming\Mozilla\Firefox\Profiles\7gjeukzk.default
FF Homepage: hxxp://m.www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: OneClickDownloader - C:\Users\Keith\AppData\Roaming\Mozilla\Firefox\Profiles\7gjeukzk.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
FF Extension: testpilot - C:\Users\Keith\AppData\Roaming\Mozilla\Firefox\Profiles\7gjeukzk.default\Extensions\testpilot@labs.mozilla.com.xpi
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Keith\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Keith\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Keith\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\NPOFF12.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Keith\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Keith\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Keith\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Entanglement) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Angry Birds) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Mp3Skull Toolbar) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaehjnjgheaikfecjlfokolkoalpnda\1.5.4_0
CHR Extension: (Google Drive) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (SocialReviver) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald\4.1_0
CHR Extension: (Facebook) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0
CHR Extension: (Monster Dash) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0
CHR Extension: (Netflix) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0
CHR Extension: (Super Mario) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnkjbdmdgifgkcenpllpepgcgllapgpm\1_0
CHR Extension: (Atari - Centipede) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakkiekmjcipgjlnenigjfgemakojanh\1.0_0
CHR Extension: (Twitter) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbahkjbbhhcekfelmpechlkjkpgopmhe\1.3_0
CHR Extension: (Planetarium) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0
CHR Extension: (Wolfram|Alpha (Official)) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikmmbnkodelanopcbphjfnnlajjpjpno\1.0.1_0
CHR Extension: (Grooveshark) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmhoehjioleannhdgjkpdmkcdlaagek\3.0.3_0
CHR Extension: (MOG Music) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgljcanfdcmdnncaneopdlcgjlkgpenj\0.9.10_0
CHR Extension: (Canabalt - HD Version) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkempgfofnfmanpnnhiojeadfhhleicd\1_0
CHR Extension: (Poppit) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Beansight) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgmdckndgdincpnkdlhnfaplbkmlkfe\1.1.0_0
CHR Extension: (Plants vs Zombies) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0
CHR Extension: (FREE TV) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbcjohbic\0.0.0.1_0
CHR Extension: (Autumn) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncooeidkmfddiohbpfcfbenjdnpdkac\1.3_0
CHR Extension: (Picasa) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0
CHR Extension: (Gmail) - C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
==================== Services (Whitelisted) =================
 
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-26] (Akamai Technologies, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 tvnserver; C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [191488 2012-11-05] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe [1436160 2012-11-05] (Wyse Technology.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [x]
S2 BingDesktopUpdate; "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" [x]
S4 msvsmon90; "C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe" /service msvsmon90 [x]
S2 NMSAccess; "C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe"  [x]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [x]
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [x]
R1 ElbyCDIO; System32\Drivers\ElbyCDIO.sys [x]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [x]
S4 LMIRfsClientNP; No ImagePath
S1 nnfwdk; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-05-27 17:42 - 2013-05-27 17:42 - 01915616 ____A (Farbar) C:\Users\Keith\Desktop\FRST64.exe
2013-05-26 16:20 - 2013-05-26 16:20 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Keith\Desktop\tdsskiller.exe
2013-05-26 16:16 - 2013-05-26 16:19 - 00002178 ____A C:\Users\Keith\Desktop\RKreport[2]_D_05262013_02d1616.txt
2013-05-26 16:11 - 2013-05-26 16:11 - 00002504 ____A C:\Users\Keith\Desktop\RKreport[1]_S_05262013_02d1611.txt
2013-05-26 16:08 - 2013-05-26 16:14 - 00000000 ____D C:\Users\Keith\Desktop\RK_Quarantine
2013-05-26 16:08 - 2013-05-26 16:08 - 00816128 ____A C:\Users\Keith\Desktop\RogueKiller.exe
2013-05-26 13:48 - 2013-05-26 13:48 - 00036075 ____A C:\ComboFix.txt
2013-05-22 22:01 - 2013-05-22 22:11 - 00002804 ____A C:\Users\Keith\Desktop\unhide.txt
2013-05-22 22:00 - 2013-05-22 22:00 - 00398752 ____A (Bleeping Computer, LLC) C:\Users\Keith\Desktop\unhide.exe
2013-05-20 20:20 - 2013-05-26 13:48 - 00000000 ____D C:\Qoobox
2013-05-20 20:20 - 2011-06-26 02:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-20 20:20 - 2010-11-07 13:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-20 20:20 - 2009-04-20 00:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-05-20 20:20 - 2000-08-30 20:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-20 20:20 - 2000-08-30 20:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-20 20:20 - 2000-08-30 20:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-20 20:20 - 2000-08-30 20:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-20 20:20 - 2000-08-30 20:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-20 20:19 - 2013-05-20 20:58 - 00000000 ____D C:\Windows\erdnt
2013-05-20 20:17 - 2013-05-26 11:12 - 05071432 ____R (Swearware) C:\Users\Keith\Desktop\ComboFix.exe
2013-05-20 20:03 - 2013-05-20 20:03 - 00003219 ____A C:\Users\Keith\Desktop\JRT.txt
2013-05-20 19:49 - 2013-05-20 19:49 - 00000000 ____D C:\Windows\ERUNT
2013-05-20 19:49 - 2013-05-20 19:49 - 00000000 ____D C:\JRT
2013-05-20 19:48 - 2013-05-20 19:48 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Keith\Desktop\JRT.exe
2013-05-20 17:04 - 2013-05-20 17:05 - 00027830 ____A C:\AdwCleaner[S1].txt
2013-05-20 17:04 - 2013-05-20 17:04 - 00632031 ____A C:\Users\Keith\Desktop\adwcleaner.exe
2013-05-19 16:30 - 2013-05-19 16:30 - 00001787 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-19 16:29 - 2013-05-19 16:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-19 16:29 - 2013-05-19 16:30 - 00000000 ____D C:\Program Files\iTunes
2013-05-19 16:29 - 2013-05-19 16:29 - 00000000 ____D C:\Program Files\iPod
2013-05-16 21:12 - 2013-05-16 21:12 - 00000000 ____D C:\Users\Keith\Documents\Electronic Arts
2013-05-16 21:10 - 2013-05-16 21:10 - 00001756 ____A C:\Users\Keith\Desktop\The Sims 3.lnk
2013-05-15 23:56 - 2013-04-05 02:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 23:56 - 2013-04-05 02:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 23:56 - 2013-04-05 02:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-15 23:56 - 2013-04-05 02:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 23:56 - 2013-04-05 02:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 23:56 - 2013-04-05 01:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-15 23:56 - 2013-04-05 01:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-15 23:56 - 2013-04-05 01:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-15 23:56 - 2013-04-05 00:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 23:56 - 2013-04-05 00:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-15 23:56 - 2013-04-04 23:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-15 23:56 - 2013-04-04 23:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-15 19:13 - 2013-04-10 02:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 19:13 - 2013-04-10 02:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 19:13 - 2011-02-03 07:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 19:03 - 2013-04-09 23:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 19:02 - 2013-02-27 02:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 19:02 - 2013-02-27 01:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 19:02 - 2013-02-27 01:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 19:02 - 2013-02-27 01:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 19:02 - 2013-02-27 01:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 19:02 - 2013-02-27 00:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 19:02 - 2013-02-27 00:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 19:02 - 2013-02-27 00:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 19:01 - 2013-03-19 01:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 19:01 - 2013-03-19 01:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 18:41 - 2013-05-15 17:43 - 00003021 ____A C:\Users\Keith\Desktop\Microsoft Word 2010.lnk
2013-05-15 18:41 - 2013-05-15 17:43 - 00002951 ____A C:\Users\Keith\Desktop\Microsoft Excel 2010.lnk
2013-05-15 17:43 - 2013-05-15 17:43 - 00002937 ____A C:\Users\Keith\Desktop\Microsoft PowerPoint 2010.lnk
2013-05-15 17:39 - 2013-05-15 17:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-05-15 17:34 - 2013-05-15 17:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-04-29 23:31 - 2013-04-29 23:31 - 04346816 ____A (Piriform Ltd) C:\Users\Keith\Downloads\ccsetup401.exe
2013-04-29 21:12 - 2012-08-23 10:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-04-29 21:12 - 2012-08-23 10:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-04-29 21:12 - 2012-08-23 09:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-29 21:12 - 2012-08-23 09:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-29 21:12 - 2012-08-23 09:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-04-29 21:11 - 2012-08-23 10:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-04-29 21:11 - 2012-08-23 09:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-04-29 21:11 - 2012-08-23 09:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-04-29 21:11 - 2012-08-23 09:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-04-29 21:11 - 2012-08-23 09:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-04-29 21:11 - 2012-08-23 09:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-04-29 21:11 - 2012-08-23 09:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-04-29 21:11 - 2012-08-23 08:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-04-29 21:11 - 2012-08-23 07:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-04-29 21:11 - 2012-08-23 07:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-04-29 21:11 - 2012-08-23 07:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-04-29 21:11 - 2012-08-23 07:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-04-29 21:11 - 2012-08-23 06:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-04-29 21:11 - 2012-08-23 06:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-04-29 21:11 - 2012-08-23 06:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-04-29 21:11 - 2012-08-23 06:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-04-29 21:11 - 2012-08-23 05:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-04-29 21:11 - 2012-08-23 04:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-04-29 21:11 - 2012-08-23 04:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-29 19:21 - 2013-04-29 19:21 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-29 19:21 - 2013-04-29 19:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-04-29 19:21 - 2013-04-29 19:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-04-29 19:21 - 2013-04-29 19:21 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-04-29 19:21 - 2013-04-29 19:21 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-04-29 19:21 - 2013-04-29 19:21 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-04-29 19:21 - 2013-04-29 19:21 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-04-29 19:21 - 2013-04-29 19:21 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-04-29 19:19 - 2013-04-29 19:19 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-29 19:15 - 2013-04-29 19:26 - 00007985 ____A C:\Windows\IE10_main.log
2013-04-29 15:41 - 2012-08-24 14:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-04-29 15:41 - 2012-08-24 14:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-04-29 15:41 - 2012-08-24 14:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-04-29 15:41 - 2012-08-24 14:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-04-29 15:41 - 2012-08-24 12:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-04-29 15:41 - 2012-08-24 12:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-04-29 15:41 - 2012-08-24 12:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-04-29 14:17 - 2012-05-04 07:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-04-29 14:17 - 2012-05-04 05:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-04-27 17:10 - 2013-04-04 05:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-04-27 17:10 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-04-27 17:10 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-04-27 17:09 - 2013-04-27 17:10 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
 
==================== One Month Modified Files and Folders =======
 
2013-05-27 17:44 - 2012-04-24 19:28 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-27 17:43 - 2010-12-01 16:40 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-27 17:42 - 2013-05-27 17:42 - 01915616 ____A (Farbar) C:\Users\Keith\Desktop\FRST64.exe
2013-05-27 17:20 - 2009-07-14 00:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-27 17:20 - 2009-07-14 00:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-27 17:16 - 2009-10-15 13:32 - 01473588 ____A C:\Windows\WindowsUpdate.log
2013-05-27 17:12 - 2012-05-02 13:52 - 00000000 ___SD C:\Users\Keith\Google Drive
2013-05-27 17:11 - 2012-12-16 15:52 - 00000000 ___RD C:\Users\Keith\SkyDrive
2013-05-27 17:09 - 2010-12-06 15:32 - 00081464 ____A C:\Windows\setupact.log
2013-05-27 17:09 - 2010-12-01 16:40 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-27 17:09 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-27 16:54 - 2010-05-29 09:43 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2393778099-1793147535-3310906996-1002Core.job
2013-05-27 16:53 - 2010-05-29 09:43 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2393778099-1793147535-3310906996-1002UA.job
2013-05-27 16:36 - 2009-07-14 01:08 - 00032618 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-27 15:15 - 2011-08-19 22:52 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2393778099-1793147535-3310906996-1002UA.job
2013-05-27 14:28 - 2011-08-19 22:52 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2393778099-1793147535-3310906996-1002Core.job
2013-05-26 16:20 - 2013-05-26 16:20 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Keith\Desktop\tdsskiller.exe
2013-05-26 16:19 - 2013-05-26 16:16 - 00002178 ____A C:\Users\Keith\Desktop\RKreport[2]_D_05262013_02d1616.txt
2013-05-26 16:14 - 2013-05-26 16:08 - 00000000 ____D C:\Users\Keith\Desktop\RK_Quarantine
2013-05-26 16:11 - 2013-05-26 16:11 - 00002504 ____A C:\Users\Keith\Desktop\RKreport[1]_S_05262013_02d1611.txt
2013-05-26 16:08 - 2013-05-26 16:08 - 00816128 ____A C:\Users\Keith\Desktop\RogueKiller.exe
2013-05-26 13:48 - 2013-05-26 13:48 - 00036075 ____A C:\ComboFix.txt
2013-05-26 13:48 - 2013-05-20 20:20 - 00000000 ____D C:\Qoobox
2013-05-26 13:40 - 2009-07-13 22:34 - 00000215 ____A C:\Windows\system.ini
2013-05-26 11:40 - 2009-08-21 22:31 - 00862512 ____A C:\Windows\PFRO.log
2013-05-26 11:12 - 2013-05-20 20:17 - 05071432 ____R (Swearware) C:\Users\Keith\Desktop\ComboFix.exe
2013-05-22 22:11 - 2013-05-22 22:01 - 00002804 ____A C:\Users\Keith\Desktop\unhide.txt
2013-05-22 22:00 - 2013-05-22 22:00 - 00398752 ____A (Bleeping Computer, LLC) C:\Users\Keith\Desktop\unhide.exe
2013-05-20 22:34 - 2012-11-16 16:57 - 00000000 ____D C:\Windows\rescache
2013-05-20 20:58 - 2013-05-20 20:19 - 00000000 ____D C:\Windows\erdnt
2013-05-20 20:46 - 2009-07-13 22:34 - 18087936 ____A C:\Windows\System32\config\SYSTEM.bak
2013-05-20 20:46 - 2009-07-13 22:34 - 109314048 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-05-20 20:46 - 2009-07-13 22:34 - 00786432 ____A C:\Windows\System32\config\DEFAULT.bak
2013-05-20 20:46 - 2009-07-13 22:34 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-05-20 20:46 - 2009-07-13 22:34 - 00262144 ____A C:\Windows\System32\config\SAM.bak
2013-05-20 20:03 - 2013-05-20 20:03 - 00003219 ____A C:\Users\Keith\Desktop\JRT.txt
2013-05-20 19:49 - 2013-05-20 19:49 - 00000000 ____D C:\Windows\ERUNT
2013-05-20 19:49 - 2013-05-20 19:49 - 00000000 ____D C:\JRT
2013-05-20 19:48 - 2013-05-20 19:48 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Keith\Desktop\JRT.exe
2013-05-20 17:05 - 2013-05-20 17:04 - 00027830 ____A C:\AdwCleaner[S1].txt
2013-05-20 17:04 - 2013-05-20 17:04 - 00632031 ____A C:\Users\Keith\Desktop\adwcleaner.exe
2013-05-20 17:02 - 2011-02-20 17:04 - 00000000 ____D C:\Users\Keith\AppData\Roaming\uTorrent
2013-05-19 16:30 - 2013-05-19 16:30 - 00001787 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-19 16:30 - 2013-05-19 16:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-19 16:30 - 2013-05-19 16:29 - 00000000 ____D C:\Program Files\iTunes
2013-05-19 16:30 - 2010-04-07 18:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-19 16:29 - 2013-05-19 16:29 - 00000000 ____D C:\Program Files\iPod
2013-05-16 21:12 - 2013-05-16 21:12 - 00000000 ____D C:\Users\Keith\Documents\Electronic Arts
2013-05-16 21:10 - 2013-05-16 21:10 - 00001756 ____A C:\Users\Keith\Desktop\The Sims 3.lnk
2013-05-16 21:06 - 2011-01-04 18:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8
2013-05-16 20:52 - 2012-05-22 16:11 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-05-16 20:43 - 2011-06-08 18:11 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-16 16:49 - 2009-12-12 14:22 - 00000000 ____D C:\Users\Keith\Documents\My Games
2013-05-16 14:38 - 2009-07-14 00:45 - 05041976 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 00:23 - 2009-08-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 00:15 - 2009-12-12 13:11 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-16 00:03 - 2009-07-14 01:13 - 00890406 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-15 19:05 - 2009-12-11 22:11 - 00122840 ____A C:\Users\Keith\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-15 17:43 - 2013-05-15 18:41 - 00003021 ____A C:\Users\Keith\Desktop\Microsoft Word 2010.lnk
2013-05-15 17:43 - 2013-05-15 18:41 - 00002951 ____A C:\Users\Keith\Desktop\Microsoft Excel 2010.lnk
2013-05-15 17:43 - 2013-05-15 17:43 - 00002937 ____A C:\Users\Keith\Desktop\Microsoft PowerPoint 2010.lnk
2013-05-15 17:40 - 2009-07-14 03:45 - 00000000 ____D C:\Windows\ShellNew
2013-05-15 17:39 - 2013-05-15 17:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-05-15 17:39 - 2009-08-21 22:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-15 17:36 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-05-15 17:34 - 2013-05-15 17:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-15 16:53 - 2012-12-16 15:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-05-15 16:35 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-05-15 16:26 - 2010-04-22 22:02 - 00000000 ____D C:\Users\Keith\AppData\Roaming\SoftGrid Client
2013-05-15 16:15 - 2012-04-24 19:28 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 16:15 - 2011-09-03 13:42 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-15 14:39 - 2009-12-12 22:16 - 00000000 ____D C:\Users\Keith\AppData\Roaming\Mozilla
2013-05-09 04:59 - 2013-03-13 22:20 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 04:59 - 2013-03-13 22:20 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 04:59 - 2012-03-16 14:21 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-09 04:59 - 2011-06-08 18:12 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 04:59 - 2011-06-08 18:12 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 04:59 - 2011-06-08 18:11 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 04:59 - 2011-06-08 18:11 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 04:59 - 2011-06-08 18:11 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 04:58 - 2011-06-08 18:11 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 04:58 - 2011-06-08 18:11 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-05 20:32 - 2009-12-15 20:35 - 00000000 ____D C:\Users\Keith\Documents\Keith
2013-05-02 14:56 - 2010-03-02 23:23 - 00000000 ____D C:\Program Files (x86)\DivX
2013-05-02 14:46 - 2012-01-15 22:07 - 00000000 ____D C:\ProgramData\DivX
2013-05-02 14:46 - 2010-03-02 23:23 - 00000000 ____D C:\Program Files\DivX
2013-04-29 23:32 - 2011-06-06 14:15 - 00000826 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-04-29 23:32 - 2011-06-06 14:15 - 00000000 ____D C:\Program Files\CCleaner
2013-04-29 23:31 - 2013-04-29 23:31 - 04346816 ____A (Piriform Ltd) C:\Users\Keith\Downloads\ccsetup401.exe
2013-04-29 21:17 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-04-29 19:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-04-29 19:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-04-29 19:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-04-29 19:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-04-29 19:26 - 2013-04-29 19:15 - 00007985 ____A C:\Windows\IE10_main.log
2013-04-29 19:21 - 2013-04-29 19:21 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-29 19:21 - 2013-04-29 19:21 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-29 19:21 - 2013-04-29 19:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-04-29 19:21 - 2013-04-29 19:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-04-29 19:21 - 2013-04-29 19:21 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-04-29 19:21 - 2013-04-29 19:21 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-04-29 19:21 - 2013-04-29 19:21 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-04-29 19:21 - 2013-04-29 19:21 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-04-29 19:21 - 2013-04-29 19:21 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-04-29 19:21 - 2013-04-29 19:21 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-04-29 19:21 - 2013-04-29 19:21 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-04-29 19:19 - 2013-04-29 19:19 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-29 19:19 - 2013-04-29 19:19 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-29 15:18 - 2012-03-19 21:06 - 00001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-04-29 15:18 - 2010-04-04 18:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-27 17:10 - 2013-04-27 17:09 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-04-27 17:10 - 2010-01-04 22:48 - 00000000 ____D C:\Program Files (x86)\Java
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
TDL4: custom:26000022 <===== ATTENTION!
 
 
Last Boot: 2013-05-08 18:37
 
==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2013
Ran by Keith at 2013-05-27 17:46:03 Run:
Running from C:\Users\Keith\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
Acer Arcade Deluxe (Version: 3.0.8012)
Acer Assist
Acer ePower Management (Version: 4.05.3002)
Acer eRecovery Management (Version: 4.05.3002)
Acer Games (Version: 1.0.0.71)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3004)
Acer ScreenSaver (Version: 1.02.0804)
Acer Updater (Version: 1.01.3014)
Acrobat.com (Version: 1.6.65)
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 3.7.0.1530)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 (Version: 4)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Fonts All (Version: 2.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe OnLocation CS4 (Version: 4)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop Express Uploader (Version: 1.0.8)
Adobe Photoshop Express Uploader (Version: 1.0.8.787413)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Akamai NetSession Interface
Akamai NetSession Interface Service
ALPS Touch Pad Driver (Version: Version 7.102.2002.208)
AMD USB Filter Driver (Version: 1.0.11.86)
Any Video Converter 3.3.2
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
ATI Catalyst Install Manager (Version: 3.0.732.0)
avast! Free Antivirus (Version: 8.0.1489.0)
AviSynth 2.5
beginning (Version: 1.0.0.1)
Bing Bar (Version: 7.0.609.0)
Bing Desktop (Version: 1.2.126.0)
Bonjour (Version: 3.0.0.10)
CameraHelperMsi (Version: 13.31.1038.0)
Canon RAW Codec (Version: 1.6.0.53)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Light (Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (Version: 2009.0729.2227.38498)
Catalyst Control Center Localization All (Version: 2009.0729.2227.38498)
CCC Help Chinese Standard (Version: 2009.0729.2226.38498)
CCC Help Chinese Traditional (Version: 2009.0729.2226.38498)
CCC Help Czech (Version: 2009.0729.2226.38498)
CCC Help Danish (Version: 2009.0729.2226.38498)
CCC Help Dutch (Version: 2009.0729.2226.38498)
CCC Help English (Version: 2009.0729.2226.38498)
CCC Help Finnish (Version: 2009.0729.2226.38498)
CCC Help French (Version: 2009.0729.2226.38498)
CCC Help German (Version: 2009.0729.2226.38498)
CCC Help Greek (Version: 2009.0729.2226.38498)
CCC Help Hungarian (Version: 2009.0729.2226.38498)
CCC Help Italian (Version: 2009.0729.2226.38498)
CCC Help Japanese (Version: 2009.0729.2226.38498)
CCC Help Korean (Version: 2009.0729.2226.38498)
CCC Help Norwegian (Version: 2009.0729.2226.38498)
CCC Help Polish (Version: 2009.0729.2226.38498)
CCC Help Portuguese (Version: 2009.0729.2226.38498)
CCC Help Russian (Version: 2009.0729.2226.38498)
CCC Help Spanish (Version: 2009.0729.2226.38498)
CCC Help Swedish (Version: 2009.0729.2226.38498)
CCC Help Thai (Version: 2009.0729.2226.38498)
CCC Help Turkish (Version: 2009.0729.2226.38498)
ccc-core-static (Version: 2009.0729.2227.38498)
ccc-utility64 (Version: 2009.0729.2227.38498)
CCleaner (Version: 4.01)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
DebugMode Wax 2.0
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 5: Boom
DivX Version Checker (Version: 7.1.0.9)
EA Download Manager (Version: 7.3.3.7)
eBay Worldwide (Version: 2.1.0703)
erLT (Version: 1.20.138.34)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FlipShare (Version: 5.12.3.0)
Google Chrome (Version: 26.0.1410.64)
Google Drive (Version: 1.9.4536.8202)
Google Earth (Version: 7.0.3.8542)
Google Talk Plugin (Version: 3.19.1.13088)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.145)
iCloud (Version: 2.1.2.8)
Identity Card (Version: 1.00.3001)
iFunbox (v1.99.958.697), iFunbox DevTeam (Version: v1.99.958.697)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.0.3.42)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 29 (Version: 6.0.290)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 3.0.00)
Logitech Webcam Software (Version: 2.0)
Logitech Webcam Software Driver Package (Version: 12.0.1278)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office on Demand Browser Add-ons (Version: 15.0.4481.1005)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (Version: 17.0.2006.0314)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox (3.6b5) (Version: 3.6b5 (en-US))
Mozilla Firefox 9.0 (x86 en-US) (Version: 9.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
Netflix in Windows Media Center (Version: 3.3.101.0)
Nielsen
ooVoo (Version: 3.5.3023)
Photoshop Camera Raw (Version: 5.0)
Picasa 3 (Version: 3.9)
Pixel Bender Toolkit (Version: 1.0)
PocketCloud Windows Companion (Version: 2.5.13)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30102)
Safari (Version: 5.34.57.2)
Service Pack 1 for SQL Server 2008 (KB968369) (Version: 10.1.2531.0)
Skype Click to Call (Version: 5.10.9560)
Skype™ 6.0 (Version: 6.0.126)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
SQL Server System CLR Types (Version: 10.1.2531.0)
Suite Shared Configuration CS4 (Version: 1.0)
swMSM (Version: 12.0.0.1)
The Sims™ 3 (Version: 1.0.632)
TI Connect 1.6 (Version: 1.6)
TI-83 Plus Flash Debugger
TightVNC 2.0.4 (Version: 2.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Videora iPhone 4 Converter 6 (Version: 6)
Videora iPod touch Converter 5.04 (Version: 5.04)
Viper 1.5.00 (Version: 1.5.00)
VirtualCloneDrive
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Welcome Center (Version: 1.00.3005)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Movie Maker 2.6 (Version: 2.6.4038.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World Of Goo [SteamDePowered]
 
==================== Restore Points  =========================
 
24-05-2013 02:17:08 ComboFix created restore point
26-05-2013 15:15:31 ComboFix created restore point
27-05-2013 18:29:12 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
Name: Nielsen WFP Driver
Description: Nielsen WFP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: nnfwdk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/27/2013 02:29:17 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {55703c3c-00b7-4508-8113-5dd5ee1e5b90}
 
Error: (05/27/2013 05:11:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4212
 
Error: (05/27/2013 05:11:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4212
 
Error: (05/27/2013 05:11:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/27/2013 05:11:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2792
 
Error: (05/27/2013 05:11:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2792
 
Error: (05/27/2013 05:11:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/27/2013 05:10:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1498
 
Error: (05/27/2013 05:10:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1498
 
Error: (05/27/2013 05:10:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (05/27/2013 05:41:17 PM) (Source: atikmdag) (User: )
Description: Display is not active
 
Error: (05/27/2013 05:13:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
 
Error: (05/27/2013 05:13:29 PM) (Source: DCOM) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (05/27/2013 05:11:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
nnfwdk
 
Error: (05/27/2013 05:10:18 PM) (Source: Service Control Manager) (User: )
Description: The SeaPort service failed to start due to the following error: 
%%2
 
Error: (05/27/2013 05:10:06 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error: 
%%3
 
Error: (05/27/2013 05:09:11 PM) (Source: atikmdag) (User: )
Description: Display is not active
 
Error: (05/27/2013 05:09:11 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
 
Error: (05/27/2013 05:09:14 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:55:17 PM on ?5/?27/?2013 was unexpected.
 
Error: (05/27/2013 04:46:43 PM) (Source: DCOM) (User: )
Description: {687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
 
 
Microsoft Office Sessions:
=========================
Error: (05/27/2013 02:29:17 PM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(.DEFAULT)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {55703c3c-00b7-4508-8113-5dd5ee1e5b90}
 
Error: (05/27/2013 05:11:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4212
 
Error: (05/27/2013 05:11:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4212
 
Error: (05/27/2013 05:11:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/27/2013 05:11:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2792
 
Error: (05/27/2013 05:11:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2792
 
Error: (05/27/2013 05:11:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/27/2013 05:10:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1498
 
Error: (05/27/2013 05:10:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1498
 
Error: (05/27/2013 05:10:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-26 11:37:40.721
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-26 11:37:40.003
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-26 11:37:39.223
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-26 11:37:38.505
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-23 22:37:22.136
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-23 22:37:21.403
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-23 22:37:20.623
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-23 22:37:19.905
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-22 21:30:58.696
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-22 21:30:58.087
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 43%
Total physical RAM: 2812.05 MB
Available physical RAM: 1583.41 MB
Total Pagefile: 5622.29 MB
Available Pagefile: 3953.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:136.95 GB) (Free:4.49 GB) NTFS (Disk=0 Partition=3)
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: B607082E)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#23 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 27 May 2013 - 05:38 PM

Hi Keith,

Thank you for your patience as I worked through the information you provided.

I have a fix for you to perform but based on the results of the last scan I must inform you of the following:

===================================================

BACKDOOR WARNING!

--------------------

One or more of the identified infections is a Backdoor Trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Please let me know if you have already noticed evidences of financial institution irregularities.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: Microsoft SPFS Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO-x32: Microsoft SPFS Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Extension: OneClickDownloader - C:\Users\Keith\AppData\Roaming\Mozilla\Firefox\Profiles\7gjeukzk.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
CHR Plugin: (Shockwave Flash) - C:\Users\Keith\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\NPOFF12.DLL No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
TDL4: custom:26000022 <===== ATTENTION!
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST log
  • Any change in your computer?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#24 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 27 May 2013 - 09:26 PM

My computer appears to be functioning normally now. Here are the logs:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-05-2013
Ran by Keith at 2013-05-27 18:48:16 Run:2
Running from C:\Users\Keith\Desktop
Boot Mode: Normal
==============================================
 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key deleted successfully.
HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\msdaipp => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\msdaipp => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\osf => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1} => Key deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0 => Key deleted successfully.
C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\Users\Keith\AppData\Roaming\Mozilla\Firefox\Profiles\7gjeukzk.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi => Moved successfully.
C:\Users\Keith\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll not found.
C:\Windows\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Program Files (x86)\Mozilla Firefox 3.6 Beta 5\plugins\NPOFF12.DLL not found.
C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll not found.
C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Moved successfully.
C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll not found.
 
The operation completed successfully.
The operation completed successfully.
 
==== End of Fixlog ====


#25 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 27 May 2013 - 10:10 PM

Hi Keith,

Excellent,

Please run these for me.

===================================================

Rerun Malwarebytes (MBAM)

--------------------

Temporarily disable your antivirus program.
  • Please locate your Malwarebytes icon 1208__malwarebytes.png and launch the program
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Malwarebytes results
  • ESET results (no log if nothing found)
  • How is your computer running now?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#26 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 28 May 2013 - 08:51 PM

My computer seems to be working normally! Here are the logs:

 

 

C:\install\soundeffects.exe probably a variant of Win32/InstallIQ application
C:\install\videora-ipodtouch-504-setup.exe Win32/OpenCandy application
 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.05.28.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Keith :: KEITH-PC [administrator]
 
5/28/2013 2:19:29 PM
mbam-log-2013-05-28 (14-19-29).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232350
Time elapsed: 12 minute(s), 16 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#27 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 28 May 2013 - 08:57 PM

That is great to hear. Please navigate to your control panel, Programs and Features, and uninstall Java 6 update 29. Then one final check on how your computer is running.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#28 KDenning

KDenning
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 29 May 2013 - 09:43 PM

Done! It seems to be working well now. Thank you!



#29 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 29 May 2013 - 10:32 PM

Greetings Keith,

Nice job, my friend. It looks like our time has come to an end.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean

--------------

Your machine appears to be clean. Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Please do the following to remove some of the tools we used during our time together: Following this step you may remove any other remaining tools or logs.


Delete the tools used during the disinfection:
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time. In the run box type combofix /uninstall, then press OK.

run-box.jpg

  • This will remove Combofix and other tools we used from your computer. You may also remove any other tools used or logs created during the steps taken.
Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read: Simple and easy ways to keep your computer safe and secure on the Internet.


In addition, here are some more links you might find of interest:I will leave this topic open for just a day or so in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#30 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,749 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:39 AM

Posted 31 May 2013 - 07:59 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users