Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Explorer not responding and wow.dll initialization failure


  • This topic is locked This topic is locked
11 replies to this topic

#1 daazndrgon

daazndrgon

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:50 AM

Posted 06 June 2013 - 10:42 PM

My Avira Antivir detected a JS/iFrame virus yesterday and when I ran a new scan, it found nothing. However, I restarted my computer and when I get to the desktop, it says that the wow.dll in the appdata\temp folder failed to initialized and windows explorer keeps freezing. Also there's a html shortcut that was placed on my desktop that reappeared after deleting it that was named White Trader. Any ideas on how to remove this malware? Thanks. (Note: I also did a system restore before running DDS)

 

DDS Log below:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576
Run by Hp at 20:25:22 on 2013-06-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2811.1370 [GMT -7:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\SafeConnect\scClient.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\SafeConnect\Uninstall.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
LSP: %windir%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{06CC4052-49DA-40F1-984D-8AB9F5D3B92B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{06CC4052-49DA-40F1-984D-8AB9F5D3B92B}\54247457563747 : DHCPNameServer = 134.154.196.17 134.154.196.18 134.154.196.209 134.154.196.217
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2013-6-6 70296]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-27 28600]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-20 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-11-20 203264]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-3-10 86752]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-3-10 110816]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-27 100712]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-6-29 27192]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2013-2-26 13242960]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-20 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys servicestart --> C:\Program Files (x86)\SafeConnect\scManager.sys servicestart [?]
S3 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
S3 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-6-25 92216]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-20 245792]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-9 59392]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-06-06 19:23:58 67224 ----a-w- C:\Windows\System32\vsocklib.dll
2013-06-06 19:23:58 63128 ----a-w- C:\Windows\SysWow64\vsocklib.dll
2013-06-06 19:23:57 70296 ----a-w- C:\Windows\System32\drivers\vsock.sys
2013-06-06 19:23:49 67664 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2013-06-06 19:23:20 357456 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2013-06-06 19:23:16 436304 ----a-w- C:\Windows\SysWow64\vmnat.exe
2013-06-06 19:23:15 30800 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2013-06-06 19:23:03 933968 ----a-w- C:\Windows\System32\vnetlib64.dll
2013-06-06 19:22:59 52376 ----a-w- C:\Windows\System32\drivers\hcmon.sys
2013-06-06 19:22:37 -------- d-----w- C:\Program Files\Common Files\VMware
2013-06-06 19:22:05 -------- d-----w- C:\Program Files (x86)\VMware
2013-06-06 19:22:05 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2013-06-06 16:30:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-06 03:10:48 -------- d-----w- C:\Users\Hp\AppData\Roaming\Search Protection
2013-06-05 18:56:16 -------- d-----w- C:\Users\Hp\AppData\Local\VMware
2013-05-24 02:02:32 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-24 01:55:43 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0171080-8FF4-46BD-9C57-878057669268}\mpengine.dll
2013-05-24 01:44:56 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-24 01:44:56 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-24 01:44:56 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-24 01:44:55 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-24 01:42:40 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-05-24 01:42:25 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-05-24 01:42:24 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-05-24 01:42:23 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-05-24 01:42:23 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-05-24 01:42:23 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-05-24 01:42:23 112640 ----a-w- C:\Windows\System32\smss.exe
2013-05-11 17:51:46 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
.
==================== Find3M  ====================
.
2013-05-24 02:02:32 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-17 17:33:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-17 17:33:33 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-02 09:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-03-27 21:39:15 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-03-27 21:39:15 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
.
============= FINISH: 20:26:01.03 ===============
 

 

 



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:50 PM

Posted 07 June 2013 - 10:18 AM

Hello daazndrgon,

 

Welcome to the forum.

 

Your system was infected with ZeroAccess rootkit.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 



#3 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:50 AM

Posted 07 June 2013 - 11:38 AM

Attached File  Addition.txt   16.04KB   2 downloadsHello Farbar, Here are the logs you've requested. Thank you for your help.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-06-2013 01
Ran by Hp (administrator) on 07-06-2013 09:24:33
Running from C:\Users\Hp\Desktop\Recovery Tools
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scClient.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\Uninstall.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6245408 2010-05-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-06-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [104528 2013-02-26] (VMware, Inc.)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\SafeConnect.lnk
ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {178A1C89-4460-4DE9-8823-3D509AD4F3A3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM - {478A3537-9F60-4773-8DB8-D1F28C16D04E} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {A7757897-D8AC-4E2A-A0BA-DD6798AF571A} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {178A1C89-4460-4DE9-8823-3D509AD4F3A3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {478A3537-9F60-4773-8DB8-D1F28C16D04E} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {A7757897-D8AC-4E2A-A0BA-DD6798AF571A} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {178A1C89-4460-4DE9-8823-3D509AD4F3A3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {478A3537-9F60-4773-8DB8-D1F28C16D04E} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {A7757897-D8AC-4E2A-A0BA-DD6798AF571A} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-27] (Avira Operations GmbH & Co. KG)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [175968 2012-11-13] (Impulse Point, LLC)
R2 VMwareHostd; C:\ProgramData\VMware\hostd\config.xml [32681 2013-06-06] ()
S3 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R2 avgntflt; system32\DRIVERS\avgntflt.sys [x]
R1 avipbb; system32\DRIVERS\avipbb.sys [x]
R1 avkmgr; system32\DRIVERS\avkmgr.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-07 09:23 - 2013-06-07 09:23 - 00000000 ____D C:\FRST
2013-06-07 09:22 - 2013-06-07 09:23 - 00000000 ____D C:\Users\Hp\Desktop\Recovery Tools
2013-06-06 20:26 - 2013-06-06 20:26 - 00013174 ____A C:\Users\Hp\Desktop\dds.txt
2013-06-06 20:26 - 2013-06-06 20:26 - 00007207 ____A C:\Users\Hp\Desktop\attach.txt
2013-06-06 20:21 - 2013-06-06 20:21 - 00688992 ____R (Swearware) C:\Users\Hp\Desktop\dds.com
2013-06-06 12:23 - 2013-02-26 02:29 - 00933968 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll
2013-06-06 12:23 - 2013-02-26 02:28 - 00436304 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-06-06 12:23 - 2013-02-26 02:28 - 00357456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-06-06 12:23 - 2013-02-26 02:28 - 00067664 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys
2013-06-06 12:23 - 2013-02-26 02:28 - 00030800 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys
2013-06-06 12:23 - 2012-10-24 14:17 - 00070296 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vsock.sys
2013-06-06 12:23 - 2012-10-24 14:17 - 00067224 ____A (VMware, Inc.) C:\Windows\System32\vsocklib.dll
2013-06-06 12:23 - 2012-10-24 14:17 - 00063128 ____A (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-06-06 12:22 - 2013-06-06 12:22 - 00002127 ____A C:\Users\Public\Desktop\VMware Workstation.lnk
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files (x86)\VMware
2013-06-06 12:22 - 2012-10-11 16:15 - 00052376 ____A (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys
2013-06-06 11:21 - 2013-06-06 12:02 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-06-06 09:30 - 2013-06-06 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-05 20:11 - 2013-06-05 20:13 - 00000000 ____D C:\Users\Hp\Desktop\Mac
2013-06-05 20:10 - 2013-06-05 20:10 - 00000000 ____D C:\Users\Hp\AppData\Roaming\Search Protection
2013-06-05 12:05 - 2013-06-05 12:05 - 00000038 ____A C:\Users\Hp\Desktop\DISABLE SVM.txt
2013-06-05 11:56 - 2013-06-06 15:01 - 00000000 ____D C:\Users\Hp\AppData\Roaming\VMware
2013-06-05 11:56 - 2013-06-06 15:01 - 00000000 ____D C:\Users\Hp\AppData\Local\VMware
2013-06-05 11:12 - 2013-06-07 09:14 - 00000000 ____D C:\ProgramData\VMware
2013-05-23 19:04 - 2013-05-23 19:04 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-23 19:02 - 2013-05-23 19:02 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 18:58 - 2013-05-23 19:08 - 00007985 ____A C:\Windows\IE10_main.log
2013-05-23 18:45 - 2013-04-12 07:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-23 18:45 - 2013-03-18 22:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-23 18:45 - 2013-03-18 22:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-23 18:45 - 2013-02-26 23:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-23 18:45 - 2013-02-26 22:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-23 18:45 - 2013-02-26 22:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-23 18:45 - 2013-02-26 22:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-23 18:45 - 2013-02-26 22:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-23 18:45 - 2013-02-26 21:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-23 18:45 - 2013-02-26 21:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-23 18:45 - 2013-02-26 21:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-23 18:45 - 2013-02-14 23:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-05-23 18:45 - 2013-02-14 23:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-23 18:45 - 2013-02-14 23:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-05-23 18:45 - 2013-02-14 21:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-23 18:45 - 2013-02-14 21:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-05-23 18:45 - 2013-02-14 20:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-05-23 18:45 - 2013-02-11 21:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-23 18:44 - 2013-04-09 23:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-23 18:44 - 2013-04-09 23:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-23 18:44 - 2013-04-09 20:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-23 18:44 - 2011-02-03 04:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-23 18:42 - 2013-03-18 23:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-23 18:42 - 2013-03-18 22:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-05-23 18:42 - 2013-03-18 22:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-05-23 18:42 - 2013-03-18 22:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-05-23 18:42 - 2013-03-18 21:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-05-23 18:42 - 2013-03-18 20:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-05-23 18:42 - 2013-01-23 23:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-05-11 10:51 - 2013-05-11 10:51 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys

==================== One Month Modified Files and Folders =======

2013-06-07 09:23 - 2013-06-07 09:23 - 00000000 ____D C:\FRST
2013-06-07 09:23 - 2013-06-07 09:22 - 00000000 ____D C:\Users\Hp\Desktop\Recovery Tools
2013-06-07 09:21 - 2009-07-13 21:45 - 00023024 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-07 09:21 - 2009-07-13 21:45 - 00023024 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-07 09:14 - 2013-06-05 11:12 - 00000000 ____D C:\ProgramData\VMware
2013-06-07 09:13 - 2012-04-12 09:41 - 00011390 ____A C:\Windows\setupact.log
2013-06-07 09:13 - 2009-07-13 22:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-06 21:56 - 2010-11-20 01:46 - 01096370 ____A C:\Windows\WindowsUpdate.log
2013-06-06 20:40 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-06 20:26 - 2013-06-06 20:26 - 00013174 ____A C:\Users\Hp\Desktop\dds.txt
2013-06-06 20:26 - 2013-06-06 20:26 - 00007207 ____A C:\Users\Hp\Desktop\attach.txt
2013-06-06 20:21 - 2013-06-06 20:21 - 00688992 ____R (Swearware) C:\Users\Hp\Desktop\dds.com
2013-06-06 18:32 - 2009-07-13 22:13 - 00731394 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-06 15:01 - 2013-06-05 11:56 - 00000000 ____D C:\Users\Hp\AppData\Roaming\VMware
2013-06-06 15:01 - 2013-06-05 11:56 - 00000000 ____D C:\Users\Hp\AppData\Local\VMware
2013-06-06 12:22 - 2013-06-06 12:22 - 00002127 ____A C:\Users\Public\Desktop\VMware Workstation.lnk
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files (x86)\VMware
2013-06-06 12:22 - 2011-02-13 12:28 - 00744400 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-06 12:04 - 2011-02-06 13:13 - 00000000 ____D C:\users\Hp
2013-06-06 12:03 - 2011-02-06 13:26 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-06 12:03 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-06 12:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-06 12:02 - 2013-06-06 11:21 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-06-06 12:02 - 2013-06-06 09:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-06 12:02 - 2011-02-13 12:29 - 00000000 ____D C:\Users\Hp\AppData\Roaming\SoftGrid Client
2013-06-06 12:02 - 2010-11-20 02:27 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-06 12:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-06-06 11:29 - 2011-02-07 17:17 - 00000000 ____D C:\Users\Hp\Tracing
2013-06-06 11:29 - 2009-09-06 18:57 - 00000000 ____D C:\Windows\Panther
2013-06-05 20:13 - 2013-06-05 20:11 - 00000000 ____D C:\Users\Hp\Desktop\Mac
2013-06-05 20:10 - 2013-06-05 20:10 - 00000000 ____D C:\Users\Hp\AppData\Roaming\Search Protection
2013-06-05 12:05 - 2013-06-05 12:05 - 00000038 ____A C:\Users\Hp\Desktop\DISABLE SVM.txt
2013-06-04 11:14 - 2011-02-06 13:18 - 00063104 ____A C:\Users\Hp\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 13:42 - 2011-03-20 20:29 - 00000000 ____D C:\Users\Hp\Documents\Youcam
2013-05-25 19:22 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-05-25 12:03 - 2009-07-13 21:45 - 00277504 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-23 19:08 - 2013-05-23 18:58 - 00007985 ____A C:\Windows\IE10_main.log
2013-05-23 19:04 - 2013-05-23 19:04 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-23 19:02 - 2013-05-23 19:02 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-17 10:33 - 2012-03-28 10:30 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-17 10:33 - 2011-07-17 09:47 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-11 10:51 - 2013-05-11 10:51 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

Last Boot: 2013-06-04 13:39

==================== End Of Log ============================

 


Edited by daazndrgon, 07 June 2013 - 11:48 AM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:50 PM

Posted 07 June 2013 - 01:54 PM

Are you still getting wow.dll notificatin at start up?

 

Please download TDSSKiller.zip and and extract it.

  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

 



#5 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:50 AM

Posted 08 June 2013 - 01:06 PM

Hi Farbar, I am no longer getting the wow.dll notification after I've done the system restore. Here is the TDSS log you have requested:

 

11:01:07.0964 4228  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:01:08.0479 4228  ============================================================
11:01:08.0479 4228  Current date / time: 2013/06/08 11:01:08.0479
11:01:08.0479 4228  SystemInfo:
11:01:08.0479 4228 
11:01:08.0479 4228  OS Version: 6.1.7601 ServicePack: 1.0
11:01:08.0479 4228  Product type: Workstation
11:01:08.0479 4228  ComputerName: HP-LAPTOP
11:01:08.0479 4228  UserName: Hp
11:01:08.0479 4228  Windows directory: C:\Windows
11:01:08.0479 4228  System windows directory: C:\Windows
11:01:08.0479 4228  Running under WOW64
11:01:08.0479 4228  Processor architecture: Intel x64
11:01:08.0479 4228  Number of processors: 2
11:01:08.0479 4228  Page size: 0x1000
11:01:08.0479 4228  Boot type: Normal boot
11:01:08.0479 4228  ============================================================
11:01:10.0257 4228  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:01:10.0273 4228  ============================================================
11:01:10.0273 4228  \Device\Harddisk0\DR0:
11:01:10.0273 4228  MBR partitions:
11:01:10.0273 4228  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:01:10.0273 4228  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x230E6000
11:01:10.0273 4228  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2314A000, BlocksNum 0x22B0800
11:01:10.0273 4228  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
11:01:10.0273 4228  ============================================================
11:01:10.0304 4228  C: <-> \Device\Harddisk0\DR0\Partition2
11:01:10.0367 4228  D: <-> \Device\Harddisk0\DR0\Partition3
11:01:10.0367 4228  ============================================================
11:01:10.0367 4228  Initialize success
11:01:10.0367 4228  ============================================================
11:01:23.0237 3276  ============================================================
11:01:23.0237 3276  Scan started
11:01:23.0237 3276  Mode: Manual;
11:01:23.0237 3276  ============================================================
11:01:24.0469 3276  ================ Scan system memory ========================
11:01:24.0469 3276  System memory - ok
11:01:24.0469 3276  ================ Scan services =============================
11:01:24.0921 3276  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:01:24.0953 3276  1394ohci - ok
11:01:24.0984 3276  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:01:24.0984 3276  ACPI - ok
11:01:25.0015 3276  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:01:25.0031 3276  AcpiPmi - ok
11:01:25.0077 3276  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:01:25.0109 3276  adp94xx - ok
11:01:25.0140 3276  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:01:25.0155 3276  adpahci - ok
11:01:25.0202 3276  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:01:25.0218 3276  adpu320 - ok
11:01:25.0249 3276  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:01:25.0249 3276  AeLookupSvc - ok
11:01:25.0327 3276  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:01:25.0343 3276  AERTFilters - ok
11:01:25.0421 3276  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:01:25.0436 3276  AFD - ok
11:01:25.0483 3276  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:01:25.0483 3276  agp440 - ok
11:01:25.0545 3276  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:01:25.0545 3276  ALG - ok
11:01:25.0623 3276  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:01:25.0639 3276  aliide - ok
11:01:25.0717 3276  [ 29C151492510640343B00B63996E4070 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:01:25.0717 3276  AMD External Events Utility - ok
11:01:25.0811 3276  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:01:25.0811 3276  amdide - ok
11:01:25.0857 3276  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:01:25.0873 3276  AmdK8 - ok
11:01:26.0107 3276  [ 2C9C4824664C61351FF1E0169262D026 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:01:26.0403 3276  amdkmdag - ok
11:01:26.0513 3276  [ EF7382689D3B17AC2983202E7A40AB45 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:01:26.0544 3276  amdkmdap - ok
11:01:26.0591 3276  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:01:26.0591 3276  AmdPPM - ok
11:01:26.0622 3276  [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
11:01:26.0622 3276  amdsata - ok
11:01:26.0669 3276  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:01:26.0700 3276  amdsbs - ok
11:01:26.0747 3276  [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
11:01:26.0762 3276  amdxata - ok
11:01:26.0856 3276  [ C2170E010C9B6739A136211FC0427527 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:01:26.0871 3276  AntiVirSchedulerService - ok
11:01:26.0887 3276  [ 47EB3F0EF84E0AF8AE75DB98EEF34255 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:01:26.0903 3276  AntiVirService - ok
11:01:26.0965 3276  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:01:26.0981 3276  AppID - ok
11:01:27.0012 3276  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:01:27.0012 3276  AppIDSvc - ok
11:01:27.0043 3276  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:01:27.0043 3276  Appinfo - ok
11:01:27.0090 3276  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:01:27.0105 3276  arc - ok
11:01:27.0137 3276  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:01:27.0152 3276  arcsas - ok
11:01:27.0199 3276  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:01:27.0199 3276  AsyncMac - ok
11:01:27.0261 3276  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:01:27.0261 3276  atapi - ok
11:01:27.0324 3276  [ F8633CDD09647A64EE8DB550630427FF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:01:27.0371 3276  athr - ok
11:01:27.0417 3276  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
11:01:27.0433 3276  AtiHdmiService - ok
11:01:27.0480 3276  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
11:01:27.0480 3276  AtiPcie - ok
11:01:27.0527 3276  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:01:27.0573 3276  AudioEndpointBuilder - ok
11:01:27.0605 3276  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:01:27.0605 3276  AudioSrv - ok
11:01:27.0651 3276  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:01:27.0667 3276  avgntflt - ok
11:01:27.0714 3276  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:01:27.0745 3276  avipbb - ok
11:01:27.0761 3276  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:01:27.0761 3276  avkmgr - ok
11:01:27.0807 3276  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:01:27.0823 3276  AxInstSV - ok
11:01:27.0870 3276  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:01:27.0885 3276  b06bdrv - ok
11:01:27.0948 3276  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:01:27.0948 3276  b57nd60a - ok
11:01:27.0979 3276  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:01:27.0995 3276  BDESVC - ok
11:01:28.0010 3276  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:01:28.0026 3276  Beep - ok
11:01:28.0073 3276  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:01:28.0119 3276  BFE - ok
11:01:28.0151 3276  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:01:28.0166 3276  BITS - ok
11:01:28.0213 3276  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:01:28.0229 3276  blbdrive - ok
11:01:28.0275 3276  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:01:28.0275 3276  bowser - ok
11:01:28.0307 3276  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:01:28.0307 3276  BrFiltLo - ok
11:01:28.0322 3276  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:01:28.0322 3276  BrFiltUp - ok
11:01:28.0353 3276  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:01:28.0369 3276  Browser - ok
11:01:28.0400 3276  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:01:28.0416 3276  Brserid - ok
11:01:28.0431 3276  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:01:28.0447 3276  BrSerWdm - ok
11:01:28.0478 3276  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:01:28.0478 3276  BrUsbMdm - ok
11:01:28.0509 3276  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:01:28.0509 3276  BrUsbSer - ok
11:01:28.0541 3276  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:01:28.0541 3276  BTHMODEM - ok
11:01:28.0587 3276  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:01:28.0603 3276  bthserv - ok
11:01:28.0619 3276  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:01:28.0634 3276  cdfs - ok
11:01:28.0681 3276  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:01:28.0697 3276  cdrom - ok
11:01:28.0728 3276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:01:28.0743 3276  CertPropSvc - ok
11:01:28.0775 3276  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:01:28.0790 3276  circlass - ok
11:01:28.0853 3276  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:01:28.0853 3276  CLFS - ok
11:01:28.0931 3276  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:01:28.0962 3276  clr_optimization_v2.0.50727_32 - ok
11:01:29.0009 3276  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:01:29.0024 3276  clr_optimization_v2.0.50727_64 - ok
11:01:29.0133 3276  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:01:29.0149 3276  clr_optimization_v4.0.30319_32 - ok
11:01:29.0165 3276  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:01:29.0180 3276  clr_optimization_v4.0.30319_64 - ok
11:01:29.0227 3276  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:01:29.0227 3276  CmBatt - ok
11:01:29.0274 3276  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:01:29.0274 3276  cmdide - ok
11:01:29.0321 3276  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:01:29.0367 3276  CNG - ok
11:01:29.0414 3276  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:01:29.0430 3276  Compbatt - ok
11:01:29.0477 3276  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:01:29.0492 3276  CompositeBus - ok
11:01:29.0508 3276  COMSysApp - ok
11:01:29.0539 3276  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:01:29.0555 3276  crcdisk - ok
11:01:29.0617 3276  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:01:29.0633 3276  CryptSvc - ok
11:01:29.0742 3276  [ 61A86809B62769643892BC0812B204AA ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:01:29.0757 3276  cvhsvc - ok
11:01:29.0945 3276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:01:29.0960 3276  DcomLaunch - ok
11:01:29.0991 3276  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:01:30.0007 3276  defragsvc - ok
11:01:30.0069 3276  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:01:30.0085 3276  DfsC - ok
11:01:30.0116 3276  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:01:30.0147 3276  Dhcp - ok
11:01:30.0194 3276  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:01:30.0194 3276  discache - ok
11:01:30.0241 3276  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:01:30.0257 3276  Disk - ok
11:01:30.0288 3276  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:01:30.0303 3276  Dnscache - ok
11:01:30.0335 3276  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:01:30.0350 3276  dot3svc - ok
11:01:30.0366 3276  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:01:30.0366 3276  DPS - ok
11:01:30.0413 3276  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:01:30.0413 3276  drmkaud - ok
11:01:30.0491 3276  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:01:30.0522 3276  DXGKrnl - ok
11:01:30.0553 3276  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:01:30.0569 3276  EapHost - ok
11:01:30.0662 3276  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:01:30.0787 3276  ebdrv - ok
11:01:30.0834 3276  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:01:30.0849 3276  EFS - ok
11:01:30.0912 3276  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:01:30.0959 3276  ehRecvr - ok
11:01:31.0005 3276  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:01:31.0021 3276  ehSched - ok
11:01:31.0068 3276  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:01:31.0099 3276  elxstor - ok
11:01:31.0146 3276  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:01:31.0146 3276  ErrDev - ok
11:01:31.0208 3276  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:01:31.0208 3276  EventSystem - ok
11:01:31.0239 3276  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:01:31.0271 3276  exfat - ok
11:01:31.0286 3276  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:01:31.0302 3276  fastfat - ok
11:01:31.0349 3276  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:01:31.0364 3276  Fax - ok
11:01:31.0395 3276  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:01:31.0395 3276  fdc - ok
11:01:31.0458 3276  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:01:31.0473 3276  fdPHost - ok
11:01:31.0489 3276  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:01:31.0489 3276  FDResPub - ok
11:01:31.0520 3276  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:01:31.0536 3276  FileInfo - ok
11:01:31.0567 3276  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:01:31.0567 3276  Filetrace - ok
11:01:31.0598 3276  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:01:31.0614 3276  flpydisk - ok
11:01:31.0661 3276  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:01:31.0692 3276  FltMgr - ok
11:01:31.0770 3276  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:01:31.0801 3276  FontCache - ok
11:01:31.0863 3276  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:01:31.0879 3276  FontCache3.0.0.0 - ok
11:01:31.0957 3276  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:01:31.0973 3276  FsDepends - ok
11:01:32.0051 3276  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:01:32.0051 3276  Fs_Rec - ok
11:01:32.0097 3276  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:01:32.0097 3276  fvevol - ok
11:01:32.0129 3276  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:01:32.0129 3276  gagp30kx - ok
11:01:32.0207 3276  [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:01:32.0253 3276  GameConsoleService - ok
11:01:32.0300 3276  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:01:32.0316 3276  gpsvc - ok
11:01:32.0347 3276  [ 3CC07DAD48FA53193AE2F85DD8200B5E ] hcmon           C:\Windows\system32\drivers\hcmon.sys
11:01:32.0363 3276  hcmon - ok
11:01:32.0409 3276  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:01:32.0409 3276  hcw85cir - ok
11:01:32.0472 3276  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:01:32.0487 3276  HdAudAddService - ok
11:01:32.0519 3276  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:01:32.0519 3276  HDAudBus - ok
11:01:32.0550 3276  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:01:32.0565 3276  HidBatt - ok
11:01:32.0581 3276  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:01:32.0597 3276  HidBth - ok
11:01:32.0628 3276  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:01:32.0628 3276  HidIr - ok
11:01:32.0659 3276  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:01:32.0659 3276  hidserv - ok
11:01:32.0706 3276  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:01:32.0721 3276  HidUsb - ok
11:01:32.0753 3276  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:01:32.0753 3276  hkmsvc - ok
11:01:32.0799 3276  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:01:32.0862 3276  HomeGroupListener - ok
11:01:32.0909 3276  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:01:32.0940 3276  HomeGroupProvider - ok
11:01:32.0987 3276  HP Health Check Service - ok
11:01:33.0065 3276  [ 3A09322A8AA8B0C79036686A0EBE7B4C ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
11:01:33.0080 3276  HP Wireless Assistant Service - ok
11:01:33.0143 3276  [ 881F74074963CDAD8C475D09DC3A0BB6 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:01:33.0158 3276  HPDrvMntSvc.exe - ok
11:01:33.0221 3276  [ FE51B163A618B1CBF015485D21C1BC68 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:01:33.0221 3276  hpqwmiex - ok
11:01:33.0267 3276  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:01:33.0283 3276  HpSAMD - ok
11:01:33.0345 3276  [ 5AA89E152634954E15E9DB265C6A8557 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:01:33.0345 3276  HPWMISVC - ok
11:01:33.0392 3276  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:01:33.0423 3276  HTTP - ok
11:01:33.0470 3276  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:01:33.0470 3276  hwpolicy - ok
11:01:33.0517 3276  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:01:33.0533 3276  i8042prt - ok
11:01:33.0611 3276  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:01:33.0704 3276  iaStorV - ok
11:01:33.0798 3276  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:01:33.0876 3276  idsvc - ok
11:01:34.0063 3276  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:01:34.0266 3276  igfx - ok
11:01:34.0313 3276  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:01:34.0328 3276  iirsp - ok
11:01:34.0375 3276  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:01:34.0422 3276  IKEEXT - ok
11:01:34.0500 3276  [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:01:34.0578 3276  IntcAzAudAddService - ok
11:01:34.0609 3276  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:01:34.0625 3276  intelide - ok
11:01:34.0671 3276  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:01:34.0671 3276  intelppm - ok
11:01:34.0703 3276  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:01:34.0718 3276  IPBusEnum - ok
11:01:34.0749 3276  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:01:34.0765 3276  IpFilterDriver - ok
11:01:34.0796 3276  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:01:34.0812 3276  iphlpsvc - ok
11:01:34.0874 3276  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:01:34.0905 3276  IPMIDRV - ok
11:01:34.0952 3276  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:01:34.0983 3276  IPNAT - ok
11:01:35.0046 3276  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:01:35.0061 3276  IRENUM - ok
11:01:35.0186 3276  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:01:35.0233 3276  isapnp - ok
11:01:35.0264 3276  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:01:35.0295 3276  iScsiPrt - ok
11:01:35.0327 3276  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:01:35.0342 3276  kbdclass - ok
11:01:35.0373 3276  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:01:35.0373 3276  kbdhid - ok
11:01:35.0405 3276  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:01:35.0405 3276  KeyIso - ok
11:01:35.0451 3276  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:01:35.0451 3276  KSecDD - ok
11:01:35.0467 3276  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:01:35.0483 3276  KSecPkg - ok
11:01:35.0514 3276  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:01:35.0529 3276  ksthunk - ok
11:01:35.0561 3276  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:01:35.0576 3276  KtmRm - ok
11:01:35.0623 3276  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:01:35.0639 3276  LanmanServer - ok
11:01:35.0670 3276  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:01:35.0685 3276  LanmanWorkstation - ok
11:01:35.0795 3276  [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:01:35.0810 3276  LightScribeService - ok
11:01:35.0857 3276  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:01:35.0857 3276  lltdio - ok
11:01:35.0888 3276  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:01:35.0904 3276  lltdsvc - ok
11:01:35.0951 3276  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:01:35.0951 3276  lmhosts - ok
11:01:35.0982 3276  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:01:35.0997 3276  LSI_FC - ok
11:01:36.0013 3276  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:01:36.0013 3276  LSI_SAS - ok
11:01:36.0044 3276  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:01:36.0060 3276  LSI_SAS2 - ok
11:01:36.0075 3276  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:01:36.0091 3276  LSI_SCSI - ok
11:01:36.0107 3276  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:01:36.0122 3276  luafv - ok
11:01:36.0153 3276  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:01:36.0153 3276  Mcx2Svc - ok
11:01:36.0185 3276  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:01:36.0200 3276  megasas - ok
11:01:36.0231 3276  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:01:36.0247 3276  MegaSR - ok
11:01:36.0294 3276  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:01:36.0294 3276  MMCSS - ok
11:01:36.0341 3276  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:01:36.0341 3276  Modem - ok
11:01:36.0372 3276  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:01:36.0372 3276  monitor - ok
11:01:36.0403 3276  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:01:36.0419 3276  mouclass - ok
11:01:36.0450 3276  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:01:36.0450 3276  mouhid - ok
11:01:36.0481 3276  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:01:36.0481 3276  mountmgr - ok
11:01:36.0512 3276  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:01:36.0528 3276  mpio - ok
11:01:36.0543 3276  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:01:36.0559 3276  mpsdrv - ok
11:01:36.0590 3276  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:01:36.0621 3276  MpsSvc - ok
11:01:36.0653 3276  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:01:36.0668 3276  MRxDAV - ok
11:01:36.0715 3276  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:01:36.0731 3276  mrxsmb - ok
11:01:36.0777 3276  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:01:36.0777 3276  mrxsmb10 - ok
11:01:36.0809 3276  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:01:36.0809 3276  mrxsmb20 - ok
11:01:36.0824 3276  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:01:36.0840 3276  msahci - ok
11:01:36.0871 3276  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:01:36.0887 3276  msdsm - ok
11:01:36.0902 3276  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:01:36.0933 3276  MSDTC - ok
11:01:36.0980 3276  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:01:36.0996 3276  Msfs - ok
11:01:37.0011 3276  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:01:37.0027 3276  mshidkmdf - ok
11:01:37.0043 3276  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:01:37.0043 3276  msisadrv - ok
11:01:37.0074 3276  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:01:37.0089 3276  MSiSCSI - ok
11:01:37.0089 3276  msiserver - ok
11:01:37.0136 3276  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:01:37.0136 3276  MSKSSRV - ok
11:01:37.0152 3276  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:01:37.0152 3276  MSPCLOCK - ok
11:01:37.0167 3276  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:01:37.0167 3276  MSPQM - ok
11:01:37.0214 3276  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:01:37.0245 3276  MsRPC - ok
11:01:37.0277 3276  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:01:37.0277 3276  mssmbios - ok
11:01:37.0308 3276  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:01:37.0308 3276  MSTEE - ok
11:01:37.0323 3276  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:01:37.0323 3276  MTConfig - ok
11:01:37.0355 3276  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:01:37.0370 3276  Mup - ok
11:01:37.0401 3276  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:01:37.0417 3276  napagent - ok
11:01:37.0464 3276  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:01:37.0479 3276  NativeWifiP - ok
11:01:37.0526 3276  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:01:37.0542 3276  NDIS - ok
11:01:37.0573 3276  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:01:37.0573 3276  NdisCap - ok
11:01:37.0604 3276  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:01:37.0604 3276  NdisTapi - ok
11:01:37.0651 3276  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:01:37.0667 3276  Ndisuio - ok
11:01:37.0698 3276  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:37.0713 3276  NdisWan - ok
11:01:37.0745 3276  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:01:37.0760 3276  NDProxy - ok
11:01:37.0807 3276  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:01:37.0807 3276  NetBIOS - ok
11:01:37.0885 3276  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:01:37.0901 3276  NetBT - ok
11:01:37.0916 3276  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:01:37.0916 3276  Netlogon - ok
11:01:37.0979 3276  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:01:37.0994 3276  Netman - ok
11:01:38.0010 3276  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:01:38.0010 3276  netprofm - ok
11:01:38.0025 3276  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:01:38.0041 3276  NetTcpPortSharing - ok
11:01:38.0181 3276  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
11:01:38.0353 3276  netw5v64 - ok
11:01:38.0400 3276  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:01:38.0415 3276  nfrd960 - ok
11:01:38.0462 3276  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:01:38.0478 3276  NlaSvc - ok
11:01:38.0493 3276  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:01:38.0509 3276  Npfs - ok
11:01:38.0540 3276  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:01:38.0540 3276  nsi - ok
11:01:38.0556 3276  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:01:38.0571 3276  nsiproxy - ok
11:01:38.0618 3276  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:01:38.0712 3276  Ntfs - ok
11:01:38.0759 3276  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:01:38.0759 3276  Null - ok
11:01:38.0774 3276  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:01:38.0790 3276  nvraid - ok
11:01:38.0837 3276  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:01:38.0852 3276  nvstor - ok
11:01:38.0883 3276  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:01:38.0899 3276  nv_agp - ok
11:01:38.0930 3276  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:01:38.0946 3276  ohci1394 - ok
11:01:38.0961 3276  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:01:38.0977 3276  ose - ok
11:01:39.0164 3276  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:01:39.0351 3276  osppsvc - ok
11:01:39.0383 3276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:01:39.0398 3276  p2pimsvc - ok
11:01:39.0445 3276  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:01:39.0445 3276  p2psvc - ok
11:01:39.0492 3276  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:01:39.0492 3276  Parport - ok
11:01:39.0539 3276  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:01:39.0539 3276  partmgr - ok
11:01:39.0570 3276  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:01:39.0585 3276  PcaSvc - ok
11:01:39.0617 3276  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:01:39.0617 3276  pci - ok
11:01:39.0648 3276  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:01:39.0648 3276  pciide - ok
11:01:39.0695 3276  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:01:39.0710 3276  pcmcia - ok
11:01:39.0741 3276  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:01:39.0757 3276  pcw - ok
11:01:39.0788 3276  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:01:39.0851 3276  PEAUTH - ok
11:01:39.0991 3276  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:01:39.0991 3276  PerfHost - ok
11:01:40.0069 3276  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:01:40.0147 3276  pla - ok
11:01:40.0178 3276  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:01:40.0194 3276  PlugPlay - ok
11:01:40.0209 3276  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:01:40.0225 3276  PNRPAutoReg - ok
11:01:40.0256 3276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:01:40.0256 3276  PNRPsvc - ok
11:01:40.0303 3276  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:01:40.0334 3276  PolicyAgent - ok
11:01:40.0381 3276  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:01:40.0397 3276  Power - ok
11:01:40.0428 3276  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:01:40.0443 3276  PptpMiniport - ok
11:01:40.0475 3276  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:01:40.0490 3276  Processor - ok
11:01:40.0521 3276  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:01:40.0537 3276  ProfSvc - ok
11:01:40.0553 3276  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:01:40.0553 3276  ProtectedStorage - ok
11:01:40.0584 3276  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:01:40.0599 3276  Psched - ok
11:01:40.0693 3276  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:01:40.0787 3276  ql2300 - ok
11:01:40.0802 3276  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:01:40.0818 3276  ql40xx - ok
11:01:40.0849 3276  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:01:40.0865 3276  QWAVE - ok
11:01:40.0896 3276  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:01:40.0896 3276  QWAVEdrv - ok
11:01:40.0911 3276  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:01:40.0927 3276  RasAcd - ok
11:01:40.0943 3276  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:01:40.0943 3276  RasAgileVpn - ok
11:01:40.0958 3276  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:01:40.0974 3276  RasAuto - ok
11:01:41.0005 3276  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:01:41.0005 3276  Rasl2tp - ok
11:01:41.0052 3276  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:01:41.0067 3276  RasMan - ok
11:01:41.0099 3276  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:01:41.0114 3276  RasPppoe - ok
11:01:41.0130 3276  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:01:41.0130 3276  RasSstp - ok
11:01:41.0161 3276  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:01:41.0177 3276  rdbss - ok
11:01:41.0208 3276  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:01:41.0208 3276  rdpbus - ok
11:01:41.0239 3276  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:01:41.0239 3276  RDPCDD - ok
11:01:41.0239 3276  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:01:41.0255 3276  RDPENCDD - ok
11:01:41.0286 3276  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:01:41.0286 3276  RDPREFMP - ok
11:01:41.0317 3276  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:01:41.0333 3276  RDPWD - ok
11:01:41.0379 3276  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:01:41.0395 3276  rdyboost - ok
11:01:41.0426 3276  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:01:41.0457 3276  RemoteAccess - ok
11:01:41.0504 3276  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:01:41.0551 3276  RemoteRegistry - ok
11:01:41.0598 3276  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:01:41.0598 3276  RpcEptMapper - ok
11:01:41.0691 3276  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:01:41.0691 3276  RpcLocator - ok
11:01:41.0754 3276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:01:41.0769 3276  RpcSs - ok
11:01:41.0832 3276  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:01:41.0832 3276  rspndr - ok
11:01:41.0894 3276  [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
11:01:41.0941 3276  RSUSBSTOR - ok
11:01:42.0035 3276  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:01:42.0081 3276  RTL8167 - ok
11:01:42.0128 3276  [ 5FFF3E71B4724BB10918FD6DD7413D99 ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
11:01:42.0128 3276  RtVOsdService - ok
11:01:42.0144 3276  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:01:42.0144 3276  SamSs - ok
11:01:42.0159 3276  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:01:42.0175 3276  sbp2port - ok
11:01:42.0206 3276  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:01:42.0222 3276  SCardSvr - ok
11:01:42.0253 3276  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:01:42.0253 3276  scfilter - ok
11:01:42.0300 3276  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:01:42.0331 3276  Schedule - ok
11:01:42.0378 3276  SCManager - ok
11:01:42.0409 3276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:01:42.0409 3276  SCPolicySvc - ok
11:01:42.0456 3276  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
11:01:42.0471 3276  sdbus - ok
11:01:42.0487 3276  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:01:42.0503 3276  SDRSVC - ok
11:01:42.0549 3276  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:01:42.0549 3276  secdrv - ok
11:01:42.0581 3276  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:01:42.0581 3276  seclogon - ok
11:01:42.0612 3276  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:01:42.0612 3276  SENS - ok
11:01:42.0659 3276  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:01:42.0674 3276  SensrSvc - ok
11:01:42.0721 3276  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:01:42.0737 3276  Serenum - ok
11:01:42.0768 3276  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:01:42.0768 3276  Serial - ok
11:01:42.0830 3276  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:01:42.0830 3276  sermouse - ok
11:01:42.0877 3276  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:01:42.0893 3276  SessionEnv - ok
11:01:42.0924 3276  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:01:42.0924 3276  sffdisk - ok
11:01:42.0924 3276  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:01:42.0939 3276  sffp_mmc - ok
11:01:42.0939 3276  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:01:42.0955 3276  sffp_sd - ok
11:01:42.0986 3276  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:01:42.0986 3276  sfloppy - ok
11:01:43.0049 3276  [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
11:01:43.0080 3276  Sftfs - ok
11:01:43.0142 3276  [ BFDB58616FF5EA540A5F58301D50641E ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:01:43.0142 3276  sftlist - ok
11:01:43.0173 3276  [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:01:43.0173 3276  Sftplay - ok
11:01:43.0205 3276  [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:01:43.0220 3276  Sftredir - ok
11:01:43.0220 3276  [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
11:01:43.0220 3276  Sftvol - ok
11:01:43.0251 3276  [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:01:43.0251 3276  sftvsa - ok
11:01:43.0283 3276  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:01:43.0298 3276  SharedAccess - ok
11:01:43.0345 3276  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:01:43.0361 3276  ShellHWDetection - ok
11:01:43.0392 3276  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:01:43.0407 3276  SiSRaid2 - ok
11:01:43.0439 3276  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:01:43.0439 3276  SiSRaid4 - ok
11:01:43.0485 3276  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:01:43.0485 3276  Smb - ok
11:01:43.0548 3276  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:01:43.0548 3276  SNMPTRAP - ok
11:01:43.0579 3276  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:01:43.0579 3276  spldr - ok
11:01:43.0641 3276  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:01:43.0673 3276  Spooler - ok
11:01:43.0766 3276  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:01:43.0844 3276  sppsvc - ok
11:01:43.0875 3276  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:01:43.0875 3276  sppuinotify - ok
11:01:43.0922 3276  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:01:43.0938 3276  srv - ok
11:01:43.0953 3276  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:01:43.0985 3276  srv2 - ok
11:01:44.0016 3276  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:01:44.0031 3276  SrvHsfHDA - ok
11:01:44.0063 3276  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:01:44.0125 3276  SrvHsfV92 - ok
11:01:44.0141 3276  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:01:44.0156 3276  SrvHsfWinac - ok
11:01:44.0187 3276  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:01:44.0203 3276  srvnet - ok
11:01:44.0234 3276  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:01:44.0250 3276  SSDPSRV - ok
11:01:44.0265 3276  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:01:44.0281 3276  SstpSvc - ok
11:01:44.0281 3276  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:01:44.0297 3276  stexstor - ok
11:01:44.0343 3276  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:01:44.0359 3276  stisvc - ok
11:01:44.0375 3276  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:01:44.0390 3276  swenum - ok
11:01:44.0421 3276  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:01:44.0437 3276  swprv - ok
11:01:44.0499 3276  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:01:44.0515 3276  SynTP - ok
11:01:44.0577 3276  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:01:44.0609 3276  SysMain - ok
11:01:44.0655 3276  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:01:44.0655 3276  TabletInputService - ok
11:01:44.0687 3276  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:01:44.0702 3276  TapiSrv - ok
11:01:44.0765 3276  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:01:44.0765 3276  TBS - ok
11:01:44.0858 3276  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:01:44.0952 3276  Tcpip - ok
11:01:44.0983 3276  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:01:44.0999 3276  TCPIP6 - ok
11:01:45.0030 3276  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:01:45.0030 3276  tcpipreg - ok
11:01:45.0077 3276  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:01:45.0092 3276  TDPIPE - ok
11:01:45.0108 3276  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:01:45.0108 3276  TDTCP - ok
11:01:45.0139 3276  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:01:45.0155 3276  tdx - ok
11:01:45.0186 3276  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:01:45.0201 3276  TermDD - ok
11:01:45.0217 3276  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:01:45.0233 3276  TermService - ok
11:01:45.0264 3276  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:01:45.0279 3276  Themes - ok
11:01:45.0295 3276  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:01:45.0295 3276  THREADORDER - ok
11:01:45.0311 3276  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:01:45.0326 3276  TrkWks - ok
11:01:45.0373 3276  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:01:45.0373 3276  TrustedInstaller - ok
11:01:45.0404 3276  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:01:45.0420 3276  tssecsrv - ok
11:01:45.0498 3276  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:01:45.0513 3276  TsUsbFlt - ok
11:01:45.0560 3276  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:01:45.0576 3276  tunnel - ok
11:01:45.0638 3276  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:01:45.0654 3276  uagp35 - ok
11:01:45.0747 3276  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:01:45.0779 3276  udfs - ok
11:01:45.0825 3276  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:01:45.0841 3276  UI0Detect - ok
11:01:45.0857 3276  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:01:45.0857 3276  uliagpkx - ok
11:01:45.0903 3276  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:01:45.0903 3276  umbus - ok
11:01:45.0950 3276  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:01:45.0950 3276  UmPass - ok
11:01:45.0997 3276  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:01:46.0013 3276  upnphost - ok
11:01:46.0044 3276  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:01:46.0044 3276  usbccgp - ok
11:01:46.0091 3276  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:01:46.0106 3276  usbcir - ok
11:01:46.0137 3276  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:01:46.0153 3276  usbehci - ok
11:01:46.0200 3276  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
11:01:46.0200 3276  usbfilter - ok
11:01:46.0231 3276  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:01:46.0262 3276  usbhub - ok
11:01:46.0293 3276  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:01:46.0293 3276  usbohci - ok
11:01:46.0340 3276  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:01:46.0340 3276  usbprint - ok
11:01:46.0356 3276  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:01:46.0371 3276  USBSTOR - ok
11:01:46.0403 3276  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:01:46.0403 3276  usbuhci - ok
11:01:46.0449 3276  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:01:46.0465 3276  usbvideo - ok
11:01:46.0496 3276  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:01:46.0512 3276  UxSms - ok
11:01:46.0527 3276  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:01:46.0527 3276  VaultSvc - ok
11:01:46.0574 3276  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:01:46.0574 3276  vdrvroot - ok
11:01:46.0605 3276  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:01:46.0637 3276  vds - ok
11:01:46.0683 3276  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:01:46.0699 3276  vga - ok
11:01:46.0715 3276  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:01:46.0715 3276  VgaSave - ok
11:01:46.0746 3276  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:01:46.0761 3276  vhdmp - ok
11:01:46.0793 3276  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:01:46.0793 3276  viaide - ok
11:01:46.0980 3276  [ C740CC9D52EB278A86F42075DA96CB19 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
11:01:46.0980 3276  VMAuthdService - ok
11:01:47.0027 3276  [ 6203C901DEFF10631AAD919B3BD1489B ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
11:01:47.0042 3276  vmci - ok
11:01:47.0105 3276  [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:01:47.0120 3276  VMnetAdapter - ok
11:01:47.0167 3276  [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:01:47.0183 3276  VMnetBridge - ok
11:01:47.0183 3276  VMnetDHCP - ok
11:01:47.0198 3276  [ 25FBBC8C168AEE1753C330352EA6D009 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
11:01:47.0214 3276  VMnetuserif - ok
11:01:47.0261 3276  [ 415B167695C4B5960A13098622EF3D80 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys
11:01:47.0276 3276  vmusb - ok
11:01:47.0370 3276  [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:01:47.0401 3276  VMUSBArbService - ok
11:01:47.0417 3276  VMware NAT Service - ok
11:01:47.0760 3276  [ 4B3FB4EDCD0DC0629871D7EB496252E3 ] VMwareHostd     C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
11:01:48.0072 3276  VMwareHostd - ok
11:01:48.0119 3276  [ D37CB37BF3FB6612BCA19D81EFA16122 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
11:01:48.0134 3276  vmx86 - ok
11:01:48.0165 3276  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:01:48.0165 3276  volmgr - ok
11:01:48.0197 3276  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:01:48.0197 3276  volmgrx - ok
11:01:48.0228 3276  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:01:48.0243 3276  volsnap - ok
11:01:48.0306 3276  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:01:48.0321 3276  vsmraid - ok
11:01:48.0368 3276  [ EF1E48D431223F670CFFD6169B1A136F ] vsock           C:\Windows\system32\drivers\vsock.sys
11:01:48.0368 3276  vsock - ok
11:01:48.0431 3276  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:01:48.0477 3276  VSS - ok
11:01:48.0524 3276  [ 65EFAEC68FA234F36880533A79D7B1C1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
11:01:48.0524 3276  vstor2-mntapi10-shared - ok
11:01:48.0555 3276  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:01:48.0555 3276  vwifibus - ok
11:01:48.0587 3276  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:01:48.0587 3276  vwififlt - ok
11:01:48.0618 3276  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:01:48.0649 3276  W32Time - ok
11:01:48.0696 3276  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:01:48.0696 3276  WacomPen - ok
11:01:48.0758 3276  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:01:48.0774 3276  WANARP - ok
11:01:48.0789 3276  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:01:48.0789 3276  Wanarpv6 - ok
11:01:48.0852 3276  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:01:48.0945 3276  wbengine - ok
11:01:48.0977 3276  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:01:48.0992 3276  WbioSrvc - ok
11:01:49.0023 3276  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:01:49.0039 3276  wcncsvc - ok
11:01:49.0055 3276  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:01:49.0070 3276  WcsPlugInService - ok
11:01:49.0101 3276  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:01:49.0101 3276  Wd - ok
11:01:49.0148 3276  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:01:49.0179 3276  Wdf01000 - ok
11:01:49.0226 3276  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:01:49.0242 3276  WdiServiceHost - ok
11:01:49.0242 3276  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:01:49.0242 3276  WdiSystemHost - ok
11:01:49.0289 3276  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:01:49.0304 3276  WebClient - ok
11:01:49.0335 3276  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:01:49.0351 3276  Wecsvc - ok
11:01:49.0367 3276  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:01:49.0382 3276  wercplsupport - ok
11:01:49.0413 3276  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:01:49.0429 3276  WerSvc - ok
11:01:49.0460 3276  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:01:49.0476 3276  WfpLwf - ok
11:01:49.0507 3276  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:01:49.0507 3276  WIMMount - ok
11:01:49.0523 3276  WinDefend - ok
11:01:49.0538 3276  WinHttpAutoProxySvc - ok
11:01:49.0585 3276  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:01:49.0585 3276  Winmgmt - ok
11:01:49.0663 3276  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:01:49.0788 3276  WinRM - ok
11:01:49.0850 3276  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:01:49.0866 3276  Wlansvc - ok
11:01:49.0991 3276  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:01:50.0084 3276  wlidsvc - ok
11:01:50.0115 3276  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:01:50.0115 3276  WmiAcpi - ok
11:01:50.0147 3276  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:01:50.0147 3276  wmiApSrv - ok
11:01:50.0178 3276  WMPNetworkSvc - ok
11:01:50.0209 3276  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:01:50.0225 3276  WPCSvc - ok
11:01:50.0256 3276  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:01:50.0287 3276  WPDBusEnum - ok
11:01:50.0318 3276  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:01:50.0318 3276  ws2ifsl - ok
11:01:50.0349 3276  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:01:50.0365 3276  wscsvc - ok
11:01:50.0365 3276  WSearch - ok
11:01:50.0443 3276  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:01:50.0521 3276  wuauserv - ok
11:01:50.0568 3276  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:01:50.0568 3276  WudfPf - ok
11:01:50.0599 3276  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:01:50.0599 3276  WUDFRd - ok
11:01:50.0646 3276  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:01:50.0646 3276  wudfsvc - ok
11:01:50.0693 3276  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:01:50.0708 3276  WwanSvc - ok
11:01:50.0755 3276  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
11:01:50.0771 3276  yukonw7 - ok
11:01:50.0833 3276  ================ Scan global ===============================
11:01:50.0880 3276  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:01:50.0895 3276  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:01:50.0942 3276  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:01:50.0973 3276  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:01:51.0005 3276  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:01:51.0036 3276  [Global] - ok
11:01:51.0036 3276  ================ Scan MBR ==================================
11:01:51.0036 3276  [ 5B0FE4F8B89E44902B10336475518E06 ] \Device\Harddisk0\DR0
11:01:51.0348 3276  \Device\Harddisk0\DR0 - ok
11:01:51.0348 3276  ================ Scan VBR ==================================
11:01:51.0348 3276  [ FE8A8F027CA756BB9C329081EC9926A6 ] \Device\Harddisk0\DR0\Partition1
11:01:51.0348 3276  \Device\Harddisk0\DR0\Partition1 - ok
11:01:51.0363 3276  [ CAF481E5CAB69E0C1206485F1023E10C ] \Device\Harddisk0\DR0\Partition2
11:01:51.0363 3276  \Device\Harddisk0\DR0\Partition2 - ok
11:01:51.0395 3276  [ 0476DB08E46E982992D999BE5F63538A ] \Device\Harddisk0\DR0\Partition3
11:01:51.0410 3276  \Device\Harddisk0\DR0\Partition3 - ok
11:01:51.0426 3276  [ 9B7EEB64F853BD9BAE4C056FFF5F0E0A ] \Device\Harddisk0\DR0\Partition4
11:01:51.0426 3276  \Device\Harddisk0\DR0\Partition4 - ok
11:01:51.0426 3276  ============================================================
11:01:51.0426 3276  Scan finished
11:01:51.0426 3276  ============================================================
11:01:51.0441 1468  Detected object count: 0
11:01:51.0441 1468  Actual detected object count: 0
11:03:40.0129 2272  Deinitialize success
 



#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:50 PM

Posted 08 June 2013 - 05:13 PM

That looks good.

  1. Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    You may download both x32 and x64 versions of Java from http://www.java.com/en/download/manual.jsp

    Uninstall the following older Java:

    Java™ 6 Update 20 (64-bit)
    Java™ 6 Update 23(Version: 6.0.290)


    Then install the downloaded Java versions.
     
  2. This small application you may want to keep and use to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar or any other program uncheck the box next to it.
    • Run CCleaner. Under Application tab all the boxes should be checked except any option to remove saved passwords.
    • Click Run Cleaner.
    • Close CCleaner.
  3. Please tell me how is the system running.


#7 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:50 AM

Posted 08 June 2013 - 06:21 PM

The computer seems to be running normally now. But I've noticed a few times where it looked like windows was installing something but it happened so quickly. It didn't ask for admin permission either.


Edited by daazndrgon, 08 June 2013 - 06:22 PM.


#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:50 PM

Posted 09 June 2013 - 04:58 AM

Hence all the logs show the system seems clean. What do you notice that looks like Windows is installing something. If Windows installs something we should see it on the logs unless it is installed and then uninstalled.

  1. Please download AdwCleaner and save it to your desktop.
    • Close all open programs.

    • Double click on AdwCleaner.exe to run it.

    • Click on Delete and confirm the prompt.

    • After it is finished the computer will be restarted. A text file will open after the restart.

    • Please post the content of that log to your reply.

    • A copy of the log will be saved at C:\AdwCleaner[S1].txt.


  2. Please run FRST, click Scan and post the log (FRST.txt) it makes. It only makes one log this time and we don't need the other one.



#9 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:50 AM

Posted 09 June 2013 - 01:26 PM

It was just a quick flash of the installation percentage bar but I'm not sure for what. I've just noticed it a few times and it is no longer doing though.

 

# AdwCleaner v2.303 - Logfile created 06/09/2013 at 11:10:13
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Hp - HP-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Hp\Desktop\Recovery Tools\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Users\Hp\AppData\Roaming\search protection

***** [Registry] *****

Key Deleted : HKCU\Software\YahooPartnerToolbar

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [688 octets] - [09/06/2013 11:10:13]

########## EOF - C:\AdwCleaner[S1].txt - [747 octets] ##########

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2013
Ran by Hp (administrator) on 09-06-2013 11:15:40
Running from C:\Users\Hp\Desktop\Recovery Tools
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scClient.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\Uninstall.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6245408 2010-05-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-06-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [104528 2013-02-26] (VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\SafeConnect.lnk
ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {178A1C89-4460-4DE9-8823-3D509AD4F3A3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM - {478A3537-9F60-4773-8DB8-D1F28C16D04E} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {A7757897-D8AC-4E2A-A0BA-DD6798AF571A} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {178A1C89-4460-4DE9-8823-3D509AD4F3A3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {478A3537-9F60-4773-8DB8-D1F28C16D04E} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {A7757897-D8AC-4E2A-A0BA-DD6798AF571A} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {178A1C89-4460-4DE9-8823-3D509AD4F3A3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {478A3537-9F60-4773-8DB8-D1F28C16D04E} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {A7757897-D8AC-4E2A-A0BA-DD6798AF571A} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-27] (Avira Operations GmbH & Co. KG)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [175968 2012-11-13] (Impulse Point, LLC)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13242960 2013-02-26] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-09 11:10 - 2013-06-09 11:10 - 00000815 ____A C:\AdwCleaner[S1].txt
2013-06-08 16:24 - 2013-06-09 11:11 - 00000168 ____A C:\Windows\setupact.log
2013-06-08 16:24 - 2013-06-08 16:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-08 16:05 - 2013-06-08 16:05 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-08 16:05 - 2013-06-08 16:05 - 00000000 ____D C:\Program Files\CCleaner
2013-06-08 16:03 - 2013-06-08 16:02 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-08 16:03 - 2013-06-08 16:02 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-08 16:03 - 2013-06-08 16:02 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-08 16:03 - 2013-06-08 16:02 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-08 16:03 - 2013-06-08 16:02 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-08 16:02 - 2013-06-08 16:02 - 00000000 ____D C:\ProgramData\McAfee
2013-06-08 16:02 - 2013-06-08 16:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-07 09:23 - 2013-06-07 09:23 - 00000000 ____D C:\FRST
2013-06-07 09:22 - 2013-06-09 11:15 - 00000000 ____D C:\Users\Hp\Desktop\Recovery Tools
2013-06-06 12:23 - 2013-02-26 02:29 - 00933968 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll
2013-06-06 12:23 - 2013-02-26 02:28 - 00436304 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-06-06 12:23 - 2013-02-26 02:28 - 00357456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-06-06 12:23 - 2013-02-26 02:28 - 00067664 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys
2013-06-06 12:23 - 2013-02-26 02:28 - 00030800 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys
2013-06-06 12:23 - 2012-10-24 14:17 - 00070296 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vsock.sys
2013-06-06 12:23 - 2012-10-24 14:17 - 00067224 ____A (VMware, Inc.) C:\Windows\System32\vsocklib.dll
2013-06-06 12:23 - 2012-10-24 14:17 - 00063128 ____A (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-06-06 12:22 - 2013-06-06 12:22 - 00002127 ____A C:\Users\Public\Desktop\VMware Workstation.lnk
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files (x86)\VMware
2013-06-06 12:22 - 2012-10-11 16:15 - 00052376 ____A (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys
2013-06-06 11:21 - 2013-06-06 12:02 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-06-06 09:30 - 2013-06-06 12:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-05 20:11 - 2013-06-05 20:13 - 00000000 ____D C:\Users\Hp\Desktop\Mac
2013-06-05 12:05 - 2013-06-08 11:07 - 00000058 ____A C:\Users\Hp\Desktop\DISABLE SVM.txt
2013-06-05 11:56 - 2013-06-08 13:48 - 00000000 ____D C:\Users\Hp\AppData\Roaming\VMware
2013-06-05 11:56 - 2013-06-08 13:48 - 00000000 ____D C:\Users\Hp\AppData\Local\VMware
2013-06-05 11:12 - 2013-06-09 11:12 - 00000000 ____D C:\ProgramData\VMware
2013-05-23 19:04 - 2013-05-23 19:04 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-23 19:02 - 2013-05-23 19:02 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 18:45 - 2013-04-12 07:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-23 18:45 - 2013-03-18 22:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-23 18:45 - 2013-03-18 22:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-23 18:45 - 2013-02-26 23:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-23 18:45 - 2013-02-26 22:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-23 18:45 - 2013-02-26 22:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-23 18:45 - 2013-02-26 22:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-23 18:45 - 2013-02-26 22:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-23 18:45 - 2013-02-26 21:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-23 18:45 - 2013-02-26 21:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-23 18:45 - 2013-02-26 21:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-23 18:45 - 2013-02-14 23:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-05-23 18:45 - 2013-02-14 23:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-23 18:45 - 2013-02-14 23:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-05-23 18:45 - 2013-02-14 21:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-23 18:45 - 2013-02-14 21:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-05-23 18:45 - 2013-02-14 20:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-05-23 18:45 - 2013-02-11 21:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-23 18:44 - 2013-04-09 23:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-23 18:44 - 2013-04-09 23:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-23 18:44 - 2013-04-09 20:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-23 18:44 - 2011-02-03 04:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-23 18:42 - 2013-03-18 23:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-23 18:42 - 2013-03-18 22:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-05-23 18:42 - 2013-03-18 22:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-05-23 18:42 - 2013-03-18 22:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-05-23 18:42 - 2013-03-18 21:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-05-23 18:42 - 2013-03-18 20:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-05-23 18:42 - 2013-01-23 23:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-05-11 10:51 - 2013-05-11 10:51 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys

==================== One Month Modified Files and Folders =======

2013-06-09 11:15 - 2013-06-07 09:22 - 00000000 ____D C:\Users\Hp\Desktop\Recovery Tools
2013-06-09 11:12 - 2013-06-05 11:12 - 00000000 ____D C:\ProgramData\VMware
2013-06-09 11:11 - 2013-06-08 16:24 - 00000168 ____A C:\Windows\setupact.log
2013-06-09 11:11 - 2010-11-20 01:46 - 01140335 ____A C:\Windows\WindowsUpdate.log
2013-06-09 11:11 - 2009-07-13 22:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-09 11:10 - 2013-06-09 11:10 - 00000815 ____A C:\AdwCleaner[S1].txt
2013-06-09 11:05 - 2009-07-13 21:45 - 00023024 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-09 11:05 - 2009-07-13 21:45 - 00023024 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-08 16:24 - 2013-06-08 16:24 - 00000000 ____A C:\Windows\setuperr.log
2013-06-08 16:05 - 2013-06-08 16:05 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-08 16:05 - 2013-06-08 16:05 - 00000000 ____D C:\Program Files\CCleaner
2013-06-08 16:02 - 2013-06-08 16:03 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-08 16:02 - 2013-06-08 16:03 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-08 16:02 - 2013-06-08 16:03 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-08 16:02 - 2013-06-08 16:03 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-08 16:02 - 2013-06-08 16:03 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-08 16:02 - 2013-06-08 16:02 - 00000000 ____D C:\ProgramData\McAfee
2013-06-08 16:02 - 2013-06-08 16:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-08 16:02 - 2010-07-10 22:29 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-08 13:48 - 2013-06-05 11:56 - 00000000 ____D C:\Users\Hp\AppData\Roaming\VMware
2013-06-08 13:48 - 2013-06-05 11:56 - 00000000 ____D C:\Users\Hp\AppData\Local\VMware
2013-06-08 11:07 - 2013-06-05 12:05 - 00000058 ____A C:\Users\Hp\Desktop\DISABLE SVM.txt
2013-06-07 09:23 - 2013-06-07 09:23 - 00000000 ____D C:\FRST
2013-06-06 20:40 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-06 18:32 - 2009-07-13 22:13 - 00731394 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-06 12:22 - 2013-06-06 12:22 - 00002127 ____A C:\Users\Public\Desktop\VMware Workstation.lnk
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-06-06 12:22 - 2013-06-06 12:22 - 00000000 ____D C:\Program Files (x86)\VMware
2013-06-06 12:22 - 2011-02-13 12:28 - 00744400 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-06 12:04 - 2011-02-06 13:13 - 00000000 ____D C:\users\Hp
2013-06-06 12:03 - 2011-02-06 13:26 - 00000000 ____D C:\Users\Public\CyberLink
2013-06-06 12:03 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-06-06 12:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-06 12:02 - 2013-06-06 11:21 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-06-06 12:02 - 2013-06-06 09:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-06 12:02 - 2011-02-13 12:29 - 00000000 ____D C:\Users\Hp\AppData\Roaming\SoftGrid Client
2013-06-06 12:02 - 2010-11-20 02:27 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-06 12:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-06-06 11:29 - 2011-02-07 17:17 - 00000000 ____D C:\Users\Hp\Tracing
2013-06-06 11:29 - 2009-09-06 18:57 - 00000000 ____D C:\Windows\Panther
2013-06-05 20:13 - 2013-06-05 20:11 - 00000000 ____D C:\Users\Hp\Desktop\Mac
2013-06-04 11:14 - 2011-02-06 13:18 - 00063104 ____A C:\Users\Hp\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 13:42 - 2011-03-20 20:29 - 00000000 ____D C:\Users\Hp\Documents\Youcam
2013-05-25 19:22 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-05-25 12:03 - 2009-07-13 21:45 - 00277504 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-24 00:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-23 19:04 - 2013-05-23 19:04 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-23 19:04 - 2013-05-23 19:04 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-23 19:04 - 2013-05-23 19:04 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-23 19:04 - 2013-05-23 19:04 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-23 19:04 - 2013-05-23 19:04 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-23 19:04 - 2013-05-23 19:04 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-23 19:04 - 2013-05-23 19:04 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-23 19:02 - 2013-05-23 19:02 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 19:02 - 2013-05-23 19:02 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-17 10:33 - 2012-03-28 10:30 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-17 10:33 - 2011-07-17 09:47 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-11 10:51 - 2013-05-11 10:51 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-06-04 13:39

==================== End Of Log ============================



#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:50 PM

Posted 09 June 2013 - 03:58 PM

Everything looks good and there is nothing to worry about. :thumbup2:

 

  1. Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
     
  2. You may delete any tool or log we used from your computer.
     
  3. Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
    • Go to Start => Right-click "Computer" and select "Properties".
    • In the left pane select "System Protection".
    • Press "Configure".
    • Select "Delete". Then press "Continue" close and "OK".
    • Select your drive (drive C) and press "Create".
    • Fill in a name for the restore point and press "Create".
    • After finished press "Close".

    Take care daazndrgon. :)
     


#11 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:50 AM

Posted 09 June 2013 - 04:12 PM

Thank you for your help Farbar!



#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:50 PM

Posted 10 June 2013 - 12:42 AM

 You are most welcome daazndrgon. :)

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users