Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected laptop with FBI Ransom Malware


  • This topic is locked This topic is locked
21 replies to this topic

#1 JHan816

JHan816

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 12 June 2013 - 12:06 PM

I am looking for assistance with a FBI warning screen (Ransomware) upon boot. Will not run in safe mode. Running on a Sony Vaio laptop Windows 7 64-bit.

Thanks for assistance with this problem. 

 

--John



BC AdBot (Login to Remove)

 


#2 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 12 June 2013 - 01:56 PM

I was able to resolve this with the AVG Rescue CD. Sorry, should have tried it first.

I am able to get into safe mode now and I am running a Malwarebytes scan.

 

--John



#3 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 13 June 2013 - 02:55 AM

Post up the log, when ready.

Your system might not be completely clean.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#4 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 13 June 2013 - 06:57 AM

Thanks TB, I will have to re-run the AVG scan to get a log file. I will post it here ASAP.

 

It appears that skype.ini and skype.dat were infected. There were executable files in the /user/appdata/roaming directory -- firefox.exe, notepad.exe. There were also marked as infected.

All have been renamed and not deleted as instructed.

 

--John



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 13 June 2013 - 06:58 AM

no, you should upload the malwarebytes log when finished.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 13 June 2013 - 08:34 AM

Hi TB,

Here is the Malwarebytes log from yesterday.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.12.06

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16576
Diana :: DIANA-VAIO [administrator]

6/12/2013 11:45:50 AM
mbam-log-2013-06-12 (11-45-50).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 437325
Time elapsed: 1 hour(s), 11 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Users\Diana\AppData\Roaming\skype.dat -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Users\Diana\firefox.exe_1371037010.arl (Trojan.Ransom.FG) -> Quarantined and deleted successfully.
C:\Users\Diana\windowsupdate.exe_1371037010.arl (Trojan.Zbot.FV) -> Quarantined and deleted successfully.
C:\Users\Diana\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Diana\ctfmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Diana\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

 

Thanks for your help!



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 13 June 2013 - 08:49 AM

Hi there,
my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

 

 

 

 

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 13 June 2013 - 09:32 AM

Hello Marius,

 

Here is the GMER log file:

 

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-06-13 07:05:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298.09GB
Running: x38zko67.exe; Driver: C:\Users\Diana\AppData\Local\Temp\ugtyipog.sys

---- Threads - GMER 2.1 ----

Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [3096:5612]                                   000007fefad62a7c

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337512d1                     
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337512d1 (not active ControlSet) 

---- EOF - GMER 2.1 ----
 

 

**********Here is the FRST.txt result: *************************************************************************************************************

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2013 04
Ran by Diana (administrator) on 13-06-2013 07:09:57
Running from C:\Users\Diana\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2184520 2009-03-23] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-03-17] (CANON INC.)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe [1893728 2009-09-06] (Adobe Systems Incorporated)
HKCU\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3882312 2008-12-02] (Microsoft Corporation)
HKCU\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-02] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {3db6d2ac-3361-11df-90b3-0024be42d5f8} - J:\LaunchU3.exe -a
MountPoints2: {5bf4c729-c1b9-11e1-b51e-0024be42d5f8} - I:\LaunchU3.exe -a
MountPoints2: {6e7ff280-0de9-11df-bf08-0024be42d5f8} - H:\autorun.exe
MountPoints2: {6e7ff3d1-0de9-11df-bf08-0024be42d5f8} - D:\autorun.exe
HKLM-x32\...\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup [79872 2009-08-26] (Sony Electronics Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [317288 2009-05-26] (Sony Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.ucsf.edu/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\7tlwhifs.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iphijqffju - C:\Users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\7tlwhifs.default\Extensions\iphijqffju@iphijqffju.org.xpi

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-11-08] (Alcatel-Lucent)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-23] (Realtek Semiconductor)
S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2008-09-29] (Intel Corporation)
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation)
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-06-12] ()
S3 MREMP50; C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MREMP50; C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
U3 ugtyipog; \??\C:\Users\Diana\AppData\Local\Temp\ugtyipog.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-13 07:09 - 2013-06-13 07:09 - 01920280 ____A (Farbar) C:\Users\Diana\Desktop\FRST64.exe
2013-06-13 07:07 - 2013-06-13 07:07 - 01920280 ____A (Farbar) C:\Users\Diana\Downloads\FRST64 (1).exe
2013-06-13 07:06 - 2013-06-13 07:06 - 01920280 ____A (Farbar) C:\Users\Diana\Downloads\FRST64.exe
2013-06-13 06:58 - 2013-06-13 09:55 - 00377856 ____A C:\Users\Diana\Desktop\x38zko67.exe
2013-06-12 15:58 - 2013-06-12 15:58 - 00000000 ____D C:\ProgramData\Sun
2013-06-12 15:57 - 2013-06-12 15:57 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-12 15:57 - 2013-06-12 15:57 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 15:57 - 2013-06-12 15:57 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 15:57 - 2013-06-12 15:57 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 15:57 - 2013-06-12 15:57 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-12 15:57 - 2013-06-12 15:57 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 15:56 - 2013-06-12 15:56 - 00000000 ____D C:\ProgramData\McAfee
2013-06-12 15:50 - 2013-06-13 06:20 - 00000324 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-06-12 15:50 - 2013-06-12 15:52 - 00000000 ____D C:\Users\Diana\AppData\Roaming\Glarysoft
2013-06-12 15:50 - 2013-06-12 15:50 - 00001070 ____A C:\Users\Diana\Desktop\Glary Utilities.lnk
2013-06-12 15:50 - 2013-06-12 15:50 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-06-12 15:37 - 2013-06-12 15:37 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-06-12 15:32 - 2013-06-13 06:18 - 00000224 ____A C:\Windows\setupact.log
2013-06-12 15:32 - 2013-06-12 15:32 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 15:31 - 2013-06-12 17:26 - 00001466 ____A C:\Windows\PFRO.log
2013-06-12 15:19 - 2013-05-16 18:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 15:19 - 2013-05-16 18:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 15:19 - 2013-05-16 17:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 15:19 - 2013-05-16 17:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 15:19 - 2013-05-16 17:58 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 15:19 - 2013-05-16 17:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 15:19 - 2013-05-14 06:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 15:19 - 2013-05-14 05:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 15:19 - 2013-05-14 02:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 15:19 - 2013-05-14 01:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 14:20 - 2013-06-12 14:20 - 00000000 ____D C:\Users\Diana\AppData\Roaming\AVG2013
2013-06-12 14:19 - 2013-06-12 14:19 - 00000965 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-12 14:19 - 2013-06-12 14:19 - 00000000 ____D C:\Users\Diana\AppData\Roaming\TuneUp Software
2013-06-12 14:18 - 2013-06-12 14:19 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-12 14:18 - 2013-06-12 14:18 - 00000000 ___HD C:\$AVG
2013-06-12 14:17 - 2013-06-12 14:17 - 00000000 ____D C:\Program Files (x86)\AVG
2013-06-12 14:15 - 2013-06-12 17:07 - 00000000 ____D C:\ProgramData\MFAData
2013-06-12 14:15 - 2013-06-12 14:23 - 00000000 ____D C:\Users\Diana\AppData\Local\Avg2013
2013-06-12 14:15 - 2013-06-12 14:15 - 00000000 ____D C:\Users\Diana\AppData\Local\MFAData
2013-06-12 14:13 - 2013-06-12 14:13 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-12 14:13 - 2013-06-12 14:13 - 00000000 ____D C:\Program Files\CCleaner
2013-06-12 14:02 - 2013-05-12 22:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:02 - 2013-05-12 22:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:02 - 2013-05-12 22:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:02 - 2013-05-12 22:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:02 - 2013-05-12 21:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:02 - 2013-05-12 21:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:02 - 2013-05-12 21:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:02 - 2013-05-12 20:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:02 - 2013-05-12 20:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:02 - 2013-05-12 20:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:02 - 2013-05-09 22:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:02 - 2013-05-09 20:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:02 - 2013-05-07 23:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:02 - 2013-04-25 22:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:02 - 2013-04-25 21:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 14:01 - 2013-04-25 16:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 14:01 - 2013-04-17 00:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 14:01 - 2013-04-16 23:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 14:01 - 2013-03-31 15:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 13:56 - 2013-06-12 13:56 - 00021208 ____A C:\Users\Diana\Desktop\dds.txt
2013-06-12 13:56 - 2013-06-12 13:56 - 00012059 ____A C:\Users\Diana\Desktop\attach.txt
2013-06-12 13:45 - 2013-06-12 13:45 - 00002100 ____A C:\Users\Diana\Desktop\JRT.txt
2013-06-12 13:42 - 2013-06-12 13:42 - 00000000 ____D C:\Windows\ERUNT
2013-06-12 13:42 - 2013-06-12 13:42 - 00000000 ____D C:\JRT
2013-06-12 13:39 - 2013-06-12 13:39 - 00004291 ____A C:\AdwCleaner[S1].txt
2013-06-12 13:38 - 2013-06-12 13:38 - 00004125 ____A C:\AdwCleaner[R1].txt
2013-06-12 13:27 - 2013-06-12 13:27 - 00001600 ____A C:\Windows\System32\.crusader
2013-06-12 13:18 - 2013-06-12 13:29 - 00032000 ____A C:\Windows\System32\Drivers\hitmanpro37.sys
2013-06-12 13:17 - 2013-06-12 13:28 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-12 09:37 - 2013-06-12 09:37 - 00000000 ____D C:\FRST
2013-06-08 09:43 - 2013-06-08 09:43 - 00003224 ____N C:\bootsqm.dat
2013-06-03 16:17 - 2013-06-08 09:50 - 00000004 ____A C:\Users\Diana\AppData\Roaming\skype.ini
2013-06-03 16:14 - 2013-06-03 16:14 - 00000000 ____A C:\Users\Diana\msconfig.exe
2013-06-03 16:14 - 2013-06-03 16:14 - 00000000 ____A C:\Users\Diana\jucheck.exe
2013-06-01 16:21 - 2013-06-01 16:21 - 00000000 ____A C:\Users\Diana\opera.exe
2013-05-31 17:39 - 2013-06-12 11:45 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 16:31 - 2013-05-31 16:31 - 00000000 ____A C:\Users\Diana\googleupdate.exe
2013-05-31 16:31 - 2013-05-31 16:31 - 00000000 ____A C:\Users\Diana\flashplayer.exe
2013-05-31 16:31 - 2013-05-31 16:31 - 00000000 ____A C:\Users\Diana\chrome.exe
2013-05-31 16:19 - 2013-06-13 07:00 - 00000334 ___AH C:\Windows\Tasks\{51E6AE6B-FE59-4F23-AD7F-73B4EAB58E6A}.job
2013-05-31 16:19 - 2013-06-12 04:36 - 00000000 ____D C:\Users\Diana\AppData\Local\eb2d78fd-9cb2-4901-ba93-d8e82e5a91ffad
2013-05-31 16:19 - 2013-05-31 16:19 - 00000000 ____A C:\Users\Diana\teamviewer.exe
2013-05-31 16:19 - 2013-05-31 16:19 - 00000000 ____A C:\Users\Diana\mstsc.exe
2013-05-31 16:19 - 2013-05-31 16:19 - 00000000 ____A C:\Users\Diana\jqs.exe
2013-05-31 14:05 - 2013-05-31 14:05 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-31 14:03 - 2013-05-31 14:03 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-31 14:02 - 2013-05-31 14:03 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-31 14:02 - 2013-05-31 14:03 - 00000000 ____D C:\Program Files\iTunes
2013-05-31 14:02 - 2013-05-31 14:02 - 00000000 ____D C:\Program Files\iPod
2013-05-29 22:21 - 2013-05-31 18:57 - 00000247 ____A C:\users\arglnubwv.lnk
2013-05-24 23:14 - 2013-06-12 15:35 - 00000000 ____D C:\Users\Diana\AppData\Local\CDDB
2013-05-23 03:06 - 2013-05-23 03:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-23 03:06 - 2013-05-23 03:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-23 03:06 - 2013-05-23 03:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-23 03:06 - 2013-05-23 03:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-23 03:06 - 2013-05-23 03:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-23 03:06 - 2013-05-23 03:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-23 03:06 - 2013-05-23 03:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-23 03:06 - 2013-05-23 03:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-23 03:06 - 2013-05-23 03:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-23 03:04 - 2013-05-23 03:04 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-17 10:39 - 2013-05-17 10:43 - 00000000 ____D C:\Users\Diana\Desktop\Dara and Bill's wedding weekend
2013-05-14 22:13 - 2013-04-09 23:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 22:13 - 2013-04-09 23:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 22:13 - 2013-04-09 20:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 22:13 - 2013-03-18 22:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 22:13 - 2013-03-18 22:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 22:13 - 2013-02-26 23:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 22:13 - 2013-02-26 22:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 22:13 - 2013-02-26 22:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 22:13 - 2013-02-26 22:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 22:13 - 2013-02-26 22:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 22:13 - 2013-02-26 21:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 22:13 - 2013-02-26 21:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 22:13 - 2013-02-26 21:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-14 22:13 - 2011-02-03 04:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

==================== One Month Modified Files and Folders =======

2013-06-13 09:55 - 2013-06-13 06:58 - 00377856 ____A C:\Users\Diana\Desktop\x38zko67.exe
2013-06-13 07:09 - 2013-06-13 07:09 - 01920280 ____A (Farbar) C:\Users\Diana\Desktop\FRST64.exe
2013-06-13 07:07 - 2013-06-13 07:07 - 01920280 ____A (Farbar) C:\Users\Diana\Downloads\FRST64 (1).exe
2013-06-13 07:06 - 2013-06-13 07:06 - 01920280 ____A (Farbar) C:\Users\Diana\Downloads\FRST64.exe
2013-06-13 07:00 - 2013-05-31 16:19 - 00000334 ___AH C:\Windows\Tasks\{51E6AE6B-FE59-4F23-AD7F-73B4EAB58E6A}.job
2013-06-13 06:52 - 2009-09-02 23:08 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-13 06:27 - 2009-07-13 21:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-13 06:27 - 2009-07-13 21:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-13 06:24 - 2009-09-28 06:33 - 01426346 ____A C:\Windows\WindowsUpdate.log
2013-06-13 06:20 - 2013-06-12 15:50 - 00000324 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-06-13 06:20 - 2013-05-01 09:52 - 00000374 ___AH C:\Windows\Tasks\MagniPicUpdaterTask{7705F198-BE5B-470D-812C-10DB46583697}.job
2013-06-13 06:20 - 2010-02-25 20:49 - 00000000 ____D C:\Users\Diana\Tracing
2013-06-13 06:20 - 2009-09-02 23:07 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-13 06:18 - 2013-06-12 15:32 - 00000224 ____A C:\Windows\setupact.log
2013-06-13 06:18 - 2009-07-13 22:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-12 23:16 - 2010-01-14 20:44 - 00000000 ____D C:\users\Diana
2013-06-12 17:26 - 2013-06-12 15:31 - 00001466 ____A C:\Windows\PFRO.log
2013-06-12 17:07 - 2013-06-12 14:15 - 00000000 ____D C:\ProgramData\MFAData
2013-06-12 15:58 - 2013-06-12 15:58 - 00000000 ____D C:\ProgramData\Sun
2013-06-12 15:57 - 2013-06-12 15:57 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-12 15:57 - 2013-06-12 15:57 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 15:57 - 2013-06-12 15:57 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 15:57 - 2013-06-12 15:57 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 15:57 - 2013-06-12 15:57 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-12 15:57 - 2013-06-12 15:57 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 15:57 - 2009-09-02 23:11 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-12 15:56 - 2013-06-12 15:56 - 00000000 ____D C:\ProgramData\McAfee
2013-06-12 15:52 - 2013-06-12 15:50 - 00000000 ____D C:\Users\Diana\AppData\Roaming\Glarysoft
2013-06-12 15:52 - 2010-03-20 18:00 - 00000000 ____D C:\Users\Diana\Desktop\Exercise files
2013-06-12 15:50 - 2013-06-12 15:50 - 00001070 ____A C:\Users\Diana\Desktop\Glary Utilities.lnk
2013-06-12 15:50 - 2013-06-12 15:50 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-06-12 15:40 - 2009-07-13 22:13 - 00730448 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-12 15:37 - 2013-06-12 15:37 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-06-12 15:37 - 2009-09-02 23:06 - 00000000 ____D C:\ProgramData\Adobe
2013-06-12 15:37 - 2009-09-02 23:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-12 15:35 - 2013-05-24 23:14 - 00000000 ____D C:\Users\Diana\AppData\Local\CDDB
2013-06-12 15:34 - 2009-08-18 16:44 - 00000000 ____D C:\Windows\Panther
2013-06-12 15:32 - 2013-06-12 15:32 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 15:23 - 2009-09-02 23:15 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-12 15:20 - 2010-02-02 22:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 14:23 - 2013-06-12 14:15 - 00000000 ____D C:\Users\Diana\AppData\Local\Avg2013
2013-06-12 14:20 - 2013-06-12 14:20 - 00000000 ____D C:\Users\Diana\AppData\Roaming\AVG2013
2013-06-12 14:19 - 2013-06-12 14:19 - 00000965 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-12 14:19 - 2013-06-12 14:19 - 00000000 ____D C:\Users\Diana\AppData\Roaming\TuneUp Software
2013-06-12 14:19 - 2013-06-12 14:18 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-12 14:18 - 2013-06-12 14:18 - 00000000 ___HD C:\$AVG
2013-06-12 14:17 - 2013-06-12 14:17 - 00000000 ____D C:\Program Files (x86)\AVG
2013-06-12 14:15 - 2013-06-12 14:15 - 00000000 ____D C:\Users\Diana\AppData\Local\MFAData
2013-06-12 14:14 - 2012-05-09 00:02 - 00000000 ____D C:\Users\Diana\AppData\Roaming\Media Player Classic
2013-06-12 14:14 - 2010-02-26 12:18 - 00000000 ____D C:\Users\Diana\AppData\Roaming\uTorrent
2013-06-12 14:14 - 2010-02-17 18:11 - 00000000 ____D C:\Windows\Minidump
2013-06-12 14:13 - 2013-06-12 14:13 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-12 14:13 - 2013-06-12 14:13 - 00000000 ____D C:\Program Files\CCleaner
2013-06-12 14:10 - 2010-01-14 20:50 - 00000000 ____D C:\Users\Diana\AppData\Local\Google
2013-06-12 14:10 - 2009-09-02 23:07 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-12 13:56 - 2013-06-12 13:56 - 00021208 ____A C:\Users\Diana\Desktop\dds.txt
2013-06-12 13:56 - 2013-06-12 13:56 - 00012059 ____A C:\Users\Diana\Desktop\attach.txt
2013-06-12 13:45 - 2013-06-12 13:45 - 00002100 ____A C:\Users\Diana\Desktop\JRT.txt
2013-06-12 13:42 - 2013-06-12 13:42 - 00000000 ____D C:\Windows\ERUNT
2013-06-12 13:42 - 2013-06-12 13:42 - 00000000 ____D C:\JRT
2013-06-12 13:39 - 2013-06-12 13:39 - 00004291 ____A C:\AdwCleaner[S1].txt
2013-06-12 13:38 - 2013-06-12 13:38 - 00004125 ____A C:\AdwCleaner[R1].txt
2013-06-12 13:29 - 2013-06-12 13:18 - 00032000 ____A C:\Windows\System32\Drivers\hitmanpro37.sys
2013-06-12 13:28 - 2013-06-12 13:17 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-12 13:27 - 2013-06-12 13:27 - 00001600 ____A C:\Windows\System32\.crusader
2013-06-12 13:27 - 2010-01-14 20:49 - 00000000 ____D C:\Users\Diana\AppData\Local\ATI
2013-06-12 11:45 - 2013-05-31 17:39 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-12 11:45 - 2011-06-23 15:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-12 09:37 - 2013-06-12 09:37 - 00000000 ____D C:\FRST
2013-06-12 04:36 - 2013-05-31 16:19 - 00000000 ____D C:\Users\Diana\AppData\Local\eb2d78fd-9cb2-4901-ba93-d8e82e5a91ffad
2013-06-08 09:50 - 2013-06-03 16:17 - 00000004 ____A C:\Users\Diana\AppData\Roaming\skype.ini
2013-06-08 09:43 - 2013-06-08 09:43 - 00003224 ____N C:\bootsqm.dat
2013-06-08 08:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-06-08 08:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-03 16:14 - 2013-06-03 16:14 - 00000000 ____A C:\Users\Diana\msconfig.exe
2013-06-03 16:14 - 2013-06-03 16:14 - 00000000 ____A C:\Users\Diana\jucheck.exe
2013-06-01 16:21 - 2013-06-01 16:21 - 00000000 ____A C:\Users\Diana\opera.exe
2013-05-31 18:57 - 2013-05-29 22:21 - 00000247 ____A C:\users\arglnubwv.lnk
2013-05-31 16:31 - 2013-05-31 16:31 - 00000000 ____A C:\Users\Diana\googleupdate.exe
2013-05-31 16:31 - 2013-05-31 16:31 - 00000000 ____A C:\Users\Diana\flashplayer.exe
2013-05-31 16:31 - 2013-05-31 16:31 - 00000000 ____A C:\Users\Diana\chrome.exe
2013-05-31 16:19 - 2013-05-31 16:19 - 00000000 ____A C:\Users\Diana\teamviewer.exe
2013-05-31 16:19 - 2013-05-31 16:19 - 00000000 ____A C:\Users\Diana\mstsc.exe
2013-05-31 16:19 - 2013-05-31 16:19 - 00000000 ____A C:\Users\Diana\jqs.exe
2013-05-31 14:05 - 2013-05-31 14:05 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-31 14:05 - 2010-02-08 23:04 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-31 14:03 - 2013-05-31 14:03 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-31 14:03 - 2013-05-31 14:02 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-31 14:03 - 2013-05-31 14:02 - 00000000 ____D C:\Program Files\iTunes
2013-05-31 14:03 - 2010-02-08 23:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-31 14:02 - 2013-05-31 14:02 - 00000000 ____D C:\Program Files\iPod
2013-05-23 04:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-05-23 03:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-23 03:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-23 03:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-23 03:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-23 03:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-23 03:06 - 2013-05-23 03:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-23 03:06 - 2013-05-23 03:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-23 03:06 - 2013-05-23 03:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-23 03:06 - 2013-05-23 03:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-23 03:06 - 2013-05-23 03:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-23 03:06 - 2013-05-23 03:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-23 03:06 - 2013-05-23 03:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-23 03:06 - 2013-05-23 03:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-23 03:06 - 2013-05-23 03:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-23 03:06 - 2013-05-23 03:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-23 03:06 - 2013-05-23 03:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-23 03:04 - 2013-05-23 03:04 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 03:04 - 2013-05-23 03:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-19 15:18 - 2009-07-13 22:08 - 00032546 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-17 10:43 - 2013-05-17 10:39 - 00000000 ____D C:\Users\Diana\Desktop\Dara and Bill's wedding weekend
2013-05-17 10:05 - 2010-02-08 23:06 - 00000000 ____D C:\Users\Diana\AppData\Roaming\Apple Computer
2013-05-16 18:25 - 2013-06-12 15:19 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 18:25 - 2013-06-12 15:19 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-16 17:59 - 2013-06-12 15:19 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 17:59 - 2013-06-12 15:19 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-16 17:58 - 2013-06-12 15:19 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 17:58 - 2013-06-12 15:19 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 03:32 - 2009-07-13 21:45 - 00453384 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-14 06:14 - 2013-06-12 15:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-14 05:23 - 2013-06-12 15:19 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 02:23 - 2013-06-12 15:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-14 01:40 - 2013-06-12 15:19 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Files to move or delete:
====================
C:\Users\Diana\chrome.exe
C:\Users\Diana\flashplayer.exe
C:\Users\Diana\googleupdate.exe
C:\Users\Diana\jqs.exe
C:\Users\Diana\jucheck.exe
C:\Users\Diana\msconfig.exe
C:\Users\Diana\mstsc.exe
C:\Users\Diana\opera.exe
C:\Users\Diana\teamviewer.exe
C:\Users\Diana\AppData\Roaming\skype.ini
C:\Windows\Tasks\{51E6AE6B-FE59-4F23-AD7F-73B4EAB58E6A}.job

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-07 17:23

==================== End Of Log ============================

 

*****************Here is the Additional.txt:******************************************************************************

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2013 04
Ran by Diana at 2013-06-13 07:10:39 Run:
Running from C:\Users\Diana\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.2.0)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.02)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Alps Pointing-device for VAIO
Alt.Binz 0.25.0 (Version: 0.25.0)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (Version: 3.0.21.390)
ATI Catalyst Install Manager (Version: 3.0.732.0)
AVG 2013 (Version: 13.0.3199)
AVG 2013 (Version: 13.0.3345)
AVG 2013 (Version: 2013.0.3345)
Bonjour (Version: 3.0.0.10)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon MP560 series User Registration
Canon PowerShot SX260 HS and SX240 HS Camera User Guide (Version: 1.0.0.9)
Canon Utilities CameraWindow DC 8 (Version: 8.7.0.11)
Canon Utilities Easy-PhotoPrint EX
Canon Utilities ImageBrowser EX (Version: 1.0.1.32)
Canon Utilities My Printer
Canon Utilities PhotoStitch (Version: 3.1.23.47)
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full Existing (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Full New (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Light (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Common (Version: 2009.0710.1127.18698)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0710.1127.18698)
Catalyst Control Center InstallProxy (Version: 2009.0710.1127.18698)
Catalyst Control Center Localization All (Version: 2009.0710.1127.18698)
CCC Help Chinese Standard (Version: 2009.0720.2144.37243)
CCC Help Chinese Traditional (Version: 2009.0720.2144.37243)
CCC Help Czech (Version: 2009.0720.2144.37243)
CCC Help Danish (Version: 2009.0720.2144.37243)
CCC Help Dutch (Version: 2009.0720.2144.37243)
CCC Help English (Version: 2009.0720.2144.37243)
CCC Help Finnish (Version: 2009.0720.2144.37243)
CCC Help French (Version: 2009.0720.2144.37243)
CCC Help German (Version: 2009.0720.2144.37243)
CCC Help Greek (Version: 2009.0720.2144.37243)
CCC Help Hungarian (Version: 2009.0720.2144.37243)
CCC Help Italian (Version: 2009.0720.2144.37243)
CCC Help Japanese (Version: 2009.0720.2144.37243)
CCC Help Korean (Version: 2009.0720.2144.37243)
CCC Help Norwegian (Version: 2009.0720.2144.37243)
CCC Help Polish (Version: 2009.0720.2144.37243)
CCC Help Portuguese (Version: 2009.0720.2144.37243)
CCC Help Russian (Version: 2009.0720.2144.37243)
CCC Help Spanish (Version: 2009.0720.2144.37243)
CCC Help Swedish (Version: 2009.0720.2144.37243)
CCC Help Thai (Version: 2009.0720.2144.37243)
CCC Help Turkish (Version: 2009.0720.2144.37243)
ccc-core-static (Version: 2009.0710.1127.18698)
ccc-utility64 (Version: 2009.0710.1127.18698)
CCleaner (Version: 4.02)
Choice Guard (Version: 1.2.87.0)
Click to Disc (Version: 1.2.70.06160)
Click to Disc Editor (Version: 2.0.02)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Glary Utilities 2.56.0.1822 (Version: 2.56.0.1822)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
iCloud (Version: 2.1.2.8)
Intel® Matrix Storage Manager
iTunes (Version: 11.0.3.42)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
JNLP
Juniper Networks Host Checker (Version: 7.0.0.17289)
Juniper Networks Network Connect 6.5.0 (Version: 6.5.0.15255)
Juniper Networks Setup Client (Version: 2.2.4.9429)
Junk Mail filter update (Version: 14.0.8050.1202)
MagicDisc 2.7.106
MagniPic (Version: 1.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Transfer (Version: 1.3.01.13160)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PokerStars.net
Primo (Version: 1.00.0000)
QuickBooks Financial Center (Version: 1.30.0000)
QuickTime (Version: 7.74.80.86)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.5897)
Realtek High Definition Audio Driver (Version: 6.0.1.5886)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (Version: 10.3)
Roxio Easy Media Creator Home (Version: 10.3.121)
Runtime (Version: 1.00.0000)
Safari (Version: 5.34.57.2)
Setting Utility Series (Version: 5.0.0.07300)
SmartWi Connection Utility (Version: 4.8.4.20090826.2116)
Sony Home Network Library (Version: 2.0.0.07280)
Sony Picture Utility (Version: 4.2.12.16210)
TeamViewer 5 (Version: 5.0.8421 )
Text Twist 2 (remove only)
The Rosetta Stone
TurboTax 2011
TurboTax 2011 wcaiper (Version: 011.000.1458)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2837)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0449)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0212)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO Care (Version: 4.0.0.0811)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.5.0.06261)
VAIO Content Metadata Intelligent Network Service Manager (Version: 3.5.0.06260)
VAIO Content Metadata Manager Settings (Version: 3.5.0.06260)
VAIO Content Metadata XML Interface Library (Version: 3.5.0.06180)
VAIO Content Monitoring Settings (Version: 2.4.0.06120)
VAIO Control Center (Version: 4.0.0.06120)
VAIO Data Restore Tool (Version: 1.1.01.06290)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130)
VAIO Entertainment Platform (Version: 3.5.0.07230)
VAIO Event Service (Version: 5.0.0.07010)
VAIO Help and Support (Version: 9.00.0729.ENUS)
VAIO Media plus (Version: 2.0.0.07280)
VAIO Media plus Opening Movie (Version: 2.0.0.07030)
VAIO Movie Story (Version: 1.5.00.06191)
VAIO Movie Story Template Data (Version: 1.5.00.06010)
VAIO OOBE and Startup Assistant (Version: 1.00.0811.ENUS)
VAIO Original Function Settings (Version: 2.0.0.07010)
VAIO Power Management (Version: 4.0.0.08240)
VAIO Presentation Support (Version: 2.0.0.05270)
VAIO Quick Web Access (Version: 1.1.2.4)
VAIO Survey (Version: 6.00.0722)
VAIO Update 4 (Version: 4.2.0.07300)
VAIO Wallpaper Contents (Version: 2.0.0.06010)
VD64Inst (Version: 1.00.0000)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VoiceOver Kit (Version: 1.42.128.0)
W Photo Studio (Version: 1.0.0.143)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Movie Maker Beta (Version: 14.0.8051.1204)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
WinRAR archiver

==================== Restore Points  =========================

17-05-2013 18:06:01 Restore Operation
23-05-2013 00:52:16 Windows Update
23-05-2013 10:00:51 Windows Update
28-05-2013 10:24:22 Windows Update
28-05-2013 23:44:43 Restore Operation
31-05-2013 21:07:41 Windows Update
31-05-2013 22:50:19 Restore Operation
08-06-2013 00:10:39 Windows Update
08-06-2013 00:43:17 Windows Defender Checkpoint
08-06-2013 16:49:37 Windows Update
12-06-2013 21:01:39 Windows Update
12-06-2013 21:10:55 Removed Skype Click to Call
12-06-2013 21:17:39 Installed AVG 2013
12-06-2013 21:17:59 Installed AVG 2013
12-06-2013 22:18:01 Windows Update
12-06-2013 22:47:19 Installed HiJackThis
12-06-2013 22:55:13 Removed HiJackThis
12-06-2013 22:56:19 Removed Java™ 6 Update 15
12-06-2013 22:57:00 Installed Java 7 Update 21
12-06-2013 23:50:53 restore Point after malware removal

==================== Faulty Device Manager Devices =============

Name: E:\
Description: R5C822
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: KINGSTON
Description: DT 101 G2      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Kingston
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2013 06:19:11 AM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (06/13/2013 03:27:14 AM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (06/12/2013 05:28:06 PM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (06/12/2013 03:34:19 PM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (06/12/2013 01:48:46 PM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)


System errors:
=============
Error: (06/13/2013 06:58:32 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR4.

Error: (06/13/2013 06:58:32 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR4.

Error: (06/13/2013 06:58:31 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR4.

Error: (06/13/2013 06:58:30 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR4.

Error: (06/13/2013 06:18:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (06/13/2013 06:18:49 AM) (Source: Service Control Manager) (User: )
Description: The HsfXAudioService service failed to start due to the following error:
%%1053

Error: (06/13/2013 06:18:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.

Error: (06/13/2013 06:18:25 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/13/2013 06:18:25 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/13/2013 04:38:03 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 4063.03 MB
Available physical RAM: 2282.54 MB
Total Pagefile: 8124.24 MB
Available Pagefile: 5995.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:290.24 GB) (Free:145.3 GB) NTFS (Disk=0 Partition=3)
Drive i: (KINGSTON) (Removable) (Total:7.26 GB) (Free:7.12 GB) FAT32 (Disk=3 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: BA5542B9)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=290 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)

==================== End Of Log ============================

 

 



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 14 June 2013 - 01:24 AM

Fix with FRST

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

    FF Extension: iphijqffju - C:\Users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\7tlwhifs.default\Extensions\iphijqffju@iphijqffju.org.xpi
    
    C:\Users\Diana\AppData\Roaming\skype.ini
    C:\Users\Diana\msconfig.exe
    C:\Users\Diana\jucheck.exe
    C:\Users\Diana\opera.exe
    C:\Users\Diana\googleupdate.exe
    C:\Users\Diana\flashplayer.exe
    C:\Users\Diana\chrome.exe
    C:\Windows\Tasks\{51E6AE6B-FE59-4F23-AD7F-73B4EAB58E6A}.job
    C:\Users\Diana\AppData\Local\eb2d78fd-9cb2-4901-ba93-d8e82e5a91ffad
    C:\Users\Diana\teamviewer.exe
    C:\Users\Diana\mstsc.exe
    C:\Users\Diana\jqs.exe
    C:\users\arglnubwv.lnk
     
    
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

Malwarebytes Antimalware

  • Start Malwarebytes Antimalware.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 14 June 2013 - 07:48 AM

Hello Marius,

 

Here is the fixlog.txt result:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-06-2013
Ran by Diana at 2013-06-14 05:26:26 Run:1
Running from C:\Users\Diana\Desktop\FRST
Boot Mode: Normal
==============================================

C:\Users\Diana\AppData\Roaming\Mozilla\Firefox\Profiles\7tlwhifs.default\Extensions\iphijqffju@iphijqffju.org.xpi => Moved successfully.
C:\Users\Diana\AppData\Roaming\skype.ini => Moved successfully.
C:\Users\Diana\msconfig.exe => Moved successfully.
C:\Users\Diana\jucheck.exe => Moved successfully.
C:\Users\Diana\opera.exe => Moved successfully.
C:\Users\Diana\googleupdate.exe => Moved successfully.
C:\Users\Diana\flashplayer.exe => Moved successfully.
C:\Users\Diana\chrome.exe => Moved successfully.
C:\Windows\Tasks\{51E6AE6B-FE59-4F23-AD7F-73B4EAB58E6A}.job => Moved successfully.
C:\Users\Diana\AppData\Local\eb2d78fd-9cb2-4901-ba93-d8e82e5a91ffad => Moved successfully.
C:\Users\Diana\teamviewer.exe => Moved successfully.
C:\Users\Diana\mstsc.exe => Moved successfully.
C:\Users\Diana\jqs.exe => Moved successfully.
C:\users\arglnubwv.lnk => Moved successfully.

==== End of Fixlog ====

 

Here is the Malwarebytes log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.14.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16614
Diana :: DIANA-VAIO [administrator]

6/14/2013 5:30:01 AM
mbam-log-2013-06-14 (05-30-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210247
Time elapsed: 5 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

And here is the FSS log:

 

Farbar Service Scanner Version: 31-05-2013 01
Ran by Diana (administrator) on 14-06-2013 at 05:40:53
Running from "C:\Users\Diana\Desktop\FSS"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-06-12 14:02] - [2013-05-07 23:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2013-06-12 14:02] - [2013-05-12 22:51] - 0184320 ____A (Microsoft Corporation) D8129C49798CBBFB2E4351D4B7B8EF9C

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

 

Thanks,

John

 

 



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 15 June 2013 - 06:03 AM

hm...

 

Please run the following tool:

 

 

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 15 June 2013 - 06:29 AM

Hello Marius,

 

Here is the TDSS log file. Scan only without cleaning.

 

04:18:14.0317 4520  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
04:18:14.0973 4520  ============================================================
04:18:14.0973 4520  Current date / time: 2013/06/15 04:18:14.0973
04:18:14.0973 4520  SystemInfo:
04:18:14.0973 4520 
04:18:14.0973 4520  OS Version: 6.1.7601 ServicePack: 1.0
04:18:14.0973 4520  Product type: Workstation
04:18:14.0974 4520  ComputerName: DIANA-VAIO
04:18:14.0974 4520  UserName: Diana
04:18:14.0974 4520  Windows directory: C:\Windows
04:18:14.0974 4520  System windows directory: C:\Windows
04:18:14.0974 4520  Running under WOW64
04:18:14.0974 4520  Processor architecture: Intel x64
04:18:14.0974 4520  Number of processors: 2
04:18:14.0974 4520  Page size: 0x1000
04:18:14.0974 4520  Boot type: Normal boot
04:18:14.0974 4520  ============================================================
04:18:19.0041 4520  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:18:19.0049 4520  Drive \Device\Harddisk3\DR3 - Size: 0x1D11B0000 (7.27 Gb), SectorSize: 0x200, Cylinders: 0x3B4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
04:18:19.0051 4520  ============================================================
04:18:19.0051 4520  \Device\Harddisk0\DR0:
04:18:19.0051 4520  MBR partitions:
04:18:19.0052 4520  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF83000, BlocksNum 0x32000
04:18:19.0052 4520  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFB5000, BlocksNum 0x244792B0
04:18:19.0052 4520  \Device\Harddisk3\DR3:
04:18:19.0052 4520  MBR partitions:
04:18:19.0052 4520  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE86E00
04:18:19.0052 4520  ============================================================
04:18:19.0103 4520  C: <-> \Device\Harddisk0\DR0\Partition2
04:18:19.0103 4520  ============================================================
04:18:19.0103 4520  Initialize success
04:18:19.0103 4520  ============================================================
04:19:07.0988 2552  ============================================================
04:19:07.0988 2552  Scan started
04:19:07.0988 2552  Mode: Manual;
04:19:07.0988 2552  ============================================================
04:19:11.0160 2552  ================ Scan system memory ========================
04:19:11.0160 2552  System memory - ok
04:19:11.0160 2552  ================ Scan services =============================
04:19:11.0900 2552  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
04:19:11.0904 2552  1394ohci - ok
04:19:12.0055 2552  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
04:19:12.0059 2552  ACDaemon - ok
04:19:12.0137 2552  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
04:19:12.0142 2552  ACPI - ok
04:19:12.0190 2552  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
04:19:12.0192 2552  AcpiPmi - ok
04:19:12.0336 2552  [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
04:19:12.0339 2552  AdobeActiveFileMonitor8.0 - ok
04:19:12.0481 2552  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
04:19:12.0483 2552  AdobeARMservice - ok
04:19:12.0544 2552  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
04:19:12.0554 2552  adp94xx - ok
04:19:12.0644 2552  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
04:19:12.0651 2552  adpahci - ok
04:19:12.0697 2552  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
04:19:12.0701 2552  adpu320 - ok
04:19:12.0735 2552  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
04:19:12.0737 2552  AeLookupSvc - ok
04:19:12.0812 2552  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
04:19:12.0830 2552  AFD - ok
04:19:12.0899 2552  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
04:19:12.0902 2552  agp440 - ok
04:19:12.0954 2552  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
04:19:12.0957 2552  ALG - ok
04:19:13.0009 2552  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
04:19:13.0011 2552  aliide - ok
04:19:13.0063 2552  [ 322A2C5D390109A4E50679AB58DEA870 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
04:19:13.0068 2552  AMD External Events Utility - ok
04:19:13.0104 2552  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
04:19:13.0107 2552  amdide - ok
04:19:13.0178 2552  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
04:19:13.0181 2552  AmdK8 - ok
04:19:13.0200 2552  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
04:19:13.0203 2552  AmdPPM - ok
04:19:13.0242 2552  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
04:19:13.0246 2552  amdsata - ok
04:19:13.0297 2552  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
04:19:13.0303 2552  amdsbs - ok
04:19:13.0348 2552  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
04:19:13.0349 2552  amdxata - ok
04:19:13.0437 2552  [ 56BD886820C4AEDF493CFCDF1CCFB004 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
04:19:13.0440 2552  ApfiltrService - ok
04:19:13.0504 2552  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
04:19:13.0507 2552  AppID - ok
04:19:13.0552 2552  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
04:19:13.0553 2552  AppIDSvc - ok
04:19:13.0638 2552  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
04:19:13.0641 2552  Appinfo - ok
04:19:13.0783 2552  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:19:13.0786 2552  Apple Mobile Device - ok
04:19:13.0858 2552  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
04:19:13.0861 2552  arc - ok
04:19:13.0896 2552  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
04:19:13.0900 2552  arcsas - ok
04:19:13.0930 2552  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
04:19:13.0932 2552  ArcSoftKsUFilter - ok
04:19:13.0980 2552  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
04:19:13.0982 2552  AsyncMac - ok
04:19:14.0036 2552  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
04:19:14.0039 2552  atapi - ok
04:19:14.0127 2552  [ 5D4529AC4156E16BEDB01441AE0CF984 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
04:19:14.0204 2552  athr - ok
04:19:14.0410 2552  [ DE0EDE41BC530F1759C6FFFCB8C7A0CF ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
04:19:14.0573 2552  atikmdag - ok
04:19:14.0682 2552  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:19:14.0703 2552  AudioEndpointBuilder - ok
04:19:14.0721 2552  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
04:19:14.0728 2552  AudioSrv - ok
04:19:15.0096 2552  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
04:19:15.0250 2552  AVGIDSAgent - ok
04:19:15.0322 2552  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
04:19:15.0324 2552  AVGIDSDriver - ok
04:19:15.0338 2552  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
04:19:15.0339 2552  AVGIDSHA - ok
04:19:15.0444 2552  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
04:19:15.0447 2552  Avgldx64 - ok
04:19:15.0512 2552  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
04:19:15.0518 2552  Avgloga - ok
04:19:15.0557 2552  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
04:19:15.0561 2552  Avgmfx64 - ok
04:19:15.0634 2552  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
04:19:15.0636 2552  Avgrkx64 - ok
04:19:15.0699 2552  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
04:19:15.0702 2552  Avgtdia - ok
04:19:15.0779 2552  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
04:19:15.0786 2552  avgwd - ok
04:19:15.0843 2552  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
04:19:15.0846 2552  AxInstSV - ok
04:19:15.0920 2552  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
04:19:15.0938 2552  b06bdrv - ok
04:19:16.0031 2552  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
04:19:16.0038 2552  b57nd60a - ok
04:19:16.0089 2552  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
04:19:16.0092 2552  BDESVC - ok
04:19:16.0130 2552  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
04:19:16.0131 2552  Beep - ok
04:19:16.0209 2552  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
04:19:16.0230 2552  BFE - ok
04:19:16.0316 2552  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
04:19:16.0343 2552  BITS - ok
04:19:16.0406 2552  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
04:19:16.0408 2552  blbdrive - ok
04:19:16.0541 2552  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:19:16.0548 2552  Bonjour Service - ok
04:19:16.0638 2552  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
04:19:16.0641 2552  bowser - ok
04:19:16.0693 2552  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
04:19:16.0695 2552  BrFiltLo - ok
04:19:16.0723 2552  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
04:19:16.0725 2552  BrFiltUp - ok
04:19:16.0771 2552  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
04:19:16.0775 2552  Browser - ok
04:19:16.0829 2552  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
04:19:16.0836 2552  Brserid - ok
04:19:16.0891 2552  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
04:19:16.0894 2552  BrSerWdm - ok
04:19:16.0919 2552  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
04:19:16.0922 2552  BrUsbMdm - ok
04:19:16.0934 2552  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
04:19:16.0936 2552  BrUsbSer - ok
04:19:17.0015 2552  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
04:19:17.0018 2552  BthEnum - ok
04:19:17.0082 2552  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
04:19:17.0085 2552  BTHMODEM - ok
04:19:17.0117 2552  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
04:19:17.0121 2552  BthPan - ok
04:19:17.0193 2552  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
04:19:17.0210 2552  BTHPORT - ok
04:19:17.0301 2552  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
04:19:17.0303 2552  bthserv - ok
04:19:17.0329 2552  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
04:19:17.0333 2552  BTHUSB - ok
04:19:17.0356 2552  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
04:19:17.0359 2552  cdfs - ok
04:19:17.0440 2552  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
04:19:17.0444 2552  cdrom - ok
04:19:17.0500 2552  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
04:19:17.0502 2552  CertPropSvc - ok
04:19:17.0556 2552  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
04:19:17.0559 2552  circlass - ok
04:19:17.0608 2552  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
04:19:17.0613 2552  CLFS - ok
04:19:17.0687 2552  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:19:17.0689 2552  clr_optimization_v2.0.50727_32 - ok
04:19:17.0725 2552  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
04:19:17.0728 2552  clr_optimization_v2.0.50727_64 - ok
04:19:17.0874 2552  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:19:17.0901 2552  clr_optimization_v4.0.30319_32 - ok
04:19:17.0969 2552  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
04:19:17.0972 2552  clr_optimization_v4.0.30319_64 - ok
04:19:18.0042 2552  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
04:19:18.0043 2552  CmBatt - ok
04:19:18.0084 2552  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
04:19:18.0086 2552  cmdide - ok
04:19:18.0138 2552  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
04:19:18.0146 2552  CNG - ok
04:19:18.0228 2552  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
04:19:18.0230 2552  Compbatt - ok
04:19:18.0293 2552  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
04:19:18.0295 2552  CompositeBus - ok
04:19:18.0315 2552  COMSysApp - ok
04:19:18.0348 2552  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
04:19:18.0350 2552  crcdisk - ok
04:19:18.0391 2552  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
04:19:18.0395 2552  CryptSvc - ok
04:19:18.0500 2552  [ 76E02DB615A03801D698199A2BC4A06A ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
04:19:18.0502 2552  dc3d - ok
04:19:18.0584 2552  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
04:19:18.0646 2552  DcomLaunch - ok
04:19:18.0707 2552  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
04:19:18.0713 2552  defragsvc - ok
04:19:18.0790 2552  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
04:19:18.0793 2552  DfsC - ok
04:19:18.0854 2552  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
04:19:18.0861 2552  Dhcp - ok
04:19:18.0889 2552  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
04:19:18.0891 2552  discache - ok
04:19:18.0965 2552  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
04:19:18.0967 2552  Disk - ok
04:19:19.0020 2552  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
04:19:19.0025 2552  Dnscache - ok
04:19:19.0076 2552  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
04:19:19.0082 2552  dot3svc - ok
04:19:19.0122 2552  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
04:19:19.0127 2552  DPS - ok
04:19:19.0187 2552  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
04:19:19.0189 2552  drmkaud - ok
04:19:19.0231 2552  [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
04:19:19.0233 2552  dsNcAdpt - ok
04:19:19.0316 2552  [ B9750C064B43C7A3BBC8A74F1127AA4E ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
04:19:19.0334 2552  dsNcService - ok
04:19:19.0408 2552  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
04:19:19.0418 2552  DXGKrnl - ok
04:19:19.0480 2552  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
04:19:19.0484 2552  EapHost - ok
04:19:19.0685 2552  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
04:19:19.0786 2552  ebdrv - ok
04:19:19.0823 2552  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
04:19:19.0825 2552  EFS - ok
04:19:19.0923 2552  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
04:19:19.0946 2552  ehRecvr - ok
04:19:20.0002 2552  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
04:19:20.0005 2552  ehSched - ok
04:19:20.0071 2552  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
04:19:20.0089 2552  elxstor - ok
04:19:20.0124 2552  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
04:19:20.0126 2552  ErrDev - ok
04:19:20.0214 2552  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
04:19:20.0222 2552  EventSystem - ok
04:19:20.0269 2552  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
04:19:20.0274 2552  exfat - ok
04:19:20.0321 2552  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
04:19:20.0326 2552  fastfat - ok
04:19:20.0444 2552  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
04:19:20.0483 2552  Fax - ok
04:19:20.0548 2552  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
04:19:20.0550 2552  fdc - ok
04:19:20.0592 2552  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
04:19:20.0615 2552  fdPHost - ok
04:19:20.0638 2552  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
04:19:20.0640 2552  FDResPub - ok
04:19:20.0651 2552  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
04:19:20.0652 2552  FileInfo - ok
04:19:20.0658 2552  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
04:19:20.0660 2552  Filetrace - ok
04:19:20.0729 2552  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
04:19:20.0766 2552  FLEXnet Licensing Service - ok
04:19:20.0823 2552  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
04:19:20.0826 2552  flpydisk - ok
04:19:20.0896 2552  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
04:19:20.0902 2552  FltMgr - ok
04:19:20.0987 2552  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
04:19:21.0047 2552  FontCache - ok
04:19:21.0133 2552  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:19:21.0136 2552  FontCache3.0.0.0 - ok
04:19:21.0165 2552  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
04:19:21.0168 2552  FsDepends - ok
04:19:21.0214 2552  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
04:19:21.0215 2552  Fs_Rec - ok
04:19:21.0282 2552  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
04:19:21.0287 2552  fvevol - ok
04:19:21.0333 2552  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
04:19:21.0336 2552  gagp30kx - ok
04:19:21.0385 2552  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
04:19:21.0386 2552  GEARAspiWDM - ok
04:19:21.0458 2552  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
04:19:21.0488 2552  gpsvc - ok
04:19:21.0694 2552  [ 626A24ED1228580B9518C01930936DF9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:19:21.0698 2552  gupdate - ok
04:19:21.0742 2552  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:19:21.0744 2552  gupdatem - ok
04:19:21.0829 2552  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
04:19:21.0834 2552  gusvc - ok
04:19:21.0864 2552  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
04:19:21.0866 2552  hcw85cir - ok
04:19:21.0933 2552  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:19:21.0940 2552  HdAudAddService - ok
04:19:21.0968 2552  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
04:19:21.0971 2552  HDAudBus - ok
04:19:22.0008 2552  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
04:19:22.0011 2552  HidBatt - ok
04:19:22.0065 2552  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
04:19:22.0069 2552  HidBth - ok
04:19:22.0098 2552  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
04:19:22.0101 2552  HidIr - ok
04:19:22.0125 2552  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
04:19:22.0128 2552  hidserv - ok
04:19:22.0205 2552  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
04:19:22.0208 2552  HidUsb - ok
04:19:22.0280 2552  [ 6B415E7AE774B9118360F559F627468E ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
04:19:22.0282 2552  hitmanpro37 - ok
04:19:22.0320 2552  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
04:19:22.0323 2552  hkmsvc - ok
04:19:22.0363 2552  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:19:22.0369 2552  HomeGroupListener - ok
04:19:22.0412 2552  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:19:22.0418 2552  HomeGroupProvider - ok
04:19:22.0457 2552  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
04:19:22.0460 2552  HpSAMD - ok
04:19:22.0575 2552  [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
04:19:22.0643 2552  HsfXAudioService - ok
04:19:22.0717 2552  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
04:19:22.0738 2552  HTTP - ok
04:19:22.0773 2552  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
04:19:22.0774 2552  hwpolicy - ok
04:19:22.0822 2552  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
04:19:22.0826 2552  i8042prt - ok
04:19:22.0902 2552  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
04:19:22.0909 2552  IAANTMON - ok
04:19:22.0983 2552  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
04:19:22.0988 2552  iaStor - ok
04:19:23.0046 2552  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
04:19:23.0055 2552  iaStorV - ok
04:19:23.0112 2552  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
04:19:23.0150 2552  idsvc - ok
04:19:23.0362 2552  [ DFEAF0A1D98D397035012C8E28D1520F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
04:19:23.0553 2552  igfx - ok
04:19:23.0640 2552  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
04:19:23.0642 2552  iirsp - ok
04:19:23.0709 2552  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
04:19:23.0752 2552  IKEEXT - ok
04:19:23.0857 2552  [ B16FC828CE7A76A8F1CE682E6EAD2627 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
04:19:23.0875 2552  IntcAzAudAddService - ok
04:19:23.0956 2552  [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
04:19:23.0960 2552  IntcHdmiAddService - ok
04:19:23.0992 2552  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
04:19:23.0994 2552  intelide - ok
04:19:24.0036 2552  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
04:19:24.0037 2552  intelppm - ok
04:19:24.0142 2552  [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
04:19:24.0144 2552  IntuitUpdateServiceV4 - ok
04:19:24.0172 2552  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
04:19:24.0176 2552  IPBusEnum - ok
04:19:24.0228 2552  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:19:24.0231 2552  IpFilterDriver - ok
04:19:24.0274 2552  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
04:19:24.0295 2552  iphlpsvc - ok
04:19:24.0342 2552  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
04:19:24.0345 2552  IPMIDRV - ok
04:19:24.0380 2552  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
04:19:24.0383 2552  IPNAT - ok
04:19:24.0532 2552  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
04:19:24.0549 2552  iPod Service - ok
04:19:24.0585 2552  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
04:19:24.0611 2552  IRENUM - ok
04:19:24.0646 2552  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
04:19:24.0649 2552  isapnp - ok
04:19:24.0683 2552  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
04:19:24.0688 2552  iScsiPrt - ok
04:19:24.0729 2552  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
04:19:24.0730 2552  kbdclass - ok
04:19:24.0790 2552  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
04:19:24.0793 2552  kbdhid - ok
04:19:24.0815 2552  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
04:19:24.0817 2552  KeyIso - ok
04:19:24.0866 2552  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
04:19:24.0868 2552  KSecDD - ok
04:19:24.0930 2552  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
04:19:24.0934 2552  KSecPkg - ok
04:19:24.0953 2552  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
04:19:24.0954 2552  ksthunk - ok
04:19:24.0980 2552  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
04:19:24.0988 2552  KtmRm - ok
04:19:25.0039 2552  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
04:19:25.0046 2552  LanmanServer - ok
04:19:25.0084 2552  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:19:25.0090 2552  LanmanWorkstation - ok
04:19:25.0138 2552  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
04:19:25.0141 2552  lltdio - ok
04:19:25.0176 2552  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
04:19:25.0184 2552  lltdsvc - ok
04:19:25.0205 2552  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
04:19:25.0207 2552  lmhosts - ok
04:19:25.0268 2552  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
04:19:25.0272 2552  LSI_FC - ok
04:19:25.0307 2552  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
04:19:25.0310 2552  LSI_SAS - ok
04:19:25.0339 2552  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
04:19:25.0341 2552  LSI_SAS2 - ok
04:19:25.0356 2552  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
04:19:25.0359 2552  LSI_SCSI - ok
04:19:25.0398 2552  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
04:19:25.0401 2552  luafv - ok
04:19:25.0501 2552  [ E6CB119EF2E148EAA1A247343550756E ] McciCMService   C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
04:19:25.0508 2552  McciCMService - ok
04:19:25.0668 2552  [ BE3D584D7C021EB7D89166EECB83C341 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
04:19:25.0687 2552  McciCMService64 - ok
04:19:25.0743 2552  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
04:19:25.0745 2552  mcdbus - ok
04:19:25.0813 2552  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
04:19:25.0817 2552  Mcx2Svc - ok
04:19:25.0836 2552  [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
04:19:25.0838 2552  mdmxsdk - ok
04:19:25.0861 2552  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
04:19:25.0864 2552  megasas - ok
04:19:25.0909 2552  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
04:19:25.0915 2552  MegaSR - ok
04:19:25.0968 2552  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
04:19:25.0972 2552  MMCSS - ok
04:19:25.0986 2552  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
04:19:25.0989 2552  Modem - ok
04:19:26.0036 2552  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
04:19:26.0037 2552  monitor - ok
04:19:26.0071 2552  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
04:19:26.0072 2552  mouclass - ok
04:19:26.0126 2552  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
04:19:26.0128 2552  mouhid - ok
04:19:26.0172 2552  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
04:19:26.0174 2552  mountmgr - ok
04:19:26.0214 2552  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
04:19:26.0218 2552  mpio - ok
04:19:26.0239 2552  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
04:19:26.0242 2552  mpsdrv - ok
04:19:26.0291 2552  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
04:19:26.0336 2552  MpsSvc - ok
04:19:26.0383 2552  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
04:19:26.0385 2552  MREMP50 - ok
04:19:26.0461 2552  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
04:19:26.0463 2552  MRESP50 - ok
04:19:26.0511 2552  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
04:19:26.0515 2552  MRxDAV - ok
04:19:26.0554 2552  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
04:19:26.0558 2552  mrxsmb - ok
04:19:26.0642 2552  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:19:26.0649 2552  mrxsmb10 - ok
04:19:26.0693 2552  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:19:26.0697 2552  mrxsmb20 - ok
04:19:26.0753 2552  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
04:19:26.0755 2552  msahci - ok
04:19:26.0797 2552  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
04:19:26.0801 2552  msdsm - ok
04:19:26.0825 2552  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
04:19:26.0830 2552  MSDTC - ok
04:19:26.0863 2552  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
04:19:26.0865 2552  Msfs - ok
04:19:26.0883 2552  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
04:19:26.0884 2552  mshidkmdf - ok
04:19:26.0921 2552  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
04:19:26.0922 2552  msisadrv - ok
04:19:26.0982 2552  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
04:19:26.0988 2552  MSiSCSI - ok
04:19:26.0995 2552  msiserver - ok
04:19:27.0034 2552  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
04:19:27.0035 2552  MSKSSRV - ok
04:19:27.0094 2552  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
04:19:27.0096 2552  MSPCLOCK - ok
04:19:27.0110 2552  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
04:19:27.0113 2552  MSPQM - ok
04:19:27.0160 2552  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
04:19:27.0167 2552  MsRPC - ok
04:19:27.0211 2552  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
04:19:27.0211 2552  mssmbios - ok
04:19:27.0225 2552  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
04:19:27.0227 2552  MSTEE - ok
04:19:27.0256 2552  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
04:19:27.0257 2552  MTConfig - ok
04:19:27.0301 2552  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
04:19:27.0303 2552  Mup - ok
04:19:27.0381 2552  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
04:19:27.0399 2552  napagent - ok
04:19:27.0469 2552  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
04:19:27.0475 2552  NativeWifiP - ok
04:19:27.0558 2552  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
04:19:27.0597 2552  NDIS - ok
04:19:27.0635 2552  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
04:19:27.0638 2552  NdisCap - ok
04:19:27.0674 2552  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
04:19:27.0676 2552  NdisTapi - ok
04:19:27.0735 2552  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
04:19:27.0737 2552  Ndisuio - ok
04:19:27.0780 2552  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
04:19:27.0784 2552  NdisWan - ok
04:19:27.0823 2552  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
04:19:27.0826 2552  NDProxy - ok
04:19:27.0867 2552  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
04:19:27.0869 2552  NetBIOS - ok
04:19:27.0907 2552  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
04:19:27.0912 2552  NetBT - ok
04:19:27.0928 2552  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
04:19:27.0930 2552  Netlogon - ok
04:19:27.0990 2552  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
04:19:27.0999 2552  Netman - ok
04:19:28.0015 2552  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
04:19:28.0025 2552  netprofm - ok
04:19:28.0058 2552  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:19:28.0061 2552  NetTcpPortSharing - ok
04:19:28.0218 2552  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
04:19:28.0364 2552  netw5v64 - ok
04:19:28.0435 2552  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
04:19:28.0438 2552  nfrd960 - ok
04:19:28.0486 2552  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
04:19:28.0494 2552  NlaSvc - ok
04:19:28.0517 2552  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
04:19:28.0519 2552  Npfs - ok
04:19:28.0547 2552  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
04:19:28.0550 2552  nsi - ok
04:19:28.0568 2552  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
04:19:28.0569 2552  nsiproxy - ok
04:19:28.0692 2552  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
04:19:28.0749 2552  Ntfs - ok
04:19:28.0761 2552  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
04:19:28.0763 2552  Null - ok
04:19:28.0817 2552  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
04:19:28.0822 2552  nvraid - ok
04:19:28.0878 2552  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
04:19:28.0883 2552  nvstor - ok
04:19:28.0950 2552  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
04:19:28.0954 2552  nv_agp - ok
04:19:29.0048 2552  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
04:19:29.0056 2552  odserv - ok
04:19:29.0101 2552  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
04:19:29.0104 2552  ohci1394 - ok
04:19:29.0161 2552  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:19:29.0165 2552  ose - ok
04:19:29.0224 2552  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
04:19:29.0232 2552  p2pimsvc - ok
04:19:29.0275 2552  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
04:19:29.0294 2552  p2psvc - ok
04:19:29.0323 2552  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
04:19:29.0326 2552  Parport - ok
04:19:29.0367 2552  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
04:19:29.0369 2552  partmgr - ok
04:19:29.0390 2552  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
04:19:29.0396 2552  PcaSvc - ok
04:19:29.0444 2552  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
04:19:29.0447 2552  pci - ok
04:19:29.0496 2552  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
04:19:29.0498 2552  pciide - ok
04:19:29.0533 2552  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
04:19:29.0538 2552  pcmcia - ok
04:19:29.0595 2552  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
04:19:29.0597 2552  pcw - ok
04:19:29.0632 2552  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
04:19:29.0653 2552  PEAUTH - ok
04:19:29.0690 2552  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
04:19:29.0693 2552  PerfHost - ok
04:19:29.0770 2552  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
04:19:29.0826 2552  pla - ok
04:19:29.0884 2552  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
04:19:29.0902 2552  PlugPlay - ok
04:19:29.0913 2552  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
04:19:29.0917 2552  PNRPAutoReg - ok
04:19:29.0936 2552  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
04:19:29.0941 2552  PNRPsvc - ok
04:19:29.0976 2552  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
04:19:29.0984 2552  PolicyAgent - ok
04:19:30.0026 2552  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
04:19:30.0031 2552  Power - ok
04:19:30.0087 2552  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
04:19:30.0090 2552  PptpMiniport - ok
04:19:30.0109 2552  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
04:19:30.0111 2552  Processor - ok
04:19:30.0155 2552  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
04:19:30.0159 2552  ProfSvc - ok
04:19:30.0175 2552  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:19:30.0176 2552  ProtectedStorage - ok
04:19:30.0231 2552  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
04:19:30.0234 2552  Psched - ok
04:19:30.0260 2552  [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
04:19:30.0262 2552  PxHlpa64 - ok
04:19:30.0343 2552  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
04:19:30.0389 2552  ql2300 - ok
04:19:30.0427 2552  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
04:19:30.0431 2552  ql40xx - ok
04:19:30.0461 2552  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
04:19:30.0468 2552  QWAVE - ok
04:19:30.0496 2552  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
04:19:30.0498 2552  QWAVEdrv - ok
04:19:30.0511 2552  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
04:19:30.0514 2552  RasAcd - ok
04:19:30.0570 2552  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
04:19:30.0572 2552  RasAgileVpn - ok
04:19:30.0641 2552  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
04:19:30.0646 2552  RasAuto - ok
04:19:30.0684 2552  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
04:19:30.0686 2552  Rasl2tp - ok
04:19:30.0732 2552  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
04:19:30.0742 2552  RasMan - ok
04:19:30.0761 2552  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
04:19:30.0763 2552  RasPppoe - ok
04:19:30.0808 2552  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
04:19:30.0810 2552  RasSstp - ok
04:19:30.0854 2552  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
04:19:30.0861 2552  rdbss - ok
04:19:30.0894 2552  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
04:19:30.0896 2552  rdpbus - ok
04:19:30.0915 2552  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
04:19:30.0916 2552  RDPCDD - ok
04:19:30.0962 2552  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
04:19:30.0963 2552  RDPENCDD - ok
04:19:30.0985 2552  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
04:19:30.0986 2552  RDPREFMP - ok
04:19:31.0032 2552  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
04:19:31.0037 2552  RDPWD - ok
04:19:31.0099 2552  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
04:19:31.0104 2552  rdyboost - ok
04:19:31.0130 2552  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
04:19:31.0134 2552  RemoteAccess - ok
04:19:31.0162 2552  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
04:19:31.0168 2552  RemoteRegistry - ok
04:19:31.0186 2552  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
04:19:31.0191 2552  RFCOMM - ok
04:19:31.0245 2552  [ 258AADB43E3F3468B5CF8CB0F84872C2 ] rimsptsk        C:\Windows\system32\DRIVERS\rimssn64.sys
04:19:31.0248 2552  rimsptsk - ok
04:19:31.0313 2552  [ 71E182A0DE1CECB3F912960716345405 ] risdptsk        C:\Windows\system32\DRIVERS\risdsn64.sys
04:19:31.0316 2552  risdptsk - ok
04:19:31.0370 2552  [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
04:19:31.0377 2552  Roxio UPnP Renderer 10 - ok
04:19:31.0423 2552  [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
04:19:31.0430 2552  Roxio Upnp Server 10 - ok
04:19:31.0478 2552  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
04:19:31.0482 2552  RpcEptMapper - ok
04:19:31.0506 2552  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
04:19:31.0508 2552  RpcLocator - ok
04:19:31.0560 2552  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
04:19:31.0567 2552  RpcSs - ok
04:19:31.0591 2552  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
04:19:31.0594 2552  rspndr - ok
04:19:31.0656 2552  [ 34F05C417F038FFA3BEF69B798D7D7DD ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
04:19:31.0661 2552  RTHDMIAzAudService - ok
04:19:31.0718 2552  [ 01E6A1E53E39A0B1E2B6AE62BF52E8EC ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
04:19:31.0723 2552  RtkAudioService - ok
04:19:31.0798 2552  [ 9A5FB8DE6567BC86FCCDE2F0336857A3 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
04:19:31.0803 2552  SampleCollector - ok
04:19:31.0854 2552  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
04:19:31.0856 2552  SamSs - ok
04:19:31.0911 2552  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
04:19:31.0915 2552  sbp2port - ok
04:19:31.0980 2552  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
04:19:31.0986 2552  SCardSvr - ok
04:19:32.0032 2552  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
04:19:32.0034 2552  scfilter - ok
04:19:32.0089 2552  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
04:19:32.0151 2552  Schedule - ok
04:19:32.0187 2552  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
04:19:32.0189 2552  SCPolicySvc - ok
04:19:32.0237 2552  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
04:19:32.0240 2552  sdbus - ok
04:19:32.0281 2552  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
04:19:32.0287 2552  SDRSVC - ok
04:19:32.0359 2552  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
04:19:32.0361 2552  secdrv - ok
04:19:32.0415 2552  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
04:19:32.0418 2552  seclogon - ok
04:19:32.0456 2552  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
04:19:32.0460 2552  SENS - ok
04:19:32.0511 2552  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
04:19:32.0514 2552  SensrSvc - ok
04:19:32.0567 2552  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
04:19:32.0570 2552  Serenum - ok
04:19:32.0640 2552  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
04:19:32.0643 2552  Serial - ok
04:19:32.0676 2552  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
04:19:32.0679 2552  sermouse - ok
04:19:32.0726 2552  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
04:19:32.0730 2552  SessionEnv - ok
04:19:32.0774 2552  [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
04:19:32.0775 2552  SFEP - ok
04:19:32.0816 2552  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
04:19:32.0818 2552  sffdisk - ok
04:19:32.0845 2552  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
04:19:32.0847 2552  sffp_mmc - ok
04:19:32.0866 2552  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
04:19:32.0868 2552  sffp_sd - ok
04:19:32.0929 2552  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
04:19:32.0931 2552  sfloppy - ok
04:19:32.0963 2552  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
04:19:32.0971 2552  SharedAccess - ok
04:19:33.0025 2552  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:19:33.0046 2552  ShellHWDetection - ok
04:19:33.0101 2552  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
04:19:33.0104 2552  SiSRaid2 - ok
04:19:33.0125 2552  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
04:19:33.0128 2552  SiSRaid4 - ok
04:19:33.0188 2552  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
04:19:33.0191 2552  Smb - ok
04:19:33.0248 2552  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
04:19:33.0252 2552  SNMPTRAP - ok
04:19:33.0363 2552  [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
04:19:33.0367 2552  SOHCImp - ok
04:19:33.0427 2552  [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
04:19:33.0430 2552  SOHDBSvr - ok
04:19:33.0460 2552  [ 556681BE668D71DC162391A45422B52C ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
04:19:33.0479 2552  SOHDms - ok
04:19:33.0499 2552  [ 72B46103E4111439109ACF5882627C24 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
04:19:33.0503 2552  SOHDs - ok
04:19:33.0523 2552  [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
04:19:33.0527 2552  SOHPlMgr - ok
04:19:33.0563 2552  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
04:19:33.0564 2552  spldr - ok
04:19:33.0616 2552  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
04:19:33.0637 2552  Spooler - ok
04:19:33.0750 2552  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
04:19:33.0853 2552  sppsvc - ok
04:19:33.0876 2552  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
04:19:33.0879 2552  sppuinotify - ok
04:19:33.0922 2552  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
04:19:33.0929 2552  srv - ok
04:19:33.0953 2552  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
04:19:33.0959 2552  srv2 - ok
04:19:33.0993 2552  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
04:19:33.0999 2552  SrvHsfHDA - ok
04:19:34.0102 2552  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
04:19:34.0145 2552  SrvHsfV92 - ok
04:19:34.0179 2552  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
04:19:34.0212 2552  SrvHsfWinac - ok
04:19:34.0237 2552  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
04:19:34.0242 2552  srvnet - ok
04:19:34.0301 2552  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
04:19:34.0307 2552  SSDPSRV - ok
04:19:34.0322 2552  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
04:19:34.0327 2552  SstpSvc - ok
04:19:34.0357 2552  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
04:19:34.0359 2552  stexstor - ok
04:19:34.0443 2552  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
04:19:34.0466 2552  stisvc - ok
04:19:34.0506 2552  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
04:19:34.0507 2552  swenum - ok
04:19:34.0534 2552  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
04:19:34.0552 2552  swprv - ok
04:19:34.0669 2552  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
04:19:34.0749 2552  SysMain - ok
04:19:34.0813 2552  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:19:34.0816 2552  TabletInputService - ok
04:19:34.0875 2552  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
04:19:34.0884 2552  TapiSrv - ok
04:19:34.0908 2552  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
04:19:34.0912 2552  TBS - ok
04:19:35.0018 2552  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
04:19:35.0091 2552  Tcpip - ok
04:19:35.0168 2552  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
04:19:35.0179 2552  TCPIP6 - ok
04:19:35.0220 2552  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
04:19:35.0222 2552  tcpipreg - ok
04:19:35.0287 2552  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
04:19:35.0289 2552  TDPIPE - ok
04:19:35.0326 2552  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
04:19:35.0328 2552  TDTCP - ok
04:19:35.0393 2552  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
04:19:35.0396 2552  tdx - ok
04:19:35.0537 2552  [ 2A96C8FA665C02E6AD596C321B583112 ] TeamViewer5     C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
04:19:35.0541 2552  TeamViewer5 - ok
04:19:35.0644 2552  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
04:19:35.0646 2552  TermDD - ok
04:19:35.0701 2552  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
04:19:35.0722 2552  TermService - ok
04:19:35.0777 2552  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
04:19:35.0782 2552  Themes - ok
04:19:35.0831 2552  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
04:19:35.0833 2552  THREADORDER - ok
04:19:35.0896 2552  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
04:19:35.0901 2552  TrkWks - ok
04:19:35.0970 2552  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:19:35.0974 2552  TrustedInstaller - ok
04:19:36.0013 2552  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
04:19:36.0015 2552  tssecsrv - ok
04:19:36.0078 2552  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
04:19:36.0081 2552  TsUsbFlt - ok
04:19:36.0141 2552  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
04:19:36.0144 2552  tunnel - ok
04:19:36.0161 2552  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
04:19:36.0164 2552  uagp35 - ok
04:19:36.0254 2552  [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
04:19:36.0257 2552  uCamMonitor - ok
04:19:36.0299 2552  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
04:19:36.0306 2552  udfs - ok
04:19:36.0351 2552  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
04:19:36.0355 2552  UI0Detect - ok
04:19:36.0405 2552  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
04:19:36.0407 2552  uliagpkx - ok
04:19:36.0447 2552  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
04:19:36.0449 2552  umbus - ok
04:19:36.0496 2552  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
04:19:36.0498 2552  UmPass - ok
04:19:36.0529 2552  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
04:19:36.0549 2552  upnphost - ok
04:19:36.0650 2552  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
04:19:36.0653 2552  USBAAPL64 - ok
04:19:36.0718 2552  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
04:19:36.0721 2552  usbccgp - ok
04:19:36.0773 2552  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
04:19:36.0776 2552  usbcir - ok
04:19:36.0815 2552  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
04:19:36.0818 2552  usbehci - ok
04:19:36.0869 2552  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
04:19:36.0876 2552  usbhub - ok
04:19:36.0922 2552  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
04:19:36.0924 2552  usbohci - ok
04:19:36.0971 2552  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
04:19:36.0974 2552  usbprint - ok
04:19:37.0024 2552  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
04:19:37.0026 2552  usbscan - ok
04:19:37.0067 2552  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:19:37.0070 2552  USBSTOR - ok
04:19:37.0110 2552  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
04:19:37.0112 2552  usbuhci - ok
04:19:37.0176 2552  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
04:19:37.0181 2552  usbvideo - ok
04:19:37.0211 2552  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
04:19:37.0215 2552  UxSms - ok
04:19:37.0335 2552  [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
04:19:37.0338 2552  VAIO Entertainment TV Device Arbitration Service - ok
04:19:37.0552 2552  [ D4197CF0C8567046FD4AF28FF47AF528 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
04:19:37.0556 2552  VAIO Event Service - ok
04:19:37.0711 2552  [ 2D6605C1F0BBD0F71A4CB3A5B1E07240 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
04:19:37.0719 2552  VAIO Power Management - ok
04:19:37.0757 2552  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
04:19:37.0760 2552  VaultSvc - ok
04:19:37.0914 2552  [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
04:19:37.0936 2552  VCFw - ok
04:19:38.0032 2552  [ 34063C0B842E73662067F9B03947C55C ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
04:19:38.0050 2552  VcmIAlzMgr - ok
04:19:38.0103 2552  [ A8F5D1651A324ABC6C308891A1252EE3 ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
04:19:38.0110 2552  VcmINSMgr - ok
04:19:38.0239 2552  [ DB544B487F360128DC1C383E0A6FCC2F ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
04:19:38.0243 2552  VcmXmlIfHelper - ok
04:19:38.0248 2552  Vcsw - ok
04:19:38.0305 2552  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
04:19:38.0307 2552  vdrvroot - ok
04:19:38.0363 2552  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
04:19:38.0384 2552  vds - ok
04:19:38.0431 2552  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
04:19:38.0433 2552  vga - ok
04:19:38.0485 2552  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
04:19:38.0487 2552  VgaSave - ok
04:19:38.0533 2552  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
04:19:38.0538 2552  vhdmp - ok
04:19:38.0576 2552  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
04:19:38.0579 2552  viaide - ok
04:19:38.0619 2552  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
04:19:38.0621 2552  volmgr - ok
04:19:38.0669 2552  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
04:19:38.0676 2552  volmgrx - ok
04:19:38.0724 2552  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
04:19:38.0730 2552  volsnap - ok
04:19:38.0787 2552  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
04:19:38.0792 2552  vsmraid - ok
04:19:38.0864 2552  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
04:19:38.0939 2552  VSS - ok
04:19:38.0975 2552  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
04:19:38.0977 2552  vwifibus - ok
04:19:39.0053 2552  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
04:19:39.0056 2552  vwififlt - ok
04:19:39.0102 2552  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
04:19:39.0104 2552  vwifimp - ok
04:19:39.0122 2552  [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc        C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
04:19:39.0127 2552  VzCdbSvc - ok
04:19:39.0163 2552  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
04:19:39.0184 2552  W32Time - ok
04:19:39.0217 2552  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
04:19:39.0220 2552  WacomPen - ok
04:19:39.0260 2552  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
04:19:39.0263 2552  WANARP - ok
04:19:39.0292 2552  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
04:19:39.0294 2552  Wanarpv6 - ok
04:19:39.0406 2552  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
04:19:39.0463 2552  WatAdminSvc - ok
04:19:39.0534 2552  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
04:19:39.0601 2552  wbengine - ok
04:19:39.0670 2552  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
04:19:39.0676 2552  WbioSrvc - ok
04:19:39.0747 2552  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
04:19:39.0757 2552  wcncsvc - ok
04:19:39.0779 2552  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:19:39.0783 2552  WcsPlugInService - ok
04:19:39.0810 2552  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
04:19:39.0812 2552  Wd - ok
04:19:39.0862 2552  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
04:19:39.0880 2552  Wdf01000 - ok
04:19:39.0923 2552  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
04:19:39.0927 2552  WdiServiceHost - ok
04:19:39.0931 2552  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
04:19:39.0934 2552  WdiSystemHost - ok
04:19:39.0999 2552  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
04:19:40.0007 2552  WebClient - ok
04:19:40.0037 2552  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
04:19:40.0044 2552  Wecsvc - ok
04:19:40.0067 2552  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
04:19:40.0071 2552  wercplsupport - ok
04:19:40.0122 2552  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
04:19:40.0127 2552  WerSvc - ok
04:19:40.0155 2552  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
04:19:40.0156 2552  WfpLwf - ok
04:19:40.0180 2552  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
04:19:40.0182 2552  WIMMount - ok
04:19:40.0220 2552  WinDefend - ok
04:19:40.0243 2552  WinHttpAutoProxySvc - ok
04:19:40.0313 2552  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
04:19:40.0319 2552  Winmgmt - ok
04:19:40.0410 2552  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
04:19:40.0497 2552  WinRM - ok
04:19:40.0594 2552  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
04:19:40.0618 2552  WinUsb - ok
04:19:40.0670 2552  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
04:19:40.0732 2552  Wlansvc - ok
04:19:40.0794 2552  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
04:19:40.0797 2552  WmiAcpi - ok
04:19:40.0851 2552  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
04:19:40.0856 2552  wmiApSrv - ok
04:19:40.0910 2552  WMPNetworkSvc - ok
04:19:40.0926 2552  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
04:19:40.0930 2552  WPCSvc - ok
04:19:40.0971 2552  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
04:19:40.0977 2552  WPDBusEnum - ok
04:19:41.0012 2552  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
04:19:41.0014 2552  ws2ifsl - ok
04:19:41.0033 2552  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
04:19:41.0038 2552  wscsvc - ok
04:19:41.0044 2552  WSearch - ok
04:19:41.0187 2552  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
04:19:41.0288 2552  wuauserv - ok
04:19:41.0330 2552  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
04:19:41.0333 2552  WudfPf - ok
04:19:41.0390 2552  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
04:19:41.0395 2552  WUDFRd - ok
04:19:41.0436 2552  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
04:19:41.0441 2552  wudfsvc - ok
04:19:41.0506 2552  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
04:19:41.0514 2552  WwanSvc - ok
04:19:41.0558 2552  [ E8F3FA126A06F8E7088F63757112A186 ] XAudio          C:\Windows\system32\DRIVERS\XAudio64.sys
04:19:41.0560 2552  XAudio - ok
04:19:41.0647 2552  [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
04:19:41.0654 2552  yukonw7 - ok
04:19:41.0692 2552  ================ Scan global ===============================
04:19:41.0723 2552  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
04:19:41.0763 2552  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
04:19:41.0819 2552  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
04:19:41.0851 2552  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
04:19:41.0885 2552  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
04:19:41.0891 2552  [Global] - ok
04:19:41.0892 2552  ================ Scan MBR ==================================
04:19:41.0907 2552  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:19:42.0176 2552  \Device\Harddisk0\DR0 - ok
04:19:42.0183 2552  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
04:19:44.0729 2552  \Device\Harddisk3\DR3 - ok
04:19:44.0730 2552  ================ Scan VBR ==================================
04:19:44.0753 2552  [ 846E8197E783E4025E8BB816EB703DE3 ] \Device\Harddisk0\DR0\Partition1
04:19:44.0754 2552  \Device\Harddisk0\DR0\Partition1 - ok
04:19:44.0766 2552  [ DE18234D06D97F8EFDB4943E2DBAA39E ] \Device\Harddisk0\DR0\Partition2
04:19:44.0768 2552  \Device\Harddisk0\DR0\Partition2 - ok
04:19:44.0771 2552  [ 7F8181A25AB2559414E6FE1654D9F855 ] \Device\Harddisk3\DR3\Partition1
04:19:44.0773 2552  \Device\Harddisk3\DR3\Partition1 - ok
04:19:44.0774 2552  ============================================================
04:19:44.0774 2552  Scan finished
04:19:44.0774 2552  ============================================================
04:19:44.0785 5460  Detected object count: 0
04:19:44.0785 5460  Actual detected object count: 0



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 15 June 2013 - 08:22 AM

Are you able to connect to the internet?

How is your machine behaving?


Edited by TB-Psychotic, 15 June 2013 - 08:22 AM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 JHan816

JHan816
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Massachusetts USA
  • Local time:01:07 PM

Posted 15 June 2013 - 11:57 AM

Everything is running normally. I can connect to the internet with internet explorer and malwarebytes is able to update over the internet.



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 16 June 2013 - 03:02 PM

Fine - let´s cross check:

 

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Edited by TB-Psychotic, 16 June 2013 - 03:02 PM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users