Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bamital, according to ISP


  • This topic is locked This topic is locked
20 replies to this topic

#1 JakeP03

JakeP03

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 25 June 2013 - 03:24 PM

Hello,

 

I am having some trouble with some very nasty bugs.  I have a Vista 32 bit system running AVG, but still using the Windows firewall.

 

I found a Dropper.XXXX something or other that AVG can never clean.  While researching I received emails from CenturyLink saying that I have traffic coming from my network trying to attack others.  They said it has the signature of Bamital or Ramnit-A (same thing?), but I've not seen any thing called Bamital on my system yet.  

 

I tried an AVG remove tool which hung up trying to scan and remove a problem, but before it did so, I could see many files it called corrupted and a couple it could not open to scan, including the pagefile.sys. 

 

I didn't have internet for a while and didn't catch the warnings to not touch your fixes until directed. I downloaded via friend and thumbdrive some of the fixes recommended to others, including Combofix, which found and repaired some files, and Malwarebytes which hung up with blue screen and all.  I have a good restore point from before I did so.

 

One note, we couldn't ever seem to get rid of or uninstall the original Norton that came with this PC and I have found many of its software running even while using the AVG and expect that to be a problem that I'll have to remedy.  I tried again to uninstall via the control panel, without success.

 

Your guiding hand will be greatly appreciated, as well as a smack upside my head if needed.

 

Jake 



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:35 PM

Posted 25 June 2013 - 08:41 PM

Please download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.

  • Press Scan button.

  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 25 June 2013 - 09:55 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-06-2013 02
Ran by Administrator2 (administrator) on 25-06-2013 20:48:23
Running from C:\Users\Administrator2\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Symantec Corporation) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcfgex.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe [1441792 2007-03-02] ()
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [KBD] C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [213936 2006-03-20] (Macrovision Corporation)
HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [178712 2008-06-02] (Intel Corporation)
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [CCUTRAYICON] FactoryMode [x]
HKLM\...\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe [44168 2007-03-07] (soft thinks)
HKCU\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-10] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [213936 2006-03-20] (Macrovision Corporation)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [68856 2008-06-06] (Google Inc.)
HKCU\...\Run: [743E7EAAED691B3A136FBF0E902FB592133D6142._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service [825808 2013-06-14] (Google Inc.)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [ 2009-08-05] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [ 2009-08-05] (Hewlett-Packard)
HKU\IUSR_NMPR\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart [x]
HKU\IUSR_NMPR\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [ 2006-03-20] (Macrovision Corporation)
HKU\IUSR_NMPR\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-18] (Microsoft Corporation)
HKU\Jake\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\Jake\...\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart [x]
HKU\Jake\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [ 2006-03-20] (Macrovision Corporation)
HKU\Jake\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-18] (Microsoft Corporation)
HKU\Jake\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [x]
HKU\Jake\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Jake\...\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [ 2013-04-05] (Apple Inc.)
HKU\Jake\...\Run: [ROC_ROC_APR2013_AV] C:\Users\Jake\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 3c340938b6216b4bc614f880b61f617c-90b1dd07b126b3fa543d7037971062c2b2ea0337 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x]
HKU\Jake\...\Run: [5B9CFF9BD2941C25511556B12EFDFA6ED1A6AD6B._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service [ 2013-06-14] (Google Inc.)
HKU\Stacey\...\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY [ 2009-08-05] (Hewlett-Packard)
HKU\Stacey\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [x]
HKU\Stacey\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\Stacey\...\Run: [AdobeBridge]  [x]
HKU\Stacey\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet [ 2010-06-01] (Yahoo! Inc.)
HKU\Stacey\...\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup [ 2009-12-10] (OLYMPUS IMAGING CORP.)
HKU\Stacey\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [ 2006-03-20] (Macrovision Corporation)
HKU\Stacey\...\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart [x]
HKU\Stacey\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Stacey\...\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [ 2013-04-05] (Apple Inc.)
HKU\Stacey\...\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [ 2013-04-05] (Apple Inc.)
HKU\Stacey\...\Run: [GoogleChromeAutoLaunch_8A476F96FC05C902631439517CC64C7C] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [ 2013-06-14] (Google Inc.)
HKU\Stacey\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-18] (Microsoft Corporation)
HKU\Stacey\...\Run: [AmazonMP3DownloaderHelper] C:\Users\Stacey\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [ 2013-04-05] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Snapfish Media Detector.lnk
ShortcutTarget: Snapfish Media Detector.lnk -> C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe ()
Startup: C:\Users\Stacey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Administrator2\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {C790C60B-F898-424D-9692-C89B32BAF1AA} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {D05B408F-B43B-4876-A7F5-03AD5866C742} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {088786F7-11D1-4CCB-96DD-1C56EEB84AD2} URL = http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKCU - {88845848-EC35-4136-A1F4-333F02699C77} URL = http://www.facebook.com/search/?src=os&q={searchTerms}
SearchScopes: HKCU - {AE33768E-05B9-4007-BF3C-6849B687C300} URL = 
SearchScopes: HKCU - {C6F6D841-858E-410E-87F0-34BCE5F1AB69} URL = http://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
SearchScopes: HKCU - {C790C60B-F898-424D-9692-C89B32BAF1AA} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKCU - {D05B408F-B43B-4876-A7F5-03AD5866C742} URL = 
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll (Symantec Corporation)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgreens.com/WalgreensActivia.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUplden-us.cab
DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.walmart.com/installer/install.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} https://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/", "https://my.unm.edu/cp/home/displaylogin", "hxxp://www.nbcnews.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Users\Administrator2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.210.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U21) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks Rhapsody Player Engine) - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
CHR Plugin: (eMusic Remote Plugin) - C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Administrator2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Administrator2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Administrator2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Administrator2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
========================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor8.0; C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-09-06] (Adobe Systems Incorporated)
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel® Corporation)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
R2 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
R2 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49248 2007-01-12] (Symantec Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel® Corporation)
S3 ISPwdSvc; c:\Program Files\Norton Internet Security\isPwdSvc.exe [80504 2007-01-13] (Symantec Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel® Corporation)
R2 LiveUpdate Notice Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-09] (Symantec Corporation)
S2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll [537992 2008-04-10] (Symantec Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel® Corporation)
S3 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28933976 2006-04-14] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2808664 2007-02-22] (Microsoft Corporation)
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel® Corporation)
R3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1252232 2007-11-04] ()
R2 SymAppCore; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [47712 2007-01-04] (Symantec Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [170808 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [245048 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2010-02-15] (Avanquest Software)
R1 IDSvix86; C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20071116.001\IDSvix86.sys [180272 2007-11-06] (Symantec Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [31560 2013-06-25] ()
S3 mbamswissarmy; C:\Windows\system32\drivers\mbamswissarmy.sys [146648 2013-06-25] (Malwarebytes Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-14] (OLYMPUS IMAGING CORP.)
R3 RT2500; C:\Windows\System32\DRIVERS\RT2500.sys [243328 2005-10-20] (Ralink Technology Inc.)
S3 SQTECH9051; C:\Windows\System32\Drivers\Capt9051.sys [41216 2008-02-14] (Service & Quality Technology.)
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [12984 2007-01-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [123952 2007-09-20] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [145976 2007-01-09] (Symantec Corporation)
R3 SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [40120 2007-01-09] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [38200 2007-01-09] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [27576 2007-01-09] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [191544 2007-01-09] (Symantec Corporation)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [186592 2009-01-17] (Jungo)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-06-25 20:47 - 2013-06-25 20:47 - 01370251 ____A (Farbar) C:\Users\Administrator2\Downloads\FRST.exe
2013-06-25 20:47 - 2013-06-25 20:47 - 00000000 ____D C:\FRST
2013-06-25 13:35 - 2013-06-25 13:35 - 00140416 ____A C:\Windows\Minidump\Mini062513-03.dmp
2013-06-25 13:05 - 2013-06-25 13:06 - 01814144 ____A (Bleeping Computer, LLC) C:\Users\Administrator2\Downloads\rkill.exe
2013-06-25 13:01 - 2013-06-25 13:02 - 00140416 ____A C:\Windows\Minidump\Mini062513-02.dmp
2013-06-25 12:51 - 2013-06-25 13:19 - 00146648 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2013-06-25 12:51 - 2013-06-25 13:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-25 12:50 - 2013-06-25 12:50 - 00031560 ____A C:\Windows\System32\Drivers\mbamchameleon.sys
2013-06-25 12:49 - 2013-06-25 12:49 - 00000000 ____D C:\Users\Administrator2\Downloads\mbar-1.06.0.1004
2013-06-25 12:47 - 2013-06-25 12:48 - 13399154 ____A C:\Users\Administrator2\Downloads\mbar-1.06.0.1004.zip
2013-06-25 10:48 - 2013-06-25 10:48 - 00029602 ____A C:\Users\Administrator2\Documents\Attach.txt
2013-06-25 10:48 - 2013-06-25 10:48 - 00022355 ____A C:\Users\Administrator2\Documents\DDS.txt
2013-06-25 10:47 - 2013-06-25 10:47 - 00029602 ____A C:\Users\Administrator2\Desktop\attach.txt
2013-06-25 10:47 - 2013-06-25 10:47 - 00022355 ____A C:\Users\Administrator2\Desktop\dds.txt
2013-06-25 09:49 - 2013-06-25 09:50 - 00035450 ____A C:\ProgramData\LUUnInstall.LiveUpdate
2013-06-25 09:15 - 2013-06-25 09:15 - 00016853 ____A C:\ComboFix.txt
2013-06-25 08:53 - 2013-06-25 09:15 - 00000000 ____D C:\Comfix.exe11796C
2013-06-25 08:52 - 2013-06-25 08:52 - 00000000 ____D C:\Comfix.exe6233C
2013-06-25 07:23 - 2013-06-25 07:23 - 00140416 ____A C:\Windows\Minidump\Mini062513-01.dmp
2013-06-24 16:21 - 2013-06-24 16:21 - 00000000 ____D C:\Users\Administrator2\AppData\Roaming\Malwarebytes
2013-06-24 16:20 - 2013-06-24 16:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-24 16:20 - 2013-06-24 16:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-24 16:20 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-24 16:19 - 2013-06-24 16:19 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Administrator2\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-24 16:16 - 2013-06-24 16:16 - 00000000 ____D C:\Program Files\OI App Manager
2013-06-24 16:16 - 2013-06-24 16:16 - 00000000 ____D C:\Program Files\7-Zip
2013-06-24 15:37 - 2013-06-24 15:37 - 00069518 ____A C:\Users\Administrator2\Downloads\Extras.Txt
2013-06-24 15:35 - 2013-06-24 16:02 - 00171648 ____A C:\Users\Administrator2\Downloads\OTL.Txt
2013-06-24 14:49 - 2013-06-24 15:17 - 00000000 ____D C:\Comfix.exe
2013-06-24 14:17 - 2013-06-24 14:17 - 00602112 ____A (OldTimer Tools) C:\Users\Administrator2\Downloads\OTL.exe
2013-06-24 13:57 - 2011-06-26 00:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-24 13:57 - 2010-11-07 11:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-24 13:57 - 2009-04-19 22:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-24 13:57 - 2000-08-30 18:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-24 13:57 - 2000-08-30 18:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-24 13:57 - 2000-08-30 18:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-24 13:57 - 2000-08-30 18:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-24 13:57 - 2000-08-30 18:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-24 13:56 - 2013-06-25 09:15 - 00000000 ____D C:\Qoobox
2013-06-24 13:54 - 2013-06-24 15:16 - 00000000 ____D C:\Windows\erdnt
2013-06-24 13:52 - 2013-06-24 14:18 - 05082330 ____R (Swearware) C:\Users\Administrator2\Downloads\Comfix.exe.exe
2013-06-21 15:38 - 2013-06-21 15:38 - 00000000 ____D C:\Users\Jake\Documents\WDC
2013-06-21 15:38 - 2013-06-21 15:38 - 00000000 ____D C:\Program Files\Western Digital Corporation
2013-06-21 09:33 - 2012-02-29 09:11 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-06-21 09:33 - 2012-02-29 09:09 - 00157696 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-06-21 09:33 - 2012-02-29 07:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-06-21 09:15 - 2013-06-21 09:15 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-21 09:15 - 2013-06-21 09:15 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-21 09:15 - 2013-06-21 09:15 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-21 09:15 - 2013-06-21 09:15 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-21 09:15 - 2013-06-21 09:15 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-21 09:15 - 2013-06-21 09:15 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-21 09:13 - 2013-06-21 09:13 - 02873344 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01554432 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01075712 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01068544 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01029120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00979456 ____A (Microsoft Corporation) C:\Windows\System32\MFH264Dec.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00847360 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00797184 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00667648 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
2013-06-21 09:13 - 2013-06-21 09:13 - 00586240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00357376 ____A (Microsoft Corporation) C:\Windows\System32\MFHEAACdec.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4src.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2013-06-21 09:13 - 2013-06-21 09:13 - 00219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelineprxy.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00974848 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00369664 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\dxdiag.exe
2013-06-21 09:11 - 2013-06-21 09:11 - 00195584 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00189440 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-21 08:23 - 2012-12-16 07:12 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-06-21 08:23 - 2012-12-16 04:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-06-20 20:08 - 2013-05-07 22:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-20 20:08 - 2011-10-14 10:03 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\winmm.dll
2013-06-20 20:08 - 2011-10-14 10:00 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\mciseq.dll
2013-06-20 20:08 - 2011-07-29 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-06-20 20:08 - 2011-07-29 10:01 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-06-20 20:08 - 2011-07-29 10:00 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2013-06-20 20:08 - 2011-07-29 10:00 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2013-06-20 20:07 - 2012-05-11 09:57 - 00623616 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-06-20 20:07 - 2011-11-18 14:23 - 01205064 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-06-20 20:06 - 2013-04-15 08:20 - 00638328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-06-20 20:06 - 2013-04-13 04:56 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-06-20 20:06 - 2012-11-02 04:18 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-06-20 20:06 - 2012-11-02 02:26 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-06-20 20:06 - 2012-09-25 10:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-06-20 20:06 - 2012-08-21 05:47 - 00224640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-06-20 20:06 - 2012-06-29 10:01 - 00467968 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-06-20 20:06 - 2012-06-08 11:47 - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-06-20 20:06 - 2012-03-20 17:28 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-06-20 20:06 - 2011-11-18 11:47 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-06-20 20:06 - 2011-10-14 10:02 - 00429056 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-06-20 20:05 - 2013-05-01 22:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-20 20:05 - 2013-05-01 22:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-20 20:05 - 2013-03-03 13:07 - 01082232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-06-20 20:05 - 2012-11-19 22:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-06-20 20:05 - 2012-11-07 21:48 - 01314816 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-06-20 20:05 - 2012-09-28 10:11 - 00892928 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-20 20:05 - 2012-08-24 09:53 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-06-20 20:05 - 2011-12-14 10:17 - 00680448 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-06-20 20:04 - 2013-04-23 22:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-20 20:04 - 2013-04-23 22:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-20 20:04 - 2013-04-23 22:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-20 20:04 - 2013-04-23 22:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-20 20:04 - 2013-04-23 19:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-20 20:04 - 2012-11-12 19:29 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-06-20 20:04 - 2012-11-02 04:19 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-20 20:04 - 2012-06-05 10:47 - 01248768 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-06-20 20:04 - 2011-11-16 10:23 - 00377344 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-06-20 20:04 - 2011-10-25 09:58 - 00497152 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-06-20 20:04 - 2011-08-25 10:15 - 00555520 ____A (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2013-06-20 20:04 - 2011-08-25 10:14 - 00563712 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-06-20 20:04 - 2011-08-25 10:14 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-06-20 20:04 - 2011-08-25 07:31 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\oleaccrc.dll
2013-06-20 20:03 - 2013-04-08 19:36 - 02049024 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-06-20 20:03 - 2013-03-07 21:53 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-06-20 20:03 - 2013-03-07 21:52 - 02067968 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-20 20:03 - 2012-05-01 08:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-06-20 20:03 - 2012-04-03 02:16 - 03602816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-20 20:03 - 2012-04-03 02:16 - 03550080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-20 20:02 - 2012-06-04 09:26 - 00440704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-06-20 20:02 - 2012-06-01 18:04 - 00278528 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-20 20:02 - 2012-01-09 09:54 - 00613376 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2013-06-20 20:02 - 2011-11-16 10:23 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-06-20 20:02 - 2011-11-16 10:21 - 01259008 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-20 20:02 - 2011-11-16 08:12 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-06-20 20:02 - 2010-05-04 13:13 - 00231424 ____A (Microsoft Corporation) C:\Windows\System32\msshsq.dll
2013-06-20 19:42 - 2013-02-11 19:57 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-06-20 09:06 - 2013-06-20 09:06 - 00000000 ____D C:\Users\Administrator2\AppData\Roaming\AVG8
2013-06-18 15:12 - 2013-06-21 09:15 - 00008040 ____A C:\Windows\IE9_main.log
2013-06-18 08:39 - 2012-06-02 16:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-18 08:39 - 2012-06-02 16:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-18 08:39 - 2012-06-02 16:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-06-18 08:39 - 2012-06-02 16:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-18 08:38 - 2012-06-02 16:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-18 08:38 - 2012-06-02 16:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-06-18 08:38 - 2012-06-02 16:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-18 08:38 - 2012-06-02 15:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-18 08:38 - 2012-06-02 15:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-17 16:06 - 2012-12-06 13:52 - 00125952 ____A C:\Windows\System32\ZLhp2600.DLL
2013-06-17 15:55 - 2013-06-17 15:56 - 90820456 ____A C:\Users\Jake\Downloads\hp_CLJ_2600n_Full_Solution-v20110217-50132926-RC5-Signed (1).exe
2013-06-17 15:52 - 2013-06-17 15:52 - 00000000 ____D C:\Users\Jake\AppData\Roaming\HP
2013-06-17 15:51 - 2013-06-20 21:08 - 00000000 ____D C:\hp_CLJ_2600n_Full_Solution
2013-06-17 15:51 - 2011-02-17 05:18 - 00805928 ____A C:\Windows\System32\hp2600n.img
2013-06-17 15:49 - 2013-06-17 15:51 - 90820456 ____A C:\Users\Jake\Downloads\hp_CLJ_2600n_Full_Solution-v20110217-50132926-RC5-Signed.exe
2013-06-17 15:49 - 2013-06-17 15:49 - 00001973 ____A C:\Users\Jake\Desktop\Google Chrome.lnk
2013-06-17 15:43 - 2013-06-17 15:46 - 00013212 ____A C:\HPFWUpdate.log
2013-06-17 15:42 - 2013-06-17 15:43 - 02112744 ____A C:\Users\Jake\Downloads\HP2600_FW_Upgrade_Security_20120928.exe
2013-06-17 13:08 - 2013-06-17 13:09 - 00000000 ____D C:\Windows\System32\vi-VN
2013-06-17 13:08 - 2013-06-17 13:09 - 00000000 ____D C:\Windows\System32\eu-ES
2013-06-17 13:08 - 2013-06-17 13:09 - 00000000 ____D C:\Windows\System32\ca-ES
2013-06-17 13:04 - 2013-06-20 21:08 - 00000000 ____D C:\Windows\System32\SPReview
2013-06-17 12:42 - 2009-04-10 23:28 - 00928768 ____A (Microsoft Corporation) C:\Windows\System32\scavenge.dll
2013-06-17 12:41 - 2009-04-10 23:27 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\compcln.exe
2013-06-17 12:34 - 2009-04-10 23:32 - 00149480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2013-06-17 12:34 - 2009-04-10 23:32 - 00141288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ecache.sys
2013-06-17 12:34 - 2009-04-10 23:32 - 00050664 ____A (Microsoft Corporation) C:\Windows\System32\PSHED.DLL
2013-06-17 12:34 - 2009-04-10 23:32 - 00043496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2013-06-17 12:34 - 2009-04-10 23:28 - 02153472 ____A (Microsoft Corporation) C:\Windows\System32\oobefldr.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 01823744 ____A (Microsoft Corporation) C:\Windows\System32\pnidui.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 01591296 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 01541120 ____A (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 01381376 ____A (Microsoft Corporation) C:\Windows\System32\Query.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 01248768 ____A (Microsoft Corporation) C:\Windows\System32\PerfCenterCPL.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 01107968 ____A (Microsoft Corporation) C:\Windows\System32\pidgenx.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00880640 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00869888 ____A (Microsoft Corporation) C:\Windows\System32\printui.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00825856 ____A (Microsoft Corporation) C:\Windows\System32\rasdlg.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00758784 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00754688 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00723968 ____A (Microsoft Corporation) C:\Windows\System32\powercpl.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00644608 ____A (Microsoft Corporation) C:\Windows\System32\p2psvc.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00642560 ____A (Microsoft Corporation) C:\Windows\System32\rasgcw.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00627200 ____A (Microsoft Corporation) C:\Windows\System32\sethc.exe
2013-06-17 12:34 - 2009-04-10 23:28 - 00551936 ____A (Microsoft Corporation) C:\Windows\System32\prnntfy.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00550400 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\pnpui.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00483328 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\riched20.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00464384 ____A (Microsoft Corporation) C:\Windows\System32\pcaui.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00441344 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-06-17 12:34 - 2009-04-10 23:28 - 00376832 ____A (Microsoft Corporation) C:\Windows\System32\rasplap.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\RelMon.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00327168 ____A (Microsoft Corporation) C:\Windows\System32\P2PGraph.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00324608 ____A (Microsoft Corporation) C:\Windows\System32\sdohlp.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00306176 ____A (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\QAGENTRT.DLL
2013-06-17 12:34 - 2009-04-10 23:28 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\photowiz.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00286720 ____A (Microsoft Corporation) C:\Windows\System32\rasapi32.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\raschap.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-06-17 12:34 - 2009-04-10 23:28 - 00262144 ____A (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\rasppp.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\scansetting.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00242176 ____A (Microsoft Corporation) C:\Windows\System32\pdh.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00241152 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\ntprint.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\offfilt.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-06-17 12:34 - 2009-04-10 23:28 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00181760 ____A (Microsoft Corporation) C:\Windows\System32\pnpsetup.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\scrobj.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\scecli.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00166400 ____A (Microsoft Corporation) C:\Windows\System32\puiapi.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceTypes.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\rasmontr.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\scksp.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\nlhtml.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00127488 ____A (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00121344 ____A (Microsoft Corporation) C:\Windows\System32\ntmarta.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00120320 ____A (Microsoft Corporation) C:\Windows\System32\EhStorAPI.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\regsvc.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\powrprof.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\oleprn.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\SCardSvr.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceClassExtension.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\olepro32.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-06-17 12:34 - 2009-04-10 23:28 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\propdefs.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\sendmail.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\rastapi.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\PNPXAssoc.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\regapi.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\samlib.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\rtffilt.dll
2013-06-17 12:34 - 2009-04-10 23:28 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\perfdisk.dll
2013-06-17 12:34 - 2009-04-10 23:27 - 00704512 ____A (Microsoft Corporation) C:\Windows\System32\PhotoScreensaver.scr
2013-06-17 12:34 - 2009-04-10 23:27 - 00241128 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-06-17 12:34 - 2009-04-10 23:27 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\osk.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\PresentationSettings.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\PkgMgr.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\nslookup.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\reg.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\PnPUnattend.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\rekeywiz.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\ocsetup.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\PnPutil.exe
2013-06-17 12:34 - 2009-04-10 23:27 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\rasdial.exe
2013-06-17 12:34 - 2009-04-10 23:23 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\quick.ime
2013-06-17 12:34 - 2009-04-10 23:23 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\qintlgnt.ime
2013-06-17 12:34 - 2009-04-10 23:23 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\phon.ime
2013-06-17 12:34 - 2009-04-10 23:23 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\pintlgnt.ime
2013-06-17 12:34 - 2009-04-10 22:03 - 12240896 ____A (Microsoft Corporation) C:\Windows\System32\NlsLexicons0007.dll
2013-06-17 12:34 - 2009-04-10 22:03 - 02644480 ____A (Microsoft Corporation) C:\Windows\System32\NlsLexicons0009.dll
2013-06-17 12:34 - 2009-04-10 21:48 - 00344698 ____A C:\Windows\System32\eaphost.tmf
2013-06-17 12:34 - 2009-04-10 21:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2013-06-17 12:34 - 2009-04-10 21:46 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2013-06-17 12:34 - 2009-04-10 21:46 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2013-06-17 12:34 - 2009-04-10 21:45 - 00113664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2013-06-17 12:34 - 2009-04-10 21:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2013-06-17 12:34 - 2009-04-10 21:43 - 00392170 ____A C:\Windows\System32\onex.tmf
2013-06-17 12:34 - 2009-04-10 21:43 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2013-06-17 12:34 - 2009-04-10 21:43 - 00062208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ohci1394.sys
2013-06-17 12:34 - 2009-04-10 21:14 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-17 12:34 - 2009-04-10 21:14 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2013-06-17 12:34 - 2009-02-19 17:20 - 00009212 ____A C:\Windows\System32\RacUR.xml
2013-06-17 12:34 - 2009-02-18 11:43 - 00000153 ____A C:\Windows\System32\RacUREx.xml
2013-06-17 12:34 - 2009-02-18 11:39 - 00779136 ____A (Microsoft Corporation) C:\Windows\System32\PresentationNative_v0300.dll
2013-06-17 12:34 - 2009-02-18 11:39 - 00102816 ____A (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-06-17 12:33 - 2009-04-10 23:33 - 00614376 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-06-17 12:33 - 2009-04-10 23:32 - 00527848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00265688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00245736 ____A (Microsoft Corporation) C:\Windows\System32\clfs.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00223208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00190424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00180712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00161752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00125928 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00109032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00099816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-06-17 12:33 - 2009-04-10 23:32 - 00053736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00048104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00035304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00027624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2013-06-17 12:33 - 2009-04-10 23:32 - 00019944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2013-06-17 12:33 - 2009-04-10 23:28 - 06103040 ____A (Microsoft Corporation) C:\Windows\System32\chtbrkr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 03174400 ____A (Microsoft Corporation) C:\Windows\System32\netshell.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 03072000 ____A (Microsoft Corporation) C:\Windows\System32\networkmap.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 02515968 ____A (Microsoft Corporation) C:\Windows\System32\accessibilitycpl.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 02241536 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 02226688 ____A (Microsoft Corporation) C:\Windows\System32\networkexplorer.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 02225664 ____A (Microsoft Corporation) C:\Windows\System32\netcenter.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 02134528 ____A (Microsoft Corporation) C:\Windows\System32\FunctionDiscoveryFolder.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01985024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01856512 ____A (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01788416 ____A (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01730560 ____A (Microsoft Corporation) C:\Windows\System32\apds.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01671680 ____A (Microsoft Corporation) C:\Windows\System32\chsbrkr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01645568 ____A (Microsoft Corporation) C:\Windows\System32\connect.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01589248 ____A (Microsoft Corporation) C:\Windows\System32\msjet40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01502720 ____A (Microsoft Corporation) C:\Windows\System32\certmgr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01480704 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01459200 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\brcpl.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01324032 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01216000 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayCpl.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01209856 ____A (Microsoft Corporation) C:\Windows\System32\comsvcs.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01112064 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01086464 ____A (Microsoft Corporation) C:\Windows\System32\NetProjW.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01078784 ____A (Microsoft Corporation) C:\Windows\System32\diagperf.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 01053696 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00978432 ____A (Microsoft Corporation) C:\Windows\System32\drmv2clt.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00971264 ____A (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00950784 ____A (Microsoft Corporation) C:\Windows\System32\gpedit.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00856064 ____A (Microsoft Corporation) C:\Windows\System32\mswdat10.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00807424 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\NaturalLanguage6.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00759296 ____A (Microsoft Corporation) C:\Windows\System32\ipsecsnp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10K.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00677376 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00670720 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00643072 ____A (Microsoft Corporation) C:\Windows\System32\msrepl40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\CertEnrollUI.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00618496 ____A (Microsoft Corporation) C:\Windows\System32\mswstr10.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\MSMPEG2VDEC.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00593408 ____A (Microsoft Corporation) C:\Windows\System32\comuid.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00592896 ____A (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00576512 ____A (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00564224 ____A (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00564224 ____A (Microsoft Corporation) C:\Windows\System32\emdmgmt.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\msdtcprx.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00542720 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00516608 ____A (Microsoft Corporation) C:\Windows\System32\autoplay.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00485888 ____A (Microsoft Corporation) C:\Windows\System32\evr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00481792 ____A (Microsoft Corporation) C:\Windows\System32\cmdial32.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00469504 ____A (Microsoft Corporation) C:\Windows\System32\newdev.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\IasMigReader.exe
2013-06-17 12:33 - 2009-04-10 23:28 - 00454656 ____A (Microsoft Corporation) C:\Windows\System32\msxbde40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00454144 ____A (Microsoft) C:\Windows\System32\IasMigPlugin.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00450560 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\ncryptui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00444416 ____A (Microsoft Corporation) C:\Windows\System32\dsound.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00438784 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00414208 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\msexch40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00407552 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00406528 ____A (Microsoft Corporation) C:\Windows\System32\msvcp60.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00396288 ____A (Microsoft Corporation) C:\Windows\System32\ipsmsnap.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00391680 ____A (Microsoft Corporation) C:\Windows\System32\mscms.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00378368 ____A (Microsoft Corporation) C:\Windows\System32\imapi2.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00378368 ____A (Microsoft Corporation) C:\Windows\System32\devmgr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00368640 ____A C:\Windows\System32\msjetoledb40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\mspbde40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00364032 ____A (Microsoft Corporation) C:\Windows\System32\IPSECSVC.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00351744 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\msrd3x40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00339968 ____A (Microsoft Corporation) C:\Windows\System32\msexcl40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00334848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00323584 ____A (Microsoft Corporation) C:\Windows\System32\certcli.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00319488 ____A (Microsoft Corporation) C:\Windows\System32\msrd2x40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00310272 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00297472 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00290816 ____A (Microsoft Corporation) C:\Windows\System32\msjtes40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\modemui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00284672 ____A (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\mstext40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00274432 ____A (Microsoft Corporation) C:\Windows\System32\bcrypt.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00268800 ____A (Microsoft Corporation) C:\Windows\System32\es.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\iassdo.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00241664 ____A (Microsoft Corporation) C:\Windows\System32\msltus40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00218624 ____A (Microsoft Corporation) C:\Windows\System32\mscandui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00217600 ____A (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00203264 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00200704 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00199168 ____A (Microsoft Corporation) C:\Windows\System32\adsldpc.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\iassam.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00178176 ____A (Microsoft Corporation) C:\Windows\System32\credui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\msutb.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\iasrad.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\fundisc.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iasnap.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\fontext.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\dsprop.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00119296 ____A (Microsoft Corporation) C:\Windows\System32\iasrecst.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00117248 ____A C:\Windows\System32\EhStorAuthn.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00115712 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00115200 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\imm32.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\EhStorShell.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\imapi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00105472 ____A (Microsoft Corporation) C:\Windows\System32\dmsynth.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayServices.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\dmusic.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2013-06-17 12:33 - 2009-04-10 23:28 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\fdBth.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\msctfui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\mstlsapi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\msctfp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\authz.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\iassvcs.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\gpapi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\adsmsext.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\iashlpr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\mpr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\fdSSDP.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\fdWSD.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\msjter40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\iasacct.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\iasads.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00054784 ____A (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00054784 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingProxy.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\feclient.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fdeploy.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\iasdatastore.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\bthci.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\dataclen.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\msstrc.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\hbaapi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\bthserv.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\certprop.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\networkitemfactory.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\EhStorPwdMgr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\msscb.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\iaspolcy.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\bitsigd.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\msimtf.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\ifmon.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\FwRemoteSvr.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\hidserv.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\msjint40.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\fdProxy.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\cscdll.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\NcdProp.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\MsCtfMonitor.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\msisip.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\inetppui.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\CHxReadingStringIME.dll
2013-06-17 12:33 - 2009-04-10 23:28 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\fdBthProxy.dll
2013-06-17 12:33 - 2009-04-10 23:27 - 02926592 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 02092544 ____A (Microsoft Corporation) C:\Windows\System32\dfsr.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 01122304 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2013-06-17 12:33 - 2009-04-10 23:27 - 01102848 ____A (Microsoft Corporation) C:\Windows\System32\mmsys.cpl
2013-06-17 12:33 - 2009-04-10 23:27 - 00656896 ____A (Microsoft Corporation) C:\Windows\System32\autoconv.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00643072 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00640512 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-06-17 12:33 - 2009-04-10 23:27 - 00636416 ____A (Microsoft Corporation) C:\Windows\System32\autofmt.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00408064 ____A (Microsoft Corporation) C:\Windows\System32\msinfo32.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00407040 ____A (Microsoft Corporation) C:\Windows\System32\dpapimig.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00230912 ____A (Microsoft Corporation) C:\Windows\System32\diskraid.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\certreq.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00205824 ____A (Microsoft Corporation) C:\Windows\System32\eudcedit.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\cscript.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00130024 ____A (Microsoft Corporation) C:\Windows\System32\basecsp.dll
2013-06-17 12:33 - 2009-04-10 23:27 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\gpresult.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00119808 ____A (Microsoft Corporation) C:\Windows\System32\diskpart.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dwm.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2013-06-17 12:33 - 2009-04-10 23:27 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\hdwwiz.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\newdev.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\conime.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingWizard.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\findstr.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\cipher.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\cmmon32.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00046080 ____A (Microsoft Corporation) C:\Windows\System32\csrstub.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\cbsra.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\ftp.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00034304 ____A (Microsoft Corporation) C:\Windows\System32\bthudtask.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ipconfig.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\DeviceEject.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\msacm32.drv
2013-06-17 12:33 - 2009-04-10 23:27 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\fc.exe
2013-06-17 12:33 - 2009-04-10 23:27 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\gpupdate.exe
2013-06-17 12:33 - 2009-04-10 23:23 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\imkr80.ime
2013-06-17 12:33 - 2009-04-10 23:22 - 00883712 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10.IME
2013-06-17 12:33 - 2009-04-10 23:22 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\cintlgnt.ime
2013-06-17 12:33 - 2009-04-10 23:22 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\chajei.ime
2013-06-17 12:33 - 2009-04-10 23:22 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\f3ahvoas.dll
2013-06-17 12:33 - 2009-04-10 22:42 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2013-06-17 12:33 - 2009-04-10 21:46 - 00121344 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2013-06-17 12:33 - 2009-04-10 21:45 - 00185856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2013-06-17 12:33 - 2009-04-10 21:43 - 00442788 ____A C:\Windows\System32\dot3.tmf
2013-06-17 12:33 - 2009-04-10 21:42 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-17 12:33 - 2009-04-10 21:42 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-17 12:33 - 2009-04-10 21:42 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-17 12:33 - 2009-04-10 21:39 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2013-06-17 12:33 - 2009-04-10 21:39 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-06-17 12:33 - 2009-04-10 21:39 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-06-17 12:33 - 2009-04-10 21:27 - 00002560 ____A (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2013-06-17 12:33 - 2009-04-10 21:23 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys
2013-06-17 12:33 - 2009-04-10 21:14 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2013-06-17 12:33 - 2009-04-10 21:13 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2013-06-17 12:33 - 2009-04-10 21:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2013-06-17 12:33 - 2009-04-10 21:12 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2013-06-17 12:33 - 2009-03-29 21:42 - 00155456 ____A (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2013-06-17 12:33 - 2009-03-29 21:42 - 00080720 ____A (Microsoft Corporation) C:\Windows\System32\mscories.dll
2013-06-17 12:33 - 2009-02-18 11:38 - 00619864 ____A (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2013-06-17 12:33 - 2009-02-18 11:38 - 00099680 ____A (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2013-06-17 12:33 - 2009-02-18 11:38 - 00035168 ____A (Microsoft Corporation) C:\Windows\System32\infocardcpl.cpl
2013-06-17 12:33 - 2009-02-18 11:38 - 00009048 ____A (Microsoft Corporation) C:\Windows\System32\icardres.dll
2013-06-17 12:32 - 2009-04-10 23:33 - 00986600 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-06-17 12:32 - 2009-04-10 23:33 - 00926184 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-06-17 12:32 - 2009-04-10 23:33 - 00292840 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2013-06-17 12:32 - 2009-04-10 23:32 - 00438744 ____A (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2013-06-17 12:32 - 2009-04-10 23:32 - 00122344 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Storport.sys
2013-06-17 12:32 - 2009-04-10 23:32 - 00019944 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-06-17 12:32 - 2009-04-10 23:32 - 00017896 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-06-17 12:32 - 2009-04-10 23:32 - 00017384 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 03217408 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 02205184 ____A (Microsoft Corporation) C:\Windows\System32\SyncCenter.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 02167808 ____A (Microsoft Corporation) C:\Windows\System32\mmcndmgr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 02012160 ____A (Microsoft Corporation) C:\Windows\System32\milcore.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01671680 ____A (Microsoft Corporation) C:\Windows\System32\wlanpref.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01580544 ____A (Microsoft Corporation) C:\Windows\System32\wpccpl.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01575936 ____A (Microsoft Corporation) C:\Windows\System32\WMVENCOD.DLL
2013-06-17 12:32 - 2009-04-10 23:28 - 01533440 ____A (Microsoft Corporation) C:\Windows\System32\wcnwiz.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01524736 ____A (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01382912 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.DLL
2013-06-17 12:32 - 2009-04-10 23:28 - 01224192 ____A (Microsoft Corporation) C:\Windows\System32\sud.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01143296 ____A (Microsoft Corporation) C:\Windows\System32\wercon.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01081344 ____A (Microsoft Corporation) C:\Windows\System32\SLCExt.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01055232 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 01020928 ____A (Microsoft Corporation) C:\Windows\System32\wdc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 01017856 ____A (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00996352 ____A (Microsoft Corporation) C:\Windows\System32\WMNetMgr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00968192 ____A (Microsoft Corporation) C:\Windows\System32\wcnwiz2.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\wer.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00860160 ____A (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00852992 ____A (Microsoft Corporation) C:\Windows\System32\mcmde.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00777216 ____A (Microsoft Corporation) C:\Windows\System32\slcc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00705536 ____A (Microsoft Corporation) C:\Windows\System32\SmiEngine.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00657408 ____A (Microsoft Corporation) C:\Windows\System32\WMVXENCD.DLL
2013-06-17 12:32 - 2009-04-10 23:28 - 00638976 ____A (Microsoft Corporation) C:\Windows\System32\Utilman.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00582144 ____A (Microsoft Corporation) C:\Windows\System32\SLCommDlg.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00558080 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00547840 ____A (Microsoft Corporation) C:\Windows\System32\wiaaut.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00533504 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00532992 ____A (Microsoft Corporation) C:\Windows\System32\wpcao.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00507904 ____A (Microsoft Corporation) C:\Windows\System32\vdsdyn.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00453120 ____A (Microsoft Corporation) C:\Windows\System32\wiaservc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00425472 ____A (Microsoft Corporation) C:\Windows\System32\shwebsvc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00399360 ____A (Microsoft Corporation) C:\Windows\System32\wlangpui.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00385536 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00378368 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\SLUI.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00356864 ____A (Microsoft Corporation) C:\Windows\System32\MediaMetadataHandler.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00314368 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00311808 ____A (Microsoft Corporation) C:\Windows\System32\swprv.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00291328 ____A (Microsoft Corporation) C:\Windows\System32\WscEapPr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00289792 ____A (Microsoft Corporation) C:\Windows\System32\spinstall.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00287744 ____A (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\w32time.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\wow32.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00250368 ____A (Microsoft Corporation) C:\Windows\System32\wevtapi.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\wisptis.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\SLC.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00223744 ____A (Microsoft Corporation) C:\Windows\System32\wscntfy.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00218624 ____A (Microsoft Corporation) C:\Windows\System32\wdscore.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00202752 ____A (Microsoft Corporation) C:\Windows\System32\wlanui.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00185856 ____A (Microsoft Corporation) C:\Windows\System32\SLLUA.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00177664 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00165376 ____A (Microsoft Corporation) C:\Windows\System32\WcnNetsh.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\wevtutil.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\spoolss.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00155648 ____A (Microsoft Corporation) C:\Windows\System32\wscript.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00143872 ____A (Microsoft Corporation) C:\Windows\System32\korwbrkr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\spp.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00140800 ____A (Microsoft Corporation) C:\Windows\System32\wusa.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\wpcsvc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00134656 ____A (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00115712 ____A (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00108544 ____A (Microsoft Corporation) C:\Windows\System32\userenv.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\sysclass.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00101376 ____A (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\wshext.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00083456 ____A (Microsoft) C:\Windows\System32\SMBHelperClass.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\wlgpclnt.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\slwmi.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-06-17 12:32 - 2009-04-10 23:28 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\SLUINotify.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\xmlfilter.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\Storprop.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\mmci.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\l2nacp.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\slcinst.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00034304 ____A (Microsoft Corporation) C:\Windows\System32\wshbth.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\whealogr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\wsepno.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\uxsms.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\wsdchngr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\winrnr.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\wscisvif.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\vdmdbg.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\midimap.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\spcmsg.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mmcico.dll
2013-06-17 12:32 - 2009-04-10 23:28 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2013-06-17 12:32 - 2009-04-10 23:27 - 03408896 ____A (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
2013-06-17 12:32 - 2009-04-10 23:27 - 01792512 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe
2013-06-17 12:32 - 2009-04-10 23:27 - 01689600 ____A (Microsoft Corporation) C:\Windows\System32\wscui.cpl
2013-06-17 12:32 - 2009-04-10 23:27 - 00950272 ____A (Microsoft Corporation) C:\Windows\System32\mblctr.exe
2013-06-17 12:32 - 2009-04-10 23:27 - 00710144 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-17 12:32 - 2009-04-10 23:27 - 00389632 ____A (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2013-06-17 12:32 - 2009-04-10 23:27 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\wdmaud.drv
2013-06-17 12:32 - 2009-04-10 23:27 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2013-06-17 12:32 - 2009-04-10 23:27 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\logagent.exe
2013-06-17 12:32 - 2009-04-10 23:27 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\Kswdmcap.ax
2013-06-17 12:32 - 2009-04-10 23:27 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\logman.exe
2013-06-17 12:32 - 2009-04-10 21:46 - 00208966 ____A C:\Windows\System32\WFP.TMF
2013-06-17 12:32 - 2009-04-10 21:45 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\smb.sys
2013-06-17 12:32 - 2009-04-10 21:42 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-06-17 12:32 - 2009-04-10 21:42 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-06-17 12:32 - 2009-04-10 21:42 - 00052992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2013-06-17 12:32 - 2009-04-10 21:42 - 00031616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2013-06-17 12:32 - 2009-04-10 21:38 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-06-17 12:32 - 2009-04-10 21:38 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-06-17 12:32 - 2009-04-10 21:22 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2013-06-17 12:32 - 2009-04-10 18:59 - 00107612 ____A C:\Windows\System32\StructuredQuerySchema.bin
2013-06-17 12:32 - 2009-04-10 18:54 - 03662128 ____A C:\Windows\System32\locale.nls
2013-06-17 12:32 - 2009-02-18 11:39 - 00092918 ____A C:\Windows\System32\slmgr.vbs
2013-06-17 12:31 - 2009-04-10 23:32 - 00053224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2013-06-17 12:31 - 2009-04-10 23:28 - 01576960 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 01152000 ____A (Microsoft Corporation) C:\Windows\System32\themecpl.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00842240 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00615424 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00524288 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00449024 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00342528 ____A (Microsoft Corporation) C:\Windows\System32\zipfldr.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00324096 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\thawbrkr.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00275968 ____A (Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
2013-06-17 12:31 - 2009-04-10 23:28 - 00242688 ____A (Microsoft Corporation) C:\Windows\System32\tapisrv.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00222720 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00203264 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00197632 ____A (Microsoft Corporation) C:\Windows\System32\SndVol.exe
2013-06-17 12:31 - 2009-04-10 23:28 - 00190464 ____A (Microsoft Corporation) C:\Windows\System32\sperror.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\spwizui.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\tcpmon.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00125952 ____A (Microsoft Corporation) C:\Windows\System32\softkbd.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\spreview.exe
2013-06-17 12:31 - 2009-04-10 23:28 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\ulib.dll
2013-06-17 12:31 - 2009-04-10 23:28 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\TSTheme.exe
2013-06-17 12:31 - 2009-04-10 23:28 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\spwinsat.dll
2013-06-17 12:31 - 2009-04-10 23:27 - 00280064 ____A (Microsoft Corporation) C:\Windows\System32\unimdm.tsp
2013-06-17 12:31 - 2009-04-10 23:23 - 00125952 ____A (Microsoft Corporation) C:\Windows\System32\tintlgnt.ime
2013-06-17 12:31 - 2009-04-10 21:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2013-06-17 12:31 - 2009-04-10 21:43 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-06-17 12:31 - 2009-04-10 21:42 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-06-17 12:31 - 2009-04-10 21:42 - 00025856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2013-06-17 12:31 - 2009-04-10 21:42 - 00025856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD.sys
2013-06-17 12:31 - 2009-04-10 21:14 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-06-17 12:31 - 2009-04-10 19:52 - 00684032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spsys.sys
2013-06-17 12:31 - 2009-03-06 18:11 - 00130008 ____A C:\Windows\System32\systemsf.ebd
2013-06-17 12:31 - 2009-02-19 17:20 - 00009239 ____A C:\Windows\System32\spcinstrumentation.man
2013-06-17 12:31 - 2009-02-18 11:39 - 00035680 ____A (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2013-06-17 12:18 - 2013-06-20 21:08 - 00000000 ____D C:\Windows\System32\EventProviders
2013-06-17 09:26 - 2013-06-20 21:09 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 09:26 - 2013-06-20 21:08 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-17 09:26 - 2013-06-17 09:26 - 00000000 ____D C:\Program Files\iPod
2013-06-17 09:18 - 2013-06-20 21:08 - 00000000 ____D C:\Program Files\QuickTime
2013-06-16 15:59 - 2013-06-16 16:00 - 00000000 ____D C:\Users\Stacey\Downloads\Attachments_2013616
2013-06-16 15:59 - 2013-06-16 15:59 - 01445535 ____A C:\Users\Stacey\Downloads\Attachments_2013616.zip
2013-05-30 18:03 - 2013-05-30 18:03 - 01430464 ____A C:\Users\Public\Downloads\yellowrecolormonster2.ai
 
==================== One Month Modified Files and Folders ========
 
2013-06-25 20:47 - 2013-06-25 20:47 - 01370251 ____A (Farbar) C:\Users\Administrator2\Downloads\FRST.exe
2013-06-25 20:47 - 2013-06-25 20:47 - 00000000 ____D C:\FRST
2013-06-25 20:44 - 2010-01-05 16:06 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-25 20:44 - 2007-04-23 12:21 - 00000000 ____D C:\Windows\SMINST
2013-06-25 20:39 - 2013-02-27 20:29 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-25 19:58 - 2010-01-05 16:06 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-25 19:35 - 2006-11-02 06:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-25 19:35 - 2006-11-02 06:47 - 00003568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-25 18:56 - 2013-05-15 16:02 - 00000000 ____D C:\Users\Stacey\AppData\Roaming\Dropbox
2013-06-25 18:55 - 2013-05-15 16:04 - 00000000 ___RD C:\Users\Stacey\Dropbox
2013-06-25 18:53 - 2007-08-01 14:37 - 02017096 ____A C:\Windows\WindowsUpdate.log
2013-06-25 18:01 - 2011-04-24 17:13 - 00000000 ____D C:\ProgramData\MFAData
2013-06-25 14:42 - 2009-09-25 18:52 - 00000820 ____A C:\Windows\Tasks\Google Software Updater.job
2013-06-25 14:34 - 2007-10-14 11:53 - 00000000 ____D C:\users\Stacey
2013-06-25 14:34 - 2007-09-19 19:15 - 00000000 ____D C:\users\Jake
2013-06-25 14:34 - 2007-09-16 07:14 - 00000000 ____D C:\users\Administrator2
2013-06-25 14:34 - 2007-04-23 11:51 - 00000000 ___HD C:\users\IUSR_NMPR
2013-06-25 14:34 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\Msdtc
2013-06-25 14:34 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\registration
2013-06-25 14:34 - 2006-11-02 04:22 - 72613888 ____A C:\Windows\System32\config\software_previous
2013-06-25 14:34 - 2006-11-02 04:22 - 20447232 ____A C:\Windows\System32\config\system_previous
2013-06-25 13:35 - 2013-06-25 13:35 - 00140416 ____A C:\Windows\Minidump\Mini062513-03.dmp
2013-06-25 13:35 - 2009-02-11 13:28 - 00000000 ____D C:\Windows\Minidump
2013-06-25 13:35 - 2009-02-11 13:27 - 247382270 ____A C:\Windows\MEMORY.DMP
2013-06-25 13:35 - 2006-11-02 07:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-25 13:19 - 2013-06-25 12:51 - 00146648 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2013-06-25 13:19 - 2013-06-25 12:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-25 13:06 - 2013-06-25 13:05 - 01814144 ____A (Bleeping Computer, LLC) C:\Users\Administrator2\Downloads\rkill.exe
2013-06-25 13:02 - 2013-06-25 13:01 - 00140416 ____A C:\Windows\Minidump\Mini062513-02.dmp
2013-06-25 12:50 - 2013-06-25 12:50 - 00031560 ____A C:\Windows\System32\Drivers\mbamchameleon.sys
2013-06-25 12:49 - 2013-06-25 12:49 - 00000000 ____D C:\Users\Administrator2\Downloads\mbar-1.06.0.1004
2013-06-25 12:48 - 2013-06-25 12:47 - 13399154 ____A C:\Users\Administrator2\Downloads\mbar-1.06.0.1004.zip
2013-06-25 10:57 - 2006-11-02 04:22 - 52953088 ____A C:\Windows\System32\config\components_previous
2013-06-25 10:57 - 2006-11-02 04:22 - 00524288 ____A C:\Windows\System32\config\default_previous
2013-06-25 10:57 - 2006-11-02 04:22 - 00262144 ____A C:\Windows\System32\config\security_previous
2013-06-25 10:57 - 2006-11-02 04:22 - 00262144 ____A C:\Windows\System32\config\sam_previous
2013-06-25 10:48 - 2013-06-25 10:48 - 00029602 ____A C:\Users\Administrator2\Documents\Attach.txt
2013-06-25 10:48 - 2013-06-25 10:48 - 00022355 ____A C:\Users\Administrator2\Documents\DDS.txt
2013-06-25 10:47 - 2013-06-25 10:47 - 00029602 ____A C:\Users\Administrator2\Desktop\attach.txt
2013-06-25 10:47 - 2013-06-25 10:47 - 00022355 ____A C:\Users\Administrator2\Desktop\dds.txt
2013-06-25 09:50 - 2013-06-25 09:49 - 00035450 ____A C:\ProgramData\LUUnInstall.LiveUpdate
2013-06-25 09:39 - 2006-11-02 06:47 - 02310144 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-25 09:38 - 2007-04-23 12:23 - 00249640 ____A C:\Windows\PFRO.log
2013-06-25 09:15 - 2013-06-25 09:15 - 00016853 ____A C:\ComboFix.txt
2013-06-25 09:15 - 2013-06-25 08:53 - 00000000 ____D C:\Comfix.exe11796C
2013-06-25 09:15 - 2013-06-24 13:56 - 00000000 ____D C:\Qoobox
2013-06-25 09:12 - 2006-11-02 04:23 - 00000215 ____A C:\Windows\system.ini
2013-06-25 08:52 - 2013-06-25 08:52 - 00000000 ____D C:\Comfix.exe6233C
2013-06-25 08:52 - 2011-05-01 19:08 - 00001356 ____A C:\Users\Administrator2\AppData\Local\d3d9caps.dat
2013-06-25 08:32 - 2006-11-02 07:01 - 00032540 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-25 07:23 - 2013-06-25 07:23 - 00140416 ____A C:\Windows\Minidump\Mini062513-01.dmp
2013-06-24 16:21 - 2013-06-24 16:21 - 00000000 ____D C:\Users\Administrator2\AppData\Roaming\Malwarebytes
2013-06-24 16:20 - 2013-06-24 16:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-24 16:20 - 2013-06-24 16:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-24 16:19 - 2013-06-24 16:19 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Administrator2\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-24 16:16 - 2013-06-24 16:16 - 00000000 ____D C:\Program Files\OI App Manager
2013-06-24 16:16 - 2013-06-24 16:16 - 00000000 ____D C:\Program Files\7-Zip
2013-06-24 16:02 - 2013-06-24 15:35 - 00171648 ____A C:\Users\Administrator2\Downloads\OTL.Txt
2013-06-24 15:37 - 2013-06-24 15:37 - 00069518 ____A C:\Users\Administrator2\Downloads\Extras.Txt
2013-06-24 15:17 - 2013-06-24 14:49 - 00000000 ____D C:\Comfix.exe
2013-06-24 15:17 - 2006-11-02 05:18 - 00000000 __RHD C:\users\Default
2013-06-24 15:17 - 2006-11-02 05:18 - 00000000 ___RD C:\users\Public
2013-06-24 15:16 - 2013-06-24 13:54 - 00000000 ____D C:\Windows\erdnt
2013-06-24 14:18 - 2013-06-24 13:52 - 05082330 ____R (Swearware) C:\Users\Administrator2\Downloads\Comfix.exe.exe
2013-06-24 14:17 - 2013-06-24 14:17 - 00602112 ____A (OldTimer Tools) C:\Users\Administrator2\Downloads\OTL.exe
2013-06-24 14:11 - 2011-09-29 09:25 - 00000000 ____D C:\Program Files\PLAYSUSHI
2013-06-24 08:46 - 2012-11-12 16:47 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Dropbox
2013-06-21 15:38 - 2013-06-21 15:38 - 00000000 ____D C:\Users\Jake\Documents\WDC
2013-06-21 15:38 - 2013-06-21 15:38 - 00000000 ____D C:\Program Files\Western Digital Corporation
2013-06-21 14:58 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-21 14:49 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\rescache
2013-06-21 14:34 - 2006-11-02 04:33 - 00769196 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 14:22 - 2012-11-12 16:50 - 00000000 ___RD C:\Users\Jake\Dropbox
2013-06-21 14:08 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-06-21 14:08 - 2006-11-02 05:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-06-21 14:07 - 2006-11-02 06:37 - 00000000 ____D C:\Windows\System32\XPSViewer
2013-06-21 14:07 - 2006-11-02 05:18 - 00000000 ____D C:\Program Files\Common Files\System
2013-06-21 09:32 - 2007-09-16 11:55 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-06-21 09:15 - 2013-06-21 09:15 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-21 09:15 - 2013-06-21 09:15 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-21 09:15 - 2013-06-21 09:15 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-21 09:15 - 2013-06-21 09:15 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-21 09:15 - 2013-06-21 09:15 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-21 09:15 - 2013-06-21 09:15 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-21 09:15 - 2013-06-21 09:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-21 09:15 - 2013-06-21 09:15 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-21 09:15 - 2013-06-18 15:12 - 00008040 ____A C:\Windows\IE9_main.log
2013-06-21 09:15 - 2006-11-02 00:32 - 00008798 ____A C:\Windows\System32\icrav03.rat
2013-06-21 09:15 - 2006-11-02 00:32 - 00001988 ____A C:\Windows\System32\ticrf.rat
2013-06-21 09:13 - 2013-06-21 09:13 - 02873344 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01554432 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01075712 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01068544 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 01029120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00979456 ____A (Microsoft Corporation) C:\Windows\System32\MFH264Dec.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00847360 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00797184 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00667648 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
2013-06-21 09:13 - 2013-06-21 09:13 - 00586240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00357376 ____A (Microsoft Corporation) C:\Windows\System32\MFHEAACdec.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4src.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2013-06-21 09:13 - 2013-06-21 09:13 - 00219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-06-21 09:13 - 2013-06-21 09:13 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelineprxy.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00974848 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00369664 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\dxdiag.exe
2013-06-21 09:11 - 2013-06-21 09:11 - 00195584 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2013-06-21 09:11 - 2013-06-21 09:11 - 00189440 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-21 08:41 - 2006-11-02 04:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-20 21:10 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-06-20 21:10 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\spool
2013-06-20 21:09 - 2013-06-17 09:26 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 21:09 - 2007-09-21 13:27 - 00000000 ____D C:\Users\Jake\Downloads\Civ4_1.61
2013-06-20 21:08 - 2013-06-17 15:51 - 00000000 ____D C:\hp_CLJ_2600n_Full_Solution
2013-06-20 21:08 - 2013-06-17 13:04 - 00000000 ____D C:\Windows\System32\SPReview
2013-06-20 21:08 - 2013-06-17 12:18 - 00000000 ____D C:\Windows\System32\EventProviders
2013-06-20 21:08 - 2013-06-17 09:26 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-20 21:08 - 2013-06-17 09:18 - 00000000 ____D C:\Program Files\QuickTime
2013-06-20 09:06 - 2013-06-20 09:06 - 00000000 ____D C:\Users\Administrator2\AppData\Roaming\AVG8
2013-06-18 08:37 - 2006-11-02 06:52 - 00084516 ____A C:\Windows\setupact.log
2013-06-17 15:56 - 2013-06-17 15:55 - 90820456 ____A C:\Users\Jake\Downloads\hp_CLJ_2600n_Full_Solution-v20110217-50132926-RC5-Signed (1).exe
2013-06-17 15:54 - 2007-04-23 11:45 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-06-17 15:53 - 2007-04-23 11:58 - 00000000 ____D C:\Program Files\HP
2013-06-17 15:52 - 2013-06-17 15:52 - 00000000 ____D C:\Users\Jake\AppData\Roaming\HP
2013-06-17 15:51 - 2013-06-17 15:49 - 90820456 ____A C:\Users\Jake\Downloads\hp_CLJ_2600n_Full_Solution-v20110217-50132926-RC5-Signed.exe
2013-06-17 15:49 - 2013-06-17 15:49 - 00001973 ____A C:\Users\Jake\Desktop\Google Chrome.lnk
2013-06-17 15:46 - 2013-06-17 15:43 - 00013212 ____A C:\HPFWUpdate.log
2013-06-17 15:43 - 2013-06-17 15:42 - 02112744 ____A C:\Users\Jake\Downloads\HP2600_FW_Upgrade_Security_20120928.exe
2013-06-17 14:07 - 2007-09-20 18:43 - 00002595 ____A C:\Users\Administrator2\Desktop\Microsoft Word.lnk
2013-06-17 13:29 - 2007-09-20 09:20 - 00000000 ___HD C:\Users\Jake\AppData\Roaming\Apple Computer
2013-06-17 13:09 - 2013-06-17 13:08 - 00000000 ____D C:\Windows\System32\vi-VN
2013-06-17 13:09 - 2013-06-17 13:08 - 00000000 ____D C:\Windows\System32\eu-ES
2013-06-17 13:09 - 2013-06-17 13:08 - 00000000 ____D C:\Windows\System32\ca-ES
2013-06-17 13:09 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-06-17 13:09 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Windows Defender
2013-06-17 13:09 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2013-06-17 13:09 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Windows Calendar
2013-06-17 13:09 - 2006-11-02 06:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\zh-TW
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\zh-CN
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\uk-UA
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\th-TH
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\sv-SE
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\SLUI
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\sl-SI
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\sk-SK
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\ru-RU
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\ro-RO
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\pt-PT
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\pt-BR
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\pl-PL
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\nl-NL
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\nb-NO
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\lv-LV
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\lt-LT
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\ko-KR
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\ja-JP
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\it-IT
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\hu-HU
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\hr-HR
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\he-IL
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\fr-FR
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\fi-FI
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\et-EE
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\el-GR
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\bg-BG
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\ar-SA
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2013-06-17 13:09 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\IME
2013-06-17 13:07 - 2007-04-23 11:50 - 00000000 ____D C:\Windows\System32\RTCOM
2013-06-17 09:26 - 2013-06-17 09:26 - 00000000 ____D C:\Program Files\iPod
2013-06-17 09:26 - 2007-09-20 09:17 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-16 16:00 - 2013-06-16 15:59 - 00000000 ____D C:\Users\Stacey\Downloads\Attachments_2013616
2013-06-16 15:59 - 2013-06-16 15:59 - 01445535 ____A C:\Users\Stacey\Downloads\Attachments_2013616.zip
2013-06-11 19:08 - 2009-05-06 19:36 - 00002595 ____A C:\Users\Stacey\Desktop\Microsoft Word.lnk
2013-06-11 19:00 - 2013-05-15 16:04 - 00000963 ____A C:\Users\Stacey\Desktop\Dropbox.lnk
2013-06-11 15:39 - 2012-04-10 09:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-11 15:39 - 2011-06-05 14:51 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-07 16:27 - 2007-04-23 12:03 - 00000000 ____D C:\ProgramData\Roxio
2013-06-06 18:02 - 2007-09-19 19:40 - 00000000 ____D C:\Users\Jake\AppData\Roaming\Adobe
2013-06-02 21:53 - 2012-09-09 16:09 - 00000000 ____D C:\Users\Stacey\Desktop\Adobe Illustrator
2013-06-01 10:44 - 2007-09-19 19:40 - 00092672 ____A C:\Users\Jake\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-31 13:47 - 2009-06-24 19:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-30 18:03 - 2013-05-30 18:03 - 01430464 ____A C:\Users\Public\Downloads\yellowrecolormonster2.ai
2013-05-30 12:20 - 2007-09-21 09:34 - 00081920 ____A C:\Users\Administrator2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
Files to move or delete:
====================
C:\Users\Public\AuralogComponents.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-06-25 13:41
 
==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-06-2013 02
Ran by Administrator2 at 2013-06-25 20:49:32
Running from C:\Users\Administrator2\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
7-Zip 9.21 (Version: 9.21.00.0)
Accurate Personality Test 1.0
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.2.8870)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Digital Editions
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Fonts All (Version: 2.0)
Adobe Illustrator CS4 (Version: 14.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.02)
Adobe Reader 8.3.1 (Version: 8.3.1)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AppCore (Version: 1)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.13 (Unicode)
AV (Version: 1)
AVG 2013 (Version: 13.0.3199)
AVG 2013 (Version: 13.0.3345)
AVG 2013 (Version: 2013.0.3345)
Bonjour (Version: 3.0.0.10)
Bricx Command Center
ccCommon (Version: 106.2.0.21)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Connect (Version: 1.0.0.1)
Coupon Printer for Windows (Version: 5.0.0.1)
Data Lifeguard Diagnostic for Windows (Version: 1.13)
DB VGA Cam (Version: 1.0)
eMusic Download Manager 4.1.1 (Version: 4.1.1)
Enhanced Multimedia Keyboard Solution
EuroTalk Talk Now! (Version: 2.2.5.1)
Google Chrome (Version: 27.0.1453.116)
Google Earth (Version: 5.2.1.1588)
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
Google Updater (Version: 2.4.2432.1652)
Hardware Diagnostic Tools (Version: 5.00.4424.15)
HP Advisor (Version: 3.1.9152.3107)
HP Color LaserJet 2600 series
HP Customer Experience Enhancements (Version: 5.1.0.2264)
HP Customer Feedback (Version: 1.0.0)
HP Easy Setup - Frontend (Version: 5.1.0.2269)
HP Games (Version: 1.0.0.80)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Update (Version: 4.000.010.008)
iCloud (Version: 2.1.2.8)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® Viiv™ Software (Version: 1.6.361.6)
iTunes (Version: 11.0.4.4)
Java™ 6 Update 21 (Version: 6.0.210)
kuler (Version: 2.0)
LAME v3.98.3 for Audacity
LEGO MINDSTORMS NXT Driver (Version: 1.20.111.0)
LightScribe  1.4.142.1 (Version: 1.4.142.1)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Luxor 3 (remove only) (Version: 3.4.11.10)
Luxor 3 (Version: 3.4.11.10)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Compact Framework 1.0 SP3 Developer (Version: 1.0.4292)
Microsoft .NET Compact Framework 2.0 (Version: 2.0.5238)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Device Emulator version 1.0 - ENU (Version: 1.0.50727.42)
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005 (Version: 8.0.50727.42)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office XP Standard for Students and Teachers (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.1.2047.00)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (Version: 3.0.0.0)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Management Studio Express (Version: 9.00.2047.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio 2005 Professional Edition - ENU (Version: 8.0.50728)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (Version: 1)
Microsoft Works (Version: 08.05.0818)
MobileMe Control Panel (Version: 3.1.8.0)
MSRedist (Version: 1.0.0.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
muvee autoProducer 6.0 (Version: 6.00.050)
My HP Games (Version: HPCMPQ1701)
Netflix Movie Viewer (Version: 1.2.211)
Norton Confidential Browser Component (Version: 1.5.0.29)
Norton Confidential Web Protection Component (Version: 1.5.0.29)
Norton Internet Security (Symantec Corporation) (Version: 10.2.0.30)
Norton Internet Security (Version: 10.1.0)
Norton Internet Security (Version: 10.2.0.30)
Norton Protection Center (Version: 2007.2.0.22)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OI App Manager
OLYMPUS ib (Version: 1.1.1210c)
OLYMPUS Master 2 (Version: 1.0.5)
OLYMPUS muvee theaterPack (Version: 1.0.2)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Picasa 3 (Version: 3.9)
PSSWCORE (Version: 2.00.5000)
Python 2.4.3 (Version: 2.4.3150)
QuickTime (Version: 7.74.80.86)
RealPlayer
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
ROBOTC for MINDSTORMS (Version: 3.60.5485)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.559)
Runtime (Version: 1.00.0000)
RunTimeCrystal (Version: 1.0.0)
Safari (Version: 5.34.57.2)
Sid Meier's Civilization 4 (HKCU Version: 1.09)
Sid Meier's Civilization 4 (Version: 1.09)
SNAP 3.0.1 (Version: 3.0.1.5)
SNAP 3.0.1 Downloader (Version: 1.0.2.14)
Snapfish Media Detector (Version: 1.7.0.15)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
Sony Picture Utility (Version: 4.3.03.07070)
SpanishNow!
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Suite Shared Configuration CS4 (Version: 1.0)
swMSM (Version: 12.0.0.1)
SymNet (Version: 7.2.0.15)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3906)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0445)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0213)
TurboTax 2010 wnmiper (Version: 010.000.1108)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2783)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0449)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0211)
TurboTax 2011 wnmiper (Version: 011.000.1459)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wnmiper (Version: 012.000.1347)
TurboTax 2012 wrapper (Version: 012.000.0127)
U.B. Funkeys
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB932232) (Version: 1)
Wal-Mart Music Downloads Store (Version: 116.00.0000)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3146.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
 
==================== Restore Points  =========================
 
25-06-2013 15:50:54 Removed LiveUpdate Notice (Symantec Corporation)
25-06-2013 16:01:15 Windows Update
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0B0F9090-AEE5-420E-8030-B083D4C887C8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {1ADF9708-176C-4A26-BB5B-EC6560E22632} - System32\Tasks\User_Feed_Synchronization-{A22C19E4-77BB-4735-9796-9C4CA820A4D0} => C:\Windows\system32\msfeedssync.exe [2013-06-21] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {249A1713-C02F-4929-8A0F-E376BEB1E0A6} - System32\Tasks\User_Feed_Synchronization-{7FF1706D-7056-44D0-8BC3-6183CEAABC03} => C:\Windows\system32\msfeedssync.exe [2013-06-21] (Microsoft Corporation)
Task: {3439F3BD-7AF6-49E1-B4BA-A33154A08313} - System32\Tasks\User_Feed_Synchronization-{A3630862-7172-4097-828E-AAEB3DF14C5C} => C:\Windows\system32\msfeedssync.exe [2013-06-21] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5431828A-C92E-4C7A-90D0-B51A729A720F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {5926F3EF-1360-4E3F-A474-2A248C305430} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28] (Google)
Task: {5BC68441-9A1E-4A50-85CA-E49FC6EC36B2} - System32\Tasks\User_Feed_Synchronization-{1D430BE4-6096-4C88-B874-88CCA42D1B7A} => C:\Windows\system32\msfeedssync.exe [2013-06-21] (Microsoft Corporation)
Task: {73D780BC-661D-4BD2-98AB-97CE04DD3B51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {76767710-85F4-41C2-B703-DF59178D099B} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {A87A65B3-571C-4DC9-B6A2-7D671BF5099E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-05] (Google Inc.)
Task: {A9BCE8F7-E2BC-4284-95C5-ADA56A1248B9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {DBE8802A-CA90-44D2-8DB7-71687EBB6273} - System32\Tasks\Microsoft\Windows\RestartManager\{3EFFE9C1-DB7D-47c2-BD59-8F1C5373ACAC} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F22D0611-3D67-4B45-AB9F-60B02C9FF8ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-05] (Google Inc.)
Task: {F9F2AE19-11AA-4B9E-A346-D0B9AECF74D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/25/2013 01:36:00 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:36:00 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:36:00 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.   (0x80070490)
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
0x%08x (0xc0041800 - The content index cannot be read.  )
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
The content index cannot be read.   (0xc0041800)
 
Error: (06/25/2013 01:35:59 PM) (Source: ESENT) (User: )
Description: Windows (2724) Windows: Database recovery/restore failed with unexpected error -255.
 
Error: (06/25/2013 01:35:59 PM) (Source: ESENT) (User: )
Description: Windows (2724) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Page 33326 (0x0000822e) failed verification due to a flush-order dependency mismatch.  This page should have flushed before page 33322 (0x0000822a), but the latter page has instead flushed first. Recovery/restore will fail with error -255. If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware "losing" one or more flushes on one or both of these pages sometime in the past. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Error: (06/25/2013 01:17:12 PM) (Source: Application Error) (User: )
Description: Faulting application mbar.exe, version 1.6.0.1004, time stamp 0x51a93481, faulting module QtGui4.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0xac, application start time 0xmbar.exe0.
 
 
System errors:
=============
Error: (06/25/2013 08:44:56 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (06/25/2013 06:53:44 PM) (Source: DCOM) (User: )
Description: "C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (06/25/2013 01:38:34 PM) (Source: DCOM) (User: )
Description: "C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (06/25/2013 01:37:15 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service
 
Error: (06/25/2013 01:37:15 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)
 
Error: (06/25/2013 01:37:15 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
 
Error: (06/25/2013 01:37:15 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (06/25/2013 01:35:14 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:33:41 PM on 6/25/2013 was unexpected.
 
Error: (06/25/2013 01:03:47 PM) (Source: DCOM) (User: )
Description: "C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 
Error: (06/25/2013 01:02:45 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
 
 
Microsoft Office Sessions:
=========================
Error: (06/25/2013 01:36:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:36:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:36:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.   (0x80070490)
Search.TripoliIndexer
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index metadata cannot be read.   (0xc0041801)
Search.JetPropStore
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
0x%08x (0xc0041800 - The content index cannot be read.  )
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index metadata cannot be read.   (0xc0041801)
 
Error: (06/25/2013 01:35:59 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index cannot be read.   (0xc0041800)
 
Error: (06/25/2013 01:35:59 PM) (Source: ESENT)(User: )
Description: Windows2724Windows: -255
 
Error: (06/25/2013 01:35:59 PM) (Source: ESENT)(User: )
Description: Windows2724Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb33326 (0x0000822e)33322 (0x0000822a)-255
 
Error: (06/25/2013 01:17:12 PM) (Source: Application Error)(User: )
Description: mbar.exe1.6.0.100451a93481QtGui4.dll6.0.6002.185414ec3e3d5c000013500009f5dac01ce71d894a87ff6
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-25 20:49:19.938
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:49:19.724
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:49:19.526
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:49:19.326
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:48:45.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:48:44.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:48:42.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:48:42.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:48:41.882
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-25 20:48:41.633
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 60%
Total physical RAM: 2037.77 MB
Available physical RAM: 813.41 MB
Total Pagefile: 4320.8 MB
Available Pagefile: 3016.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.38 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:289.26 GB) (Free:62.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:8.83 GB) (Free:1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:35 PM

Posted 26 June 2013 - 05:29 AM

Please do the following:

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
Save it on your desktop as fixlist.txt

(if you saved FRST to a different folder and not your desktop originally, then save fixlist.txt to the same location as FRST was saved)


start
HKU\Stacey\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [x]
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
C:\Users\Public\AuralogComponents.exe
end
NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.
The tool will make a log on your desktop (Fixlog.txt) please attach that log to your reply.

Note: FixList.txt and FRST must be saved to the same location or the fix will not work

Reboot Normally.



NEXT


Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.

MBAR tutorial

Download Malwarebytes Anti-Rootkit from HERE
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt
~~~~~~~~~~~~~~~~~~~~~~~

Note:
If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
Internet access
Windows Update
Windows Firewall

If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit located in the mbar\plugins folder and reboot.
Verify that your system is now functioning normally.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 26 June 2013 - 10:41 AM

bleepin' tiger,

 

Got through the FRST to where it said it was done.  I'm not sure if it worked though, looking at it's log.  I created the restore point and ran the mbar which hung up again.  It didn't do a blue screen, it just froze and never got to the clean up.  

 

Fixlog: 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-06-2013 02
Ran by Administrator2 at 2013-06-26 09:24:51 Run:2
Running from C:\Users\Administrator2\Downloads
Boot Mode: Normal
 
==============================================
 
HKU\Stacey\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin => Value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
C:\Users\Public\AuralogComponents.exe => File/Directory not found.
 
==== End of Fixlog ====


#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:35 PM

Posted 26 June 2013 - 01:14 PM

Please run the following

Refer to the ComboFix User's Guide
  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.



NEXT

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System/TDSS File system is found then ensure Cure is selected (if cure is not available, choose skip)
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 26 June 2013 - 02:16 PM

The TDS Killer didn't come up with a cure or any infections it apparently.

I hope this did it.

 

 

Combofix log:

 

ComboFix 13-06-26.01 - Administrator2 06/26/2013  12:34:38.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2038.1143 [GMT -6:00]
Running from: c:\users\Administrator2\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-26 to 2013-06-26  )))))))))))))))))))))))))))))))
.
.
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\users\Administrator2\AppData\Local\temp
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\users\Stacey\AppData\Local\temp
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\users\Jake\AppData\Local\temp
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-26 18:49 . 2013-06-26 18:49 -------- d-----w- c:\users\Debra\AppData\Local\temp
2013-06-26 02:47 . 2013-06-26 02:47 -------- d-----w- C:\FRST
2013-06-25 18:51 . 2013-06-26 17:19 146648 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-06-25 18:51 . 2013-06-26 16:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-06-25 15:43 . 2013-06-25 15:43 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BC30319-BFA5-4991-B764-FEBF4AD4CECC}\offreg.dll
2013-06-24 22:21 . 2013-06-24 22:21 -------- d-----w- c:\users\Administrator2\AppData\Roaming\Malwarebytes
2013-06-24 22:20 . 2013-06-24 22:20 -------- d-----w- c:\programdata\Malwarebytes
2013-06-24 22:20 . 2013-06-24 22:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-24 22:20 . 2013-04-04 20:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-24 22:16 . 2013-06-24 22:16 -------- d-----w- c:\program files\OI App Manager
2013-06-24 22:16 . 2013-06-24 22:16 -------- d-----w- c:\program files\7-Zip
2013-06-24 20:49 . 2013-06-24 21:17 -------- d-----w- C:\Comfix.exe
2013-06-21 21:38 . 2013-06-21 21:38 -------- d-----w- c:\program files\Western Digital Corporation
2013-06-21 15:33 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2013-06-21 15:33 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-06-21 15:33 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-06-21 15:13 . 2013-06-21 15:13 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-06-21 15:11 . 2013-06-21 15:11 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2013-06-21 15:11 . 2013-06-21 15:11 252928 ----a-w- c:\windows\system32\dxdiag.exe
2013-06-21 15:11 . 2013-06-21 15:11 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2013-06-21 15:11 . 2013-06-21 15:11 519680 ----a-w- c:\windows\system32\d3d11.dll
2013-06-21 15:11 . 2013-06-21 15:11 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-21 15:11 . 2013-06-21 15:11 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-06-21 15:11 . 2013-06-21 15:11 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-06-21 14:23 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-06-21 14:23 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-06-21 02:08 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-21 02:08 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2013-06-21 02:08 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2013-06-21 02:08 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2013-06-21 02:08 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2013-06-21 02:08 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2013-06-21 02:08 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2013-06-21 02:07 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2013-06-21 02:07 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-06-21 02:05 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-06-21 02:05 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-06-21 02:05 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2013-06-21 02:05 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-06-21 02:05 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-06-21 02:05 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-06-21 02:05 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-21 02:05 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-21 02:03 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-06-21 02:03 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-06-21 02:03 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-06-21 02:03 . 2013-03-08 03:53 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-06-21 02:03 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-21 02:03 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-21 02:02 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-06-21 02:02 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-06-21 02:02 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-06-21 02:02 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2013-06-21 02:02 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-06-21 02:02 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2013-06-21 02:02 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2013-06-21 02:02 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2013-06-21 01:42 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-06-20 15:06 . 2013-06-20 15:06 -------- d-----w- c:\users\Administrator2\AppData\Roaming\AVG8
2013-06-18 14:39 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-06-18 14:39 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-06-18 14:39 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-06-18 14:39 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-06-18 14:38 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-06-18 14:38 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-06-18 14:38 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-06-18 14:38 . 2012-06-02 21:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-06-18 14:38 . 2012-06-02 21:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-06-17 22:14 . 2012-12-06 19:52 59904 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\PPhp2600.DLL
2013-06-17 22:06 . 2012-12-06 19:52 125952 ----a-w- c:\windows\system32\ZLhp2600.DLL
2013-06-17 21:52 . 2013-06-17 21:52 -------- d-----w- c:\users\Jake\AppData\Roaming\HP
2013-06-17 21:51 . 2013-06-21 03:08 -------- d-----w- C:\hp_CLJ_2600n_Full_Solution
2013-06-17 20:02 . 2008-01-19 05:34 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
2013-06-17 19:08 . 2013-06-17 19:09 -------- d-----w- c:\windows\system32\ca-ES
2013-06-17 19:08 . 2013-06-17 19:09 -------- d-----w- c:\windows\system32\eu-ES
2013-06-17 19:08 . 2013-06-17 19:09 -------- d-----w- c:\windows\system32\vi-VN
2013-06-17 19:04 . 2013-06-21 03:08 -------- d-----w- c:\windows\system32\SPReview
2013-06-17 18:42 . 2009-04-11 05:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-06-17 18:41 . 2009-04-11 05:27 57856 ----a-w- c:\windows\system32\compcln.exe
2013-06-17 18:33 . 2009-04-11 05:32 27624 ----a-w- c:\windows\system32\drivers\Dumpata.sys
2013-06-17 18:32 . 2009-04-11 05:28 2012160 ----a-w- c:\windows\system32\milcore.dll
2013-06-17 18:31 . 2009-04-11 05:28 524288 ----a-w- c:\windows\system32\sqlsrv32.dll
2013-06-17 18:18 . 2013-06-21 03:08 -------- d-----w- c:\windows\system32\EventProviders
2013-06-17 15:26 . 2013-06-17 15:26 -------- d-----w- c:\program files\iPod
2013-06-17 15:26 . 2013-06-21 03:09 -------- d-----w- c:\program files\iTunes
2013-06-17 15:26 . 2013-06-21 03:08 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-17 15:19 . 2013-06-17 15:19 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2013-06-17 15:19 . 2013-06-17 15:19 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2013-06-17 15:19 . 2013-06-17 15:19 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2013-06-17 15:19 . 2013-06-17 15:19 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2013-06-17 15:19 . 2013-06-17 15:19 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2013-06-17 15:18 . 2013-06-21 03:08 -------- d-----w- c:\program files\QuickTime
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-21 15:11 . 2013-06-21 15:11 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
2013-06-11 21:39 . 2012-04-10 15:06 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 21:39 . 2011-06-05 20:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-01 09:59 . 2013-05-01 09:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 09:59 . 2013-05-01 09:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-31 00:59 . 2013-03-31 00:59 796672 ----a-w- c:\windows\GPInstall.exe
2013-03-29 08:53 . 2013-03-29 08:53 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-21 213936]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-06 68856]
"743E7EAAED691B3A136FBF0E902FB592133D6142._service_run"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-06-15 825808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"SnapfishMediaDetector"="c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe" [2007-03-02 1441792]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-01 133656]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-21 213936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-01 141848]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-03 178712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-01 166424]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
Snapfish Media Detector.lnk - c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe [2007-3-2 1441792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-06 169312]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ   Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 02:08 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 21:39]
.
2013-06-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-06 06:43]
.
2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-05 22:05]
.
2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-05 22:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
Trusted Zone: intuit.com\accounts
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.0.1 205.171.2.25
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-mbamswissarmy
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-26 12:49
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-06-26  12:52:21
ComboFix-quarantined-files.txt  2013-06-26 18:52
ComboFix2.txt  2013-06-25 15:15
ComboFix3.txt  2013-06-24 21:17
.
Pre-Run: 67,979,079,680 bytes free
Post-Run: 67,953,688,576 bytes free
.
- - End Of File - - 4D4651AC22595026A53DBE713042D9B0
8913823FF508CCF109DB74B636C301DA
 

 

TDS Killer log:

 

12:58:48.0223 4920  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:58:49.0460 4920  ============================================================
12:58:49.0460 4920  Current date / time: 2013/06/26 12:58:49.0460
12:58:49.0460 4920  SystemInfo:
12:58:49.0460 4920  
12:58:49.0460 4920  OS Version: 6.0.6002 ServicePack: 2.0
12:58:49.0460 4920  Product type: Workstation
12:58:49.0460 4920  ComputerName: PHANTOM
12:58:49.0461 4920  UserName: Administrator2
12:58:49.0461 4920  Windows directory: C:\Windows
12:58:49.0461 4920  System windows directory: C:\Windows
12:58:49.0461 4920  Processor architecture: Intel x86
12:58:49.0461 4920  Number of processors: 2
12:58:49.0461 4920  Page size: 0x1000
12:58:49.0461 4920  Boot type: Normal boot
12:58:49.0461 4920  ============================================================
12:58:49.0866 4920  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:58:49.0881 4920  ============================================================
12:58:49.0881 4920  \Device\Harddisk0\DR0:
12:58:49.0881 4920  MBR partitions:
12:58:49.0881 4920  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x24283002
12:58:49.0881 4920  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x24283380, BlocksNum 0x11AA341
12:58:49.0881 4920  ============================================================
12:58:49.0881 4920  C: <-> \Device\Harddisk0\DR0\Partition1
12:58:49.0944 4920  D: <-> \Device\Harddisk0\DR0\Partition2
12:58:49.0944 4920  ============================================================
12:58:49.0944 4920  Initialize success
12:58:49.0944 4920  ============================================================
12:58:58.0892 5400  ============================================================
12:58:58.0892 5400  Scan started
12:58:58.0892 5400  Mode: Manual; TDLFS; 
12:58:58.0892 5400  ============================================================
12:58:59.0304 5400  ================ Scan system memory ========================
12:58:59.0304 5400  System memory - ok
12:58:59.0304 5400  ================ Scan services =============================
12:58:59.0542 5400  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:58:59.0544 5400  ACPI - ok
12:58:59.0616 5400  [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs            C:\Windows\system32\drivers\adfs.sys
12:58:59.0616 5400  adfs - ok
12:58:59.0757 5400  [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
12:58:59.0759 5400  AdobeActiveFileMonitor8.0 - ok
12:58:59.0889 5400  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:58:59.0891 5400  AdobeFlashPlayerUpdateSvc - ok
12:58:59.0959 5400  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:58:59.0959 5400  adp94xx - ok
12:58:59.0990 5400  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:58:59.0990 5400  adpahci - ok
12:59:00.0021 5400  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:59:00.0021 5400  adpu160m - ok
12:59:00.0052 5400  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:59:00.0052 5400  adpu320 - ok
12:59:00.0099 5400  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:59:00.0099 5400  AeLookupSvc - ok
12:59:00.0177 5400  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
12:59:00.0177 5400  AFD - ok
12:59:00.0208 5400  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:59:00.0208 5400  agp440 - ok
12:59:00.0240 5400  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:59:00.0240 5400  aic78xx - ok
12:59:00.0318 5400  [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService    C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
12:59:00.0318 5400  AlertService - ok
12:59:00.0396 5400  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
12:59:00.0396 5400  ALG - ok
12:59:00.0458 5400  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:59:00.0458 5400  aliide - ok
12:59:00.0489 5400  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:59:00.0489 5400  amdagp - ok
12:59:00.0536 5400  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
12:59:00.0536 5400  amdide - ok
12:59:00.0567 5400  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:59:00.0567 5400  AmdK7 - ok
12:59:00.0614 5400  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:59:00.0614 5400  AmdK8 - ok
12:59:00.0661 5400  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
12:59:00.0661 5400  Appinfo - ok
12:59:00.0754 5400  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:59:00.0754 5400  Apple Mobile Device - ok
12:59:00.0801 5400  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
12:59:00.0801 5400  arc - ok
12:59:00.0818 5400  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:59:00.0818 5400  arcsas - ok
12:59:00.0870 5400  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:59:00.0870 5400  AsyncMac - ok
12:59:00.0924 5400  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:59:00.0925 5400  atapi - ok
12:59:01.0007 5400  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:59:01.0009 5400  AudioEndpointBuilder - ok
12:59:01.0017 5400  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:59:01.0020 5400  Audiosrv - ok
12:59:01.0269 5400  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
12:59:01.0303 5400  AVGIDSAgent - ok
12:59:01.0356 5400  [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
12:59:01.0358 5400  AVGIDSDriver - ok
12:59:01.0411 5400  [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
12:59:01.0412 5400  AVGIDSHX - ok
12:59:01.0421 5400  [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
12:59:01.0421 5400  AVGIDSShim - ok
12:59:01.0437 5400  [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
12:59:01.0438 5400  Avgldx86 - ok
12:59:01.0463 5400  [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
12:59:01.0465 5400  Avglogx - ok
12:59:01.0480 5400  [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
12:59:01.0481 5400  Avgmfx86 - ok
12:59:01.0493 5400  [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
12:59:01.0493 5400  Avgrkx86 - ok
12:59:01.0522 5400  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
12:59:01.0524 5400  Avgtdix - ok
12:59:01.0573 5400  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
12:59:01.0575 5400  avgwd - ok
12:59:01.0638 5400  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:59:01.0638 5400  Beep - ok
12:59:01.0722 5400  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
12:59:01.0725 5400  BFE - ok
12:59:01.0806 5400  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
12:59:01.0813 5400  BITS - ok
12:59:01.0844 5400  blbdrive - ok
12:59:01.0906 5400  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:59:01.0906 5400  Bonjour Service - ok
12:59:01.0969 5400  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:59:01.0969 5400  bowser - ok
12:59:02.0000 5400  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:59:02.0000 5400  BrFiltLo - ok
12:59:02.0016 5400  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:59:02.0016 5400  BrFiltUp - ok
12:59:02.0078 5400  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
12:59:02.0078 5400  Browser - ok
12:59:02.0078 5400  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:59:02.0078 5400  Brserid - ok
12:59:02.0094 5400  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:59:02.0094 5400  BrSerWdm - ok
12:59:02.0109 5400  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:59:02.0109 5400  BrUsbMdm - ok
12:59:02.0109 5400  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:59:02.0109 5400  BrUsbSer - ok
12:59:02.0125 5400  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:59:02.0125 5400  BTHMODEM - ok
12:59:02.0172 5400  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
12:59:02.0172 5400  BVRPMPR5 - ok
12:59:02.0250 5400  catchme - ok
12:59:02.0281 5400  [ FE69C498B922CE835E2E2123FBD0A272 ] ccEvtMgr        c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:59:02.0281 5400  ccEvtMgr - ok
12:59:02.0296 5400  [ FE69C498B922CE835E2E2123FBD0A272 ] ccSetMgr        c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:59:02.0296 5400  ccSetMgr - ok
12:59:02.0343 5400  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:59:02.0343 5400  cdfs - ok
12:59:02.0406 5400  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:59:02.0406 5400  cdrom - ok
12:59:02.0484 5400  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:59:02.0484 5400  CertPropSvc - ok
12:59:02.0515 5400  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:59:02.0515 5400  circlass - ok
12:59:02.0530 5400  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
12:59:02.0530 5400  CLFS - ok
12:59:02.0608 5400  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:59:02.0608 5400  clr_optimization_v2.0.50727_32 - ok
12:59:02.0686 5400  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:59:02.0686 5400  clr_optimization_v4.0.30319_32 - ok
12:59:02.0702 5400  [ FE69C498B922CE835E2E2123FBD0A272 ] CLTNetCnService c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:59:02.0702 5400  CLTNetCnService - ok
12:59:02.0718 5400  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:59:02.0718 5400  cmdide - ok
12:59:02.0780 5400  [ 3B38F3DEFD61DB294421993F969BC88F ] comHost         c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
12:59:02.0780 5400  comHost - ok
12:59:02.0827 5400  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:59:02.0827 5400  Compbatt - ok
12:59:02.0827 5400  COMSysApp - ok
12:59:02.0828 5400  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:59:02.0828 5400  crcdisk - ok
12:59:02.0849 5400  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:59:02.0849 5400  Crusoe - ok
12:59:02.0924 5400  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:59:02.0925 5400  CryptSvc - ok
12:59:03.0001 5400  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:59:03.0006 5400  DcomLaunch - ok
12:59:03.0066 5400  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:59:03.0067 5400  DfsC - ok
12:59:03.0184 5400  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
12:59:03.0199 5400  DFSR - ok
12:59:03.0304 5400  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:59:03.0306 5400  Dhcp - ok
12:59:03.0365 5400  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
12:59:03.0366 5400  disk - ok
12:59:03.0391 5400  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:59:03.0392 5400  Dnscache - ok
12:59:03.0490 5400  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:59:03.0491 5400  dot3svc - ok
12:59:03.0564 5400  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
12:59:03.0566 5400  DPS - ok
12:59:03.0659 5400  [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService   C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
12:59:03.0660 5400  DQLWinService - ok
12:59:03.0727 5400  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:59:03.0748 5400  drmkaud - ok
12:59:03.0861 5400  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:59:03.0861 5400  DXGKrnl - ok
12:59:03.0939 5400  [ D00EEAE1CACD77A1A8396BBC19140BBA ] E100B           C:\Windows\system32\DRIVERS\e100b325.sys
12:59:03.0939 5400  E100B - ok
12:59:03.0986 5400  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:59:03.0986 5400  E1G60 - ok
12:59:04.0064 5400  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
12:59:04.0064 5400  EapHost - ok
12:59:04.0142 5400  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:59:04.0142 5400  Ecache - ok
12:59:04.0236 5400  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:59:04.0236 5400  ehRecvr - ok
12:59:04.0267 5400  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
12:59:04.0267 5400  ehSched - ok
12:59:04.0282 5400  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
12:59:04.0282 5400  ehstart - ok
12:59:04.0314 5400  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:59:04.0314 5400  elxstor - ok
12:59:04.0407 5400  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:59:04.0407 5400  EMDMgmt - ok
12:59:04.0454 5400  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
12:59:04.0454 5400  EventSystem - ok
12:59:04.0532 5400  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
12:59:04.0532 5400  exfat - ok
12:59:04.0610 5400  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:59:04.0610 5400  fastfat - ok
12:59:04.0657 5400  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:59:04.0657 5400  fdc - ok
12:59:04.0719 5400  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:59:04.0719 5400  fdPHost - ok
12:59:04.0766 5400  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:59:04.0766 5400  FDResPub - ok
12:59:04.0797 5400  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:59:04.0797 5400  FileInfo - ok
12:59:04.0828 5400  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:59:04.0828 5400  Filetrace - ok
12:59:04.0853 5400  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:59:04.0860 5400  FLEXnet Licensing Service - ok
12:59:04.0887 5400  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:59:04.0888 5400  flpydisk - ok
12:59:04.0966 5400  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:59:04.0967 5400  FltMgr - ok
12:59:05.0060 5400  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
12:59:05.0067 5400  FontCache - ok
12:59:05.0164 5400  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:59:05.0165 5400  FontCache3.0.0.0 - ok
12:59:05.0242 5400  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:59:05.0242 5400  Fs_Rec - ok
12:59:05.0299 5400  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:59:05.0300 5400  gagp30kx - ok
12:59:05.0380 5400  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:59:05.0380 5400  GEARAspiWDM - ok
12:59:05.0454 5400  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:59:05.0458 5400  gpsvc - ok
12:59:05.0569 5400  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:59:05.0570 5400  gupdate - ok
12:59:05.0607 5400  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:59:05.0608 5400  gupdatem - ok
12:59:05.0638 5400  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:59:05.0639 5400  gusvc - ok
12:59:05.0677 5400  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:59:05.0679 5400  HdAudAddService - ok
12:59:05.0791 5400  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:59:05.0795 5400  HDAudBus - ok
12:59:05.0863 5400  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:59:05.0863 5400  HidBth - ok
12:59:05.0910 5400  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:59:05.0910 5400  HidIr - ok
12:59:05.0956 5400  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
12:59:05.0956 5400  hidserv - ok
12:59:06.0019 5400  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:59:06.0019 5400  HidUsb - ok
12:59:06.0066 5400  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:59:06.0081 5400  hkmsvc - ok
12:59:06.0097 5400  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:59:06.0097 5400  HpCISSs - ok
12:59:06.0159 5400  [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP          C:\Windows\system32\DRIVERS\HSX_DP.sys
12:59:06.0175 5400  HSF_DP - ok
12:59:06.0190 5400  [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
12:59:06.0190 5400  HSXHWBS2 - ok
12:59:06.0237 5400  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:59:06.0237 5400  HTTP - ok
12:59:06.0253 5400  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:59:06.0253 5400  i2omp - ok
12:59:06.0331 5400  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:59:06.0331 5400  i8042prt - ok
12:59:06.0378 5400  [ 11A220EB53F1D42B8AF0AD1210B8241D ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
12:59:06.0393 5400  IAANTMON - ok
12:59:06.0409 5400  [ 25C3D5F66A74A7BDDECA56085F040D2E ] iaStor          C:\Windows\system32\drivers\iastor.sys
12:59:06.0409 5400  iaStor - ok
12:59:06.0456 5400  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:59:06.0456 5400  iaStorV - ok
12:59:06.0518 5400  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:59:06.0534 5400  IDriverT - ok
12:59:06.0596 5400  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:59:06.0612 5400  idsvc - ok
12:59:06.0721 5400  [ B719025BA318425BBD1B05C999C98778 ] IDSvix86        C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20071116.001\IDSvix86.sys
12:59:06.0721 5400  IDSvix86 - ok
12:59:06.0783 5400  [ 62F534791AE488A475A3E508D92AF4CC ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:59:06.0799 5400  igfx - ok
12:59:06.0830 5400  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:59:06.0830 5400  iirsp - ok
12:59:06.0892 5400  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:59:06.0908 5400  IKEEXT - ok
12:59:06.0974 5400  [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:59:06.0990 5400  IntcAzAudAddService - ok
12:59:07.0043 5400  [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf  C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
12:59:07.0044 5400  IntelDHSvcConf - ok
12:59:07.0099 5400  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:59:07.0100 5400  intelide - ok
12:59:07.0130 5400  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:59:07.0131 5400  intelppm - ok
12:59:07.0215 5400  [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
12:59:07.0215 5400  IntuitUpdateService - ok
12:59:07.0273 5400  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
12:59:07.0274 5400  IntuitUpdateServiceV4 - ok
12:59:07.0336 5400  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:59:07.0339 5400  IPBusEnum - ok
12:59:07.0387 5400  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:59:07.0389 5400  IpFilterDriver - ok
12:59:07.0455 5400  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:59:07.0460 5400  iphlpsvc - ok
12:59:07.0465 5400  IpInIp - ok
12:59:07.0488 5400  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:59:07.0489 5400  IPMIDRV - ok
12:59:07.0502 5400  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:59:07.0504 5400  IPNAT - ok
12:59:07.0628 5400  [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:59:07.0632 5400  iPod Service - ok
12:59:07.0688 5400  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:59:07.0689 5400  IRENUM - ok
12:59:07.0713 5400  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:59:07.0714 5400  isapnp - ok
12:59:07.0766 5400  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:59:07.0770 5400  iScsiPrt - ok
12:59:07.0841 5400  [ 31E4D7875FF05D9F81C2ABDF48F51B11 ] ISPwdSvc        c:\Program Files\Norton Internet Security\isPwdSvc.exe
12:59:07.0842 5400  ISPwdSvc - ok
12:59:07.0905 5400  [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM            C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
12:59:07.0906 5400  ISSM - ok
12:59:07.0936 5400  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:59:07.0936 5400  iteatapi - ok
12:59:07.0992 5400  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:59:07.0992 5400  iteraid - ok
12:59:08.0055 5400  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:59:08.0055 5400  kbdclass - ok
12:59:08.0102 5400  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:59:08.0102 5400  kbdhid - ok
12:59:08.0164 5400  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
12:59:08.0164 5400  KeyIso - ok
12:59:08.0211 5400  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:59:08.0226 5400  KSecDD - ok
12:59:08.0289 5400  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:59:08.0304 5400  KtmRm - ok
12:59:08.0367 5400  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:59:08.0367 5400  LanmanServer - ok
12:59:08.0460 5400  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:59:08.0460 5400  LanmanWorkstation - ok
12:59:08.0507 5400  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:59:08.0507 5400  LightScribeService - ok
12:59:08.0523 5400  [ FE69C498B922CE835E2E2123FBD0A272 ] LiveUpdate Notice Ex c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:59:08.0523 5400  LiveUpdate Notice Ex - ok
12:59:08.0570 5400  [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
12:59:08.0585 5400  LiveUpdate Notice Service - ok
12:59:08.0632 5400  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:59:08.0632 5400  lltdio - ok
12:59:08.0663 5400  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:59:08.0663 5400  lltdsvc - ok
12:59:08.0694 5400  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:59:08.0694 5400  lmhosts - ok
12:59:08.0726 5400  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:59:08.0726 5400  LSI_FC - ok
12:59:08.0741 5400  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:59:08.0741 5400  LSI_SAS - ok
12:59:08.0772 5400  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:59:08.0772 5400  LSI_SCSI - ok
12:59:08.0807 5400  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
12:59:08.0809 5400  luafv - ok
12:59:08.0843 5400  [ 7B073FD0133346D0E555353F164057D7 ] M1 Server       C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
12:59:08.0843 5400  M1 Server - ok
12:59:08.0884 5400  [ 90B11EC07E81D95772A86F0CF2F24162 ] mbamswissarmy   C:\Windows\system32\drivers\mbamswissarmy.sys
12:59:08.0887 5400  mbamswissarmy - ok
12:59:08.0922 5400  [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL   C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
12:59:08.0924 5400  MCLServiceATL - ok
12:59:08.0971 5400  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:59:08.0974 5400  Mcx2Svc - ok
12:59:09.0027 5400  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
12:59:09.0030 5400  MDM - ok
12:59:09.0056 5400  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:59:09.0057 5400  mdmxsdk - ok
12:59:09.0090 5400  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
12:59:09.0091 5400  megasas - ok
12:59:09.0144 5400  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
12:59:09.0146 5400  MMCSS - ok
12:59:09.0153 5400  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
12:59:09.0154 5400  Modem - ok
12:59:09.0216 5400  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:59:09.0217 5400  monitor - ok
12:59:09.0243 5400  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:59:09.0245 5400  mouclass - ok
12:59:09.0297 5400  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:59:09.0298 5400  mouhid - ok
12:59:09.0329 5400  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:59:09.0331 5400  MountMgr - ok
12:59:09.0379 5400  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:59:09.0382 5400  mpio - ok
12:59:09.0394 5400  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:59:09.0396 5400  mpsdrv - ok
12:59:09.0471 5400  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:59:09.0479 5400  MpsSvc - ok
12:59:09.0526 5400  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:59:09.0528 5400  Mraid35x - ok
12:59:09.0613 5400  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:59:09.0616 5400  MRxDAV - ok
12:59:09.0675 5400  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:59:09.0677 5400  mrxsmb - ok
12:59:09.0765 5400  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:59:09.0769 5400  mrxsmb10 - ok
12:59:09.0776 5400  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:59:09.0778 5400  mrxsmb20 - ok
12:59:09.0833 5400  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:59:09.0833 5400  msahci - ok
12:59:09.0896 5400  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:59:09.0896 5400  msdsm - ok
12:59:09.0958 5400  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
12:59:09.0958 5400  MSDTC - ok
12:59:09.0990 5400  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:59:09.0990 5400  Msfs - ok
12:59:10.0026 5400  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:59:10.0027 5400  msisadrv - ok
12:59:10.0065 5400  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:59:10.0068 5400  MSiSCSI - ok
12:59:10.0080 5400  msiserver - ok
12:59:10.0095 5400  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:59:10.0096 5400  MSKSSRV - ok
12:59:10.0137 5400  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:59:10.0138 5400  MSPCLOCK - ok
12:59:10.0169 5400  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:59:10.0170 5400  MSPQM - ok
12:59:10.0238 5400  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:59:10.0241 5400  MsRPC - ok
12:59:10.0303 5400  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:59:10.0304 5400  mssmbios - ok
12:59:10.0360 5400  MSSQL$SQLEXPRESS - ok
12:59:10.0394 5400  [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:59:10.0395 5400  MSSQLServerADHelper - ok
12:59:10.0444 5400  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:59:10.0445 5400  MSTEE - ok
12:59:10.0596 5400  [ 211FC58C9DBD1F3A824E34023D16BABC ] msvsmon80       C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
12:59:10.0635 5400  msvsmon80 - ok
12:59:10.0691 5400  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
12:59:10.0693 5400  Mup - ok
12:59:10.0770 5400  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
12:59:10.0776 5400  napagent - ok
12:59:10.0885 5400  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:59:10.0889 5400  NativeWifiP - ok
12:59:10.0934 5400  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:59:10.0938 5400  NDIS - ok
12:59:11.0025 5400  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:59:11.0025 5400  NdisTapi - ok
12:59:11.0025 5400  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:59:11.0025 5400  Ndisuio - ok
12:59:11.0040 5400  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:59:11.0056 5400  NdisWan - ok
12:59:11.0071 5400  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:59:11.0071 5400  NDProxy - ok
12:59:11.0134 5400  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:59:11.0134 5400  NetBIOS - ok
12:59:11.0196 5400  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:59:11.0196 5400  netbt - ok
12:59:11.0212 5400  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
12:59:11.0212 5400  Netlogon - ok
12:59:11.0274 5400  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
12:59:11.0274 5400  Netman - ok
12:59:11.0337 5400  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
12:59:11.0337 5400  netprofm - ok
12:59:11.0399 5400  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:59:11.0399 5400  NetTcpPortSharing - ok
12:59:11.0430 5400  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:59:11.0430 5400  nfrd960 - ok
12:59:11.0446 5400  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:59:11.0446 5400  NlaSvc - ok
12:59:11.0508 5400  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:59:11.0508 5400  Npfs - ok
12:59:11.0571 5400  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
12:59:11.0571 5400  nsi - ok
12:59:11.0586 5400  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:59:11.0586 5400  nsiproxy - ok
12:59:11.0664 5400  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:59:11.0680 5400  Ntfs - ok
12:59:11.0711 5400  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:59:11.0711 5400  ntrigdigi - ok
12:59:11.0711 5400  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
12:59:11.0711 5400  Null - ok
12:59:11.0727 5400  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:59:11.0742 5400  nvraid - ok
12:59:11.0742 5400  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:59:11.0742 5400  nvstor - ok
12:59:11.0758 5400  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:59:11.0758 5400  nv_agp - ok
12:59:11.0758 5400  NwlnkFlt - ok
12:59:11.0773 5400  NwlnkFwd - ok
12:59:11.0836 5400  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:59:11.0836 5400  ohci1394 - ok
12:59:11.0883 5400  [ F4CB9C1991314B1352DDBD8A968E4471 ] OlyCamComm      C:\Windows\system32\DRIVERS\OlyCamComm.sys
12:59:11.0883 5400  OlyCamComm - ok
12:59:11.0961 5400  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:59:11.0976 5400  p2pimsvc - ok
12:59:11.0992 5400  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:59:11.0992 5400  p2psvc - ok
12:59:12.0023 5400  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
12:59:12.0023 5400  Parport - ok
12:59:12.0085 5400  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:59:12.0085 5400  partmgr - ok
12:59:12.0101 5400  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:59:12.0101 5400  Parvdm - ok
12:59:12.0163 5400  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:59:12.0163 5400  PcaSvc - ok
12:59:12.0210 5400  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
12:59:12.0210 5400  pci - ok
12:59:12.0226 5400  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:59:12.0226 5400  pciide - ok
12:59:12.0257 5400  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:59:12.0257 5400  pcmcia - ok
12:59:12.0304 5400  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:59:12.0319 5400  PEAUTH - ok
12:59:12.0366 5400  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
12:59:12.0397 5400  pla - ok
12:59:12.0460 5400  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:59:12.0460 5400  PlugPlay - ok
12:59:12.0522 5400  [ 2B81B089D9364083F5046AD1307A65BE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:59:12.0522 5400  Pml Driver HPZ12 - ok
12:59:12.0553 5400  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:59:12.0569 5400  PNRPAutoReg - ok
12:59:12.0569 5400  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:59:12.0585 5400  PNRPsvc - ok
12:59:12.0647 5400  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:59:12.0663 5400  PolicyAgent - ok
12:59:12.0709 5400  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:59:12.0725 5400  PptpMiniport - ok
12:59:12.0741 5400  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
12:59:12.0741 5400  Processor - ok
12:59:12.0819 5400  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:59:12.0819 5400  ProfSvc - ok
12:59:12.0834 5400  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:59:12.0850 5400  ProtectedStorage - ok
12:59:12.0881 5400  [ 390C204CED3785609AB24E9C52054A84 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
12:59:12.0897 5400  Ps2 - ok
12:59:12.0929 5400  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:59:12.0929 5400  PSched - ok
12:59:12.0957 5400  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
12:59:12.0958 5400  PxHelp20 - ok
12:59:13.0006 5400  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:59:13.0012 5400  ql2300 - ok
12:59:13.0052 5400  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:59:13.0053 5400  ql40xx - ok
12:59:13.0117 5400  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
12:59:13.0123 5400  QWAVE - ok
12:59:13.0138 5400  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:59:13.0139 5400  QWAVEdrv - ok
12:59:13.0152 5400  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:59:13.0153 5400  RasAcd - ok
12:59:13.0163 5400  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
12:59:13.0166 5400  RasAuto - ok
12:59:13.0177 5400  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:59:13.0179 5400  Rasl2tp - ok
12:59:13.0241 5400  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
12:59:13.0247 5400  RasMan - ok
12:59:13.0322 5400  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:59:13.0324 5400  RasPppoe - ok
12:59:13.0331 5400  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:59:13.0333 5400  RasSstp - ok
12:59:13.0347 5400  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:59:13.0352 5400  rdbss - ok
12:59:13.0412 5400  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:59:13.0414 5400  RDPCDD - ok
12:59:13.0439 5400  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:59:13.0440 5400  rdpdr - ok
12:59:13.0469 5400  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:59:13.0470 5400  RDPENCDD - ok
12:59:13.0509 5400  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:59:13.0513 5400  RDPWD - ok
12:59:13.0550 5400  [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
12:59:13.0559 5400  Remote UI Service - ok
12:59:13.0621 5400  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:59:13.0623 5400  RemoteAccess - ok
12:59:13.0686 5400  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:59:13.0688 5400  RemoteRegistry - ok
12:59:13.0771 5400  [ 062D1268CFCF569BA5FBCFD1BEA88D2A ] RoxMediaDB9     c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
12:59:13.0778 5400  RoxMediaDB9 - ok
12:59:13.0804 5400  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
12:59:13.0805 5400  RpcLocator - ok
12:59:13.0874 5400  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\System32\rpcss.dll
12:59:13.0880 5400  RpcSs - ok
12:59:13.0933 5400  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:59:13.0935 5400  rspndr - ok
12:59:13.0996 5400  [ E2988349FE0567CBE4161CC653575A8E ] RT2500          C:\Windows\system32\DRIVERS\RT2500.sys
12:59:13.0996 5400  RT2500 - ok
12:59:14.0012 5400  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
12:59:14.0012 5400  SamSs - ok
12:59:14.0058 5400  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:59:14.0058 5400  sbp2port - ok
12:59:14.0136 5400  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:59:14.0136 5400  SCardSvr - ok
12:59:14.0214 5400  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
12:59:14.0230 5400  Schedule - ok
12:59:14.0292 5400  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:59:14.0292 5400  SCPolicySvc - ok
12:59:14.0355 5400  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:59:14.0355 5400  SDRSVC - ok
12:59:14.0386 5400  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:59:14.0386 5400  secdrv - ok
12:59:14.0402 5400  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
12:59:14.0402 5400  seclogon - ok
12:59:14.0448 5400  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
12:59:14.0448 5400  SENS - ok
12:59:14.0464 5400  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:59:14.0464 5400  Serenum - ok
12:59:14.0495 5400  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
12:59:14.0495 5400  Serial - ok
12:59:14.0558 5400  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:59:14.0558 5400  sermouse - ok
12:59:14.0620 5400  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:59:14.0620 5400  SessionEnv - ok
12:59:14.0636 5400  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:59:14.0651 5400  sffdisk - ok
12:59:14.0667 5400  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:59:14.0667 5400  sffp_mmc - ok
12:59:14.0682 5400  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:59:14.0682 5400  sffp_sd - ok
12:59:14.0698 5400  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:59:14.0698 5400  sfloppy - ok
12:59:14.0714 5400  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:59:14.0714 5400  SharedAccess - ok
12:59:14.0776 5400  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:59:14.0792 5400  ShellHWDetection - ok
12:59:14.0807 5400  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:59:14.0807 5400  sisagp - ok
12:59:14.0823 5400  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:59:14.0823 5400  SiSRaid2 - ok
12:59:14.0854 5400  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:59:14.0854 5400  SiSRaid4 - ok
12:59:14.0935 5400  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
12:59:14.0961 5400  slsvc - ok
12:59:15.0032 5400  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:59:15.0035 5400  SLUINotify - ok
12:59:15.0087 5400  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:59:15.0089 5400  Smb - ok
12:59:15.0114 5400  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:59:15.0117 5400  SNMPTRAP - ok
12:59:15.0171 5400  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
12:59:15.0173 5400  spldr - ok
12:59:15.0236 5400  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
12:59:15.0239 5400  Spooler - ok
12:59:15.0315 5400  [ 5673E79BBB62A4C35B10D821FF1B4ACA ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:59:15.0316 5400  SQLBrowser - ok
12:59:15.0346 5400  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:59:15.0346 5400  SQLWriter - ok
12:59:15.0384 5400  [ 2A2A3630F0C4771319B90D1B63C4B999 ] SQTECH9051      C:\Windows\system32\Drivers\Capt9051.sys
12:59:15.0385 5400  SQTECH9051 - ok
12:59:15.0442 5400  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:59:15.0447 5400  srv - ok
12:59:15.0498 5400  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:59:15.0501 5400  srv2 - ok
12:59:15.0509 5400  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:59:15.0512 5400  srvnet - ok
12:59:15.0565 5400  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:59:15.0568 5400  SSDPSRV - ok
12:59:15.0604 5400  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:59:15.0608 5400  SstpSvc - ok
12:59:15.0678 5400  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
12:59:15.0683 5400  stisvc - ok
12:59:15.0734 5400  [ 4CFEB2BD9723489DA072B300940EA287 ] stllssvr        c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:59:15.0736 5400  stllssvr - ok
12:59:15.0756 5400  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:59:15.0757 5400  swenum - ok
12:59:15.0830 5400  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
12:59:15.0837 5400  swprv - ok
12:59:15.0904 5400  [ 595175D2E7F77A1440DE360EEC20FA7D ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
12:59:15.0921 5400  Symantec Core LC - ok
12:59:15.0955 5400  [ EFF5C2A0A06BCBFC5CF931C00CF6146D ] SymAppCore      c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
12:59:15.0955 5400  SymAppCore - ok
12:59:15.0998 5400  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:59:15.0998 5400  Symc8xx - ok
12:59:16.0029 5400  [ A16D76BAA5D2CBE45C57FA582C1208E5 ] SYMDNS          C:\Windows\System32\Drivers\SYMDNS.SYS
12:59:16.0029 5400  SYMDNS - ok
12:59:16.0061 5400  [ 2975B9B4B55FABE9D95883B7A58B83A3 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
12:59:16.0061 5400  SymEvent - ok
12:59:16.0076 5400  [ C64D200569A18EA6C676266DEE3AC158 ] SYMFW           C:\Windows\System32\Drivers\SYMFW.SYS
12:59:16.0092 5400  SYMFW - ok
12:59:16.0123 5400  [ 7764D3D7A3C858F04CED3C1F16410D89 ] SYMIDS          C:\Windows\System32\Drivers\SYMIDS.SYS
12:59:16.0123 5400  SYMIDS - ok
12:59:16.0139 5400  [ D193684004658FE4F3F143CA6DD9EF8B ] SYMNDISV        C:\Windows\System32\Drivers\SYMNDISV.SYS
12:59:16.0139 5400  SYMNDISV - ok
12:59:16.0154 5400  [ 829830A3CA1C5E329D68E26C9CD2DE8D ] SYMREDRV        C:\Windows\System32\Drivers\SYMREDRV.SYS
12:59:16.0154 5400  SYMREDRV - ok
12:59:16.0170 5400  [ B1AA9704124B494C34E8D372E6654196 ] SYMTDI          C:\Windows\System32\Drivers\SYMTDI.SYS
12:59:16.0170 5400  SYMTDI - ok
12:59:16.0201 5400  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:59:16.0201 5400  Sym_hi - ok
12:59:16.0232 5400  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:59:16.0232 5400  Sym_u3 - ok
12:59:16.0310 5400  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
12:59:16.0326 5400  SysMain - ok
12:59:16.0357 5400  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:59:16.0357 5400  TabletInputService - ok
12:59:16.0373 5400  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:59:16.0373 5400  TapiSrv - ok
12:59:16.0419 5400  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
12:59:16.0419 5400  TBS - ok
12:59:16.0497 5400  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:59:16.0497 5400  Tcpip - ok
12:59:16.0529 5400  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:59:16.0529 5400  Tcpip6 - ok
12:59:16.0544 5400  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:59:16.0560 5400  tcpipreg - ok
12:59:16.0607 5400  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:59:16.0607 5400  TDPIPE - ok
12:59:16.0638 5400  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:59:16.0638 5400  TDTCP - ok
12:59:16.0685 5400  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:59:16.0685 5400  tdx - ok
12:59:16.0747 5400  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:59:16.0747 5400  TermDD - ok
12:59:16.0825 5400  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
12:59:16.0825 5400  TermService - ok
12:59:16.0856 5400  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
12:59:16.0856 5400  Themes - ok
12:59:16.0872 5400  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:59:16.0872 5400  THREADORDER - ok
12:59:16.0934 5400  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
12:59:16.0934 5400  TrkWks - ok
12:59:16.0990 5400  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:59:16.0990 5400  TrustedInstaller - ok
12:59:17.0011 5400  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:59:17.0013 5400  tssecsrv - ok
12:59:17.0059 5400  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:59:17.0061 5400  tunmp - ok
12:59:17.0085 5400  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:59:17.0086 5400  tunnel - ok
12:59:17.0134 5400  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:59:17.0136 5400  uagp35 - ok
12:59:17.0185 5400  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:59:17.0190 5400  udfs - ok
12:59:17.0244 5400  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:59:17.0246 5400  UI0Detect - ok
12:59:17.0268 5400  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:59:17.0269 5400  uliagpkx - ok
12:59:17.0292 5400  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:59:17.0294 5400  uliahci - ok
12:59:17.0317 5400  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:59:17.0319 5400  UlSata - ok
12:59:17.0336 5400  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:59:17.0338 5400  ulsata2 - ok
12:59:17.0388 5400  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:59:17.0389 5400  umbus - ok
12:59:17.0447 5400  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
12:59:17.0451 5400  upnphost - ok
12:59:17.0515 5400  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:59:17.0516 5400  USBAAPL - ok
12:59:17.0582 5400  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:59:17.0585 5400  usbccgp - ok
12:59:17.0619 5400  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:59:17.0620 5400  usbcir - ok
12:59:17.0675 5400  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:59:17.0677 5400  usbehci - ok
12:59:17.0739 5400  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:59:17.0743 5400  usbhub - ok
12:59:17.0762 5400  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:59:17.0763 5400  usbohci - ok
12:59:17.0824 5400  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:59:17.0825 5400  usbprint - ok
12:59:17.0854 5400  [ 45F1636265B41F9ECC4F33A721A411E1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:59:17.0855 5400  usbscan - ok
12:59:17.0906 5400  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:59:17.0908 5400  USBSTOR - ok
12:59:17.0968 5400  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:59:17.0969 5400  usbuhci - ok
12:59:18.0048 5400  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:59:18.0048 5400  usbvideo - ok
12:59:18.0111 5400  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
12:59:18.0111 5400  UxSms - ok
12:59:18.0189 5400  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
12:59:18.0189 5400  vds - ok
12:59:18.0220 5400  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:59:18.0220 5400  vga - ok
12:59:18.0267 5400  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:59:18.0267 5400  VgaSave - ok
12:59:18.0329 5400  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:59:18.0329 5400  viaagp - ok
12:59:18.0345 5400  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:59:18.0345 5400  ViaC7 - ok
12:59:18.0360 5400  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
12:59:18.0360 5400  viaide - ok
12:59:18.0423 5400  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:59:18.0423 5400  volmgr - ok
12:59:18.0438 5400  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:59:18.0438 5400  volmgrx - ok
12:59:18.0501 5400  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:59:18.0501 5400  volsnap - ok
12:59:18.0547 5400  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:59:18.0547 5400  vsmraid - ok
12:59:18.0625 5400  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
12:59:18.0641 5400  VSS - ok
12:59:18.0703 5400  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
12:59:18.0703 5400  W32Time - ok
12:59:18.0719 5400  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:59:18.0735 5400  WacomPen - ok
12:59:18.0781 5400  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:59:18.0781 5400  Wanarp - ok
12:59:18.0781 5400  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:59:18.0797 5400  Wanarpv6 - ok
12:59:18.0813 5400  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:59:18.0828 5400  wcncsvc - ok
12:59:18.0829 5400  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:59:18.0831 5400  WcsPlugInService - ok
12:59:18.0857 5400  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
12:59:18.0858 5400  Wd - ok
12:59:18.0890 5400  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:59:18.0898 5400  Wdf01000 - ok
12:59:18.0912 5400  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:59:18.0916 5400  WdiServiceHost - ok
12:59:18.0920 5400  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:59:18.0923 5400  WdiSystemHost - ok
12:59:18.0987 5400  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
12:59:18.0992 5400  WebClient - ok
12:59:19.0054 5400  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:59:19.0058 5400  Wecsvc - ok
12:59:19.0112 5400  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:59:19.0115 5400  wercplsupport - ok
12:59:19.0127 5400  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:59:19.0130 5400  WerSvc - ok
12:59:19.0186 5400  [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:59:19.0191 5400  winachsf - ok
12:59:19.0268 5400  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:59:19.0273 5400  WinDefend - ok
12:59:19.0318 5400  [ 94E4312D546048BF31604A8B2AD13FC0 ] WinDriver6      C:\Windows\system32\drivers\windrvr6.sys
12:59:19.0321 5400  WinDriver6 - ok
12:59:19.0325 5400  WinHttpAutoProxySvc - ok
12:59:19.0410 5400  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:59:19.0413 5400  Winmgmt - ok
12:59:19.0488 5400  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:59:19.0506 5400  WinRM - ok
12:59:19.0574 5400  [ 676F4B665BDD8053EAA53AC1695B8074 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
12:59:19.0575 5400  WinUsb - ok
12:59:19.0646 5400  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:59:19.0655 5400  Wlansvc - ok
12:59:19.0748 5400  [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:59:19.0770 5400  wlidsvc - ok
12:59:19.0801 5400  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:59:19.0802 5400  WmiAcpi - ok
12:59:19.0882 5400  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:59:19.0885 5400  wmiApSrv - ok
12:59:19.0973 5400  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:59:19.0980 5400  WMPNetworkSvc - ok
12:59:20.0043 5400  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:59:20.0047 5400  WPCSvc - ok
12:59:20.0101 5400  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:59:20.0105 5400  WPDBusEnum - ok
12:59:20.0170 5400  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:59:20.0171 5400  WpdUsb - ok
12:59:20.0313 5400  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:59:20.0325 5400  WPFFontCache_v0400 - ok
12:59:20.0377 5400  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:59:20.0393 5400  ws2ifsl - ok
12:59:20.0473 5400  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
12:59:20.0476 5400  wscsvc - ok
12:59:20.0482 5400  WSearch - ok
12:59:20.0596 5400  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:59:20.0624 5400  wuauserv - ok
12:59:20.0689 5400  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:59:20.0690 5400  WUDFRd - ok
12:59:20.0701 5400  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:59:20.0704 5400  wudfsvc - ok
12:59:20.0750 5400  [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
12:59:20.0752 5400  XAudio - ok
12:59:20.0777 5400  [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
12:59:20.0780 5400  XAudioService - ok
12:59:20.0894 5400  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:59:20.0894 5400  YahooAUService - ok
12:59:20.0910 5400  ================ Scan global ===============================
12:59:20.0942 5400  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:59:20.0988 5400  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
12:59:21.0003 5400  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
12:59:21.0068 5400  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:59:21.0071 5400  [Global] - ok
12:59:21.0072 5400  ================ Scan MBR ==================================
12:59:21.0087 5400  [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
12:59:21.0578 5400  \Device\Harddisk0\DR0 - ok
12:59:21.0578 5400  ================ Scan VBR ==================================
12:59:21.0581 5400  [ 183B729EE2CBC40AA072B08E6951743B ] \Device\Harddisk0\DR0\Partition1
12:59:21.0583 5400  \Device\Harddisk0\DR0\Partition1 - ok
12:59:21.0588 5400  [ 4AD5B0086DC2C3BA9CA8F43A9803DC8B ] \Device\Harddisk0\DR0\Partition2
12:59:21.0590 5400  \Device\Harddisk0\DR0\Partition2 - ok
12:59:21.0591 5400  ============================================================
12:59:21.0591 5400  Scan finished
12:59:21.0591 5400  ============================================================
12:59:21.0603 4192  Detected object count: 0
12:59:21.0603 4192  Actual detected object count: 0


#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:35 PM

Posted 26 June 2013 - 02:24 PM

Nothing is showing in the logs, but it does concern me that MBAR wont run

Please try running it in safe mode, make certain all other windows are closed and give it plenty of time to scan:


To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY repeatedly,
  • this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode
  • Then press the Enter Key on your Keyboard
  • go into your usual account

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 26 June 2013 - 05:14 PM

I tried in safe mode. It immediately threw back an error code that says the following
 
Could not load DDA driver
 
DDA driver was not installed which may be caused by rootkit activity.
Do you want to reboot the computer to install DDA driver (Scan will continue after reboot)?


#10 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 26 June 2013 - 05:16 PM

During the MBAR scan I can see that it says it found 2 infections and took a pic of it with my phone.  I might be able to attach the pic.



#11 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 26 June 2013 - 05:27 PM

This pic only shows one, but I saw 2 infections the last time I ran it. The other had language related to this gamevance whatever.

#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:35 PM

Posted 26 June 2013 - 06:36 PM

the pic didn't attach
 

DDA driver was not installed which may be caused by rootkit activity.
Do you want to reboot the computer to install DDA driver (Scan will continue after reboot)?



Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 26 June 2013 - 10:17 PM

I chose yes to the question and upon reboot it ran mbar automatically with a black screen and a command prompt, nothing else. It froze and rebooted. Before it finished rebooting, CHKDSK started saying there were indexing problems. CHKDSK deleted several index files and restored some orphans. I have a good restore from before when we ran Combofix but the initial one when we first started yesterday is gone.

My pic is likely too big and cropped tight. It says:

Infected: HKLM\SOFTWARE\CLASSES\Gamevance.Linker.1-->
[Trojan.BHO]

#14 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:35 PM

Posted 27 June 2013 - 09:08 AM

what is the status of the machine at the moment?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#15 JakeP03

JakeP03
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 27 June 2013 - 09:38 AM

It seems to be running normally. 

 

If it weren't for the MBAR showing that result and not getting to the cleanup (and possibly the CHKDSK), I wouldn't suspect a thing. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users