Author Topic: [Inactive] Josh's Files Suddenly Missing  (Read 2233 times)

0 Members and 1 Guest are viewing this topic.

Offline joshhemming

  • Bronze Member
  • Posts: 13
[Inactive] Josh's Files Suddenly Missing
« on: April 20, 2012, 03:34:13 pm »
[Edited by Admin for reference: http://en.community.dell.com/support-forums/virus-spyware/f/3522/t/19445445.aspx]


Newbie here!  I had a lot of trouble registering at this site because the Visual Verification box on the registration form wouldn't show up for some reason.  I used another computer to register today.  

My problem is that a few days ago I turned my computer on and almost all of my usual desktop icons were missing, my Favorites/bookmarks were gone and when I went to Windows Explorer most of my picture and letter files in the LIBRARIES folder were gone too.  I'm using a Dell Dimension 580 desktop with Windows 7 and Internet Explorer, version 9 I believe.  I had been getting a lot of alerts from AVG Free that they were detecting and blocking Trojans and other malware for the last week.  I followed their advice to move the detected threats to the vault, delete all unhealed, etc.  Something got through anyway.  

Any help you can give me in solving this problem will be appreciated.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Larry at 15:20:13 on 2012-04-20
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3959.2678 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
mWinlogon: Userinit=userinit.exe
BHO: : {11bf46c6-b3de-48bd-bf70-3ad85cab80b5} - C:\PROGRA~2\SITERA~1\SiteRank.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: ShopAtHome.com Toolbar: {66516a07-f617-488a-90cf-4e690cfb3c5f} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: ShopAtHome.com Toolbar: {311b58dc-a4dc-4b04-b1b5-60299ad3d803} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\Larry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Larry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{AD254BE0-ABC6-4092-A8A8-570CFD8A21DB} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{AD254BE0-ABC6-4092-A8A8-570CFD8A21DB}\375756A7E65647 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{AD254BE0-ABC6-4092-A8A8-570CFD8A21DB}\C696E6B6379737 : DhcpNameServer = 192.168.5.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: : {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~2\SITERA~1\SiteRank.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64:     WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: ShopAtHome.com Toolbar: {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
BHO-X64:     ShopAtHome.com Toolbar - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64:     SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
Hosts: 94.63.147.16   www.google.com
Hosts: 94.63.147.17   www.bing.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2010-10-5 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2010-10-5 212256]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-9-29 1692480]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-3 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 253088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-3 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-04-18 00:39:38   472808   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2012-04-12 19:06:28   80896   ----a-w-   C:\Windows\System32\imagehlp.dll
2012-04-12 19:06:28   5120   ----a-w-   C:\Windows\SysWow64\wmi.dll
2012-04-12 19:06:28   5120   ----a-w-   C:\Windows\System32\wmi.dll
2012-04-12 19:06:28   22896   ----a-w-   C:\Windows\System32\drivers\fs_rec.sys
2012-04-12 19:06:28   220672   ----a-w-   C:\Windows\System32\wintrust.dll
2012-04-12 19:06:28   172544   ----a-w-   C:\Windows\SysWow64\wintrust.dll
2012-04-12 19:06:28   158720   ----a-w-   C:\Windows\SysWow64\imagehlp.dll
2012-04-09 17:24:19   20480   ---ha-w-   C:\Windows\svchost.exe
2012-04-09 17:18:08   114176   ---ha-w-   C:\ProgramData\Microsoft\Windows\DRM\F181.tmp
2012-04-09 17:17:50   5120   ---ha-w-   C:\ProgramData\Microsoft\Windows\DRM\ACA5.tmp
2012-04-09 17:17:50   114176   ---ha-w-   C:\ProgramData\Microsoft\Windows\DRM\ACA5.tmp.dat
2012-04-01 01:12:28   8741536   ---ha-w-   C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-01 00:46:14   418464   ---ha-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M  ====================
.
2012-04-13 21:12:51   70304   ---ha-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-01 06:29:53   1888256   ----a-w-   C:\Windows\System32\WMVDECOD.DLL
2012-02-28 06:56:48   2311168   ----a-w-   C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56   1390080   ----a-w-   C:\Windows\System32\wininet.dll
2012-02-28 06:48:57   1493504   ----a-w-   C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55   1799168   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21   1427456   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07   1127424   ----a-w-   C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2012-02-15 06:27:54   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2012-02-15 05:44:57   826368   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-02-15 04:47:21   204800   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-02-15 04:46:59   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:18:10   1541120   ----a-w-   C:\Windows\System32\DWrite.dll
2012-02-10 06:17:55   1837568   ----a-w-   C:\Windows\System32\d3d10warp.dll
2012-02-10 06:17:54   902656   ----a-w-   C:\Windows\System32\d2d1.dll
2012-02-10 06:17:54   320512   ----a-w-   C:\Windows\System32\d3d10_1core.dll
2012-02-10 06:17:54   197120   ----a-w-   C:\Windows\System32\d3d10_1.dll
2012-02-10 05:41:38   1074176   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-02-10 05:41:20   218624   ----a-w-   C:\Windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41:20   161792   ----a-w-   C:\Windows\SysWow64\d3d10_1.dll
2012-02-10 05:41:20   1170944   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2012-02-10 05:41:19   739840   ----a-w-   C:\Windows\SysWow64\d2d1.dll
2012-02-03 04:16:03   3143168   ----a-w-   C:\Windows\System32\win32k.sys
2012-01-25 06:27:11   76288   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-01-25 06:27:11   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:20:59   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
.
============= FINISH: 15:20:47.15 ===============






.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/1/2010 3:51:36 PM
System Uptime: 4/20/2012 2:11:23 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0C2KJT
Processor: Intel(R) Pentium(R) CPU        G6950  @ 2.80GHz | CPU 1 | 2800/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 245.208 GiB free.
D: is CDROM (UDF)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP99: 3/30/2012 3:47:08 PM - Scheduled Checkpoint
RP100: 4/7/2012 1:54:36 PM - Scheduled Checkpoint
RP101: 4/12/2012 1:05:58 PM - Windows Update
RP102: 4/17/2012 6:38:29 PM - Installed Java(TM) 6 Update 31
RP103: 4/19/2012 10:33:33 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Reader 9.5.1
Bing Bar
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Getting Started Guide
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 31
Junk Mail filter update
Microsoft Choice Guard
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Works
MSVCRT
Multimedia Card Reader
OpenOffice.org 3.2
Ralink RT2860 Wireless LAN Card
Realtek High Definition Audio Driver
Roxio Burn
Security Update for CAPICOM (KB931906)
ShopAtHome.com Toolbar
SiteRanker
Skype Toolbars
Skype™ 4.2
Visual Studio 2008 x64 Redistributables
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
4/20/2012 7:29:08 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000329f703, 0x0000000000000000, 0x000000007ef60000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042012-28454-01.
4/20/2012 7:25:24 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000356c3fa, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042012-17877-01.
4/20/2012 2:12:24 PM, Error: Service Control Manager [7023]  - The Peer Name Resolution Protocol service terminated with the following error:  Access is denied.
4/20/2012 2:12:24 PM, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  Access is denied.
4/20/2012 2:12:24 PM, Error: Microsoft-Windows-PNRPSvc [102]  - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070005.
4/20/2012 2:12:23 PM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
4/20/2012 2:12:03 PM, Error: Microsoft-Windows-WMPNSS-Service [14346]  - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
4/20/2012 2:11:48 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  The specified service does not exist as an installed service.
4/19/2012 11:39:35 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2012 11:39:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\RAIHV.dll Error Code: 21
4/19/2012 11:39:21 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/19/2012 11:39:21 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/19/2012 11:39:19 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/19/2012 11:39:13 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/19/2012 11:39:12 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Avgldx64 Avgmfx64 discache spldr Wanarpv6
4/19/2012 11:39:12 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2012 11:39:08 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800032b5703, 0x0000000000000000, 0x000000007ef60000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041912-15849-01.
4/19/2012 10:48:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
4/18/2012 10:12:41 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
4/18/2012 10:12:27 AM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
4/17/2012 9:47:42 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800035c13fa, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041712-37221-01.
4/17/2012 7:08:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000325d703, 0x0000000000000000, 0x000000007ef60000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041712-20514-01.
4/16/2012 2:56:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800035793fa, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041612-34476-01.
4/15/2012 8:21:58 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80003257703, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041512-42978-01.
4/15/2012 8:07:44 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800035b13fa, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041512-35006-01.
4/13/2012 7:06:05 PM, Error: Microsoft-Windows-DNS-Client [1012]  - There was an error while attempting to read the local hosts file.
.
==== End Of File ===========================
« Last Edit: April 24, 2012, 07:54:05 pm by Bugbatter »



Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #1 on: April 20, 2012, 04:04:08 pm »
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application. Click the "Change parameters". Under Additional options, check the box next to both options, "Verify Driver Digital Signature" and "Detect TDLFS file system" and click the OK button.
  • Click the Start scan button.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • You may be prompted to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file back here on your next reply.
  • ...otherwise, if a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". If this was the case, then we need to see that log.
Next, please download the following program to your desktop:
Unhide.exe

...Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. Your missing files should be restored now.

Finally, please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt) along with the results from the TDSSKiller scan above.

A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #2 on: April 20, 2012, 04:26:02 pm »
I tried to post the actual log but it wasn't allowed because it exceeded 50000 characters:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 04/19/2012 at 14:31:08.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe


Rkill completed on 04/19/2012 at 14:31:24.

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #3 on: April 20, 2012, 04:31:30 pm »
I tried to post the actual log but it wasn't allowed because it exceeded 50000 characters:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 04/19/2012 at 14:31:08.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe


Rkill completed on 04/19/2012 at 14:31:24.

Who asked you for rkill?
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #4 on: April 20, 2012, 04:41:58 pm »
My mistake.  I tried to post the log but it exceeded 50K so I posted what I thought was a summary.

Anyway, everything worked great.....after running Unhide.exe all my files, icons and bookmarks are back and I checked the boxes at MiniToolBox as directed.  Thank you for the help.  What a great way to start the weekend!   :ty

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #5 on: April 20, 2012, 04:44:25 pm »
May I see the TDSSKiller log and the result.txt
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #6 on: April 20, 2012, 04:52:10 pm »
MiniToolBox by Farbar  Version: 18-01-2012
Ran by Larry (administrator) on 20-04-2012 at 16:35:36
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


94.63.147.16   www.google.com
94.63.147.17   www.bing.com


========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Broadcom NetLink (TM) Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Larry-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-1A-EF-11-D9-73
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 00-1A-EF-11-D9-72
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6da8:2830:9cbc:220a%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.5.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, April 20, 2012 4:18:03 PM
   Lease Expires . . . . . . . . . . : Saturday, April 21, 2012 4:18:03 PM
   Default Gateway . . . . . . . . . : 192.168.5.1
   DHCP Server . . . . . . . . . . . : 192.168.5.1
   DHCPv6 IAID . . . . . . . . . . . : 452991727
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-34-E9-8C-84-2B-2B-A0-88-8D
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
   Physical Address. . . . . . . . . : 84-2B-2B-A0-88-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AD254BE0-ABC6-4092-A8A8-570CFD8A21DB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.254

Name:    google.com
Addresses:  74.125.227.46
     74.125.227.32
     74.125.227.33
     74.125.227.34
     74.125.227.35
     74.125.227.36
     74.125.227.37
     74.125.227.38
     74.125.227.39
     74.125.227.40
     74.125.227.41


Pinging google.com [74.125.227.38] with 32 bytes of data:
Reply from 74.125.227.38: bytes=32 time=137ms TTL=52
Reply from 74.125.227.38: bytes=32 time=125ms TTL=52

Ping statistics for 74.125.227.38:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 125ms, Maximum = 137ms, Average = 131ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  209.191.122.70
     72.30.38.140
     98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Request timed out.
Reply from 209.191.122.70: bytes=32 time=210ms TTL=41

Ping statistics for 209.191.122.70:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 210ms, Maximum = 210ms, Average = 210ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.254

Name:    bleepingcomputer.com
Address:  208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Request timed out.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 1a ef 11 d9 73 ......Microsoft Virtual WiFi Miniport Adapter
 14...00 1a ef 11 d9 72 ......802.11n Wireless LAN Card
 11...84 2b 2b a0 88 8d ......Broadcom NetLink (TM) Gigabit Ethernet
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.5.1    192.168.5.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.5.0    255.255.255.0         On-link     192.168.5.100    281
    192.168.5.100  255.255.255.255         On-link     192.168.5.100    281
    192.168.5.255  255.255.255.255         On-link     192.168.5.100    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.5.100    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.5.100    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 14    281 fe80::/64                On-link
 14    281 fe80::6da8:2830:9cbc:220a/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/20/2012 02:26:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: pcdrsysinfodirect.p5x, version: 6.0.5907.29, time stamp: 0x4f6b6d86
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7
Exception code: 0x40000015
Fault offset: 0x000000000004267f
Faulting process id: 0xfa8
Faulting application start time: 0xpcdrsysinfodirect.p5x0
Faulting application path: pcdrsysinfodirect.p5x1
Faulting module path: pcdrsysinfodirect.p5x2
Report Id: pcdrsysinfodirect.p5x3

Error: (04/19/2012 03:48:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2012 02:39:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: pcdrsysinfodirect.p5x, version: 6.0.5907.29, time stamp: 0x4f6b6d86
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7
Exception code: 0x40000015
Fault offset: 0x000000000004267f
Faulting process id: 0xe5c
Faulting application start time: 0xpcdrsysinfodirect.p5x0
Faulting application path: pcdrsysinfodirect.p5x1
Faulting module path: pcdrsysinfodirect.p5x2
Report Id: pcdrsysinfodirect.p5x3

Error: (04/18/2012 11:02:51 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1144

Start Time: 01cd1de3fc1d9013

Termination Time: 275

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (04/18/2012 08:08:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (04/18/2012 07:23:14 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f98

Start Time: 01cd1dc960b7ecd6

Termination Time: 130

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (04/18/2012 07:11:41 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 838

Start Time: 01cd1dc949994896

Termination Time: 100

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (04/18/2012 07:11:02 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bc

Start Time: 01cd1dc91d5c9d59

Termination Time: 65

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (04/18/2012 06:59:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: pcdrsysinfodirect.p5x, version: 6.0.5907.29, time stamp: 0x4f6b6d86
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7
Exception code: 0x40000015
Fault offset: 0x000000000004267f
Faulting process id: 0x10b8
Faulting application start time: 0xpcdrsysinfodirect.p5x0
Faulting application path: pcdrsysinfodirect.p5x1
Faulting module path: pcdrsysinfodirect.p5x2
Report Id: pcdrsysinfodirect.p5x3

Error: (04/18/2012 08:47:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (04/20/2012 04:33:06 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/20/2012 04:19:10 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%5

Error: (04/20/2012 04:19:10 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%5

Error: (04/20/2012 04:19:10 PM) (Source: PNRPSvc) (User: )
Description: 0x80070005

Error: (04/20/2012 04:19:09 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/20/2012 04:19:09 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%5

Error: (04/20/2012 04:19:09 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%5

Error: (04/20/2012 04:19:08 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/20/2012 04:19:09 PM) (Source: PNRPSvc) (User: )
Description: 0x80070005

Error: (04/20/2012 04:18:53 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (04/20/2012 02:26:17 PM) (Source: Application Error)(User: )
Description: pcdrsysinfodirect.p5x6.0.5907.294f6b6d86MSVCR90.dll9.0.30729.61614dace4e740000015000000000004267ffa801cd1f33d3692964C:\Program Files\Dell Support Center\pcdrsysinfodirect.p5xC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll14710508-8b27-11e1-bd29-842b2ba0888d

Error: (04/19/2012 03:48:16 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (04/19/2012 02:39:17 PM) (Source: Application Error)(User: )
Description: pcdrsysinfodirect.p5x6.0.5907.294f6b6d86MSVCR90.dll9.0.30729.61614dace4e740000015000000000004267fe5c01cd1e6c7ae90e4eC:\Program Files\Dell Support Center\pcdrsysinfodirect.p5xC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dllbb7abfe2-8a5f-11e1-9535-842b2ba0888d

Error: (04/18/2012 11:02:51 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421114401cd1de3fc1d9013275C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (04/18/2012 08:08:10 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (04/18/2012 07:23:14 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421f9801cd1dc960b7ecd6130C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (04/18/2012 07:11:41 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1642183801cd1dc949994896100C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (04/18/2012 07:11:02 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421bc01cd1dc91d5c9d5965C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (04/18/2012 06:59:18 PM) (Source: Application Error)(User: )
Description: pcdrsysinfodirect.p5x6.0.5907.294f6b6d86MSVCR90.dll9.0.30729.61614dace4e740000015000000000004267f10b801cd1dc7a24eeea2C:\Program Files\Dell Support Center\pcdrsysinfodirect.p5xC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dlle38a6cf6-89ba-11e1-b2f2-842b2ba0888d

Error: (04/18/2012 08:47:13 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Adobe Reader 9.5.1 (Version: 9.5.1)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2411)
AVG 2012 (Version: 2012.0.1913)
Bing Bar (Version: 7.0.850.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.1)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.1.5907.29)
Google Chrome (Version: 18.0.1025.162)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Java Auto Updater (Version: 2.0.6.1)
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 20 (Version: 6.0.200)
Java(TM) 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
Multimedia Card Reader (Version: 1.6.915.87)
NVIDIA Drivers (Version: 1.10.56.34)
OpenOffice.org 3.2 (Version: 3.2.9502)
Ralink RT2860 Wireless LAN Card (Version: 1.5.6.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Roxio Burn (Version: 1.01)
ShopAtHome.com Toolbar
SiteRanker (Version: 1.0.0.20)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 3959.12 MB
Available physical RAM: 1772.96 MB
Total Pagefile: 7916.38 MB
Available Pagefile: 5650.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.72 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:289.44 GB) (Free:245.06 GB) NTFS
2 Drive d: (Feb 28 2011) (CDROM) (Total:4.38 GB) (Free:4.37 GB) UDF
7 Drive j: () (Removable) (Total:1.86 GB) (Free:1.72 GB) FAT

========================= Users: ========================================

User accounts for \\LARRY-PC

Administrator            Guest                    Larry                   

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #7 on: April 20, 2012, 04:58:22 pm »
It's over 50K characters so I can't post it all.  Here's the first half:


16:15:27.0808 4140   TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
16:15:28.0198 4140   ============================================================
16:15:28.0198 4140   Current date / time: 2012/04/20 16:15:28.0198
16:15:28.0198 4140   SystemInfo:
16:15:28.0198 4140   
16:15:28.0198 4140   OS Version: 6.1.7600 ServicePack: 0.0
16:15:28.0198 4140   Product type: Workstation
16:15:28.0198 4140   ComputerName: LARRY-PC
16:15:28.0198 4140   UserName: Larry
16:15:28.0198 4140   Windows directory: C:\Windows
16:15:28.0198 4140   System windows directory: C:\Windows
16:15:28.0198 4140   Running under WOW64
16:15:28.0198 4140   Processor architecture: Intel x64
16:15:28.0198 4140   Number of processors: 2
16:15:28.0198 4140   Page size: 0x1000
16:15:28.0198 4140   Boot type: Normal boot
16:15:28.0198 4140   ============================================================
16:15:28.0978 4140   Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:15:28.0978 4140   Drive \Device\Harddisk1\DR1 - Size: 0x77B00000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:15:28.0994 4140   \Device\Harddisk0\DR0:
16:15:28.0994 4140   MBR partitions:
16:15:28.0994 4140   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1139000
16:15:28.0994 4140   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x114D000, BlocksNum 0x242E1000
16:15:28.0994 4140   \Device\Harddisk1\DR1:
16:15:28.0994 4140   MBR partitions:
16:15:28.0994 4140   \Device\Harddisk1\DR1\Partition0: MBR, Type 0xE, StartLBA 0x1F80, BlocksNum 0x3BB880
16:15:29.0025 4140   C: <-> \Device\Harddisk0\DR0\Partition1
16:15:29.0025 4140   Initialize success
16:15:29.0025 4140   ============================================================
16:15:35.0406 4192   ============================================================
16:15:35.0406 4192   Scan started
16:15:35.0406 4192   Mode: Manual;
16:15:35.0406 4192   ============================================================
16:15:36.0061 4192   1394ohci        (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
16:15:36.0061 4192   1394ohci - ok
16:15:36.0092 4192   ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:15:36.0092 4192   ACPI - ok
16:15:36.0108 4192   AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:15:36.0108 4192   AcpiPmi - ok
16:15:36.0201 4192   AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:15:36.0217 4192   AdobeFlashPlayerUpdateSvc - ok
16:15:36.0295 4192   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:15:36.0295 4192   adp94xx - ok
16:15:36.0310 4192   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:15:36.0310 4192   adpahci - ok
16:15:36.0326 4192   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:15:36.0326 4192   adpu320 - ok
16:15:36.0326 4192   AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:15:36.0342 4192   AeLookupSvc - ok
16:15:36.0388 4192   AFD             (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:15:36.0388 4192   AFD - ok
16:15:36.0404 4192   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:15:36.0404 4192   agp440 - ok
16:15:36.0435 4192   ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:15:36.0435 4192   ALG - ok
16:15:36.0451 4192   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:15:36.0451 4192   aliide - ok
16:15:36.0466 4192   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:15:36.0466 4192   amdide - ok
16:15:36.0513 4192   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:15:36.0513 4192   AmdK8 - ok
16:15:36.0513 4192   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:15:36.0513 4192   AmdPPM - ok
16:15:36.0544 4192   amdsata         (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
16:15:36.0544 4192   amdsata - ok
16:15:36.0576 4192   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:15:36.0576 4192   amdsbs - ok
16:15:36.0591 4192   amdxata         (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
16:15:36.0591 4192   amdxata - ok
16:15:36.0622 4192   AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:15:36.0622 4192   AppID - ok
16:15:36.0654 4192   AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:15:36.0654 4192   AppIDSvc - ok
16:15:36.0669 4192   Appinfo         (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:15:36.0669 4192   Appinfo - ok
16:15:36.0685 4192   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:15:36.0685 4192   arc - ok
16:15:36.0700 4192   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:15:36.0700 4192   arcsas - ok
16:15:36.0732 4192   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:15:36.0732 4192   AsyncMac - ok
16:15:36.0763 4192   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:15:36.0763 4192   atapi - ok
16:15:36.0810 4192   AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:15:36.0825 4192   AudioEndpointBuilder - ok
16:15:36.0825 4192   AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:15:36.0841 4192   AudioSrv - ok
16:15:37.0012 4192   AVGIDSAgent     (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
16:15:37.0044 4192   AVGIDSAgent - ok
16:15:37.0122 4192   AVGIDSDriver    (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
16:15:37.0122 4192   AVGIDSDriver - ok
16:15:37.0184 4192   AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
16:15:37.0184 4192   AVGIDSEH - ok
16:15:37.0215 4192   AVGIDSFilter    (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
16:15:37.0215 4192   AVGIDSFilter - ok
16:15:37.0262 4192   Avgldx64        (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
16:15:37.0278 4192   Avgldx64 - ok
16:15:37.0309 4192   Avgmfx64        (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
16:15:37.0309 4192   Avgmfx64 - ok
16:15:37.0371 4192   Avgrkx64        (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
16:15:37.0371 4192   Avgrkx64 - ok
16:15:37.0434 4192   Avgtdia         (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
16:15:37.0434 4192   Avgtdia - ok
16:15:37.0496 4192   avgwd           (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
16:15:37.0496 4192   avgwd - ok
16:15:37.0558 4192   AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:15:37.0558 4192   AxInstSV - ok
16:15:37.0652 4192   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:15:37.0652 4192   b06bdrv - ok
16:15:37.0761 4192   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:15:37.0761 4192   b57nd60a - ok
16:15:37.0855 4192   BBSvc           (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:15:37.0870 4192   BBSvc - ok
16:15:37.0917 4192   BBUpdate        (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:15:37.0917 4192   BBUpdate - ok
16:15:37.0995 4192   BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:15:38.0011 4192   BDESVC - ok
16:15:38.0042 4192   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:15:38.0042 4192   Beep - ok
16:15:38.0089 4192   BFE             (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:15:38.0089 4192   BFE - ok
16:15:38.0151 4192   BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
16:15:38.0167 4192   BITS - ok
16:15:38.0182 4192   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:15:38.0182 4192   blbdrive - ok
16:15:38.0214 4192   bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:15:38.0214 4192   bowser - ok
16:15:38.0245 4192   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:15:38.0245 4192   BrFiltLo - ok
16:15:38.0260 4192   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:15:38.0260 4192   BrFiltUp - ok
16:15:38.0276 4192   Browser         (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:15:38.0292 4192   Browser - ok
16:15:38.0307 4192   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:15:38.0307 4192   Brserid - ok
16:15:38.0323 4192   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:15:38.0323 4192   BrSerWdm - ok
16:15:38.0338 4192   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:15:38.0338 4192   BrUsbMdm - ok
16:15:38.0354 4192   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:15:38.0354 4192   BrUsbSer - ok
16:15:38.0385 4192   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:15:38.0385 4192   BTHMODEM - ok
16:15:38.0416 4192   bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:15:38.0416 4192   bthserv - ok
16:15:38.0432 4192   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:15:38.0432 4192   cdfs - ok
16:15:38.0463 4192   cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:15:38.0463 4192   cdrom - ok
16:15:38.0494 4192   CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:15:38.0494 4192   CertPropSvc - ok
16:15:38.0510 4192   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:15:38.0510 4192   circlass - ok
16:15:38.0541 4192   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:15:38.0541 4192   CLFS - ok
16:15:38.0604 4192   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:15:38.0604 4192   clr_optimization_v2.0.50727_32 - ok
16:15:38.0635 4192   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:15:38.0635 4192   clr_optimization_v2.0.50727_64 - ok
16:15:38.0682 4192   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:15:38.0682 4192   CmBatt - ok
16:15:38.0713 4192   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:15:38.0713 4192   cmdide - ok
16:15:38.0760 4192   CNG             (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:15:38.0760 4192   CNG - ok
16:15:38.0775 4192   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:15:38.0775 4192   Compbatt - ok
16:15:38.0806 4192   CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:15:38.0806 4192   CompositeBus - ok
16:15:38.0838 4192   COMSysApp - ok
16:15:38.0853 4192   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:15:38.0853 4192   crcdisk - ok
16:15:38.0900 4192   CryptSvc        (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:15:38.0900 4192   CryptSvc - ok
16:15:38.0931 4192   DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:15:38.0931 4192   DcomLaunch - ok
16:15:38.0978 4192   defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:15:38.0994 4192   defragsvc - ok
16:15:39.0040 4192   DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:15:39.0040 4192   DfsC - ok
16:15:39.0087 4192   Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:15:39.0103 4192   Dhcp - ok
16:15:39.0118 4192   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:15:39.0118 4192   discache - ok
16:15:39.0150 4192   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:15:39.0150 4192   Disk - ok
16:15:39.0181 4192   Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:15:39.0196 4192   Dnscache - ok
16:15:39.0259 4192   DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:15:39.0259 4192   DockLoginService - ok
16:15:39.0306 4192   dot3svc         (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:15:39.0321 4192   dot3svc - ok
16:15:39.0337 4192   DPS             (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:15:39.0337 4192   DPS - ok
16:15:39.0384 4192   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:15:39.0384 4192   drmkaud - ok
16:15:39.0430 4192   DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:15:39.0430 4192   DXGKrnl - ok
16:15:39.0477 4192   EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:15:39.0477 4192   EapHost - ok
16:15:39.0571 4192   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:15:39.0586 4192   ebdrv - ok
16:15:39.0633 4192   EFS             (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:15:39.0633 4192   EFS - ok
16:15:39.0696 4192   ehRecvr         (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe
16:15:39.0696 4192   ehRecvr - ok
16:15:39.0711 4192   ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:15:39.0727 4192   ehSched - ok
16:15:39.0789 4192   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:15:39.0789 4192   elxstor - ok
16:15:39.0805 4192   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:15:39.0805 4192   ErrDev - ok
16:15:39.0852 4192   EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:15:39.0867 4192   EventSystem - ok
16:15:39.0883 4192   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:15:39.0883 4192   exfat - ok
16:15:39.0914 4192   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:15:39.0914 4192   fastfat - ok
16:15:39.0945 4192   Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:15:39.0961 4192   Fax - ok
16:15:39.0976 4192   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:15:39.0976 4192   fdc - ok
16:15:40.0008 4192   fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:15:40.0008 4192   fdPHost - ok
16:15:40.0023 4192   FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:15:40.0023 4192   FDResPub - ok
16:15:40.0039 4192   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:15:40.0039 4192   FileInfo - ok
16:15:40.0054 4192   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:15:40.0054 4192   Filetrace - ok
16:15:40.0086 4192   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:15:40.0086 4192   flpydisk - ok
16:15:40.0132 4192   FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:15:40.0132 4192   FltMgr - ok
16:15:40.0195 4192   FontCache       (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
16:15:40.0210 4192   FontCache - ok
16:15:40.0257 4192   FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:15:40.0257 4192   FontCache3.0.0.0 - ok
16:15:40.0288 4192   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:15:40.0288 4192   FsDepends - ok
16:15:40.0351 4192   Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:15:40.0351 4192   Fs_Rec - ok
16:15:40.0382 4192   fvevol          (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
16:15:40.0382 4192   fvevol - ok
16:15:40.0398 4192   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:15:40.0398 4192   gagp30kx - ok
16:15:40.0429 4192   GoToAssist - ok
16:15:40.0476 4192   gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:15:40.0476 4192   gpsvc - ok
16:15:40.0522 4192   gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:40.0522 4192   gupdate - ok
16:15:40.0554 4192   gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:40.0554 4192   gupdatem - ok
16:15:40.0600 4192   gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:15:40.0600 4192   gusvc - ok
16:15:40.0678 4192   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:15:40.0678 4192   hcw85cir - ok
16:15:40.0694 4192   HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:15:40.0694 4192   HDAudBus - ok
16:15:40.0725 4192   HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:15:40.0725 4192   HECIx64 - ok
16:15:40.0756 4192   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:15:40.0756 4192   HidBatt - ok
16:15:40.0756 4192   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:15:40.0756 4192   HidBth - ok
16:15:40.0772 4192   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:15:40.0772 4192   HidIr - ok
16:15:40.0803 4192   hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:15:40.0803 4192   hidserv - ok
16:15:40.0819 4192   HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:15:40.0819 4192   HidUsb - ok
16:15:40.0850 4192   hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:15:40.0850 4192   hkmsvc - ok
16:15:40.0866 4192   HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:15:40.0881 4192   HomeGroupListener - ok
16:15:40.0912 4192   HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:15:40.0912 4192   HomeGroupProvider - ok
16:15:40.0959 4192   HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:15:40.0959 4192   HpSAMD - ok
16:15:41.0006 4192   HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:15:41.0006 4192   HTTP - ok
16:15:41.0037 4192   hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:15:41.0037 4192   hwpolicy - ok
16:15:41.0053 4192   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:15:41.0053 4192   i8042prt - ok
16:15:41.0100 4192   iaStorV         (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
16:15:41.0100 4192   iaStorV - ok
16:15:41.0162 4192   idsvc           (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:15:41.0162 4192   idsvc - ok
16:15:41.0193 4192   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:15:41.0193 4192   iirsp - ok
16:15:41.0224 4192   IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:15:41.0240 4192   IKEEXT - ok
16:15:41.0271 4192   Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
16:15:41.0271 4192   Impcd - ok
16:15:41.0349 4192   IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
16:15:41.0365 4192   IntcAzAudAddService - ok
16:15:41.0427 4192   IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:15:41.0427 4192   IntcDAud - ok
16:15:41.0443 4192   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:15:41.0443 4192   intelide - ok
16:15:41.0474 4192   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:15:41.0474 4192   intelppm - ok
16:15:41.0505 4192   IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:15:41.0521 4192   IPBusEnum - ok
16:15:41.0552 4192   IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:15:41.0552 4192   IpFilterDriver - ok
16:15:41.0568 4192   IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:15:41.0568 4192   IPMIDRV - ok
16:15:41.0583 4192   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:15:41.0599 4192   IPNAT - ok
16:15:41.0614 4192   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:15:41.0614 4192   IRENUM - ok
16:15:41.0630 4192   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:15:41.0630 4192   isapnp - ok
16:15:41.0661 4192   iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:15:41.0661 4192   iScsiPrt - ok
16:15:41.0692 4192   k57nd60a        (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
16:15:41.0708 4192   k57nd60a - ok
16:15:41.0724 4192   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:15:41.0724 4192   kbdclass - ok
16:15:41.0755 4192   kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:15:41.0755 4192   kbdhid - ok
16:15:41.0833 4192   KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:15:41.0833 4192   KeyIso - ok
16:15:41.0880 4192   KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:15:41.0880 4192   KSecDD - ok
16:15:41.0911 4192   KSecPkg         (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:15:41.0911 4192   KSecPkg - ok
16:15:41.0942 4192   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:15:41.0942 4192   ksthunk - ok
16:15:41.0973 4192   KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:15:41.0973 4192   KtmRm - ok
16:15:42.0036 4192   LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
16:15:42.0036 4192   LanmanServer - ok
16:15:42.0067 4192   LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:15:42.0067 4192   LanmanWorkstation - ok
16:15:42.0114 4192   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:15:42.0114 4192   lltdio - ok
16:15:42.0145 4192   lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:15:42.0145 4192   lltdsvc - ok
16:15:42.0176 4192   lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:15:42.0176 4192   lmhosts - ok
16:15:42.0207 4192   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:15:42.0207 4192   LSI_FC - ok
16:15:42.0254 4192   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:15:42.0254 4192   LSI_SAS - ok
16:15:42.0270 4192   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:15:42.0270 4192   LSI_SAS2 - ok
16:15:42.0285 4192   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:15:42.0285 4192   LSI_SCSI - ok
16:15:42.0301 4192   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:15:42.0301 4192   luafv - ok
16:15:42.0348 4192   Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:15:42.0348 4192   Mcx2Svc - ok
16:15:42.0363 4192   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:15:42.0363 4192   megasas - ok
16:15:42.0379 4192   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:15:42.0394 4192   MegaSR - ok
16:15:42.0426 4192   MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:15:42.0426 4192   MMCSS - ok
16:15:42.0441 4192   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:15:42.0441 4192   Modem - ok
16:15:42.0472 4192   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:15:42.0472 4192   monitor - ok
16:15:42.0504 4192   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:15:42.0504 4192   mouclass - ok
16:15:42.0566 4192   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:15:42.0566 4192   mouhid - ok
16:15:42.0582 4192   mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:15:42.0597 4192   mountmgr - ok
16:15:42.0613 4192   mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:15:42.0613 4192   mpio - ok
16:15:42.0644 4192   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:15:42.0644 4192   mpsdrv - ok
16:15:42.0660 4192   MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:15:42.0660 4192   MRxDAV - ok
16:15:42.0691 4192   mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:15:42.0706 4192   mrxsmb - ok
16:15:42.0769 4192   mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:15:42.0769 4192   mrxsmb10 - ok
16:15:42.0800 4192   mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:15:42.0800 4192   mrxsmb20 - ok
16:15:42.0831 4192   msahci          (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
16:15:42.0831 4192   msahci - ok
16:15:42.0847 4192   msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:15:42.0847 4192   msdsm - ok
16:15:42.0878 4192   MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:15:42.0878 4192   MSDTC - ok
16:15:42.0909 4192   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:15:42.0909 4192   Msfs - ok
16:15:42.0925 4192   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:15:42.0925 4192   mshidkmdf - ok
16:15:42.0940 4192   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:15:42.0940 4192   msisadrv - ok
16:15:42.0972 4192   MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:15:42.0972 4192   MSiSCSI - ok
16:15:42.0987 4192   msiserver - ok
16:15:43.0034 4192   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:15:43.0050 4192   MSKSSRV - ok
16:15:43.0065 4192   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:15:43.0065 4192   MSPCLOCK - ok
16:15:43.0081 4192   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:15:43.0081 4192   MSPQM - ok
16:15:43.0112 4192   MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:15:43.0112 4192   MsRPC - ok
16:15:43.0128 4192   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:15:43.0128 4192   mssmbios - ok
16:15:43.0143 4192   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:15:43.0159 4192   MSTEE - ok
16:15:43.0174 4192   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:15:43.0174 4192   MTConfig - ok
16:15:43.0190 4192   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:15:43.0190 4192   Mup - ok
16:15:43.0252 4192   napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:15:43.0268 4192   napagent - ok
16:15:43.0315 4192   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:15:43.0315 4192   NativeWifiP - ok
16:15:43.0346 4192   NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:15:43.0362 4192   NDIS - ok
16:15:43.0377 4192   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:15:43.0377 4192   NdisCap - ok
16:15:43.0408 4192   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:15:43.0408 4192   NdisTapi - ok
16:15:43.0440 4192   Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:15:43.0440 4192   Ndisuio - ok
16:15:43.0455 4192   NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:15:43.0471 4192   NdisWan - ok
16:15:43.0486 4192   NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:15:43.0502 4192   NDProxy - ok
16:15:43.0518 4192   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:15:43.0518 4192   NetBIOS - ok
16:15:43.0533 4192   NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:15:43.0533 4192   NetBT - ok
16:15:43.0580 4192   Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:15:43.0580 4192   Netlogon - ok
16:15:43.0658 4192   Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:15:43.0658 4192   Netman - ok
16:15:43.0689 4192   netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:15:43.0689 4192   netprofm - ok
16:15:43.0752 4192   netr28x         (68cdb276a3009f0cf000c6352c1f72e7) C:\Windows\system32\DRIVERS\netr28x.sys
16:15:43.0752 4192   netr28x - ok
16:15:43.0798 4192   NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:15:43.0798 4192   NetTcpPortSharing - ok
16:15:43.0830 4192   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:15:43.0830 4192   nfrd960 - ok
16:15:43.0876 4192   NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:15:43.0876 4192   NlaSvc - ok
16:15:43.0892 4192   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:15:43.0892 4192   Npfs - ok
16:15:43.0923 4192   nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:15:43.0923 4192   nsi - ok
16:15:43.0939 4192   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:15:43.0939 4192   nsiproxy - ok
16:15:43.0986 4192   Ntfs            (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
16:15:44.0017 4192   Ntfs - ok
16:15:44.0048 4192   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:15:44.0048 4192   Null - ok
16:15:44.0079 4192   NVHDA           (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
16:15:44.0079 4192   NVHDA - ok
16:15:44.0282 4192   nvlddmkm        (a5d0603cae6c334b1386204d94393c04) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:15:44.0329 4192   nvlddmkm - ok
16:15:44.0360 4192   nvraid          (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
16:15:44.0360 4192   nvraid - ok
16:15:44.0376 4192   nvstor          (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
16:15:44.0376 4192   nvstor - ok
16:15:44.0407 4192   nvsvc           (268d382fcc6a8a568aab7c6dc8c71bb3) C:\Windows\system32\nvvsvc.exe
16:15:44.0422 4192   nvsvc - ok
16:15:44.0438 4192   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:15:44.0438 4192   nv_agp - ok
16:15:44.0469 4192   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:15:44.0469 4192   ohci1394 - ok
16:15:44.0500 4192   p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:15:44.0500 4192   p2pimsvc - ok
16:15:44.0532 4192   p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:15:44.0547 4192   p2psvc - ok
16:15:44.0578 4192   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:15:44.0578 4192   Parport - ok
16:15:44.0594 4192   partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:15:44.0594 4192   partmgr - ok
16:15:44.0641 4192   PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:15:44.0641 4192   PcaSvc - ok
16:15:44.0672 4192   pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:15:44.0672 4192   pci - ok
16:15:44.0688 4192   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:15:44.0703 4192   pciide - ok
16:15:44.0719 4192   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:15:44.0719 4192   pcmcia - ok
16:15:44.0734 4192   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:15:44.0734 4192   pcw - ok
16:15:44.0766 4192   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:15:44.0781 4192   PEAUTH - ok
16:15:44.0828 4192   PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:15:44.0828 4192   PerfHost - ok
16:15:44.0890 4192   pla             (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:15:44.0922 4192   pla - ok
16:15:44.0968 4192   PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:15:44.0984 4192   PlugPlay - ok
16:15:45.0000 4192   PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:15:45.0000 4192   PNRPAutoReg - ok
16:15:45.0015 4192   PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:15:45.0031 4192   PNRPsvc - ok
16:15:45.0062 4192   PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:15:45.0062 4192   PolicyAgent - ok
16:15:45.0109 4192   Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:15:45.0124 4192   Power - ok
16:15:45.0156 4192   PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:15:45.0156 4192   PptpMiniport - ok
16:15:45.0171 4192   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:15:45.0171 4192   Processor - ok
16:15:45.0202 4192   ProfSvc         (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:15:45.0218 4192   ProfSvc - ok
16:15:45.0249 4192   ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:15:45.0249 4192   ProtectedStorage - ok
16:15:45.0296 4192   Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:15:45.0296 4192   Psched - ok
16:15:45.0327 4192   PxHlpa64        (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:15:45.0327 4192   PxHlpa64 - ok
16:15:45.0374 4192   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:15:45.0390 4192   ql2300 - ok
16:15:45.0390 4192   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:15:45.0405 4192   ql40xx - ok
16:15:45.0421 4192   QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:15:45.0421 4192   QWAVE - ok
16:15:45.0452 4192   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:15:45.0452 4192   QWAVEdrv - ok
16:15:45.0530 4192   RalinkRegistryWriter (583608ee65aabf971117a61aee4bcaae) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
16:15:45.0530 4192   RalinkRegistryWriter - ok
16:15:45.0561 4192   RalinkRegistryWriter64 (2dd4830ab9543bd9067380a7e8e99258) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
16:15:45.0561 4192   RalinkRegistryWriter64 - ok
16:15:45.0624 4192   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:15:45.0624 4192   RasAcd - ok
16:15:45.0670 4192   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:15:45.0670 4192   RasAgileVpn - ok
16:15:45.0702 4192   RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:15:45.0702 4192   RasAuto - ok
16:15:45.0717 4192   Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:15:45.0717 4192   Rasl2tp - ok
16:15:45.0748 4192   RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:15:45.0764 4192   RasMan - ok
16:15:45.0795 4192   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:15:45.0795 4192   RasPppoe - ok
16:15:45.0811 4192   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:15:45.0811 4192   RasSstp - ok
16:15:45.0826 4192   rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:15:45.0842 4192   rdbss - ok
16:15:45.0858 4192   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:15:45.0858 4192   rdpbus - ok
16:15:45.0873 4192   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:15:45.0873 4192   RDPCDD - ok
16:15:45.0920 4192   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:15:45.0920 4192   RDPENCDD - ok
16:15:45.0920 4192   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:15:45.0936 4192   RDPREFMP - ok
16:15:45.0967 4192   RDPWD           (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:15:45.0967 4192   RDPWD - ok
16:15:45.0998 4192   rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:15:45.0998 4192   rdyboost - ok
16:15:46.0029 4192   RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:15:46.0029 4192   RemoteAccess - ok
16:15:46.0045 4192   RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:15:46.0060 4192   RemoteRegistry - ok
16:15:46.0092 4192   RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:15:46.0092 4192   RpcEptMapper - ok
16:15:46.0123 4192   RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:15:46.0123 4192   RpcLocator - ok
16:15:46.0154 4192   RpcSs           (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:15:46.0154 4192   RpcSs - ok
16:15:46.0201 4192   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #8 on: April 20, 2012, 04:59:49 pm »
16:15:46.0201 4192   rspndr - ok
16:15:46.0232 4192   SamSs           (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:15:46.0232 4192   SamSs - ok
16:15:46.0248 4192   sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:15:46.0248 4192   sbp2port - ok
16:15:46.0279 4192   SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:15:46.0279 4192   SCardSvr - ok
16:15:46.0294 4192   scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:15:46.0294 4192   scfilter - ok
16:15:46.0341 4192   Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:15:46.0372 4192   Schedule - ok
16:15:46.0404 4192   SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:15:46.0404 4192   SCPolicySvc - ok
16:15:46.0435 4192   SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:15:46.0435 4192   SDRSVC - ok
16:15:46.0482 4192   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:15:46.0482 4192   secdrv - ok
16:15:46.0497 4192   seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:15:46.0497 4192   seclogon - ok
16:15:46.0528 4192   SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:15:46.0544 4192   SENS - ok
16:15:46.0560 4192   SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:15:46.0575 4192   SensrSvc - ok
16:15:46.0575 4192   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:15:46.0591 4192   Serenum - ok
16:15:46.0622 4192   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:15:46.0622 4192   Serial - ok
16:15:46.0638 4192   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:15:46.0653 4192   sermouse - ok
16:15:46.0669 4192   SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:15:46.0684 4192   SessionEnv - ok
16:15:46.0700 4192   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:15:46.0700 4192   sffdisk - ok
16:15:46.0700 4192   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:15:46.0716 4192   sffp_mmc - ok
16:15:46.0716 4192   sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:15:46.0716 4192   sffp_sd - ok
16:15:46.0731 4192   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:15:46.0731 4192   sfloppy - ok
16:15:46.0825 4192   SftService      (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:15:46.0856 4192   SftService - ok
16:15:46.0903 4192   SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:15:46.0918 4192   SharedAccess - ok
16:15:46.0950 4192   ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:15:46.0950 4192   ShellHWDetection - ok
16:15:46.0996 4192   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:15:46.0996 4192   SiSRaid2 - ok
16:15:47.0012 4192   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:15:47.0012 4192   SiSRaid4 - ok
16:15:47.0043 4192   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:15:47.0043 4192   Smb - ok
16:15:47.0090 4192   SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:15:47.0090 4192   SNMPTRAP - ok
16:15:47.0106 4192   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:15:47.0106 4192   spldr - ok
16:15:47.0184 4192   Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:15:47.0199 4192   Spooler - ok
16:15:47.0277 4192   sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:15:47.0340 4192   sppsvc - ok
16:15:47.0371 4192   sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:15:47.0371 4192   sppuinotify - ok
16:15:47.0418 4192   srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:15:47.0418 4192   srv - ok
16:15:47.0464 4192   srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:15:47.0464 4192   srv2 - ok
16:15:47.0511 4192   srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:15:47.0511 4192   srvnet - ok
16:15:47.0542 4192   SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:15:47.0542 4192   SSDPSRV - ok
16:15:47.0558 4192   SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:15:47.0558 4192   SstpSvc - ok
16:15:47.0589 4192   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:15:47.0589 4192   stexstor - ok
16:15:47.0636 4192   stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:15:47.0652 4192   stisvc - ok
16:15:47.0652 4192   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:15:47.0652 4192   swenum - ok
16:15:47.0683 4192   swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:15:47.0683 4192   swprv - ok
16:15:47.0730 4192   SysMain         (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:15:47.0761 4192   SysMain - ok
16:15:47.0808 4192   TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:15:47.0808 4192   TabletInputService - ok
16:15:47.0823 4192   TapiSrv         (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:15:47.0839 4192   TapiSrv - ok
16:15:47.0839 4192   TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:15:47.0854 4192   TBS - ok
16:15:47.0932 4192   Tcpip           (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:15:47.0948 4192   Tcpip - ok
16:15:47.0995 4192   TCPIP6          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:15:48.0010 4192   TCPIP6 - ok
16:15:48.0026 4192   tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:15:48.0026 4192   tcpipreg - ok
16:15:48.0057 4192   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:15:48.0057 4192   TDPIPE - ok
16:15:48.0088 4192   TDTCP           (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:15:48.0088 4192   TDTCP - ok
16:15:48.0104 4192   tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:15:48.0120 4192   tdx - ok
16:15:48.0151 4192   TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:15:48.0151 4192   TermDD - ok
16:15:48.0182 4192   TermService     (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:15:48.0198 4192   TermService - ok
16:15:48.0213 4192   Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:15:48.0213 4192   Themes - ok
16:15:48.0244 4192   THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:15:48.0260 4192   THREADORDER - ok
16:15:48.0276 4192   TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:15:48.0276 4192   TrkWks - ok
16:15:48.0307 4192   TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:15:48.0307 4192   TrustedInstaller - ok
16:15:48.0338 4192   tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:15:48.0354 4192   tssecsrv - ok
16:15:48.0369 4192   tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:15:48.0385 4192   tunnel - ok
16:15:48.0400 4192   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:15:48.0400 4192   uagp35 - ok
16:15:48.0432 4192   udfs            (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
16:15:48.0432 4192   udfs - ok
16:15:48.0463 4192   UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:15:48.0463 4192   UI0Detect - ok
16:15:48.0494 4192   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:15:48.0494 4192   uliagpkx - ok
16:15:48.0510 4192   umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:15:48.0510 4192   umbus - ok
16:15:48.0541 4192   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:15:48.0541 4192   UmPass - ok
16:15:48.0556 4192   upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:15:48.0572 4192   upnphost - ok
16:15:48.0588 4192   usbccgp         (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
16:15:48.0588 4192   usbccgp - ok
16:15:48.0603 4192   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:15:48.0603 4192   usbcir - ok
16:15:48.0634 4192   usbehci         (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
16:15:48.0634 4192   usbehci - ok
16:15:48.0666 4192   usbhub          (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
16:15:48.0666 4192   usbhub - ok
16:15:48.0697 4192   usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:15:48.0697 4192   usbohci - ok
16:15:48.0728 4192   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:15:48.0728 4192   usbprint - ok
16:15:48.0759 4192   usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:15:48.0775 4192   usbscan - ok
16:15:48.0775 4192   USBSTOR         (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:15:48.0790 4192   USBSTOR - ok
16:15:48.0822 4192   usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:15:48.0822 4192   usbuhci - ok
16:15:48.0837 4192   UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:15:48.0853 4192   UxSms - ok
16:15:48.0884 4192   VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:15:48.0884 4192   VaultSvc - ok
16:15:48.0915 4192   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:15:48.0915 4192   vdrvroot - ok
16:15:48.0931 4192   vds             (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:15:48.0946 4192   vds - ok
16:15:48.0978 4192   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:15:48.0978 4192   vga - ok
16:15:48.0993 4192   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:15:48.0993 4192   VgaSave - ok
16:15:49.0024 4192   vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:15:49.0024 4192   vhdmp - ok
16:15:49.0040 4192   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:15:49.0040 4192   viaide - ok
16:15:49.0071 4192   volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:15:49.0071 4192   volmgr - ok
16:15:49.0087 4192   volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:15:49.0087 4192   volmgrx - ok
16:15:49.0118 4192   volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:15:49.0118 4192   volsnap - ok
16:15:49.0149 4192   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:15:49.0149 4192   vsmraid - ok
16:15:49.0212 4192   VSS             (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:15:49.0243 4192   VSS - ok
16:15:49.0258 4192   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:15:49.0274 4192   vwifibus - ok
16:15:49.0290 4192   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:15:49.0290 4192   vwififlt - ok
16:15:49.0321 4192   vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:15:49.0321 4192   vwifimp - ok
16:15:49.0336 4192   W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:15:49.0352 4192   W32Time - ok
16:15:49.0368 4192   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:15:49.0368 4192   WacomPen - ok
16:15:49.0399 4192   WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:15:49.0414 4192   WANARP - ok
16:15:49.0414 4192   Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:15:49.0414 4192   Wanarpv6 - ok
16:15:49.0492 4192   WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:15:49.0524 4192   WatAdminSvc - ok
16:15:49.0570 4192   wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:15:49.0586 4192   wbengine - ok
16:15:49.0586 4192   WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:15:49.0602 4192   WbioSrvc - ok
16:15:49.0602 4192   wcncsvc         (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
16:15:49.0617 4192   wcncsvc - ok
16:15:49.0633 4192   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:15:49.0633 4192   WcsPlugInService - ok
16:15:49.0680 4192   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:15:49.0680 4192   Wd - ok
16:15:49.0695 4192   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:15:49.0711 4192   Wdf01000 - ok
16:15:49.0726 4192   WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:15:49.0726 4192   WdiServiceHost - ok
16:15:49.0742 4192   WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:15:49.0742 4192   WdiSystemHost - ok
16:15:49.0758 4192   WebClient       (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
16:15:49.0773 4192   WebClient - ok
16:15:49.0773 4192   Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:15:49.0789 4192   Wecsvc - ok
16:15:49.0804 4192   wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:15:49.0820 4192   wercplsupport - ok
16:15:49.0851 4192   WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:15:49.0851 4192   WerSvc - ok
16:15:49.0882 4192   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:15:49.0882 4192   WfpLwf - ok
16:15:49.0914 4192   WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:15:49.0929 4192   WimFltr - ok
16:15:49.0945 4192   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:15:49.0945 4192   WIMMount - ok
16:15:49.0945 4192   WinHttpAutoProxySvc - ok
16:15:49.0992 4192   Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:15:49.0992 4192   Winmgmt - ok
16:15:50.0054 4192   WinRM           (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:15:50.0085 4192   WinRM - ok
16:15:50.0116 4192   Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:15:50.0132 4192   Wlansvc - ok
16:15:50.0163 4192   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:15:50.0163 4192   WmiAcpi - ok
16:15:50.0210 4192   wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:15:50.0210 4192   wmiApSrv - ok
16:15:50.0226 4192   WMPNetworkSvc - ok
16:15:50.0257 4192   WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:15:50.0272 4192   WPCSvc - ok
16:15:50.0288 4192   WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:15:50.0288 4192   WPDBusEnum - ok
16:15:50.0319 4192   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:15:50.0319 4192   ws2ifsl - ok
16:15:50.0335 4192   WSearch - ok
16:15:50.0397 4192   wuauserv        (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:15:50.0444 4192   wuauserv - ok
16:15:50.0475 4192   WudfPf          (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
16:15:50.0475 4192   WudfPf - ok
16:15:50.0491 4192   WUDFRd          (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:50.0506 4192   WUDFRd - ok
16:15:50.0522 4192   wudfsvc         (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
16:15:50.0522 4192   wudfsvc - ok
16:15:50.0553 4192   WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:15:50.0553 4192   WwanSvc - ok
16:15:50.0600 4192   MBR (0x1B8)     (faf3db026c90f586e5993588661e2612) \Device\Harddisk0\DR0
16:15:50.0616 4192   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:15:50.0616 4192   \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:15:50.0631 4192   MBR (0x1B8)     (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
16:15:51.0052 4192   \Device\Harddisk1\DR1 - ok
16:15:51.0052 4192   Boot (0x1200)   (a2d398b8e819d879b28d775dc2eaf709) \Device\Harddisk0\DR0\Partition0
16:15:51.0068 4192   \Device\Harddisk0\DR0\Partition0 - ok
16:15:51.0068 4192   Boot (0x1200)   (53c82e5ccea6fa39d1c36fe861de83d5) \Device\Harddisk0\DR0\Partition1
16:15:51.0068 4192   \Device\Harddisk0\DR0\Partition1 - ok
16:15:51.0084 4192   Boot (0x1200)   (6837429598619294b8cf2bf7183bf058) \Device\Harddisk1\DR1\Partition0
16:15:51.0084 4192   \Device\Harddisk1\DR1\Partition0 - ok
16:15:51.0084 4192   ============================================================
16:15:51.0084 4192   Scan finished
16:15:51.0084 4192   ============================================================
16:15:51.0115 1788   Detected object count: 1
16:15:51.0115 1788   Actual detected object count: 1
16:16:41.0035 1788   \Device\Harddisk0\DR0\# - copied to quarantine
16:16:41.0035 1788   \Device\Harddisk0\DR0 - copied to quarantine
16:16:41.0160 1788   \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:16:41.0175 1788   \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
16:16:41.0191 1788   \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
16:16:41.0191 1788   \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
16:16:41.0206 1788   \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
16:16:41.0222 1788   \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
16:16:41.0253 1788   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
16:16:41.0253 1788   \Device\Harddisk0\DR0 - ok
16:16:41.0472 1788   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
16:16:57.0696 0684   Deinitialize success

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #9 on: April 20, 2012, 05:06:12 pm »
OK, thanks...please uninstall these:
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 20 (Version: 6.0.200)
ShopAtHome.com Toolbar
SiteRanker (Version: 1.0.0.20)


...now please reboot the system and run TDSSKiller again. I need to see THAT log.

Next, download RogueKiller to your desktop
  • Close all open programs
  • For Vista or Windows 7, right click -> run as administrator, for XP simply double-click RogueKiller.exe
  • The prescan begins, please wait until it finishes, then click the Scan button.
  • The RKreport.txt shall be generated and auto-saved to your desktop.
Note: If the program fails to run, don't hesitate to try several times. If several attempts still fail (it is possible), just rename it to winlogon.exe and try running it again.

Please post the contents of the RKreport.txt in your next reply along with the TDSSKiller log from your latest scan. Thanks!

Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #10 on: April 20, 2012, 06:35:58 pm »
Uninstalled the 4 programs you listed.



18:29:12.0080 5680   TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
18:29:14.0083 5680   ============================================================
18:29:14.0083 5680   Current date / time: 2012/04/20 18:29:14.0083
18:29:14.0083 5680   SystemInfo:
18:29:14.0083 5680   
18:29:14.0083 5680   OS Version: 6.1.7600 ServicePack: 0.0
18:29:14.0083 5680   Product type: Workstation
18:29:14.0083 5680   ComputerName: LARRY-PC
18:29:14.0089 5680   UserName: Larry
18:29:14.0089 5680   Windows directory: C:\Windows
18:29:14.0089 5680   System windows directory: C:\Windows
18:29:14.0089 5680   Running under WOW64
18:29:14.0089 5680   Processor architecture: Intel x64
18:29:14.0089 5680   Number of processors: 2
18:29:14.0089 5680   Page size: 0x1000
18:29:14.0089 5680   Boot type: Normal boot
18:29:14.0089 5680   ============================================================
18:29:14.0978 5680   Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:14.0981 5680   Drive \Device\Harddisk1\DR1 - Size: 0x77B00000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:29:14.0992 5680   \Device\Harddisk0\DR0:
18:29:14.0992 5680   MBR partitions:
18:29:14.0992 5680   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1139000
18:29:14.0992 5680   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x114D000, BlocksNum 0x242E1000
18:29:14.0992 5680   \Device\Harddisk1\DR1:
18:29:14.0993 5680   MBR partitions:
18:29:14.0993 5680   \Device\Harddisk1\DR1\Partition0: MBR, Type 0xE, StartLBA 0x1F80, BlocksNum 0x3BB880
18:29:15.0019 5680   C: <-> \Device\Harddisk0\DR0\Partition1
18:29:15.0019 5680   Initialize success
18:29:15.0019 5680   ============================================================
18:29:21.0001 4748   ============================================================
18:29:21.0001 4748   Scan started
18:29:21.0001 4748   Mode: Manual;
18:29:21.0001 4748   ============================================================
18:29:24.0702 4748   1394ohci        (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
18:29:24.0704 4748   1394ohci - ok
18:29:24.0730 4748   32011063 - ok
18:29:24.0757 4748   ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
18:29:24.0759 4748   ACPI - ok
18:29:24.0784 4748   AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
18:29:24.0785 4748   AcpiPmi - ok
18:29:24.0877 4748   AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:29:24.0881 4748   AdobeFlashPlayerUpdateSvc - ok
18:29:24.0944 4748   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:29:24.0947 4748   adp94xx - ok
18:29:24.0958 4748   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:29:24.0960 4748   adpahci - ok
18:29:24.0970 4748   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:29:24.0972 4748   adpu320 - ok
18:29:24.0989 4748   AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:29:24.0990 4748   AeLookupSvc - ok
18:29:25.0146 4748   AFD             (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
18:29:25.0149 4748   AFD - ok
18:29:25.0163 4748   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
18:29:25.0165 4748   agp440 - ok
18:29:25.0185 4748   ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:29:25.0186 4748   ALG - ok
18:29:25.0202 4748   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
18:29:25.0203 4748   aliide - ok
18:29:25.0235 4748   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
18:29:25.0236 4748   amdide - ok
18:29:25.0254 4748   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:29:25.0255 4748   AmdK8 - ok
18:29:25.0263 4748   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:29:25.0265 4748   AmdPPM - ok
18:29:25.0277 4748   amdsata         (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
18:29:25.0278 4748   amdsata - ok
18:29:25.0310 4748   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:29:25.0313 4748   amdsbs - ok
18:29:25.0342 4748   amdxata         (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
18:29:25.0342 4748   amdxata - ok
18:29:25.0359 4748   AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
18:29:25.0361 4748   AppID - ok
18:29:25.0386 4748   AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:29:25.0388 4748   AppIDSvc - ok
18:29:25.0401 4748   Appinfo         (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
18:29:25.0402 4748   Appinfo - ok
18:29:25.0418 4748   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:29:25.0420 4748   arc - ok
18:29:25.0446 4748   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:29:25.0447 4748   arcsas - ok
18:29:25.0462 4748   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:29:25.0463 4748   AsyncMac - ok
18:29:25.0484 4748   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
18:29:25.0485 4748   atapi - ok
18:29:25.0520 4748   AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
18:29:25.0526 4748   AudioEndpointBuilder - ok
18:29:25.0544 4748   AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
18:29:25.0547 4748   AudioSrv - ok
18:29:25.0705 4748   AVGIDSAgent     (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
18:29:25.0727 4748   AVGIDSAgent - ok
18:29:25.0816 4748   AVGIDSDriver    (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:29:25.0817 4748   AVGIDSDriver - ok
18:29:25.0867 4748   AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:29:25.0868 4748   AVGIDSEH - ok
18:29:25.0901 4748   AVGIDSFilter    (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:29:25.0901 4748   AVGIDSFilter - ok
18:29:25.0973 4748   Avgldx64        (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
18:29:25.0975 4748   Avgldx64 - ok
18:29:25.0999 4748   Avgmfx64        (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
18:29:26.0002 4748   Avgmfx64 - ok
18:29:26.0047 4748   Avgrkx64        (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
18:29:26.0048 4748   Avgrkx64 - ok
18:29:26.0083 4748   Avgtdia         (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
18:29:26.0085 4748   Avgtdia - ok
18:29:26.0186 4748   avgwd           (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
18:29:26.0188 4748   avgwd - ok
18:29:26.0257 4748   AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
18:29:26.0259 4748   AxInstSV - ok
18:29:26.0299 4748   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:29:26.0304 4748   b06bdrv - ok
18:29:26.0337 4748   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:29:26.0340 4748   b57nd60a - ok
18:29:26.0532 4748   BBSvc           (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:29:26.0535 4748   BBSvc - ok
18:29:26.0576 4748   BBUpdate        (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:29:26.0579 4748   BBUpdate - ok
18:29:26.0599 4748   BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:29:26.0602 4748   BDESVC - ok
18:29:26.0650 4748   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:29:26.0653 4748   Beep - ok
18:29:26.0690 4748   BFE             (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
18:29:26.0697 4748   BFE - ok
18:29:26.0732 4748   BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
18:29:26.0741 4748   BITS - ok
18:29:26.0763 4748   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:29:26.0764 4748   blbdrive - ok
18:29:26.0793 4748   bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
18:29:26.0795 4748   bowser - ok
18:29:26.0816 4748   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:29:26.0817 4748   BrFiltLo - ok
18:29:26.0826 4748   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:29:26.0828 4748   BrFiltUp - ok
18:29:26.0847 4748   Browser         (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
18:29:26.0849 4748   Browser - ok
18:29:26.0874 4748   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:29:26.0878 4748   Brserid - ok
18:29:26.0897 4748   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:29:26.0898 4748   BrSerWdm - ok
18:29:26.0951 4748   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:29:26.0951 4748   BrUsbMdm - ok
18:29:26.0969 4748   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:29:26.0969 4748   BrUsbSer - ok
18:29:26.0977 4748   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:29:26.0980 4748   BTHMODEM - ok
18:29:26.0999 4748   bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:29:27.0004 4748   bthserv - ok
18:29:27.0022 4748   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:29:27.0024 4748   cdfs - ok
18:29:27.0052 4748   cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
18:29:27.0054 4748   cdrom - ok
18:29:27.0081 4748   CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
18:29:27.0083 4748   CertPropSvc - ok
18:29:27.0118 4748   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:29:27.0119 4748   circlass - ok
18:29:27.0144 4748   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:29:27.0146 4748   CLFS - ok
18:29:27.0196 4748   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:27.0198 4748   clr_optimization_v2.0.50727_32 - ok
18:29:27.0234 4748   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:29:27.0236 4748   clr_optimization_v2.0.50727_64 - ok
18:29:27.0283 4748   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:29:27.0284 4748   CmBatt - ok
18:29:27.0306 4748   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
18:29:27.0307 4748   cmdide - ok
18:29:27.0349 4748   CNG             (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
18:29:27.0351 4748   CNG - ok
18:29:27.0366 4748   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:29:27.0367 4748   Compbatt - ok
18:29:27.0391 4748   CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:29:27.0393 4748   CompositeBus - ok
18:29:27.0409 4748   COMSysApp - ok
18:29:27.0421 4748   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:29:27.0422 4748   crcdisk - ok
18:29:27.0448 4748   CryptSvc        (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
18:29:27.0450 4748   CryptSvc - ok
18:29:27.0493 4748   DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
18:29:27.0498 4748   DcomLaunch - ok
18:29:27.0528 4748   defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:29:27.0533 4748   defragsvc - ok
18:29:27.0558 4748   DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
18:29:27.0560 4748   DfsC - ok
18:29:27.0596 4748   Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
18:29:27.0600 4748   Dhcp - ok
18:29:27.0667 4748   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:29:27.0688 4748   discache - ok
18:29:27.0745 4748   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:29:27.0745 4748   Disk - ok
18:29:27.0783 4748   Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
18:29:27.0786 4748   Dnscache - ok
18:29:27.0867 4748   DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
18:29:27.0868 4748   DockLoginService - ok
18:29:27.0905 4748   dot3svc         (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
18:29:27.0909 4748   dot3svc - ok
18:29:27.0927 4748   DPS             (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
18:29:27.0930 4748   DPS - ok
18:29:27.0973 4748   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:29:27.0975 4748   drmkaud - ok
18:29:28.0021 4748   DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
18:29:28.0026 4748   DXGKrnl - ok
18:29:28.0044 4748   EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:29:28.0046 4748   EapHost - ok
18:29:28.0109 4748   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:29:28.0129 4748   ebdrv - ok
18:29:28.0161 4748   EFS             (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
18:29:28.0162 4748   EFS - ok
18:29:28.0210 4748   ehRecvr         (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe
18:29:28.0213 4748   ehRecvr - ok
18:29:28.0240 4748   ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:29:28.0241 4748   ehSched - ok
18:29:28.0276 4748   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:29:28.0285 4748   elxstor - ok
18:29:28.0294 4748   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
18:29:28.0295 4748   ErrDev - ok
18:29:28.0345 4748   EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:29:28.0349 4748   EventSystem - ok
18:29:28.0365 4748   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:29:28.0368 4748   exfat - ok
18:29:28.0390 4748   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:29:28.0393 4748   fastfat - ok
18:29:28.0431 4748   Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
18:29:28.0434 4748   Fax - ok
18:29:28.0456 4748   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:29:28.0456 4748   fdc - ok
18:29:28.0466 4748   fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:29:28.0468 4748   fdPHost - ok
18:29:28.0497 4748   FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:29:28.0499 4748   FDResPub - ok
18:29:28.0516 4748   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:29:28.0517 4748   FileInfo - ok
18:29:28.0526 4748   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:29:28.0529 4748   Filetrace - ok
18:29:28.0546 4748   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:29:28.0547 4748   flpydisk - ok
18:29:28.0579 4748   FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
18:29:28.0581 4748   FltMgr - ok
18:29:28.0623 4748   FontCache       (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
18:29:28.0640 4748   FontCache - ok
18:29:28.0692 4748   FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:29:28.0694 4748   FontCache3.0.0.0 - ok
18:29:28.0710 4748   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:29:28.0713 4748   FsDepends - ok
18:29:28.0767 4748   Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
18:29:28.0768 4748   Fs_Rec - ok
18:29:28.0807 4748   fvevol          (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
18:29:28.0809 4748   fvevol - ok
18:29:28.0835 4748   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:29:28.0836 4748   gagp30kx - ok
18:29:28.0858 4748   GoToAssist - ok
18:29:28.0898 4748   gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
18:29:28.0905 4748   gpsvc - ok
18:29:28.0959 4748   gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:29:28.0960 4748   gupdate - ok
18:29:28.0988 4748   gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:29:28.0989 4748   gupdatem - ok
18:29:29.0033 4748   gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:29:29.0036 4748   gusvc - ok
18:29:29.0102 4748   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:29:29.0102 4748   hcw85cir - ok
18:29:29.0123 4748   HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:29:29.0125 4748   HDAudBus - ok
18:29:29.0161 4748   HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
18:29:29.0162 4748   HECIx64 - ok
18:29:29.0183 4748   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:29:29.0186 4748   HidBatt - ok
18:29:29.0197 4748   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:29:29.0198 4748   HidBth - ok
18:29:29.0208 4748   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:29:29.0213 4748   HidIr - ok
18:29:29.0295 4748   hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:29:29.0297 4748   hidserv - ok
18:29:29.0343 4748   HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
18:29:29.0345 4748   HidUsb - ok
18:29:29.0369 4748   hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
18:29:29.0373 4748   hkmsvc - ok
18:29:29.0448 4748   HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
18:29:29.0454 4748   HomeGroupListener - ok
18:29:29.0502 4748   HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
18:29:29.0505 4748   HomeGroupProvider - ok
18:29:29.0544 4748   HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
18:29:29.0546 4748   HpSAMD - ok
18:29:29.0583 4748   HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
18:29:29.0590 4748   HTTP - ok
18:29:29.0614 4748   hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
18:29:29.0615 4748   hwpolicy - ok
18:29:29.0634 4748   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:29:29.0636 4748   i8042prt - ok
18:29:29.0661 4748   iaStorV         (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
18:29:29.0663 4748   iaStorV - ok
18:29:29.0712 4748   idsvc           (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:29:29.0717 4748   idsvc - ok
18:29:29.0892 4748   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:29:29.0894 4748   iirsp - ok
18:29:29.0951 4748   IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
18:29:29.0959 4748   IKEEXT - ok
18:29:29.0980 4748   Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
18:29:29.0984 4748   Impcd - ok
18:29:30.0068 4748   IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
18:29:30.0081 4748   IntcAzAudAddService - ok
18:29:30.0110 4748   IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:29:30.0114 4748   IntcDAud - ok
18:29:30.0132 4748   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
18:29:30.0168 4748   intelide - ok
18:29:30.0202 4748   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:29:30.0203 4748   intelppm - ok
18:29:30.0226 4748   IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:29:30.0228 4748   IPBusEnum - ok
18:29:30.0246 4748   IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:29:30.0248 4748   IpFilterDriver - ok
18:29:30.0266 4748   IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:29:30.0266 4748   IPMIDRV - ok
18:29:30.0288 4748   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:29:30.0311 4748   IPNAT - ok
18:29:30.0338 4748   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:29:30.0339 4748   IRENUM - ok
18:29:30.0353 4748   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
18:29:30.0354 4748   isapnp - ok
18:29:30.0456 4748   iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
18:29:30.0458 4748   iScsiPrt - ok
18:29:30.0502 4748   k57nd60a        (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
18:29:30.0504 4748   k57nd60a - ok
18:29:30.0533 4748   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:29:30.0534 4748   kbdclass - ok
18:29:30.0554 4748   kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
18:29:30.0556 4748   kbdhid - ok
18:29:30.0600 4748   KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:29:30.0601 4748   KeyIso - ok
18:29:30.0640 4748   KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
18:29:30.0641 4748   KSecDD - ok
18:29:30.0676 4748   KSecPkg         (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
18:29:30.0677 4748   KSecPkg - ok
18:29:30.0702 4748   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:29:30.0703 4748   ksthunk - ok
18:29:30.0733 4748   KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:29:30.0739 4748   KtmRm - ok
18:29:30.0777 4748   LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
18:29:30.0781 4748   LanmanServer - ok
18:29:30.0815 4748   LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
18:29:30.0818 4748   LanmanWorkstation - ok
18:29:30.0865 4748   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:29:30.0869 4748   lltdio - ok
18:29:30.0904 4748   lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:29:30.0908 4748   lltdsvc - ok
18:29:30.0923 4748   lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:29:30.0925 4748   lmhosts - ok
18:29:30.0949 4748   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:29:30.0950 4748   LSI_FC - ok
18:29:30.0969 4748   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:29:30.0970 4748   LSI_SAS - ok
18:29:31.0002 4748   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:29:31.0003 4748   LSI_SAS2 - ok
18:29:31.0058 4748   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:29:31.0059 4748   LSI_SCSI - ok
18:29:31.0095 4748   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:29:31.0097 4748   luafv - ok
18:29:31.0118 4748   Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
18:29:31.0122 4748   Mcx2Svc - ok
18:29:31.0137 4748   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:29:31.0138 4748   megasas - ok
18:29:31.0156 4748   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:29:31.0157 4748   MegaSR - ok
18:29:31.0187 4748   MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:29:31.0189 4748   MMCSS - ok
18:29:31.0205 4748   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:29:31.0208 4748   Modem - ok
18:29:31.0256 4748   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:29:31.0257 4748   monitor - ok
18:29:31.0306 4748   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:29:31.0310 4748   mouclass - ok
18:29:31.0424 4748   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:29:31.0426 4748   mouhid - ok
18:29:31.0452 4748   mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
18:29:31.0453 4748   mountmgr - ok
18:29:31.0495 4748   mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
18:29:31.0496 4748   mpio - ok
18:29:31.0518 4748   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:29:31.0526 4748   mpsdrv - ok
18:29:31.0544 4748   MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
18:29:31.0545 4748   MRxDAV - ok
18:29:31.0578 4748   mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:29:31.0580 4748   mrxsmb - ok
18:29:31.0619 4748   mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:29:31.0622 4748   mrxsmb10 - ok
18:29:31.0636 4748   mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:29:31.0639 4748   mrxsmb20 - ok
18:29:31.0668 4748   msahci          (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
18:29:31.0669 4748   msahci - ok
18:29:31.0691 4748   msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
18:29:31.0692 4748   msdsm - ok
18:29:31.0719 4748   MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:29:31.0720 4748   MSDTC - ok
18:29:31.0751 4748   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:29:31.0752 4748   Msfs - ok
18:29:31.0768 4748   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:29:31.0769 4748   mshidkmdf - ok
18:29:31.0790 4748   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
18:29:31.0790 4748   msisadrv - ok
18:29:31.0827 4748   MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:29:31.0830 4748   MSiSCSI - ok
18:29:31.0837 4748   msiserver - ok
18:29:31.0864 4748   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:29:31.0866 4748   MSKSSRV - ok
18:29:31.0910 4748   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:29:31.0911 4748   MSPCLOCK - ok
18:29:31.0942 4748   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:29:31.0944 4748   MSPQM - ok
18:29:31.0967 4748   MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
18:29:31.0971 4748   MsRPC - ok
18:29:31.0995 4748   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:29:31.0996 4748   mssmbios - ok
18:29:32.0023 4748   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:29:32.0026 4748   MSTEE - ok
18:29:32.0044 4748   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:29:32.0045 4748   MTConfig - ok
18:29:32.0076 4748   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:29:32.0077 4748   Mup - ok
18:29:32.0109 4748   napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
18:29:32.0115 4748   napagent - ok
18:29:32.0155 4748   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:29:32.0159 4748   NativeWifiP - ok
18:29:32.0198 4748   NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
18:29:32.0202 4748   NDIS - ok
18:29:32.0223 4748   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:29:32.0225 4748   NdisCap - ok
18:29:32.0269 4748   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:29:32.0271 4748   NdisTapi - ok
18:29:32.0300 4748   Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
18:29:32.0302 4748   Ndisuio - ok
18:29:32.0326 4748   NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:29:32.0328 4748   NdisWan - ok
18:29:32.0375 4748   NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
18:29:32.0377 4748   NDProxy - ok
18:29:32.0402 4748   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:29:32.0404 4748   NetBIOS - ok
18:29:32.0429 4748   NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
18:29:32.0433 4748   NetBT - ok
18:29:32.0465 4748   Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:29:32.0466 4748   Netlogon - ok
18:29:32.0502 4748   Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:29:32.0507 4748   Netman - ok
18:29:32.0555 4748   netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:29:32.0560 4748   netprofm - ok
18:29:32.0667 4748   netr28x         (68cdb276a3009f0cf000c6352c1f72e7) C:\Windows\system32\DRIVERS\netr28x.sys
18:29:32.0722 4748   netr28x - ok
18:29:32.0776 4748   NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:29:32.0777 4748   NetTcpPortSharing - ok
18:29:32.0804 4748   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:29:32.0805 4748   nfrd960 - ok
18:29:32.0843 4748   NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
18:29:32.0846 4748   NlaSvc - ok
18:29:32.0876 4748   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:29:32.0878 4748   Npfs - ok
18:29:32.0911 4748   nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:29:32.0913 4748   nsi - ok
18:29:32.0941 4748   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:29:32.0945 4748   nsiproxy - ok
18:29:33.0016 4748   Ntfs            (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
18:29:33.0041 4748   Ntfs - ok
18:29:33.0088 4748   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:29:33.0100 4748   Null - ok
18:29:33.0132 4748   NVHDA           (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
18:29:33.0139 4748   NVHDA - ok
18:29:33.0462 4748   nvlddmkm        (a5d0603cae6c334b1386204d94393c04) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:29:33.0512 4748   nvlddmkm - ok
18:29:33.0548 4748   nvraid          (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
18:29:33.0550 4748   nvraid - ok
18:29:33.0558 4748   nvstor          (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
18:29:33.0560 4748   nvstor - ok
18:29:33.0597 4748   nvsvc           (268d382fcc6a8a568aab7c6dc8c71bb3) C:\Windows\system32\nvvsvc.exe
18:29:33.0601 4748   nvsvc - ok
18:29:33.0628 4748   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
18:29:33.0630 4748   nv_agp - ok
18:29:33.0655 4748   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
18:29:33.0656 4748   ohci1394 - ok
18:29:33.0685 4748   p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:29:33.0689 4748   p2pimsvc - ok
18:29:33.0710 4748   p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:29:33.0715 4748   p2psvc - ok
18:29:33.0728 4748   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:29:33.0729 4748   Parport - ok
18:29:33.0742 4748   partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
18:29:33.0743 4748   partmgr - ok
18:29:33.0762 4748   PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:29:33.0765 4748   PcaSvc - ok
18:29:33.0785 4748   pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
18:29:33.0786 4748   pci - ok
18:29:33.0801 4748   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
18:29:33.0802 4748   pciide - ok
18:29:33.0836 4748   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:29:33.0838 4748   pcmcia - ok
18:29:33.0854 4748   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:29:33.0855 4748   pcw - ok
18:29:33.0880 4748   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:29:33.0886 4748   PEAUTH - ok
18:29:33.0937 4748   PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:29:33.0938 4748   PerfHost - ok
18:29:33.0996 4748   pla             (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
18:29:34.0028 4748   pla - ok
18:29:34.0077 4748   PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
18:29:34.0082 4748   PlugPlay - ok
18:29:34.0103 4748   PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:29:34.0109 4748   PNRPAutoReg - ok
18:29:34.0176 4748   PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:29:34.0178 4748   PNRPsvc - ok
18:29:34.0214 4748   PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
18:29:34.0219 4748   PolicyAgent - ok
18:29:34.0238 4748   Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:29:34.0241 4748   Power - ok
18:29:34.0284 4748   PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
18:29:34.0286 4748   PptpMiniport - ok
18:29:34.0307 4748   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:29:34.0308 4748   Processor - ok
18:29:34.0329 4748   ProfSvc         (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
18:29:34.0332 4748   ProfSvc - ok
18:29:34.0363 4748   ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:29:34.0364 4748   ProtectedStorage - ok
18:29:34.0378 4748   Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
18:29:34.0381 4748   Psched - ok
18:29:34.0412 4748   PxHlpa64        (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:29:34.0413 4748   PxHlpa64 - ok
18:29:34.0454 4748   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:29:34.0461 4748   ql2300 - ok
18:29:34.0471 4748   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:29:34.0474 4748   ql40xx - ok
18:29:34.0504 4748   QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:29:34.0508 4748   QWAVE - ok
18:29:34.0526 4748   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:29:34.0527 4748   QWAVEdrv - ok
18:29:34.0622 4748   RalinkRegistryWriter (583608ee65aabf971117a61aee4bcaae) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
18:29:34.0624 4748   RalinkRegistryWriter - ok
18:29:34.0642 4748   RalinkRegistryWriter64 (2dd4830ab9543bd9067380a7e8e99258) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
18:29:34.0644 4748   RalinkRegistryWriter64 - ok
18:29:34.0662 4748   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:29:34.0676 4748   RasAcd - ok
18:29:34.0721 4748   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:29:34.0723 4748   RasAgileVpn - ok
18:29:34.0743 4748   RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:29:34.0745 4748   RasAuto - ok
18:29:34.0759 4748   Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:29:34.0762 4748   Rasl2tp - ok
18:29:34.0777 4748   RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
18:29:34.0783 4748   RasMan - ok
18:29:34.0803 4748   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:29:34.0805 4748   RasPppoe - ok
18:29:34.0824 4748   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:29:34.0826 4748   RasSstp - ok
18:29:34.0846 4748   rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
18:29:34.0852 4748   rdbss - ok
18:29:34.0868 4748   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:29:34.0869 4748   rdpbus - ok
18:29:34.0908 4748   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:29:34.0919 4748   RDPCDD - ok
18:29:35.0186 4748   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:29:35.0188 4748   RDPENCDD - ok
18:29:35.0250 4748   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:29:35.0251 4748   RDPREFMP - ok
18:29:35.0281 4748   RDPWD           (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
18:29:35.0284 4748   RDPWD - ok
18:29:35.0308 4748   rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
18:29:35.0309 4748   rdyboost - ok
18:29:35.0332 4748   RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:29:35.0335 4748   RemoteAccess - ok
18:29:35.0350 4748   RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:29:35.0353 4748   RemoteRegistry - ok
18:29:35.0378 4748   RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:29:35.0380 4748   RpcEptMapper - ok
18:29:35.0398 4748   RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:29:35.0399 4748   RpcLocator - ok
18:29:35.0418 4748   RpcSs           (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
18:29:35.0422 4748   RpcSs - ok
18:29:35.0464 4748   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:29:35.0466 4748   rspndr - ok

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #11 on: April 20, 2012, 06:37:17 pm »
18:29:35.0504 4748   SamSs           (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:29:35.0505 4748   SamSs - ok
18:29:35.0521 4748   sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
18:29:35.0523 4748   sbp2port - ok
18:29:35.0546 4748   SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:29:35.0550 4748   SCardSvr - ok
18:29:35.0567 4748   scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
18:29:35.0579 4748   scfilter - ok
18:29:35.0659 4748   Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
18:29:35.0685 4748   Schedule - ok
18:29:35.0747 4748   SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
18:29:35.0748 4748   SCPolicySvc - ok
18:29:35.0812 4748   SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
18:29:35.0815 4748   SDRSVC - ok
18:29:35.0848 4748   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:29:35.0849 4748   secdrv - ok
18:29:35.0862 4748   seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
18:29:35.0870 4748   seclogon - ok
18:29:35.0880 4748   SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:29:35.0883 4748   SENS - ok
18:29:35.0913 4748   SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:29:35.0915 4748   SensrSvc - ok
18:29:35.0930 4748   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:29:35.0981 4748   Serenum - ok
18:29:35.0996 4748   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:29:35.0997 4748   Serial - ok
18:29:36.0009 4748   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:29:36.0010 4748   sermouse - ok
18:29:36.0054 4748   SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
18:29:36.0067 4748   SessionEnv - ok
18:29:36.0082 4748   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
18:29:36.0088 4748   sffdisk - ok
18:29:36.0105 4748   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:29:36.0106 4748   sffp_mmc - ok
18:29:36.0118 4748   sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:29:36.0140 4748   sffp_sd - ok
18:29:36.0158 4748   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:29:36.0165 4748   sfloppy - ok
18:29:36.0241 4748   SftService      (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:29:36.0266 4748   SftService - ok
18:29:36.0303 4748   SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:29:36.0307 4748   SharedAccess - ok
18:29:36.0336 4748   ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
18:29:36.0341 4748   ShellHWDetection - ok
18:29:36.0368 4748   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:29:36.0368 4748   SiSRaid2 - ok
18:29:36.0395 4748   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:29:36.0429 4748   SiSRaid4 - ok
18:29:36.0450 4748   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:29:36.0452 4748   Smb - ok
18:29:36.0474 4748   SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:29:36.0476 4748   SNMPTRAP - ok
18:29:36.0484 4748   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:29:36.0485 4748   spldr - ok
18:29:36.0526 4748   Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
18:29:36.0533 4748   Spooler - ok
18:29:36.0634 4748   sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
18:29:36.0696 4748   sppsvc - ok
18:29:36.0712 4748   sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:29:36.0714 4748   sppuinotify - ok
18:29:36.0776 4748   srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
18:29:36.0781 4748   srv - ok
18:29:36.0801 4748   srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
18:29:36.0805 4748   srv2 - ok
18:29:36.0822 4748   srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
18:29:36.0824 4748   srvnet - ok
18:29:36.0852 4748   SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:29:36.0855 4748   SSDPSRV - ok
18:29:36.0866 4748   SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:29:36.0878 4748   SstpSvc - ok
18:29:36.0904 4748   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:29:36.0904 4748   stexstor - ok
18:29:36.0927 4748   stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
18:29:36.0934 4748   stisvc - ok
18:29:36.0942 4748   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:29:36.0945 4748   swenum - ok
18:29:36.0975 4748   swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:29:36.0981 4748   swprv - ok
18:29:37.0022 4748   SysMain         (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
18:29:37.0056 4748   SysMain - ok
18:29:37.0071 4748   TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
18:29:37.0074 4748   TabletInputService - ok
18:29:37.0085 4748   TapiSrv         (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
18:29:37.0090 4748   TapiSrv - ok
18:29:37.0098 4748   TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:29:37.0100 4748   TBS - ok
18:29:37.0159 4748   Tcpip           (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
18:29:37.0169 4748   Tcpip - ok
18:29:37.0218 4748   TCPIP6          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
18:29:37.0227 4748   TCPIP6 - ok
18:29:37.0259 4748   tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
18:29:37.0260 4748   tcpipreg - ok
18:29:37.0276 4748   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:29:37.0277 4748   TDPIPE - ok
18:29:37.0308 4748   TDTCP           (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
18:29:37.0310 4748   TDTCP - ok
18:29:37.0342 4748   tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
18:29:37.0344 4748   tdx - ok
18:29:37.0359 4748   TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
18:29:37.0360 4748   TermDD - ok
18:29:37.0392 4748   TermService     (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
18:29:37.0401 4748   TermService - ok
18:29:37.0415 4748   Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:29:37.0418 4748   Themes - ok
18:29:37.0448 4748   THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:29:37.0449 4748   THREADORDER - ok
18:29:37.0468 4748   TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:29:37.0470 4748   TrkWks - ok
18:29:37.0497 4748   TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
18:29:37.0500 4748   TrustedInstaller - ok
18:29:37.0533 4748   tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:29:37.0535 4748   tssecsrv - ok
18:29:37.0557 4748   tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
18:29:37.0560 4748   tunnel - ok
18:29:37.0579 4748   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:29:37.0581 4748   uagp35 - ok
18:29:37.0617 4748   udfs            (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
18:29:37.0621 4748   udfs - ok
18:29:37.0648 4748   UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:29:37.0650 4748   UI0Detect - ok
18:29:37.0669 4748   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
18:29:37.0671 4748   uliagpkx - ok
18:29:37.0694 4748   umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
18:29:37.0695 4748   umbus - ok
18:29:37.0759 4748   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:29:37.0773 4748   UmPass - ok
18:29:37.0817 4748   upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:29:37.0821 4748   upnphost - ok
18:29:37.0844 4748   usbccgp         (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
18:29:37.0850 4748   usbccgp - ok
18:29:37.0864 4748   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
18:29:37.0866 4748   usbcir - ok
18:29:37.0882 4748   usbehci         (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
18:29:37.0884 4748   usbehci - ok
18:29:37.0914 4748   usbhub          (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
18:29:37.0923 4748   usbhub - ok
18:29:37.0951 4748   usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
18:29:37.0954 4748   usbohci - ok
18:29:38.0019 4748   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:29:38.0021 4748   usbprint - ok
18:29:38.0055 4748   usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:29:38.0057 4748   usbscan - ok
18:29:38.0071 4748   USBSTOR         (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:29:38.0073 4748   USBSTOR - ok
18:29:38.0087 4748   usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:29:38.0088 4748   usbuhci - ok
18:29:38.0117 4748   UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:29:38.0119 4748   UxSms - ok
18:29:38.0151 4748   VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:29:38.0152 4748   VaultSvc - ok
18:29:38.0175 4748   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
18:29:38.0176 4748   vdrvroot - ok
18:29:38.0198 4748   vds             (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
18:29:38.0202 4748   vds - ok
18:29:38.0228 4748   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:29:38.0231 4748   vga - ok
18:29:38.0244 4748   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:29:38.0245 4748   VgaSave - ok
18:29:38.0264 4748   vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
18:29:38.0266 4748   vhdmp - ok
18:29:38.0284 4748   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
18:29:38.0284 4748   viaide - ok
18:29:38.0305 4748   volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
18:29:38.0306 4748   volmgr - ok
18:29:38.0329 4748   volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
18:29:38.0331 4748   volmgrx - ok
18:29:38.0350 4748   volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
18:29:38.0352 4748   volsnap - ok
18:29:38.0372 4748   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:29:38.0417 4748   vsmraid - ok
18:29:38.0472 4748   VSS             (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
18:29:38.0506 4748   VSS - ok
18:29:38.0530 4748   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:29:38.0533 4748   vwifibus - ok
18:29:38.0561 4748   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:29:38.0564 4748   vwififlt - ok
18:29:38.0580 4748   vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:29:38.0582 4748   vwifimp - ok
18:29:38.0611 4748   W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:29:38.0616 4748   W32Time - ok
18:29:38.0633 4748   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:29:38.0634 4748   WacomPen - ok
18:29:38.0661 4748   WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:29:38.0677 4748   WANARP - ok
18:29:38.0690 4748   Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:29:38.0691 4748   Wanarpv6 - ok
18:29:38.0762 4748   WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:29:38.0787 4748   WatAdminSvc - ok
18:29:38.0818 4748   wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
18:29:38.0827 4748   wbengine - ok
18:29:38.0829 4748   WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:29:38.0839 4748   WbioSrvc - ok
18:29:38.0849 4748   wcncsvc         (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
18:29:38.0849 4748   wcncsvc - ok
18:29:38.0869 4748   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:29:38.0879 4748   WcsPlugInService - ok
18:29:38.0959 4748   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:29:38.0959 4748   Wd - ok
18:29:38.0989 4748   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:29:38.0999 4748   Wdf01000 - ok
18:29:39.0009 4748   WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:29:39.0019 4748   WdiServiceHost - ok
18:29:39.0019 4748   WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:29:39.0019 4748   WdiSystemHost - ok
18:29:39.0039 4748   WebClient       (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
18:29:39.0049 4748   WebClient - ok
18:29:39.0059 4748   Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:29:39.0069 4748   Wecsvc - ok
18:29:39.0079 4748   wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:29:39.0079 4748   wercplsupport - ok
18:29:39.0159 4748   WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:29:39.0169 4748   WerSvc - ok
18:29:39.0209 4748   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:29:39.0219 4748   WfpLwf - ok
18:29:39.0249 4748   WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
18:29:39.0259 4748   WimFltr - ok
18:29:39.0269 4748   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:29:39.0279 4748   WIMMount - ok
18:29:39.0279 4748   WinHttpAutoProxySvc - ok
18:29:39.0329 4748   Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:29:39.0329 4748   Winmgmt - ok
18:29:39.0379 4748   WinRM           (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
18:29:39.0409 4748   WinRM - ok
18:29:39.0439 4748   Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:29:39.0449 4748   Wlansvc - ok
18:29:39.0479 4748   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:29:39.0479 4748   WmiAcpi - ok
18:29:39.0519 4748   wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:29:39.0529 4748   wmiApSrv - ok
18:29:39.0539 4748   WMPNetworkSvc - ok
18:29:39.0559 4748   WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:29:39.0569 4748   WPCSvc - ok
18:29:39.0579 4748   WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
18:29:39.0579 4748   WPDBusEnum - ok
18:29:39.0609 4748   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:29:39.0609 4748   ws2ifsl - ok
18:29:39.0629 4748   WSearch - ok
18:29:39.0689 4748   wuauserv        (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
18:29:39.0729 4748   wuauserv - ok
18:29:39.0759 4748   WudfPf          (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
18:29:39.0759 4748   WudfPf - ok
18:29:39.0779 4748   WUDFRd          (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:29:39.0779 4748   WUDFRd - ok
18:29:39.0799 4748   wudfsvc         (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
18:29:39.0799 4748   wudfsvc - ok
18:29:39.0819 4748   WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:29:39.0829 4748   WwanSvc - ok
18:29:39.0849 4748   MBR (0x1B8)     (faf3db026c90f586e5993588661e2612) \Device\Harddisk0\DR0
18:29:39.0879 4748   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:29:39.0879 4748   \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:29:39.0889 4748   MBR (0x1B8)     (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
18:29:40.0369 4748   \Device\Harddisk1\DR1 - ok
18:29:40.0389 4748   Boot (0x1200)   (a2d398b8e819d879b28d775dc2eaf709) \Device\Harddisk0\DR0\Partition0
18:29:40.0409 4748   \Device\Harddisk0\DR0\Partition0 - ok
18:29:40.0419 4748   Boot (0x1200)   (53c82e5ccea6fa39d1c36fe861de83d5) \Device\Harddisk0\DR0\Partition1
18:29:40.0419 4748   \Device\Harddisk0\DR0\Partition1 - ok
18:29:40.0429 4748   Boot (0x1200)   (6837429598619294b8cf2bf7183bf058) \Device\Harddisk1\DR1\Partition0
18:29:40.0429 4748   \Device\Harddisk1\DR1\Partition0 - ok
18:29:40.0429 4748   ============================================================
18:29:40.0429 4748   Scan finished
18:29:40.0429 4748   ============================================================
18:29:40.0449 4684   Detected object count: 1
18:29:40.0449 4684   Actual detected object count: 1
18:29:54.0497 4684   \Device\Harddisk0\DR0\# - copied to quarantine
18:29:54.0497 4684   \Device\Harddisk0\DR0 - copied to quarantine
18:29:54.0559 4684   \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:29:54.0562 4684   \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
18:29:54.0567 4684   \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
18:29:54.0573 4684   \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
18:29:54.0650 4684   \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
18:29:54.0680 4684   \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
18:29:54.0682 4684   \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
18:29:54.0683 4684   \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
18:29:54.0684 4684   \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
18:29:54.0687 4684   \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
18:29:54.0689 4684   \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
18:29:54.0690 4684   \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
18:29:54.0713 4684   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
18:29:54.0713 4684   \Device\Harddisk0\DR0 - ok
18:29:55.0210 4684   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

Offline joshhemming

  • Bronze Member
  • Posts: 13
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #12 on: April 20, 2012, 06:50:53 pm »
I've ran the RogueKiller scan 5 times but it keeps stalling.

I can't find where it's being saved to so I've downloaded and ran it each time.  Not sure how to rename it.  Gotta go; will try again tomorrow afternoon. 

Thanks and goodnite.

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #13 on: April 23, 2012, 06:28:56 pm »
Back yet?
I should point out, your TDSSKiller log shows that it needs a reboot in order to cure. That could be why your system is hanging while you try running RogueKiller. Why not reboot first, then try running RogueKiller again. Thanks!
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Inactive] Josh's Files Suddenly Missing
« Reply #14 on: April 25, 2012, 02:39:24 am »
Still with us Josh? We have more work to do before we finish up. I'll let you know when the system is clean...as of yet, it's not.
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven