When attempting to boot on Win 7, I get the following error message:
STOP: c0000135 The program can't start because %hs is missing from your computer.
I saw another post where the user was asked to run Farbar Recovery Scan Tool and report the 2 logs.
So, here we go:
Thanks in advance for any help!
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by SYSTEM on MININT-0SG7F9D on 19-02-2014 14:55:25
Running from F:\
Windows 7 Professional (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-21] (IDT, Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [592240 2010-12-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-15] ()
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [DBRMTray] - C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [206336 2010-09-10] (Microsoft)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [StatusAlerts] - C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [attcm_AppStart.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe [219688 2012-12-18] ()
HKLM\...\RunOnce: [DBRMTray] - C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-09-10] (Microsoft)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Owner\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe [211496 2012-12-18] (AT&T)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Services (Whitelisted) =================
S2 AdminHelper.exe; C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe [56360 2012-12-18] ()
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
S2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [317296 2011-06-24] (Sierra Wireless, Inc.)
==================== Drivers (Whitelisted) ====================
S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
S0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [304720 2011-01-07] (AVG Technologies CZ, s.r.o.)
S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-12-02] (Research in Motion Ltd)
S2 SCWFPFilter; C:\Windows\System32\DRIVERS\WFPFilter.sys [25552 2012-01-10] ()
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-07-19] (Sierra Wireless Incorporated)
S3 swiwdmbus; C:\Windows\System32\DRIVERS\swiwdmbusx64.sys [102656 2010-06-21] (Sierra Wireless Inc.)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-07-19] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [297472 2011-07-19] (Sierra Wireless Inc.)
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [210944 2010-06-21] (Sierra Wireless Inc.)
S3 PCTINDIS5X64; \??\C:\windows\system32\PCTINDIS5X64.SYS [X]
========================== Drivers MD5 =======================
C:\Windows\system32\DRIVERS\1394ohci.sys 969C91060CBB5D17CB8440B5F78B4C51
C:\Windows\System32\DRIVERS\Accelern.sys E0065CBF1A25C015C218457D2CD522B9
C:\Windows\System32\DRIVERS\ACPI.sys 794FF35015209B9D44F1360C42C9776D
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Apfiltr.sys 7380B9072EBC65A54DA3074E14BF34B9
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys E6671E90D38C88764412E07C9D9B3D63
C:\Windows\System32\DRIVERS\AVGIDSEH.Sys 1553B388E0F0462C25AD8F30C3C29E83
C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys DCA426A66739E75F51A72160DFB945AD
C:\Windows\System32\DRIVERS\avgldx64.sys FF7383388A7D2283DAE5831ABC2B0720
C:\Windows\System32\DRIVERS\avgmfx64.sys 997D002827D3E3DCBBB25BF46DB161AB
C:\Windows\System32\DRIVERS\avgrkx64.sys BCCFE3374C887075CDE2AC8FDB1CB2F8
C:\Windows\System32\DRIVERS\avgtdia.sys 0D49ADCEBE243B79366EA523B647519A
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys D59773C7FDD3D795D6FE402EEEA8D71E
C:\Windows\System32\Drivers\BTHUSB.sys 8504842634DD144C075B6B0C982CCEC4
C:\Windows\System32\DRIVERS\btmaux.sys 16C1BAC9760C9FA85A30F3FA0FBB1B7A
C:\Windows\System32\DRIVERS\btmhsf.sys 0C468D8DA95BE16BFDD380BB9DE88259
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys 4A6173C2279B498CD8F57CAE504564CB
C:\Windows\System32\DRIVERS\CtClsFlt.sys FBE228ABEAB2BE13B9C3A3A112D4D8DC
C:\Windows\System32\DRIVERS\dc3d.sys 7F61FBE259C18666D8DDF862F13A5EB0
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iBtFltCoex.sys FC85972037815FA7B413E790B426ACB2
C:\Windows\System32\DRIVERS\igdkmd64.sys 78527E6A4D78B1153925914C55872BEB
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5
C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 1C6E73FC46B509EFF9D0086AA37132DF
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msahci.sys BCCF16D5FB1109162380E3E28DC9E4E5
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys A3151B3463EEA7E47F618F115D0D142E
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys 5D262402B0634C998F8CBCEAD7DD8676
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 158AD24745BD85BA9BE3C51C38F48C32
C:\Windows\System32\DRIVERS\nusb3xhc.sys D40A13B2C0891E218F9523B376955DB6
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys 9706B84DBABFC4B4CA46C5A82B14DFA3
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys C903D49655B4AAE46673F0AAA6BE0F58
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys BE29B0A3AC1E8BD02FFAB8CEE86BADFA
C:\Windows\System32\DRIVERS\Rt64win7.sys 2777226EE8BF50B059D7A7C90177E99C
C:\Windows\system32\DRIVERS\vms3cap.sys 88AF6E02AB19DF7FD07ECDF9C91E9AF6
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WFPFilter.sys 284A7B99AE28EA43742A09CD7C189627
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stdcfltn.sys 92E7F6666633D2DD91D527503DAA7BE0
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys 0EED97162CBC151F072E2D36A3FDBF62
C:\Windows\System32\DRIVERS\vmstorfl.sys FFD7A6F15B14234B5B0E5D49E7961895
C:\Windows\system32\DRIVERS\storvsc.sys 8FCCBEFC5C440B3C23454656E551B09A
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swg3kser00.sys 9F0A0C3EE91FD7CB709F7D0D97207F7E
C:\Windows\System32\DRIVERS\swiwdmbusx64.sys C89FFA6A0B7723F2FB72A734934A4425
C:\Windows\System32\DRIVERS\swiwdmbx64.sys C6A7E54A31803E6F95E23D1B5D967D57
C:\Windows\System32\DRIVERS\swnc8ua3.sys DC345FC7CE9BA3005153062407263BB2
C:\Windows\System32\DRIVERS\swumxa3.sys F6CEB2FF475265197D4407E87FF68701
C:\Windows\System32\drivers\tcpip.sys 624C5B3AA4C99B3184BB922D9ECE3FF0
C:\Windows\System32\DRIVERS\tcpip.sys 624C5B3AA4C99B3184BB922D9ECE3FF0
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys 31BA4A33AFAB6A69EA092B18017F737F
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 537A4E03D7103C12D42DFD8FFDB5BDC9
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys FBB21EBE49F6D560DB37AC25FBC68E66
C:\Windows\System32\DRIVERS\usbhub.sys 6B7A8A99C4A459E73C286A6763EA24CC
C:\Windows\system32\drivers\usbohci.sys 8C88AA7617B4CBC2E4BED61D26B33A27
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys 0B5B3B2DF3FD1709618ACFA50B8392B0
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vmbus.sys 1501699D7EDA984ABC4155A7DA5738D1
C:\Windows\system32\DRIVERS\VMBusHID.sys AE10C35761889E65A6F7176937C5592C
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys ABD9B4A7E2D0AE51A3B8DF1AF3152D61
C:\Windows\System32\DRIVERS\vpcnfltr.sys 8ACDA395841538CE9713A67FE8B2A3EB
C:\Windows\System32\DRIVERS\vpcusb.sys 31924E31BC315773E6D149B157DB46D5
C:\Windows\System32\drivers\vpcvmm.sys 510D250A08C09850F5C78CA2011B3B62
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\WDKMD.sys 94DC2BF6CBAAA95E369C3756D3115A76
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.sys 4D52C872018AF7E18D078978DCC3F6F2
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-19 14:54 - 2014-02-19 14:55 - 00000000 ____D () C:\FRST
==================== One Month Modified Files and Folders =======
2014-02-19 14:55 - 2014-02-19 14:54 - 00000000 ____D () C:\FRST
2014-01-28 20:40 - 2011-06-07 05:36 - 00000000 ____D () C:\users\Owner
2014-01-28 20:40 - 2011-03-30 10:25 - 00000000 ____D () C:\Windows\ShellNew
2014-01-28 20:40 - 2011-03-30 10:25 - 00000000 ____D () C:\Program Files\Windows Journal
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\tr-TR
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\th-TH
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\ro-RO
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\he-IL
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\ar-SA
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 __RSD () C:\Windows\Media
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\th-TH
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sppui
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Setup
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ro-RO
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\oobe
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\migwiz
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\manifeststore
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Dism
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\servicing
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-01-28 20:39 - 2013-10-25 08:07 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-01-28 20:39 - 2011-06-07 13:32 - 00000000 ____D () C:\Windows\System32\Drivers\AVG
2014-01-28 20:39 - 2011-06-07 12:40 - 00000000 ___RD () C:\Users\Owner\Virtual Machines
2014-01-28 20:39 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-01-28 20:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\TAPI
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\spp
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Speech
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\MUI
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\security
2014-01-28 20:38 - 2013-12-23 19:55 - 00000000 ____D () C:\f70840a08b0a61cd6cb49671b4c9924d
2014-01-28 20:38 - 2011-06-07 13:32 - 00000000 ____D () C:\ProgramData\AVG10
2014-01-28 20:38 - 2011-03-30 07:53 - 00000000 ____D () C:\Program Files (x86)\Windows Virtual PC
2014-01-28 20:38 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-01-28 20:38 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-28 20:37 - 2013-12-23 19:56 - 00000000 ____D () C:\Windows\System32\SPReview
2014-01-28 20:33 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-01-28 20:21 - 2011-07-28 12:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-28 17:55 - 2011-03-30 08:15 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-01-27 19:57 - 2013-12-23 19:48 - 00000000 ____D () C:\Windows\System32\MRT
2014-01-27 19:55 - 2011-06-08 13:40 - 00000000 ____D () C:\Users\Owner\AppData\Local\attcm
2014-01-27 18:09 - 2013-10-25 08:08 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\HpUpdate
2014-01-27 18:05 - 2011-06-07 05:37 - 00011390 _____ () C:\stp.log
2014-01-27 18:03 - 2011-03-30 08:03 - 00000000 ____D () C:\ProgramData\Sonic
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\ATT_Communication_Manager.exe
C:\Users\Owner\AppData\Local\Temp\IPx64_1033.exe
C:\Users\Owner\AppData\Local\Temp\MSN1751.exe
C:\Users\Owner\AppData\Local\Temp\Setup.exe
C:\Users\Owner\AppData\Local\Temp\USB_308.exe
C:\Users\Owner\AppData\Local\Temp\{F1465C09-D8AB-4173-B556-959E225A76F9}-GoogleUpdateSetup.exe
==================== Known DLLs (Whitelisted) ================
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION!
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-12-23 19:56:34
Restore point made on: 2014-01-27 18:07:46
Restore point made on: 2014-01-27 19:56:40
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {7d799df8-5b07-11e0-81e9-a84767c692c2}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[Y:]\Recovery\WindowsRE\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
path \windows\system32\boot\winload.exe
description Windows Recovery Environment
osdevice ramdisk=[Y:]\Recovery\WindowsRE\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \windows
resumeobject {7d799df8-5b07-11e0-81e9-a84767c692c2}
nx OptIn
detecthal Yes
Resume from Hibernate
---------------------
identifier {7d799df8-5b07-11e0-81e9-a84767c692c2}
device partition=C:
path \windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description Ramdisk Device Options
ramdisksdidevice partition=Y:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 2979.19 MB
Available physical RAM: 2319.24 MB
Total Pagefile: 2977.34 MB
Available Pagefile: 2306.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:167.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:7.45 GB) (Free:7.23 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Recovery) (Fixed) (Total:14.65 GB) (Free:5.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 40B229F1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
LastRegBack: 2012-09-07 12:11
==================== End Of Log ============================
Search.txt
Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by SYSTEM at 2014-02-19 14:58:08
Running from F:\
Boot Mode: Recovery
================== Search: "services.exe;winsrv.*" ===================
C:\Windows\winsxs\wow64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a412dbba527dc14e\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:08] - 0008192 ____A (Microsoft Corporation) 9848765E88322400BDC710A76ADEA841
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:55] - 0215040 ____A (Microsoft Corporation) C2B1F6196C7FE1EA1BF827312B095D06
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2011-08-09 10:33] - [2011-06-23 21:27] - 0214528 ____A (Microsoft Corporation) C13D05A015346DED3D722BE285814495
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2011-07-13 06:09] - [2011-06-02 23:01] - 0214528 ____A (Microsoft Corporation) 5AA1C7B5F471C4657BE38447BC397665
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2011-07-13 06:09] - [2011-05-13 23:11] - 0214528 ____A (Microsoft Corporation) 1A589228B6DC007120F877DBBD6CB79D
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21624_none_152368f0cc1a7ba7\winsrv.dll
[2011-06-08 05:20] - [2010-12-18 00:52] - 0214016 ____A (Microsoft Corporation) A199CC08A13EEB667412423F712FE817
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2013-12-29 08:13] - [2013-01-03 21:46] - 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:45] - 0215040 ____A (Microsoft Corporation) 9E479C2B605C25DA4971ABA36250FAEF
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll
[2011-08-09 10:33] - [2011-06-23 21:34] - 0214528 ____A (Microsoft Corporation) EB6A48CC998E1090E44E8E7F1009A640
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2011-07-13 06:09] - [2011-06-02 22:57] - 0214528 ____A (Microsoft Corporation) 9F761CE1C6C013120B2F0DB27D48C06F
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2011-07-13 06:09] - [2011-05-13 23:24] - 0214528 ____A (Microsoft Corporation) 3A8135A7DED2FA0DAD3BDE1B14865A8A
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17527_none_149ccd03b2fa27e2\winsrv.dll
[2011-06-08 05:20] - [2010-12-17 03:42] - 0214016 ____A (Microsoft Corporation) 15822E7206C7A0A893395CB07A63C7E1
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21386_none_12fe0cb0cf2311ed\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:43] - 0215040 ____A (Microsoft Corporation) B0F0F844BB3BA4C25837310FD0909BFD
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20995_none_12f25ea6cf2be9d0\winsrv.dll
[2011-08-09 10:33] - [2011-06-23 21:26] - 0214528 ____A (Microsoft Corporation) 6D408ABD60A995A2DAB4BAAE38BCA04F
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20978_none_130aff5ccf18fdf3\winsrv.dll
[2011-07-13 06:09] - [2011-06-02 22:59] - 0214528 ____A (Microsoft Corporation) 55917E3ABDDC20D0AAEAC49F5CE67462
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20864_none_1311cc3acf147f7f\winsrv.dll
[2011-06-08 05:20] - [2010-12-21 23:15] - 0214016 ____A (Microsoft Corporation) 571543B93AE0319185970848024C9E04
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17179_none_12823ec9b5faa510\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:49] - 0215040 ____A (Microsoft Corporation) C4C551E6AB333C0EB812A3A4672E89DB
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16850_none_128f0019b5f25b8f\winsrv.dll
[2011-08-09 10:33] - [2011-07-15 21:26] - 0214528 ____A (Microsoft Corporation) 0CB6EBF4B461A6043353C570BD72A1E1
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16823_none_12b270bbb5d753c1\winsrv.dll
[2011-07-13 06:09] - [2011-06-01 22:44] - 0214528 ____A (Microsoft Corporation) DE09FA38A6544829F012B9531C18454F
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16816_none_12c04185b5cc83d5\winsrv.dll
[2011-07-13 06:09] - [2011-05-13 23:41] - 0214528 ____A (Microsoft Corporation) 3739AA2F57FE492EA976E20C56CDF2F4
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16723_none_12b26ed5b5d7569a\winsrv.dll
[2011-06-08 05:20] - [2010-12-20 22:16] - 0214016 ____A (Microsoft Corporation) B200DECA2186858595A97FBE63E896CC
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C
C:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_99be31681e1cff53\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:25] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
C:\Windows\winsxs\amd64_microsoft-windows-winsrv-adm_31bf3856ad364e35_6.1.7600.16385_none_74fe9f3a6d505307\Winsrv.admx
[2009-06-10 12:42] - [2009-06-10 12:42] - 0001342 ____A () B28573159BDEA736F3BDFF16604A4AD3
C:\Windows\winsxs\amd64_microsoft-windows-winsrv-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c01e7ca36d3191ee\Winsrv.adml
[2009-07-13 21:35] - [2009-07-13 18:29] - 0001453 ____A () 76D4B8899387BCD0C081D4301E1B18DE
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\SysWOW64\en-US\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:08] - 0008192 ____A (Microsoft Corporation) 9848765E88322400BDC710A76ADEA841
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\winsrv.dll
[2011-08-09 10:33] - [2011-07-15 21:26] - 0214528 ____A (Microsoft Corporation) 0CB6EBF4B461A6043353C570BD72A1E1
C:\Windows\System32\en-US\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:25] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2012-10-12 11:12] - [2012-08-20 10:27] - 0215040 ____A (Microsoft Corporation) 111AFE35DD2D423EE8E176CA7B2BBDC7
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll
[2012-10-12 11:12] - [2012-08-20 10:48] - 0215040 ____A (Microsoft Corporation) F46BBAAC1C4980F4D0DD463F190A42D3
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21306_none_13548c10cee23265\winsrv.dll
[2012-10-12 11:12] - [2012-08-20 11:06] - 0215040 ____A (Microsoft Corporation) 0E83424D4CEC0665A3A916AD6B261E53
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17107_none_12cbeda9b5c3aecb\winsrv.dll
[2012-10-12 11:12] - [2012-08-18 07:42] - 0215040 ____A (Microsoft Corporation) 79CDA06F75AD5373DD447F57575C4400
C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011-06-23 06:18] - [2010-11-20 05:27] - 0214016 ____A (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22209_none_153debdacc05e77d\winsrv.dll
[2013-10-25 10:10] - [2013-01-03 21:43] - 0215040 ____A (Microsoft Corporation) 5F38CFC96BCA5DD462E2B243B6E31849
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2013-10-25 10:10] - [2013-01-03 21:46] - 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21416_none_1349be0aceea4b7d\winsrv.dll
[2013-10-25 10:10] - [2013-01-04 06:18] - 0215040 ____A (Microsoft Corporation) 7BAEFACB8C5048465B7E3D354554DA70
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17206_none_12caef45b5c4929b\winsrv.dll
[2013-10-25 10:10] - [2013-01-03 21:36] - 0215040 ____A (Microsoft Corporation) 3FB74FF230B5D240A57AE1C4A3D0459D
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:43] - 0215040 ____A (Microsoft Corporation) CC44EBC3E04E76AABE19EB4A16663E4A
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:45] - 0215040 ____A (Microsoft Corporation) 72CC564BBC70DE268784BCE91EB8A28F
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21335_none_13331c02cefb6ce1\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:35] - 0215040 ____A (Microsoft Corporation) 7C17C4AACC79E619E6A4131F51588ED3
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17135_none_12a97d51b5ddcff0\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:38] - 0215040 ____A (Microsoft Corporation) 4343295C52C8B1ADD906F1A37B940AA1
C:\Windows\PolicyDefinitions\Winsrv.admx
[2009-06-10 12:42] - [2009-06-10 12:42] - 0001342 ____A () B28573159BDEA736F3BDFF16604A4AD3
C:\Windows\PolicyDefinitions\en-US\Winsrv.adml
[2009-07-13 21:35] - [2009-07-13 18:29] - 0001453 ____A () 76D4B8899387BCD0C081D4301E1B18DE
X:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C
X:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_99be31681e1cff53\winsrv.dll.mui
[2009-07-13 19:03] - [2009-07-13 19:03] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
X:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
X:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
X:\Windows\System32\winsrv.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C
X:\Windows\System32\en-US\winsrv.dll.mui
[2009-07-13 19:03] - [2009-07-13 19:03] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
====== End Of Search ======
STOP: c0000135 The program can't start because %hs is missing from your computer.
I saw another post where the user was asked to run Farbar Recovery Scan Tool and report the 2 logs.
So, here we go:
Thanks in advance for any help!
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by SYSTEM on MININT-0SG7F9D on 19-02-2014 14:55:25
Running from F:\
Windows 7 Professional (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-21] (IDT, Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [592240 2010-12-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-15] ()
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [DBRMTray] - C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [206336 2010-09-10] (Microsoft)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [StatusAlerts] - C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [attcm_AppStart.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe [219688 2012-12-18] ()
HKLM\...\RunOnce: [DBRMTray] - C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-09-10] (Microsoft)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Owner\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe [211496 2012-12-18] (AT&T)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Services (Whitelisted) =================
S2 AdminHelper.exe; C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe [56360 2012-12-18] ()
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
S2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [317296 2011-06-24] (Sierra Wireless, Inc.)
==================== Drivers (Whitelisted) ====================
S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
S0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [304720 2011-01-07] (AVG Technologies CZ, s.r.o.)
S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-12-02] (Research in Motion Ltd)
S2 SCWFPFilter; C:\Windows\System32\DRIVERS\WFPFilter.sys [25552 2012-01-10] ()
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-07-19] (Sierra Wireless Incorporated)
S3 swiwdmbus; C:\Windows\System32\DRIVERS\swiwdmbusx64.sys [102656 2010-06-21] (Sierra Wireless Inc.)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-07-19] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [297472 2011-07-19] (Sierra Wireless Inc.)
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [210944 2010-06-21] (Sierra Wireless Inc.)
S3 PCTINDIS5X64; \??\C:\windows\system32\PCTINDIS5X64.SYS [X]
========================== Drivers MD5 =======================
C:\Windows\system32\DRIVERS\1394ohci.sys 969C91060CBB5D17CB8440B5F78B4C51
C:\Windows\System32\DRIVERS\Accelern.sys E0065CBF1A25C015C218457D2CD522B9
C:\Windows\System32\DRIVERS\ACPI.sys 794FF35015209B9D44F1360C42C9776D
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Apfiltr.sys 7380B9072EBC65A54DA3074E14BF34B9
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys E6671E90D38C88764412E07C9D9B3D63
C:\Windows\System32\DRIVERS\AVGIDSEH.Sys 1553B388E0F0462C25AD8F30C3C29E83
C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys DCA426A66739E75F51A72160DFB945AD
C:\Windows\System32\DRIVERS\avgldx64.sys FF7383388A7D2283DAE5831ABC2B0720
C:\Windows\System32\DRIVERS\avgmfx64.sys 997D002827D3E3DCBBB25BF46DB161AB
C:\Windows\System32\DRIVERS\avgrkx64.sys BCCFE3374C887075CDE2AC8FDB1CB2F8
C:\Windows\System32\DRIVERS\avgtdia.sys 0D49ADCEBE243B79366EA523B647519A
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys D59773C7FDD3D795D6FE402EEEA8D71E
C:\Windows\System32\Drivers\BTHUSB.sys 8504842634DD144C075B6B0C982CCEC4
C:\Windows\System32\DRIVERS\btmaux.sys 16C1BAC9760C9FA85A30F3FA0FBB1B7A
C:\Windows\System32\DRIVERS\btmhsf.sys 0C468D8DA95BE16BFDD380BB9DE88259
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys 4A6173C2279B498CD8F57CAE504564CB
C:\Windows\System32\DRIVERS\CtClsFlt.sys FBE228ABEAB2BE13B9C3A3A112D4D8DC
C:\Windows\System32\DRIVERS\dc3d.sys 7F61FBE259C18666D8DDF862F13A5EB0
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iBtFltCoex.sys FC85972037815FA7B413E790B426ACB2
C:\Windows\System32\DRIVERS\igdkmd64.sys 78527E6A4D78B1153925914C55872BEB
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5
C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 1C6E73FC46B509EFF9D0086AA37132DF
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msahci.sys BCCF16D5FB1109162380E3E28DC9E4E5
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys A3151B3463EEA7E47F618F115D0D142E
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys 5D262402B0634C998F8CBCEAD7DD8676
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 158AD24745BD85BA9BE3C51C38F48C32
C:\Windows\System32\DRIVERS\nusb3xhc.sys D40A13B2C0891E218F9523B376955DB6
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys 9706B84DBABFC4B4CA46C5A82B14DFA3
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys C903D49655B4AAE46673F0AAA6BE0F58
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys BE29B0A3AC1E8BD02FFAB8CEE86BADFA
C:\Windows\System32\DRIVERS\Rt64win7.sys 2777226EE8BF50B059D7A7C90177E99C
C:\Windows\system32\DRIVERS\vms3cap.sys 88AF6E02AB19DF7FD07ECDF9C91E9AF6
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WFPFilter.sys 284A7B99AE28EA43742A09CD7C189627
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stdcfltn.sys 92E7F6666633D2DD91D527503DAA7BE0
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys 0EED97162CBC151F072E2D36A3FDBF62
C:\Windows\System32\DRIVERS\vmstorfl.sys FFD7A6F15B14234B5B0E5D49E7961895
C:\Windows\system32\DRIVERS\storvsc.sys 8FCCBEFC5C440B3C23454656E551B09A
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swg3kser00.sys 9F0A0C3EE91FD7CB709F7D0D97207F7E
C:\Windows\System32\DRIVERS\swiwdmbusx64.sys C89FFA6A0B7723F2FB72A734934A4425
C:\Windows\System32\DRIVERS\swiwdmbx64.sys C6A7E54A31803E6F95E23D1B5D967D57
C:\Windows\System32\DRIVERS\swnc8ua3.sys DC345FC7CE9BA3005153062407263BB2
C:\Windows\System32\DRIVERS\swumxa3.sys F6CEB2FF475265197D4407E87FF68701
C:\Windows\System32\drivers\tcpip.sys 624C5B3AA4C99B3184BB922D9ECE3FF0
C:\Windows\System32\DRIVERS\tcpip.sys 624C5B3AA4C99B3184BB922D9ECE3FF0
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys 31BA4A33AFAB6A69EA092B18017F737F
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 537A4E03D7103C12D42DFD8FFDB5BDC9
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys FBB21EBE49F6D560DB37AC25FBC68E66
C:\Windows\System32\DRIVERS\usbhub.sys 6B7A8A99C4A459E73C286A6763EA24CC
C:\Windows\system32\drivers\usbohci.sys 8C88AA7617B4CBC2E4BED61D26B33A27
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys 0B5B3B2DF3FD1709618ACFA50B8392B0
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vmbus.sys 1501699D7EDA984ABC4155A7DA5738D1
C:\Windows\system32\DRIVERS\VMBusHID.sys AE10C35761889E65A6F7176937C5592C
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys ABD9B4A7E2D0AE51A3B8DF1AF3152D61
C:\Windows\System32\DRIVERS\vpcnfltr.sys 8ACDA395841538CE9713A67FE8B2A3EB
C:\Windows\System32\DRIVERS\vpcusb.sys 31924E31BC315773E6D149B157DB46D5
C:\Windows\System32\drivers\vpcvmm.sys 510D250A08C09850F5C78CA2011B3B62
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\WDKMD.sys 94DC2BF6CBAAA95E369C3756D3115A76
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.sys 4D52C872018AF7E18D078978DCC3F6F2
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-19 14:54 - 2014-02-19 14:55 - 00000000 ____D () C:\FRST
==================== One Month Modified Files and Folders =======
2014-02-19 14:55 - 2014-02-19 14:54 - 00000000 ____D () C:\FRST
2014-01-28 20:40 - 2011-06-07 05:36 - 00000000 ____D () C:\users\Owner
2014-01-28 20:40 - 2011-03-30 10:25 - 00000000 ____D () C:\Windows\ShellNew
2014-01-28 20:40 - 2011-03-30 10:25 - 00000000 ____D () C:\Program Files\Windows Journal
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\tr-TR
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\th-TH
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\ro-RO
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\he-IL
2014-01-28 20:40 - 2011-03-30 07:53 - 00000000 ____D () C:\Windows\System32\Drivers\ar-SA
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-01-28 20:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 __RSD () C:\Windows\Media
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\th-TH
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sppui
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Setup
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ro-RO
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\oobe
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\migwiz
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\manifeststore
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Dism
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\servicing
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-01-28 20:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-01-28 20:39 - 2013-10-25 08:07 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-01-28 20:39 - 2011-06-07 13:32 - 00000000 ____D () C:\Windows\System32\Drivers\AVG
2014-01-28 20:39 - 2011-06-07 12:40 - 00000000 ___RD () C:\Users\Owner\Virtual Machines
2014-01-28 20:39 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-01-28 20:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\TAPI
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\spp
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Speech
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\MUI
2014-01-28 20:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\security
2014-01-28 20:38 - 2013-12-23 19:55 - 00000000 ____D () C:\f70840a08b0a61cd6cb49671b4c9924d
2014-01-28 20:38 - 2011-06-07 13:32 - 00000000 ____D () C:\ProgramData\AVG10
2014-01-28 20:38 - 2011-03-30 07:53 - 00000000 ____D () C:\Program Files (x86)\Windows Virtual PC
2014-01-28 20:38 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-01-28 20:38 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-28 20:37 - 2013-12-23 19:56 - 00000000 ____D () C:\Windows\System32\SPReview
2014-01-28 20:33 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-01-28 20:21 - 2011-07-28 12:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-28 17:55 - 2011-03-30 08:15 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-01-27 19:57 - 2013-12-23 19:48 - 00000000 ____D () C:\Windows\System32\MRT
2014-01-27 19:55 - 2011-06-08 13:40 - 00000000 ____D () C:\Users\Owner\AppData\Local\attcm
2014-01-27 18:09 - 2013-10-25 08:08 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\HpUpdate
2014-01-27 18:05 - 2011-06-07 05:37 - 00011390 _____ () C:\stp.log
2014-01-27 18:03 - 2011-03-30 08:03 - 00000000 ____D () C:\ProgramData\Sonic
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\ATT_Communication_Manager.exe
C:\Users\Owner\AppData\Local\Temp\IPx64_1033.exe
C:\Users\Owner\AppData\Local\Temp\MSN1751.exe
C:\Users\Owner\AppData\Local\Temp\Setup.exe
C:\Users\Owner\AppData\Local\Temp\USB_308.exe
C:\Users\Owner\AppData\Local\Temp\{F1465C09-D8AB-4173-B556-959E225A76F9}-GoogleUpdateSetup.exe
==================== Known DLLs (Whitelisted) ================
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION!
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-12-23 19:56:34
Restore point made on: 2014-01-27 18:07:46
Restore point made on: 2014-01-27 19:56:40
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {7d799df8-5b07-11e0-81e9-a84767c692c2}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[Y:]\Recovery\WindowsRE\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
path \windows\system32\boot\winload.exe
description Windows Recovery Environment
osdevice ramdisk=[Y:]\Recovery\WindowsRE\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \windows
resumeobject {7d799df8-5b07-11e0-81e9-a84767c692c2}
nx OptIn
detecthal Yes
Resume from Hibernate
---------------------
identifier {7d799df8-5b07-11e0-81e9-a84767c692c2}
device partition=C:
path \windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description Ramdisk Device Options
ramdisksdidevice partition=Y:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 2979.19 MB
Available physical RAM: 2319.24 MB
Total Pagefile: 2977.34 MB
Available Pagefile: 2306.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:167.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:7.45 GB) (Free:7.23 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Recovery) (Fixed) (Total:14.65 GB) (Free:5.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 40B229F1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
LastRegBack: 2012-09-07 12:11
==================== End Of Log ============================
Search.txt
Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by SYSTEM at 2014-02-19 14:58:08
Running from F:\
Boot Mode: Recovery
================== Search: "services.exe;winsrv.*" ===================
C:\Windows\winsxs\wow64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a412dbba527dc14e\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:08] - 0008192 ____A (Microsoft Corporation) 9848765E88322400BDC710A76ADEA841
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:55] - 0215040 ____A (Microsoft Corporation) C2B1F6196C7FE1EA1BF827312B095D06
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2011-08-09 10:33] - [2011-06-23 21:27] - 0214528 ____A (Microsoft Corporation) C13D05A015346DED3D722BE285814495
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2011-07-13 06:09] - [2011-06-02 23:01] - 0214528 ____A (Microsoft Corporation) 5AA1C7B5F471C4657BE38447BC397665
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2011-07-13 06:09] - [2011-05-13 23:11] - 0214528 ____A (Microsoft Corporation) 1A589228B6DC007120F877DBBD6CB79D
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21624_none_152368f0cc1a7ba7\winsrv.dll
[2011-06-08 05:20] - [2010-12-18 00:52] - 0214016 ____A (Microsoft Corporation) A199CC08A13EEB667412423F712FE817
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2013-12-29 08:13] - [2013-01-03 21:46] - 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:45] - 0215040 ____A (Microsoft Corporation) 9E479C2B605C25DA4971ABA36250FAEF
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll
[2011-08-09 10:33] - [2011-06-23 21:34] - 0214528 ____A (Microsoft Corporation) EB6A48CC998E1090E44E8E7F1009A640
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2011-07-13 06:09] - [2011-06-02 22:57] - 0214528 ____A (Microsoft Corporation) 9F761CE1C6C013120B2F0DB27D48C06F
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2011-07-13 06:09] - [2011-05-13 23:24] - 0214528 ____A (Microsoft Corporation) 3A8135A7DED2FA0DAD3BDE1B14865A8A
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17527_none_149ccd03b2fa27e2\winsrv.dll
[2011-06-08 05:20] - [2010-12-17 03:42] - 0214016 ____A (Microsoft Corporation) 15822E7206C7A0A893395CB07A63C7E1
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21386_none_12fe0cb0cf2311ed\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:43] - 0215040 ____A (Microsoft Corporation) B0F0F844BB3BA4C25837310FD0909BFD
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20995_none_12f25ea6cf2be9d0\winsrv.dll
[2011-08-09 10:33] - [2011-06-23 21:26] - 0214528 ____A (Microsoft Corporation) 6D408ABD60A995A2DAB4BAAE38BCA04F
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20978_none_130aff5ccf18fdf3\winsrv.dll
[2011-07-13 06:09] - [2011-06-02 22:59] - 0214528 ____A (Microsoft Corporation) 55917E3ABDDC20D0AAEAC49F5CE67462
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20864_none_1311cc3acf147f7f\winsrv.dll
[2011-06-08 05:20] - [2010-12-21 23:15] - 0214016 ____A (Microsoft Corporation) 571543B93AE0319185970848024C9E04
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17179_none_12823ec9b5faa510\winsrv.dll
[2013-10-25 10:07] - [2012-11-29 21:49] - 0215040 ____A (Microsoft Corporation) C4C551E6AB333C0EB812A3A4672E89DB
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16850_none_128f0019b5f25b8f\winsrv.dll
[2011-08-09 10:33] - [2011-07-15 21:26] - 0214528 ____A (Microsoft Corporation) 0CB6EBF4B461A6043353C570BD72A1E1
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16823_none_12b270bbb5d753c1\winsrv.dll
[2011-07-13 06:09] - [2011-06-01 22:44] - 0214528 ____A (Microsoft Corporation) DE09FA38A6544829F012B9531C18454F
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16816_none_12c04185b5cc83d5\winsrv.dll
[2011-07-13 06:09] - [2011-05-13 23:41] - 0214528 ____A (Microsoft Corporation) 3739AA2F57FE492EA976E20C56CDF2F4
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16723_none_12b26ed5b5d7569a\winsrv.dll
[2011-06-08 05:20] - [2010-12-20 22:16] - 0214016 ____A (Microsoft Corporation) B200DECA2186858595A97FBE63E896CC
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C
C:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_99be31681e1cff53\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:25] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
C:\Windows\winsxs\amd64_microsoft-windows-winsrv-adm_31bf3856ad364e35_6.1.7600.16385_none_74fe9f3a6d505307\Winsrv.admx
[2009-06-10 12:42] - [2009-06-10 12:42] - 0001342 ____A () B28573159BDEA736F3BDFF16604A4AD3
C:\Windows\winsxs\amd64_microsoft-windows-winsrv-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c01e7ca36d3191ee\Winsrv.adml
[2009-07-13 21:35] - [2009-07-13 18:29] - 0001453 ____A () 76D4B8899387BCD0C081D4301E1B18DE
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\SysWOW64\en-US\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:08] - 0008192 ____A (Microsoft Corporation) 9848765E88322400BDC710A76ADEA841
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\winsrv.dll
[2011-08-09 10:33] - [2011-07-15 21:26] - 0214528 ____A (Microsoft Corporation) 0CB6EBF4B461A6043353C570BD72A1E1
C:\Windows\System32\en-US\winsrv.dll.mui
[2009-07-13 21:35] - [2009-07-13 18:25] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2012-10-12 11:12] - [2012-08-20 10:27] - 0215040 ____A (Microsoft Corporation) 111AFE35DD2D423EE8E176CA7B2BBDC7
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll
[2012-10-12 11:12] - [2012-08-20 10:48] - 0215040 ____A (Microsoft Corporation) F46BBAAC1C4980F4D0DD463F190A42D3
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21306_none_13548c10cee23265\winsrv.dll
[2012-10-12 11:12] - [2012-08-20 11:06] - 0215040 ____A (Microsoft Corporation) 0E83424D4CEC0665A3A916AD6B261E53
C:\Windows\SoftwareDistribution\Download\5987158468633db5c5f8c7c2b051a403\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17107_none_12cbeda9b5c3aecb\winsrv.dll
[2012-10-12 11:12] - [2012-08-18 07:42] - 0215040 ____A (Microsoft Corporation) 79CDA06F75AD5373DD447F57575C4400
C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011-06-23 06:18] - [2010-11-20 05:27] - 0214016 ____A (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22209_none_153debdacc05e77d\winsrv.dll
[2013-10-25 10:10] - [2013-01-03 21:43] - 0215040 ____A (Microsoft Corporation) 5F38CFC96BCA5DD462E2B243B6E31849
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2013-10-25 10:10] - [2013-01-03 21:46] - 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21416_none_1349be0aceea4b7d\winsrv.dll
[2013-10-25 10:10] - [2013-01-04 06:18] - 0215040 ____A (Microsoft Corporation) 7BAEFACB8C5048465B7E3D354554DA70
C:\Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17206_none_12caef45b5c4929b\winsrv.dll
[2013-10-25 10:10] - [2013-01-03 21:36] - 0215040 ____A (Microsoft Corporation) 3FB74FF230B5D240A57AE1C4A3D0459D
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:43] - 0215040 ____A (Microsoft Corporation) CC44EBC3E04E76AABE19EB4A16663E4A
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:45] - 0215040 ____A (Microsoft Corporation) 72CC564BBC70DE268784BCE91EB8A28F
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21335_none_13331c02cefb6ce1\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:35] - 0215040 ____A (Microsoft Corporation) 7C17C4AACC79E619E6A4131F51588ED3
C:\Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\a md64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17135_none_12a97d51b5ddcff0\winsrv.dll
[2013-10-25 10:11] - [2012-10-04 09:38] - 0215040 ____A (Microsoft Corporation) 4343295C52C8B1ADD906F1A37B940AA1
C:\Windows\PolicyDefinitions\Winsrv.admx
[2009-06-10 12:42] - [2009-06-10 12:42] - 0001342 ____A () B28573159BDEA736F3BDFF16604A4AD3
C:\Windows\PolicyDefinitions\en-US\Winsrv.adml
[2009-07-13 21:35] - [2009-07-13 18:29] - 0001453 ____A () 76D4B8899387BCD0C081D4301E1B18DE
X:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C
X:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_99be31681e1cff53\winsrv.dll.mui
[2009-07-13 19:03] - [2009-07-13 19:03] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
X:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
X:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
X:\Windows\System32\winsrv.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C
X:\Windows\System32\en-US\winsrv.dll.mui
[2009-07-13 19:03] - [2009-07-13 19:03] - 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA
====== End Of Search ======