Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Won't Boot After ComboFix


  • This topic is locked This topic is locked
36 replies to this topic

#1 msgail

msgail

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 07 October 2011 - 01:28 PM

I have a two year old Toshiba, on Windows 7 OS (original). I had been having problems with it for about two weeks, with pop up and constant redirects in IE and Firefox. I ran Malwarebytes and it didn't find anything the first few times, and then it foudn 14 things and deleted. My issues continued. The the computer started to free a few minutes after startup. *** Also, for some reason I have never been able to boot my laptop into Safemode normally, I always have to use the boot option is msconfig.

So this is what happened:

  • Logged into Safe Mode through msconfig
  • Followed the instractions here http://discussions.virtualdr.com/showthread.php?t=244495 for Rkill, exeHelper, and ComboFix
  • ComboFix started to run, it ran for about two minutes, and shut off. It produced no log.
  • When I restarted I got this screen Posted Image
  • When I choose the first option, it says that it can't fix the problem. And when I try System Restore with the Recovery disc it fails every time.
  • When I choose to start windows normally, I get this screen, and then it quickly flashes a blue screen with words on it, then it acts as if it loading Safe Mode, powers off and on, and the cycle continues. Posted Image


Can anyone help me?

BC AdBot (Login to Remove)

 


#2 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 07 October 2011 - 05:13 PM

Anyone?

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:23 PM

Posted 08 October 2011 - 08:23 AM

Hi msgail,

Welcome to Bleeping Computer. I will be assisting you.

Not a good idea to run ComboFix without supervision.:)

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#4 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 08 October 2011 - 09:55 AM

Thank you very much for your help, Farbar. I would like to take the malware training class, but rest assured I will not be using ComboFix without supervision, until I actually know what I am doing. :thumbup2:

Okay, it is a 32-bit. I put the usb in , and started. I have to press F12 to choose to boot from CD/DVD, which I did. Got the usual "Windows files loading screen". I was asked if I wanted the "Toshiba Recovery Wizard" or "System Recovery". I chose the latter. I was then asked for and choose my language and my OS. But, I then was not asked to choose a user account, and I was not given the option you presented. The "Startup Repair" started immediately, I then clicked cancel, and confirmed. I was them given the options above, and chose Command Prompt. All else went as stated, and here is the log:
Thank you very much for your help, Farbar. I would like to take the malware training class, but rest assured I will not be using ComboFix without supervision, until I actually know what I am doing. :thumbup2:

Okay, it is a 32-bit. I put the usb in , and started. I have to press F12 to choose to boot from CD/DVD, which I did. Got the usual "Windows files loading screen". I was asked if I wanted the "Toshiba Recovery Wizard" or "System Recovery". I chose the latter. I was then asked for and choose my language and my OS. But, I then was not asked to choose a user account, and I was not given the option you presented. The "Startup Repair" started immediately, I then clicked cancel, and confirmed. I was them given the options above, and chose Command Prompt. All else went as stated, and here is the log:

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.3
Ran by SYSTEM at 2011-10-08 09:52:41
Running from F:\
Windows 7 Home Premium (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe [195080 2008-09-25] (LSI Corp.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [352256 2009-07-09] (TOSHIBA CORPORATION)
HKLM\...\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP [425984 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [476512 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [460088 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [611672 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2446648 2009-08-11] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1324384 2009-08-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED [529256 2009-07-16] (Toshiba)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript [1047656 2011-07-06] (Malwarebytes Corporation)
HKLM\...\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [273544 2011-05-09] (RealNetworks, Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [449584 2011-07-06] (Malwarebytes Corporation)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2011-08-18] (Apple Inc.)
HKU\DesJon\...\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO [264048 2009-08-06] (TOSHIBA)
HKU\DesJon\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-08-27] (Google Inc.)
HKU\DesJon\...\Run: [MSOLAP90ErrorLookup] regsvr32 /s /u "C:\Users\DesJon\AppData\Local\MSOLAP90ErrorLookup\MSOLAP90ErrorLookup.dll" [106496 2011-06-21] ()
HKU\DesJon\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [8704 2009-07-13] (Microsoft Corporation)
HKU\DesJon\...\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun [1706496 2009-04-29] (NetZero, Inc.)
HKU\DesJon\...\Winlogon: [Shell] explorer.exe [x]
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [262656 2009-07-13] (Microsoft Corporation)
HKLM\...\runonceex: [Flags] 128 [x]
HKLM\...\runonceex: [Title] UnHackMe Rootkit Check [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

================================ Services (Whitelisted) ==================

2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
2 AMD External Events Utility; C:\Windows\System32\atiesrxx.exe [176128 2009-07-29] (AMD)
2 cfWiMAXService; "C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe" [185712 2009-08-10] (TOSHIBA CORPORATION)
2 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [46448 2009-03-10] (TOSHIBA CORPORATION)
3 GameConsoleService; "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [250616 2009-05-22] (WildTangent, Inc.)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [366640 2011-07-06] (Malwarebytes Corporation)
2 NitroDriverReadSpool; "C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe" [188736 2009-12-16] (Nitro PDF Software)
2 nlsX86cc; C:\windows\system32\NLSSRV32.EXE [65856 2009-12-16] (Nalpeiron Ltd.)
2 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll" /prefetch:1 [135024 2011-04-15] (Symantec Corporation)
2 RSELSVC; C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe /Service [62832 2009-07-07] (TOSHIBA Corporation)
3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)
2 TODDSrv; C:\Windows\system32\TODDSrv.exe [128344 2009-07-28] (TOSHIBA Corporation)
2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [464224 2009-08-05] (TOSHIBA Corporation)
2 TOSHIBA eco Utility Service; "C:\Program Files\TOSHIBA\TECO\TecoService.exe" [185712 2009-08-11] (TOSHIBA Corporation)
3 TOSHIBA HDD SSD Alert Service; "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" [111960 2009-08-03] (TOSHIBA Corporation)
3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [685424 2009-08-06] (TOSHIBA Corporation)

========================== Drivers (Whitelisted) =============

3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1161760 2009-07-21] (LSI Corporation)
3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4994560 2009-07-30] (ATI Technologies Inc.)
0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [14392 2009-05-04] (Advanced Micro Devices Inc.)
1 BHDrvx86; C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [259632 2010-01-20] (Symantec Corporation)
1 ccHP; C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [482432 2011-04-15] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [374392 2011-05-09] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [105592 2011-05-09] (Symantec Corporation)
1 IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110513.001\IDSvix86.sys [353912 2011-03-29] (Symantec Corporation)
0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [22712 2011-07-06] (Malwarebytes Corporation)
0 Partizan; C:\Windows\System32\drivers\Partizan.sys [35816 2011-05-19] (Greatis Software)
3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
3 RegGuard; \??\C:\windows\system32\Drivers\regguard.sys [24416 2011-08-15] (Greatis Software)
3 rtl8192se; C:\Windows\System32\DRIVERS\rtl8192se.sys [859136 2009-08-27] (Realtek Semiconductor Corporation )
3 SRTSP; C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS [308272 2009-08-27] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\drivers\NIS\1008000.029\SRTSPX.SYS [43696 2009-08-27] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NIS\1008000.029\SYMEFA.SYS [310320 2009-08-27] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT.SYS [124976 2011-04-14] (Symantec Corporation)
3 SYMFW; C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS [89904 2009-08-27] (Symantec Corporation)
1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25648 2009-08-27] (Symantec Corporation)
3 SYMNDISV; C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [48688 2009-08-27] (Symantec Corporation)
1 SYMTDI; C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS [217136 2009-08-27] (Symantec Corporation)
3 tdcmdpst; C:\Windows\System32\DRIVERS\tdcmdpst.sys [22912 2009-07-30] (TOSHIBA Corporation.)
0 tos_sps32; C:\Windows\System32\DRIVERS\tos_sps32.sys [275536 2009-07-24] (TOSHIBA Corporation)
0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [23512 2009-07-14] (TOSHIBA Corporation)
2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [245328 2009-07-13] ()
3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [17920 2009-07-13] (Microsoft Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110514.002\NAVENG.SYS [x]
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110514.002\NAVEX15.SYS [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-10-03 14:47 - 2011-10-04 07:50 - 0000000 ___SD C:\ComboFix
2011-10-03 14:47 - 2011-10-04 07:50 - 0000000 ___SD C:\32788R22FWJFW
2011-10-03 14:41 - 2011-10-04 07:50 - 0000000 ____D C:\Program Files\Minibar
2011-10-03 14:41 - 2011-10-03 14:41 - 0000000 ____D C:\Users\All Users\Babylon
2011-10-03 14:41 - 2011-10-03 14:41 - 0000000 ____D C:\ProgramData\Babylon
2011-10-03 11:20 - 2011-10-03 11:20 - 0002618 ____A C:\Users\DesJon\Desktop\locator_backup.gif
2011-10-03 09:42 - 2011-10-03 09:42 - 0000000 ___HD C:\kleaner.tmp
2011-10-03 08:47 - 2011-10-03 08:47 - 0000000 ____D C:\Open Cloud AV
2011-10-03 08:34 - 2011-10-03 10:21 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-10-03 08:34 - 2011-10-03 10:21 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-10-03 08:34 - 2011-10-03 08:34 - 0000000 ____D C:\Program Files\Kaspersky Lab
2011-10-03 06:26 - 2011-10-03 06:32 - 0082312 ____A C:\TDSSKiller.2.6.2.0_03.10.2011_09.26.48_log.txt
2011-10-03 06:19 - 2011-10-03 06:21 - 0082088 ____A C:\TDSSKiller.2.6.2.0_03.10.2011_09.19.38_log.txt
2011-10-01 12:35 - 2011-10-01 12:35 - 0000000 ____D C:\TDSSKiller_Quarantine
2011-10-01 12:31 - 2011-10-01 13:09 - 0082434 ____A C:\TDSSKiller.2.6.2.0_01.10.2011_15.31.44_log.txt
2011-10-01 11:00 - 2011-10-01 11:00 - 0003240 ____N C:\bootsqm.dat
2011-10-01 10:05 - 2011-10-01 10:04 - 0317625 ____A C:\Users\DesJon\Desktop\RE Invest Prop Project Gentilly Brick Single Family home for rent!.pdf
2011-09-29 20:49 - 2011-09-29 20:49 - 2289329 ____A C:\Users\DesJon\Desktop\Hannahs_No_Stress_Cookbook.pdf
2011-09-29 20:20 - 2011-09-29 20:20 - 1887747 ____A C:\Users\DesJon\Downloads\TOTALMOM-ch1-2.pdf
2011-09-29 19:23 - 2011-09-29 19:23 - 11229071 ____A C:\Users\DesJon\Desktop\ebooksclub.org__Emily_Post__039_s_Etiquette__The_Definitive_Guide_to_Manners__Completely_Revised_and_Updated.pdf
2011-09-29 19:03 - 2011-09-29 19:03 - 139934076 ____A C:\Users\DesJon\Desktop\ebooksclub.org__The_Illustrated_Quick_Cook__Easy_Entertaining__After_Work_Recipes__Cheap_Eats.pdf
2011-09-29 14:19 - 2011-09-29 14:19 - 8579448 ____A (Mozilla) C:\Users\DesJon\Downloads\3.6.16_FirefoxSetup3.6.16.exe
2011-09-29 14:10 - 2011-09-29 14:10 - 0017658 ____A C:\Users\DesJon\Desktop\ChaChasignaturecard.pdf
2011-09-29 13:37 - 2011-09-29 13:37 - 0000000 ____D C:\Users\DesJon\AppData\Local\Scansoft
2011-09-29 10:46 - 2011-09-29 10:46 - 0003115 ____A C:\Users\DesJon\AppData\Roaming\SAS7_000.DAT
2011-09-29 10:26 - 2011-09-29 10:26 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Nuance
2011-09-29 10:23 - 2011-09-29 10:23 - 0000000 ____D C:\Users\All Users\Nuance
2011-09-29 10:23 - 2011-09-29 10:23 - 0000000 ____D C:\ProgramData\Nuance
2011-09-29 10:23 - 2011-09-29 10:23 - 0000000 ____D C:\Program Files\Nuance
2011-09-29 09:36 - 2011-10-06 18:37 - 0000000 ____D C:\Program Files\MagicDisc
2011-09-29 09:32 - 2011-09-29 10:08 - 0000000 ____D C:\Users\DesJon\Downloads\Dragon Naturally Speaking v10.1043
2011-09-29 09:25 - 2011-10-06 18:36 - 0000000 ____D C:\Users\DesJon\Desktop\Dragonfly
2011-09-29 09:23 - 2011-10-06 18:36 - 0000000 ____D C:\Users\DesJon\Desktop\Documentation
2011-09-29 09:23 - 2009-03-16 18:34 - 83269620 ____A C:\Users\DesJon\Desktop\ENG.cab
2011-09-29 09:16 - 2011-09-29 09:16 - 0000000 ____D C:\Users\DesJon\Downloads\Dragon Naturally Speaking 10.1 Serial
2011-09-29 07:53 - 2011-09-29 07:53 - 1258606 ____A C:\Users\DesJon\Desktop\Psychdoc_s_Credit_Repair_for_Beginners.pdf
2011-09-28 22:21 - 2011-09-28 22:21 - 0063271 ____A C:\Users\DesJon\Desktop\Chrysler Group LLC Affiliate Rewards1.pdf
2011-09-28 16:20 - 2011-09-28 16:20 - 0092927 ____A C:\Users\DesJon\Desktop\Menu.pdf
2011-09-28 12:44 - 2011-09-28 12:44 - 0055186 ____A C:\Users\DesJon\Desktop\DesChexLtr.pdf
2011-09-28 12:31 - 2011-09-28 12:31 - 0056404 ____A C:\Users\DesJon\Desktop\JonChexLtr.pdf
2011-09-28 09:38 - 2011-09-28 09:38 - 0000000 ____D C:\Users\DesJon\AppData\Local\WinZip
2011-09-28 09:36 - 2011-10-06 18:37 - 0000000 ____D C:\Program Files\WinZip
2011-09-28 09:34 - 2011-09-28 09:35 - 23422280 ____A C:\Users\DesJon\Downloads\winzip155(1).exe
2011-09-28 09:24 - 2011-09-28 09:40 - 0000000 ____D C:\Users\DesJon\Desktop\The Ides Rars
2011-09-28 08:27 - 2011-09-28 09:40 - 0000000 ____D C:\Users\DesJon\Downloads\The Ides of March DVDRip XviD-TWiZTED
2011-09-26 01:57 - 2011-09-26 01:57 - 2488424 ____A C:\Users\DesJon\Desktop\JoEllep_App_Pack2.pdf
2011-09-26 01:39 - 2011-09-26 01:51 - 5075524 ____A C:\Users\DesJon\Desktop\JoEllep App Pack.pdf
2011-09-26 01:37 - 2011-09-26 01:37 - 0138650 ____A C:\Users\DesJon\Desktop\EDUcarecert1.pdf
2011-09-26 01:37 - 2011-09-26 01:37 - 0138122 ____A C:\Users\DesJon\Desktop\LegalIsscert1.pdf
2011-09-26 01:36 - 2011-09-26 01:36 - 0138167 ____A C:\Users\DesJon\Desktop\BasicsCert1.pdf
2011-09-26 01:35 - 2011-09-26 01:35 - 0138167 ____A C:\Users\DesJon\Downloads\BasicsCert.pdf
2011-09-26 01:12 - 2011-09-26 01:12 - 0006955 ____A C:\Users\DesJon\Desktop\uwashwoundlo.jpg
2011-09-26 00:59 - 2011-09-26 00:59 - 0007841 ____A C:\Users\DesJon\Desktop\uwcnelogo300x66.png
2011-09-26 00:54 - 2011-09-26 01:31 - 5199236 ____A C:\Users\DesJon\Desktop\WashNurcert.pdf
2011-09-26 00:49 - 2011-09-26 00:49 - 0136756 ____A C:\Users\DesJon\Desktop\BasicsCert.pdf
2011-09-26 00:49 - 2011-09-26 00:49 - 0136713 ____A C:\Users\DesJon\Desktop\LegalIsscert.pdf
2011-09-26 00:46 - 2011-09-26 00:46 - 0137239 ____A C:\Users\DesJon\Desktop\EDUcarecert.pdf
2011-09-26 00:39 - 2011-09-26 00:38 - 0362298 ____A C:\Users\DesJon\Desktop\WCSFormCert.pdf
2011-09-26 00:26 - 2011-09-26 00:26 - 0561116 ___AT C:\Users\DesJon\Desktop\WOCN_Salary_and_Productivity_Survey_Results.ps
2011-09-26 00:13 - 2011-09-26 00:16 - 0195079 ____A C:\Users\DesJon\Desktop\JESInterview.pdf
2011-09-25 21:19 - 2011-09-25 21:20 - 0061953 ____A C:\Users\DesJon\Desktop\ECDiploma.pdf
2011-09-25 21:17 - 2011-09-25 21:17 - 0000000 ____D C:\Users\DesJon\AppData\Local\HP
2011-09-25 20:40 - 2011-09-25 20:40 - 0360971 ____A C:\Users\DesJon\Desktop\WCSPresUlPrecert.pdf
2011-09-25 18:12 - 2011-09-26 00:45 - 0000000 ____D C:\Users\DesJon\Desktop\My Wound Guide Compilation
2011-09-25 17:53 - 2011-09-25 17:53 - 0361891 ____A C:\Users\DesJon\Desktop\WCSLEWcert.pdf
2011-09-25 17:02 - 2011-09-25 17:07 - 0359986 ____A C:\Users\DesJon\Desktop\WCSWndADcert.pdf
2011-09-25 13:06 - 2011-09-25 13:09 - 0000965 ____A C:\Users\DesJon\Desktop\mythoughtonwoundcare.txt
2011-09-25 07:04 - 2011-09-25 08:37 - 3905814 ____A C:\Users\DesJon\Desktop\Educare Wound and Skin Care Education.pdf
2011-09-24 20:55 - 2011-09-25 05:56 - 0001409 ____A C:\Users\DesJon\Desktop\WCNInterviewQs.txt
2011-09-24 20:20 - 2011-09-24 20:34 - 8805865 ____A C:\Users\DesJon\Downloads\WAT_SAMPLE.pdf
2011-09-24 20:05 - 2011-09-24 20:05 - 0229117 ____A C:\Users\DesJon\Desktop\WAT SAMPLE.pdf
2011-09-24 20:04 - 2011-09-24 20:04 - 1069204 ___AT C:\Users\DesJon\Desktop\WAT%20SAMPLE.ps
2011-09-24 20:03 - 2011-09-24 20:03 - 0005355 ____A C:\Users\DesJon\Desktop\WAT%20SAMPLE.pdf
2011-09-24 19:59 - 2011-09-25 20:42 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0002014 ____A C:\Users\Public\Desktop\Nitro PDF Professional.lnk
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\Users\All Users\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\ProgramData\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\Program Files\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\Program Files\Common Files\Nitro PDF
2011-09-24 19:57 - 2009-12-16 06:50 - 0026432 ____A (Nitro PDF Software) C:\Windows\System32\nitrolocalmon.dll
2011-09-24 19:57 - 2009-12-16 06:50 - 0017728 ____A (Nitro PDF Software) C:\Windows\System32\nitrolocalui.dll
2011-09-24 19:55 - 2011-09-24 19:55 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Downloaded Installations
2011-09-24 19:54 - 2011-09-24 19:55 - 0000000 ____D C:\Users\DesJon\Downloads\Nitro PDF Professional 6.0.2.6
2011-09-24 16:02 - 2011-09-24 16:02 - 0082378 ____A C:\Users\DesJon\Desktop\casemngcert2.pdf
2011-09-23 09:41 - 2011-09-23 11:44 - 0078079 ____A C:\Users\DesJon\Desktop\NELicVer.pdf
2011-09-23 09:33 - 2011-09-23 09:42 - 0100281 ____A C:\Users\DesJon\Desktop\ne-vapp2-prod.cdc.nicusa.com.1315927690.31823.6559151.png
2011-09-22 22:20 - 2011-09-22 22:20 - 0015919 ____A C:\Users\DesJon\Desktop\Task_Flow_Worksheet_(PDF).pdf
2011-09-22 22:14 - 2011-09-22 22:14 - 0093725 ____A C:\Users\DesJon\Desktop\SMART_Goal_Worksheet_(PDF).pdf
2011-09-22 11:51 - 2011-09-22 11:51 - 0101798 ____A C:\Users\DesJon\Desktop\Print & Mail - Print Your Change of Address.pdf
2011-09-22 08:35 - 2011-09-22 08:35 - 0076959 ____A C:\Users\DesJon\Desktop\5SaveAlotCoupon.pdf
2011-09-22 05:06 - 2011-09-22 05:06 - 0150054 ____A C:\Users\DesJon\Downloads\FOOL PROOF ebook.zip
2011-09-21 20:51 - 2011-09-21 20:51 - 0165091 ____A C:\Users\DesJon\Desktop\TransUnion921.pdf
2011-09-20 12:38 - 2011-09-20 12:42 - 0217915 ____A C:\Users\DesJon\Desktop\AssuranceApp.pdf
2011-09-18 17:01 - 2011-09-18 17:01 - 0173968 ____A C:\Users\DesJon\Desktop\EquifaxD_AAD_Rpt_09182011.pdf
2011-09-18 16:02 - 2011-09-18 16:02 - 0433886 ____A C:\Users\DesJon\Desktop\7-Day-Blueprint.pdf
2011-09-17 13:34 - 2011-09-17 13:34 - 0063293 ____A C:\Users\DesJon\Desktop\CNMFinAid917.pdf
2011-09-16 10:58 - 2011-09-16 10:58 - 0142090 ____A C:\Users\DesJon\Desktop\Louisiana PCA Reimbursement Rules.pdf
2011-09-16 10:54 - 2011-09-16 10:58 - 0402857 ____A C:\Users\DesJon\Desktop\Louisiana PCA Licensing Rules & Requirements.pdf
2011-09-13 09:59 - 2011-09-13 09:59 - 1363037 ____A C:\Users\DesJon\Desktop\ECTran20000.pdf
2011-09-13 09:58 - 2011-09-13 09:58 - 1389452 ____A C:\Users\DesJon\Desktop\ECTran10000.pdf
2011-09-12 11:43 - 2011-09-12 11:43 - 0115194 ____A C:\Users\DesJon\Desktop\WMDirect_Deposit_Form.pdf
2011-09-12 11:35 - 2011-09-12 11:35 - 0190213 ____A C:\Users\DesJon\Desktop\CNMAuthFILLED.pdf
2011-09-12 11:35 - 2011-09-12 11:35 - 0113391 ____A C:\Users\DesJon\Desktop\WMDirect Deposit Form.pdf
2011-09-12 11:18 - 2011-09-12 11:18 - 0032452 ____A C:\Users\DesJon\Desktop\Auth_Agree_For_AutoFAid_Ref_Deposits-RevNov408.pdf
2011-09-10 21:04 - 2011-09-10 21:04 - 0001764 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-09-10 21:03 - 2009-05-18 10:17 - 0026600 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2011-09-10 21:03 - 2008-04-17 09:12 - 0107368 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi.dll
2011-09-10 21:02 - 2011-09-10 21:03 - 0000000 ____D C:\Program Files\iTunes
2011-09-10 21:02 - 2011-09-10 21:02 - 0000000 ____D C:\Program Files\iPod
2011-09-10 21:00 - 2011-09-10 21:00 - 0001826 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-09-10 21:00 - 2011-09-10 21:00 - 0000000 ____D C:\Program Files\Apple Software Update
2011-09-10 19:32 - 2011-09-10 19:32 - 0037664 ____A (Apple Inc.) C:\Users\DesJon\Downloads\AppleMobileBackup.exe
2011-09-10 11:31 - 2011-09-10 11:33 - 0000000 ____D C:\Users\All Users\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-09-10 11:31 - 2011-09-10 11:33 - 0000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-09-10 11:30 - 2011-09-10 21:02 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-09-10 11:30 - 2011-09-10 21:02 - 0000000 ____D C:\ProgramData\Apple Computer
2011-09-10 11:28 - 2011-09-10 11:28 - 0000000 ____D C:\Program Files\Bonjour
2011-09-10 11:24 - 2011-09-10 11:26 - 81229680 ____A (Apple Inc.) C:\Users\DesJon\Downloads\iTunesSetup.exe
2011-09-10 08:51 - 2011-09-10 08:51 - 0000000 ____D C:\Users\DesJon\Downloads\The Dukan Diet
2011-09-09 21:02 - 2011-09-09 21:02 - 0000000 ____D C:\Program Files\Common Files\PX Storage Engine
2011-09-09 20:37 - 2011-09-10 07:49 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\DVD Flick
2011-09-09 20:37 - 2011-09-09 20:37 - 0001875 ____A C:\Users\DesJon\Desktop\DVD Flick.lnk
2011-09-09 20:37 - 2011-09-09 20:37 - 0000000 ____D C:\Program Files\DVD Flick
2011-09-09 20:37 - 2008-08-31 10:27 - 0028672 ____A (-) C:\Windows\System32\mousewheel.ocx
2011-09-09 20:37 - 2007-08-31 15:36 - 0036864 ____A (Robdogg Inc.) C:\Windows\System32\trayicon_handler.ocx
2011-09-09 20:37 - 2004-03-08 21:00 - 0662288 ____A (Microsoft Corporation) C:\Windows\System32\mscomct2.ocx
2011-09-09 20:37 - 2003-01-26 10:41 - 0040960 ____A (vbAccelerator) C:\Windows\System32\ssubtmr6.dll
2011-09-09 20:36 - 2011-09-09 20:36 - 12951423 ____A (Dennis Meuwissen ) C:\Users\DesJon\Downloads\dvdflick_setup_1.3.0.7.exe
2011-09-09 19:50 - 2011-09-09 19:50 - 0046244 ____A C:\Users\DesJon\Desktop\InterCommSyllabus.pdf
2011-09-09 19:34 - 2011-09-09 19:38 - 0000000 ____D C:\Users\DesJon\Downloads\Pimsleur - Spanish III
2011-09-09 19:04 - 2011-09-09 19:13 - 0000000 ____D C:\Users\DesJon\Downloads\Pimsleur - Spanish II
2011-09-09 19:03 - 2011-09-09 19:03 - 1004642 ____A C:\Users\DesJon\Downloads\New Nurse's Survival Guide 2010.pdf
2011-09-09 18:57 - 2011-09-09 19:40 - 0000000 ____D C:\Users\DesJon\Downloads\Pimsleur - Spanish I
2011-09-09 16:18 - 2011-09-09 16:20 - 0000000 ____D C:\Users\DesJon\Desktop\NeroDL
2011-09-09 16:00 - 2011-09-09 16:00 - 0000000 ____D C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7
2011-09-09 15:55 - 2011-09-09 16:00 - 85602736 ____A C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7.rar
2011-09-09 15:33 - 2011-09-09 15:33 - 0000000 ____D C:\Users\DesJon\Downloads\Nero 10.0 + Serials en Keygen - DivXNL-Team
2011-09-09 11:18 - 2011-09-09 11:26 - 0072512 ____A C:\Users\DesJon\Desktop\DBoldenLPNCoverLtr.pdf
2011-09-08 11:58 - 2011-09-08 11:58 - 0000000 ____D C:\Users\DesJon\Documents\Aunsoft
2011-09-08 11:58 - 2011-09-08 11:58 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Aunsoft
2011-09-08 11:58 - 2011-09-08 11:58 - 0000000 ____A C:\Users\DesJon\Documents\tmp.txt
2011-09-08 11:30 - 2011-09-08 11:30 - 0001181 ____A C:\Users\Public\Desktop\Aunsoft Video Converter.lnk
2011-09-08 11:30 - 2011-09-08 11:30 - 0000000 ____D C:\Program Files\Aunsoft
2011-09-08 11:28 - 2011-09-08 11:29 - 29042976 ____A (Aunsoft Studio. ) C:\Users\DesJon\Downloads\videoconverter_setup.exe
2011-09-08 10:57 - 2011-09-09 21:07 - 0000000 ____D C:\Users\DesJon\Downloads\The.Help.2011.Cam.Xvid-Biz
2011-09-08 10:53 - 2011-09-08 10:56 - 736295262 ____A C:\Users\DesJon\Downloads\The Help {Eng.2011} DivX TOP-Films.avi


============ 3 Months Modified Files and Folders ===============

2011-10-08 09:52 - 2011-10-08 09:52 - 0000000 ____D C:\FRST
2011-10-06 18:37 - 2011-09-29 09:36 - 0000000 ____D C:\Program Files\MagicDisc
2011-10-06 18:37 - 2011-09-28 09:36 - 0000000 ____D C:\Program Files\WinZip
2011-10-06 18:37 - 2011-06-21 00:24 - 0000000 ____D C:\Users\DesJon\AppData\Local\MSOLAP90ErrorLookup
2011-10-06 18:37 - 2011-05-20 08:18 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\uTorrent
2011-10-06 18:37 - 2011-05-19 15:43 - 0000000 ____D C:\Program Files\UnHackMe
2011-10-06 18:37 - 2011-05-09 18:42 - 0000000 ____D C:\Config.Msi
2011-10-06 18:37 - 2011-04-14 18:32 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-10-06 18:37 - 2011-04-14 18:28 - 0000000 ____D C:\Program Files\Symantec
2011-10-06 18:37 - 2011-04-14 18:28 - 0000000 ____D C:\Program Files\Common Files\Symantec Shared
2011-10-06 18:37 - 2011-04-09 12:25 - 0000000 ____D C:\Users\DesJon\AppData\Local\TOSHIBA_Corporation
2011-10-06 18:37 - 2011-04-09 10:36 - 0000000 ____D C:\Program Files\Mozilla Firefox
2011-10-06 18:37 - 2011-04-08 22:58 - 0000000 ____D C:\Users\DesJon\AppData\Local\TOSHIBA
2011-10-06 18:37 - 2011-04-08 22:55 - 0000000 ____D C:\users\DesJon
2011-10-06 18:37 - 2009-08-27 20:17 - 0000000 ____D C:\Windows\System32\Drivers\NIS
2011-10-06 18:37 - 2009-08-27 20:17 - 0000000 ____D C:\Users\All Users\Norton
2011-10-06 18:37 - 2009-08-27 20:17 - 0000000 ____D C:\ProgramData\Norton
2011-10-06 18:37 - 2009-08-27 20:17 - 0000000 ____D C:\Program Files\NortonInstaller
2011-10-06 18:37 - 2009-08-27 20:17 - 0000000 ____D C:\Program Files\Norton Internet Security
2011-10-06 18:37 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\wfp
2011-10-06 18:37 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2011-10-06 18:36 - 2011-09-29 09:25 - 0000000 ____D C:\Users\DesJon\Desktop\Dragonfly
2011-10-06 18:36 - 2011-09-29 09:23 - 0000000 ____D C:\Users\DesJon\Desktop\Documentation
2011-10-06 18:36 - 2011-05-19 15:55 - 0000000 ____D C:\Qoobox
2011-10-06 18:36 - 2011-05-09 18:04 - 0000000 ____D C:\Users\All Users\Real
2011-10-06 18:36 - 2011-05-09 18:04 - 0000000 ____D C:\ProgramData\Real
2011-10-06 18:36 - 2011-04-14 18:32 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-10-06 18:36 - 2011-04-14 18:32 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-10-06 18:36 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\registration
2011-10-04 07:50 - 2011-10-03 14:47 - 0000000 ___SD C:\ComboFix
2011-10-04 07:50 - 2011-10-03 14:47 - 0000000 ___SD C:\32788R22FWJFW
2011-10-04 07:50 - 2011-10-03 14:41 - 0000000 ____D C:\Program Files\Minibar
2011-10-04 07:46 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\LogFiles
2011-10-03 14:59 - 2011-04-09 11:51 - 2213289984 __ASH C:\hiberfil.sys
2011-10-03 14:43 - 2011-04-14 19:35 - 0000492 ____A C:\rkill.log
2011-10-03 14:41 - 2011-10-03 14:41 - 0000000 ____D C:\Users\All Users\Babylon
2011-10-03 14:41 - 2011-10-03 14:41 - 0000000 ____D C:\ProgramData\Babylon
2011-10-03 11:20 - 2011-10-03 11:20 - 0002618 ____A C:\Users\DesJon\Desktop\locator_backup.gif
2011-10-03 10:21 - 2011-10-03 08:34 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-10-03 10:21 - 2011-10-03 08:34 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-10-03 09:42 - 2011-10-03 09:42 - 0000000 ___HD C:\kleaner.tmp
2011-10-03 08:47 - 2011-10-03 08:47 - 0000000 ____D C:\Open Cloud AV
2011-10-03 08:34 - 2011-10-03 08:34 - 0000000 ____D C:\Program Files\Kaspersky Lab
2011-10-03 06:32 - 2011-10-03 06:26 - 0082312 ____A C:\TDSSKiller.2.6.2.0_03.10.2011_09.26.48_log.txt
2011-10-03 06:21 - 2011-10-03 06:19 - 0082088 ____A C:\TDSSKiller.2.6.2.0_03.10.2011_09.19.38_log.txt
2011-10-01 13:09 - 2011-10-01 12:31 - 0082434 ____A C:\TDSSKiller.2.6.2.0_01.10.2011_15.31.44_log.txt
2011-10-01 12:35 - 2011-10-01 12:35 - 0000000 ____D C:\TDSSKiller_Quarantine
2011-10-01 11:00 - 2011-10-01 11:00 - 0003240 ____N C:\bootsqm.dat
2011-10-01 10:05 - 2011-06-12 23:00 - 0000000 ____D C:\Users\DesJon\AppData\Local\CutePDF Writer
2011-10-01 10:04 - 2011-10-01 10:05 - 0317625 ____A C:\Users\DesJon\Desktop\RE Invest Prop Project Gentilly Brick Single Family home for rent!.pdf
2011-09-29 20:49 - 2011-09-29 20:49 - 2289329 ____A C:\Users\DesJon\Desktop\Hannahs_No_Stress_Cookbook.pdf
2011-09-29 20:20 - 2011-09-29 20:20 - 1887747 ____A C:\Users\DesJon\Downloads\TOTALMOM-ch1-2.pdf
2011-09-29 19:23 - 2011-09-29 19:23 - 11229071 ____A C:\Users\DesJon\Desktop\ebooksclub.org__Emily_Post__039_s_Etiquette__The_Definitive_Guide_to_Manners__Completely_Revised_and_Updated.pdf
2011-09-29 19:03 - 2011-09-29 19:03 - 139934076 ____A C:\Users\DesJon\Desktop\ebooksclub.org__The_Illustrated_Quick_Cook__Easy_Entertaining__After_Work_Recipes__Cheap_Eats.pdf
2011-09-29 14:19 - 2011-09-29 14:19 - 8579448 ____A (Mozilla) C:\Users\DesJon\Downloads\3.6.16_FirefoxSetup3.6.16.exe
2011-09-29 14:10 - 2011-09-29 14:10 - 0017658 ____A C:\Users\DesJon\Desktop\ChaChasignaturecard.pdf
2011-09-29 13:37 - 2011-09-29 13:37 - 0000000 ____D C:\Users\DesJon\AppData\Local\Scansoft
2011-09-29 10:46 - 2011-09-29 10:46 - 0003115 ____A C:\Users\DesJon\AppData\Roaming\SAS7_000.DAT
2011-09-29 10:26 - 2011-09-29 10:26 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Nuance
2011-09-29 10:23 - 2011-09-29 10:23 - 0000000 ____D C:\Users\All Users\Nuance
2011-09-29 10:23 - 2011-09-29 10:23 - 0000000 ____D C:\ProgramData\Nuance
2011-09-29 10:23 - 2011-09-29 10:23 - 0000000 ____D C:\Program Files\Nuance
2011-09-29 10:08 - 2011-09-29 09:32 - 0000000 ____D C:\Users\DesJon\Downloads\Dragon Naturally Speaking v10.1043
2011-09-29 09:16 - 2011-09-29 09:16 - 0000000 ____D C:\Users\DesJon\Downloads\Dragon Naturally Speaking 10.1 Serial
2011-09-29 07:53 - 2011-09-29 07:53 - 1258606 ____A C:\Users\DesJon\Desktop\Psychdoc_s_Credit_Repair_for_Beginners.pdf
2011-09-28 22:21 - 2011-09-28 22:21 - 0063271 ____A C:\Users\DesJon\Desktop\Chrysler Group LLC Affiliate Rewards1.pdf
2011-09-28 16:20 - 2011-09-28 16:20 - 0092927 ____A C:\Users\DesJon\Desktop\Menu.pdf
2011-09-28 12:44 - 2011-09-28 12:44 - 0055186 ____A C:\Users\DesJon\Desktop\DesChexLtr.pdf
2011-09-28 12:31 - 2011-09-28 12:31 - 0056404 ____A C:\Users\DesJon\Desktop\JonChexLtr.pdf
2011-09-28 09:40 - 2011-09-28 09:24 - 0000000 ____D C:\Users\DesJon\Desktop\The Ides Rars
2011-09-28 09:40 - 2011-09-28 08:27 - 0000000 ____D C:\Users\DesJon\Downloads\The Ides of March DVDRip XviD-TWiZTED
2011-09-28 09:38 - 2011-09-28 09:38 - 0000000 ____D C:\Users\DesJon\AppData\Local\WinZip
2011-09-28 09:37 - 2011-04-27 19:13 - 0000000 ____D C:\Users\All Users\WinZip
2011-09-28 09:37 - 2011-04-27 19:13 - 0000000 ____D C:\ProgramData\WinZip
2011-09-28 09:35 - 2011-09-28 09:34 - 23422280 ____A C:\Users\DesJon\Downloads\winzip155(1).exe
2011-09-28 09:11 - 2011-04-22 16:38 - 0000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-09-28 08:37 - 2011-04-09 11:57 - 1929492 ____A C:\Windows\WindowsUpdate.log
2011-09-28 07:11 - 2011-04-22 16:38 - 0000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-09-27 10:22 - 2009-07-13 20:34 - 0016304 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-09-27 10:22 - 2009-07-13 20:34 - 0016304 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-09-26 01:57 - 2011-09-26 01:57 - 2488424 ____A C:\Users\DesJon\Desktop\JoEllep_App_Pack2.pdf
2011-09-26 01:51 - 2011-09-26 01:39 - 5075524 ____A C:\Users\DesJon\Desktop\JoEllep App Pack.pdf
2011-09-26 01:37 - 2011-09-26 01:37 - 0138650 ____A C:\Users\DesJon\Desktop\EDUcarecert1.pdf
2011-09-26 01:37 - 2011-09-26 01:37 - 0138122 ____A C:\Users\DesJon\Desktop\LegalIsscert1.pdf
2011-09-26 01:36 - 2011-09-26 01:36 - 0138167 ____A C:\Users\DesJon\Desktop\BasicsCert1.pdf
2011-09-26 01:35 - 2011-09-26 01:35 - 0138167 ____A C:\Users\DesJon\Downloads\BasicsCert.pdf
2011-09-26 01:31 - 2011-09-26 00:54 - 5199236 ____A C:\Users\DesJon\Desktop\WashNurcert.pdf
2011-09-26 01:12 - 2011-09-26 01:12 - 0006955 ____A C:\Users\DesJon\Desktop\uwashwoundlo.jpg
2011-09-26 00:59 - 2011-09-26 00:59 - 0007841 ____A C:\Users\DesJon\Desktop\uwcnelogo300x66.png
2011-09-26 00:49 - 2011-09-26 00:49 - 0136756 ____A C:\Users\DesJon\Desktop\BasicsCert.pdf
2011-09-26 00:49 - 2011-09-26 00:49 - 0136713 ____A C:\Users\DesJon\Desktop\LegalIsscert.pdf
2011-09-26 00:46 - 2011-09-26 00:46 - 0137239 ____A C:\Users\DesJon\Desktop\EDUcarecert.pdf
2011-09-26 00:45 - 2011-09-25 18:12 - 0000000 ____D C:\Users\DesJon\Desktop\My Wound Guide Compilation
2011-09-26 00:38 - 2011-09-26 00:39 - 0362298 ____A C:\Users\DesJon\Desktop\WCSFormCert.pdf
2011-09-26 00:26 - 2011-09-26 00:26 - 0561116 ___AT C:\Users\DesJon\Desktop\WOCN_Salary_and_Productivity_Survey_Results.ps
2011-09-26 00:16 - 2011-09-26 00:13 - 0195079 ____A C:\Users\DesJon\Desktop\JESInterview.pdf
2011-09-25 21:20 - 2011-09-25 21:19 - 0061953 ____A C:\Users\DesJon\Desktop\ECDiploma.pdf
2011-09-25 21:17 - 2011-09-25 21:17 - 0000000 ____D C:\Users\DesJon\AppData\Local\HP
2011-09-25 21:15 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\rescache
2011-09-25 20:42 - 2011-09-24 19:59 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Nitro PDF
2011-09-25 20:40 - 2011-09-25 20:40 - 0360971 ____A C:\Users\DesJon\Desktop\WCSPresUlPrecert.pdf
2011-09-25 17:53 - 2011-09-25 17:53 - 0361891 ____A C:\Users\DesJon\Desktop\WCSLEWcert.pdf
2011-09-25 17:07 - 2011-09-25 17:02 - 0359986 ____A C:\Users\DesJon\Desktop\WCSWndADcert.pdf
2011-09-25 13:09 - 2011-09-25 13:06 - 0000965 ____A C:\Users\DesJon\Desktop\mythoughtonwoundcare.txt
2011-09-25 10:44 - 2011-06-13 17:30 - 0024216 ____A C:\Windows\Partizan.log
2011-09-25 10:43 - 2011-05-19 16:07 - 0000264 ____A C:\Windows\System32\PARTIZAN.TXT
2011-09-25 10:43 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-09-25 10:43 - 2009-07-13 20:39 - 0023613 ____A C:\Windows\setupact.log
2011-09-25 08:37 - 2011-09-25 07:04 - 3905814 ____A C:\Users\DesJon\Desktop\Educare Wound and Skin Care Education.pdf
2011-09-25 05:56 - 2011-09-24 20:55 - 0001409 ____A C:\Users\DesJon\Desktop\WCNInterviewQs.txt
2011-09-24 20:34 - 2011-09-24 20:20 - 8805865 ____A C:\Users\DesJon\Downloads\WAT_SAMPLE.pdf
2011-09-24 20:05 - 2011-09-24 20:05 - 0229117 ____A C:\Users\DesJon\Desktop\WAT SAMPLE.pdf
2011-09-24 20:04 - 2011-09-24 20:04 - 1069204 ___AT C:\Users\DesJon\Desktop\WAT%20SAMPLE.ps
2011-09-24 20:03 - 2011-09-24 20:03 - 0005355 ____A C:\Users\DesJon\Desktop\WAT%20SAMPLE.pdf
2011-09-24 19:57 - 2011-09-24 19:57 - 0002014 ____A C:\Users\Public\Desktop\Nitro PDF Professional.lnk
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\Users\All Users\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\ProgramData\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\Program Files\Nitro PDF
2011-09-24 19:57 - 2011-09-24 19:57 - 0000000 ____D C:\Program Files\Common Files\Nitro PDF
2011-09-24 19:55 - 2011-09-24 19:55 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Downloaded Installations
2011-09-24 19:55 - 2011-09-24 19:54 - 0000000 ____D C:\Users\DesJon\Downloads\Nitro PDF Professional 6.0.2.6
2011-09-24 16:02 - 2011-09-24 16:02 - 0082378 ____A C:\Users\DesJon\Desktop\casemngcert2.pdf
2011-09-23 11:44 - 2011-09-23 09:41 - 0078079 ____A C:\Users\DesJon\Desktop\NELicVer.pdf
2011-09-23 09:42 - 2011-09-23 09:33 - 0100281 ____A C:\Users\DesJon\Desktop\ne-vapp2-prod.cdc.nicusa.com.1315927690.31823.6559151.png
2011-09-23 09:40 - 2011-09-04 08:35 - 0001970 ____A C:\Users\DesJon\Desktop\fidelispowerpoint-12972261949249-phpapp02 - Shortcut.lnk
2011-09-23 09:40 - 2011-08-23 07:02 - 0002219 ____A C:\Users\DesJon\Desktop\interpersonalcommuEDIT - Shortcut.lnk
2011-09-22 22:20 - 2011-09-22 22:20 - 0015919 ____A C:\Users\DesJon\Desktop\Task_Flow_Worksheet_(PDF).pdf
2011-09-22 22:14 - 2011-09-22 22:14 - 0093725 ____A C:\Users\DesJon\Desktop\SMART_Goal_Worksheet_(PDF).pdf
2011-09-22 11:51 - 2011-09-22 11:51 - 0101798 ____A C:\Users\DesJon\Desktop\Print & Mail - Print Your Change of Address.pdf
2011-09-22 08:35 - 2011-09-22 08:35 - 0076959 ____A C:\Users\DesJon\Desktop\5SaveAlotCoupon.pdf
2011-09-22 05:06 - 2011-09-22 05:06 - 0150054 ____A C:\Users\DesJon\Downloads\FOOL PROOF ebook.zip
2011-09-21 20:51 - 2011-09-21 20:51 - 0165091 ____A C:\Users\DesJon\Desktop\TransUnion921.pdf
2011-09-20 12:42 - 2011-09-20 12:38 - 0217915 ____A C:\Users\DesJon\Desktop\AssuranceApp.pdf
2011-09-18 17:01 - 2011-09-18 17:01 - 0173968 ____A C:\Users\DesJon\Desktop\EquifaxD_AAD_Rpt_09182011.pdf
2011-09-18 16:02 - 2011-09-18 16:02 - 0433886 ____A C:\Users\DesJon\Desktop\7-Day-Blueprint.pdf
2011-09-17 13:34 - 2011-09-17 13:34 - 0063293 ____A C:\Users\DesJon\Desktop\CNMFinAid917.pdf
2011-09-16 10:58 - 2011-09-16 10:58 - 0142090 ____A C:\Users\DesJon\Desktop\Louisiana PCA Reimbursement Rules.pdf
2011-09-16 10:58 - 2011-09-16 10:54 - 0402857 ____A C:\Users\DesJon\Desktop\Louisiana PCA Licensing Rules & Requirements.pdf
2011-09-13 09:59 - 2011-09-13 09:59 - 1363037 ____A C:\Users\DesJon\Desktop\ECTran20000.pdf
2011-09-13 09:58 - 2011-09-13 09:58 - 1389452 ____A C:\Users\DesJon\Desktop\ECTran10000.pdf
2011-09-12 11:43 - 2011-09-12 11:43 - 0115194 ____A C:\Users\DesJon\Desktop\WMDirect_Deposit_Form.pdf
2011-09-12 11:35 - 2011-09-12 11:35 - 0190213 ____A C:\Users\DesJon\Desktop\CNMAuthFILLED.pdf
2011-09-12 11:35 - 2011-09-12 11:35 - 0113391 ____A C:\Users\DesJon\Desktop\WMDirect Deposit Form.pdf
2011-09-12 11:18 - 2011-09-12 11:18 - 0032452 ____A C:\Users\DesJon\Desktop\Auth_Agree_For_AutoFAid_Ref_Deposits-RevNov408.pdf
2011-09-10 21:04 - 2011-09-10 21:04 - 0001764 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-09-10 21:03 - 2011-09-10 21:02 - 0000000 ____D C:\Program Files\iTunes
2011-09-10 21:02 - 2011-09-10 21:02 - 0000000 ____D C:\Program Files\iPod
2011-09-10 21:02 - 2011-09-10 11:30 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-09-10 21:02 - 2011-09-10 11:30 - 0000000 ____D C:\ProgramData\Apple Computer
2011-09-10 21:02 - 2011-04-26 13:17 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-09-10 21:00 - 2011-09-10 21:00 - 0001826 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-09-10 21:00 - 2011-09-10 21:00 - 0000000 ____D C:\Program Files\Apple Software Update
2011-09-10 21:00 - 2011-04-26 13:11 - 0000000 ____D C:\Program Files\QuickTime
2011-09-10 19:32 - 2011-09-10 19:32 - 0037664 ____A (Apple Inc.) C:\Users\DesJon\Downloads\AppleMobileBackup.exe
2011-09-10 16:02 - 2009-08-27 20:23 - 0023804 ____A C:\Windows\PFRO.log
2011-09-10 11:34 - 2011-08-23 06:41 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Apple Computer
2011-09-10 11:33 - 2011-09-10 11:31 - 0000000 ____D C:\Users\All Users\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-09-10 11:33 - 2011-09-10 11:31 - 0000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-09-10 11:33 - 2011-05-09 18:02 - 0000000 ____D C:\Users\DesJon\AppData\Local\Apple Computer
2011-09-10 11:28 - 2011-09-10 11:28 - 0000000 ____D C:\Program Files\Bonjour
2011-09-10 11:26 - 2011-09-10 11:24 - 81229680 ____A (Apple Inc.) C:\Users\DesJon\Downloads\iTunesSetup.exe
2011-09-10 08:51 - 2011-09-10 08:51 - 0000000 ____D C:\Users\DesJon\Downloads\The Dukan Diet
2011-09-10 07:49 - 2011-09-09 20:37 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\DVD Flick
2011-09-09 21:07 - 2011-09-08 10:57 - 0000000 ____D C:\Users\DesJon\Downloads\The.Help.2011.Cam.Xvid-Biz
2011-09-09 21:02 - 2011-09-09 21:02 - 0000000 ____D C:\Program Files\Common Files\PX Storage Engine
2011-09-09 20:42 - 2011-08-23 07:37 - 0000000 ____D C:\Users\DesJon\Desktop\DRM Removal
2011-09-09 20:37 - 2011-09-09 20:37 - 0001875 ____A C:\Users\DesJon\Desktop\DVD Flick.lnk
2011-09-09 20:37 - 2011-09-09 20:37 - 0000000 ____D C:\Program Files\DVD Flick
2011-09-09 20:36 - 2011-09-09 20:36 - 12951423 ____A (Dennis Meuwissen ) C:\Users\DesJon\Downloads\dvdflick_setup_1.3.0.7.exe
2011-09-09 19:50 - 2011-09-09 19:50 - 0046244 ____A C:\Users\DesJon\Desktop\InterCommSyllabus.pdf
2011-09-09 19:40 - 2011-09-09 18:57 - 0000000 ____D C:\Users\DesJon\Downloads\Pimsleur - Spanish I
2011-09-09 19:38 - 2011-09-09 19:34 - 0000000 ____D C:\Users\DesJon\Downloads\Pimsleur - Spanish III
2011-09-09 19:13 - 2011-09-09 19:04 - 0000000 ____D C:\Users\DesJon\Downloads\Pimsleur - Spanish II
2011-09-09 19:03 - 2011-09-09 19:03 - 1004642 ____A C:\Users\DesJon\Downloads\New Nurse's Survival Guide 2010.pdf
2011-09-09 16:20 - 2011-09-09 16:18 - 0000000 ____D C:\Users\DesJon\Desktop\NeroDL
2011-09-09 16:09 - 2011-05-07 13:22 - 0000000 ____D C:\Program Files\Common Files\Nero
2011-09-09 16:00 - 2011-09-09 16:00 - 0000000 ____D C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7
2011-09-09 16:00 - 2011-09-09 15:55 - 85602736 ____A C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7.rar
2011-09-09 15:33 - 2011-09-09 15:33 - 0000000 ____D C:\Users\DesJon\Downloads\Nero 10.0 + Serials en Keygen - DivXNL-Team
2011-09-09 11:26 - 2011-09-09 11:18 - 0072512 ____A C:\Users\DesJon\Desktop\DBoldenLPNCoverLtr.pdf
2011-09-08 11:58 - 2011-09-08 11:58 - 0000000 ____D C:\Users\DesJon\Documents\Aunsoft
2011-09-08 11:58 - 2011-09-08 11:58 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Aunsoft
2011-09-08 11:58 - 2011-09-08 11:58 - 0000000 ____A C:\Users\DesJon\Documents\tmp.txt
2011-09-08 11:30 - 2011-09-08 11:30 - 0001181 ____A C:\Users\Public\Desktop\Aunsoft Video Converter.lnk
2011-09-08 11:30 - 2011-09-08 11:30 - 0000000 ____D C:\Program Files\Aunsoft
2011-09-08 11:29 - 2011-09-08 11:28 - 29042976 ____A (Aunsoft Studio. ) C:\Users\DesJon\Downloads\videoconverter_setup.exe
2011-09-08 10:56 - 2011-09-08 10:53 - 736295262 ____A C:\Users\DesJon\Downloads\The Help {Eng.2011} DivX TOP-Films.avi
2011-09-07 19:51 - 2011-09-07 19:52 - 0532208 ____A C:\Users\DesJon\Desktop\5305WildairCompReport.pdf
2011-09-06 09:00 - 2011-09-06 09:01 - 0087637 ____A C:\Users\DesJon\Desktop\entergypay.pdf
2011-09-06 07:46 - 2011-09-06 07:36 - 0083989 ____A C:\Users\DesJon\Desktop\ATTPayments.pdf
2011-09-06 07:39 - 2011-09-06 07:39 - 0002760 ____A C:\Users\DesJon\Desktop\att_logo.gif
2011-09-05 18:14 - 2009-08-27 20:12 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI
2011-09-05 18:13 - 2011-09-05 18:12 - 10634630 ____A C:\Users\DesJon\Downloads\2008BSEN018.zip
2011-09-05 06:45 - 2011-09-04 10:03 - 0286735 ____A C:\Users\DesJon\Desktop\Trillium Trace.bpdx
2011-09-05 05:23 - 2011-09-05 05:23 - 9154579 ____A C:\Users\DesJon\Desktop\Assisted-living-tool-kitALLMAUALS.pdf
2011-09-05 05:01 - 2011-09-05 05:00 - 2197524 ____A C:\Users\DesJon\Desktop\assistedlivingbusinessplanguidebookVERYHELPFUL.pdf
2011-09-04 22:14 - 2011-09-04 22:14 - 0031861 ____A C:\Users\DesJon\Desktop\Z-200MedicaidEligIncome.pdf
2011-09-04 22:12 - 2011-09-04 22:12 - 0074292 ____A C:\Users\DesJon\Desktop\ARCDementiaTrngRuleLAReg200908.pdf
2011-09-04 22:11 - 2011-09-04 22:11 - 0170058 ____A C:\Users\DesJon\Desktop\Adult_Residential_Care_RegsLA.pdf
2011-09-04 21:47 - 2011-09-04 21:47 - 0018612 ____A C:\Users\DesJon\Desktop\AL1-ResidentAssessment.PDF
2011-09-04 21:47 - 2011-09-04 21:47 - 0016382 ____A C:\Users\DesJon\Desktop\MedAdm.PDF
2011-09-04 21:47 - 2011-09-04 21:47 - 0013401 ____A C:\Users\DesJon\Desktop\EmployeeHealthEval.pdf
2011-09-04 21:47 - 2011-09-04 21:47 - 0009711 ____A C:\Users\DesJon\Desktop\prnstatmeds.pdf
2011-09-04 20:06 - 2011-09-04 20:06 - 0048715 ____A C:\Users\DesJon\Desktop\AsstLivSocAsst.pdf
2011-09-04 19:55 - 2011-09-04 19:55 - 0018351 ____A C:\Users\DesJon\Desktop\AL2-ResidentAssessmentForm.pdf
2011-09-04 19:52 - 2011-09-04 19:52 - 0069510 ____A C:\Users\DesJon\Desktop\SCOPE_AND_STANDARDS_FINALfor Assisted livingRN.pdf
2011-09-04 19:51 - 2011-09-04 19:51 - 0347152 ____A C:\Users\DesJon\Desktop\alfmanualrevision.pdf
2011-09-04 18:44 - 2011-09-04 18:44 - 0449289 ____A C:\Users\DesJon\Desktop\Investment_HousingOakCreek.pdf
2011-09-04 16:15 - 2011-09-04 16:15 - 0158113 ____A C:\Users\DesJon\Desktop\AssistedLivingFinancialFeas.pdf
2011-09-04 10:03 - 2011-09-04 03:04 - 0000000 ____D C:\Program Files\Business Plan Pro
2011-09-04 08:35 - 2011-09-04 08:35 - 6159360 ____A C:\Users\DesJon\Downloads\fidelispowerpoint-12972261949249-phpapp02.ppt
2011-09-04 08:10 - 2011-09-04 08:10 - 0031861 ____A C:\Users\DesJon\Desktop\Z-200.pdf
2011-09-04 05:15 - 2011-09-04 03:06 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\bppenu11
2011-09-04 05:07 - 2011-09-04 05:07 - 0000000 ____D C:\Users\DesJon\AppData\Local\Business Plan Pro Samples
2011-09-04 03:08 - 2011-09-04 03:08 - 0000000 ____D C:\Users\DesJon\AppData\Local\IsolatedStorage
2011-09-04 03:07 - 2011-09-04 03:07 - 0000000 ____D C:\Users\All Users\IsolatedStorage
2011-09-04 03:07 - 2011-09-04 03:07 - 0000000 ____D C:\ProgramData\IsolatedStorage
2011-09-04 03:06 - 2011-09-04 03:06 - 0002755 ____A C:\Users\Public\Desktop\Business Plan Pro.lnk
2011-09-04 03:06 - 2011-09-04 03:06 - 0000000 ____D C:\Users\DesJon\AppData\Local\Palo_Alto_Software
2011-09-04 02:59 - 2011-04-25 14:37 - 0000000 ____D C:\Users\DesJon\AppData\Local\Downloaded Installations
2011-09-04 02:54 - 2011-09-03 09:41 - 0000000 ____D C:\Users\DesJon\Downloads\Business Plan Pro 11 15th Anniversary Edition
2011-09-03 09:49 - 2011-09-03 09:49 - 0296248 ____A C:\Users\DesJon\Desktop\appendix_fc.php.htm
2011-09-03 09:49 - 2011-09-03 09:48 - 0000000 ____D C:\Users\DesJon\Desktop\appendix_fc.php_files
2011-09-03 09:48 - 2011-09-03 09:48 - 0056162 ____A C:\Users\DesJon\Desktop\strategy_and_implementation_summary_fc.php.htm
2011-09-03 09:48 - 2011-09-03 09:47 - 0000000 ____D C:\Users\DesJon\Desktop\strategy_and_implementation_summary_fc.php_files
2011-09-03 09:48 - 2011-09-03 09:47 - 0000000 ____D C:\Users\DesJon\Desktop\financial_plan_fc.php_files
2011-09-03 09:46 - 2011-09-03 09:46 - 0056318 ____A C:\Users\DesJon\Desktop\management_summary_fc.php.htm
2011-09-03 09:46 - 2011-09-03 09:46 - 0000000 ____D C:\Users\DesJon\Desktop\management_summary_fc.php_files
2011-09-03 09:45 - 2011-09-03 09:45 - 0058050 ____A C:\Users\DesJon\Desktop\organization_summary_fc.php.htm
2011-09-03 09:45 - 2011-09-03 09:45 - 0057437 ____A C:\Users\DesJon\Desktop\market_analysis_summary_fc.php.htm
2011-09-03 09:45 - 2011-09-03 09:45 - 0033976 ____A C:\Users\DesJon\Desktop\services_fc.php.htm
2011-09-03 09:45 - 2011-09-03 09:44 - 0000000 ____D C:\Users\DesJon\Desktop\market_analysis_summary_fc.php_files
2011-09-03 09:45 - 2011-09-03 09:43 - 0000000 ____D C:\Users\DesJon\Desktop\services_fc.php_files
2011-09-03 09:45 - 2011-09-03 09:42 - 0000000 ____D C:\Users\DesJon\Desktop\organization_summary_fc.php_files
2011-09-03 09:42 - 2011-09-03 09:42 - 0029928 ____A C:\Users\DesJon\Desktop\executive_summary_fc.cfm.htm
2011-09-03 09:42 - 2011-09-03 09:42 - 0000000 ____D C:\Users\DesJon\Desktop\executive_summary_fc.cfm_files
2011-09-03 09:13 - 2011-09-03 09:13 - 0001910 ____A C:\Users\Public\Desktop\NetZero Quick Help.lnk
2011-09-03 09:13 - 2011-09-03 09:13 - 0001807 ____A C:\Users\Public\Desktop\NetZero Internet.lnk
2011-09-03 09:13 - 2011-06-06 23:55 - 0000000 ____D C:\Program Files\NetZero
2011-09-03 09:13 - 2011-06-06 23:54 - 0000000 ____D C:\Program Files\NetZeroInstaller
2011-09-03 06:54 - 2009-08-27 20:16 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2011-09-03 06:53 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\addins
2011-09-03 06:53 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Resources
2011-09-02 09:04 - 2011-09-02 09:04 - 0077891 ____A C:\Users\DesJon\Desktop\DBoldenLPNResume.pdf
2011-09-01 11:36 - 2011-09-01 11:36 - 6284664 ____A (Microsoft Corporation) C:\Users\DesJon\Downloads\Silverlight.exe
2011-09-01 10:05 - 2011-09-01 09:48 - 0738498 ____A C:\Users\DesJon\Desktop\APUFAX2.pdf
2011-09-01 09:49 - 2011-09-01 09:49 - 0073125 ____A C:\Users\DesJon\Desktop\APUFAX10001.pdf
2011-09-01 09:42 - 2011-09-01 09:41 - 0756126 ____A C:\Users\DesJon\Desktop\APUFAX10000.pdf
2011-09-01 08:45 - 2011-09-01 08:45 - 0044104 ____A C:\Users\DesJon\Desktop\APUAppeal-1.pdf
2011-09-01 08:04 - 2011-09-01 08:04 - 0334693 ____A C:\Users\DesJon\Desktop\2010TaxReturn.pdf
2011-09-01 06:40 - 2011-09-01 06:40 - 0002054 ____A C:\Users\DesJon\Desktop\CustomerFirst Java Edition.lnk
2011-08-31 21:02 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Branding
2011-08-31 21:00 - 2011-08-31 21:00 - 0000752 ____A C:\Users\DesJon\Desktop\Security Protection.lnk
2011-08-31 20:49 - 2011-08-31 20:49 - 0645429 ____A C:\Users\DesJon\Desktop\Group_Home_Manual_Sponsorship_040517.pdf
2011-08-31 19:56 - 2011-08-31 19:56 - 0000000 __SHD C:\Windows\ftpcache
2011-08-31 19:46 - 2011-08-31 19:46 - 0001211 ____A C:\Users\DesJon\Desktop\Saunders Comprehensive NCLEX-RN Review 4e.lnk
2011-08-31 19:46 - 2011-08-31 19:46 - 0000000 ____D C:\Program Files\Saunders Comprehensive NCLEX-RN Review 4e
2011-08-30 16:46 - 2011-08-30 15:45 - 0000000 ____D C:\Users\DesJon\Downloads\Lil Wayne - Tha Carter IV Target Deluxe Edition Bonus Tracks (FLAC)
2011-08-30 15:47 - 2011-08-30 15:44 - 0000000 ____D C:\Users\DesJon\Downloads\Lil Wayne - 2011 - Tha Carter IV [FLAC]
2011-08-26 01:11 - 2011-08-26 01:11 - 0039823 ____A C:\Users\DesJon\Desktop\Lippincott826.pdf
2011-08-24 16:13 - 2011-08-24 16:13 - 2913407 ____A C:\Users\DesJon\Desktop\frye1.pdf
2011-08-23 13:33 - 2011-08-23 13:33 - 0634266 ____A C:\Users\DesJon\Downloads\Undergraduate_Application_for_Admission.pdf
2011-08-23 12:09 - 2011-08-19 03:08 - 0000000 ____D C:\Users\DesJon\Documents\My Digital Editions
2011-08-23 12:06 - 2011-08-23 12:06 - 0005456 ____A C:\Users\DesJon\Desktop\Sample of ILLUSTRATED Study Guide for the NCLEX-RN® EXAM.pdf
2011-08-23 11:52 - 2011-08-23 11:24 - 0000000 ____D C:\Users\DesJon\Desktop\BNDesktopReader
2011-08-23 11:52 - 2011-08-23 06:38 - 0000000 ____D C:\Program Files\Barnes & Noble
2011-08-23 11:24 - 2011-08-23 11:24 - 0001193 ____A C:\Users\Public\Desktop\NOOK for PC.lnk
2011-08-23 11:24 - 2011-08-23 06:40 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Barnes & Noble
2011-08-23 11:23 - 2011-08-23 11:23 - 17279944 ____A (Barnes & Noble, Inc.) C:\Users\DesJon\Downloads\bndr2_setup_latest.exe
2011-08-23 11:08 - 2011-08-23 11:08 - 0003415 ____A C:\Users\DesJon\Downloads\pastie-751573.py
2011-08-23 10:49 - 2011-08-23 10:48 - 1525176 ____A (Audible Inc.) C:\Users\DesJon\Downloads\ActiveSetupN.exe
2011-08-23 08:46 - 2011-08-23 08:46 - 12240250 ____A C:\Users\DesJon\Desktop\Interpersonal Communication Text.pdf
2011-08-23 08:26 - 2011-08-23 07:30 - 0000000 ____D C:\Python26
2011-08-23 08:25 - 2011-08-23 08:25 - 0411837 ____A C:\Users\DesJon\Downloads\pycrypto-2.1.0.win32-py2.6.zip
2011-08-23 08:25 - 2011-08-23 07:34 - 0000000 ____D C:\Users\DesJon\Desktop\Pycrypto
2011-08-23 07:54 - 2011-08-23 07:54 - 0002485 ____A C:\Users\DesJon\Desktop\Python (command line).lnk
2011-08-23 07:39 - 2011-08-23 07:39 - 0000000 ____D C:\Users\DesJon\.idlerc
2011-08-23 07:36 - 2011-08-23 07:36 - 0000000 ____D C:\Users\DesJon\Desktop\pycrypto-2.1.0
2011-08-23 07:34 - 2011-08-23 07:34 - 0000000 ____D C:\Users\DesJon\Pycrypto
2011-08-23 07:25 - 2011-08-23 08:23 - 0011053 ____A C:\Users\DesJon\Desktop\ineptkey_v4.4.pyw.txt
2011-08-23 07:24 - 2011-08-23 07:24 - 0265388 ____A C:\Users\DesJon\Downloads\pycrypto-2.1.0.tar.gz
2011-08-23 07:24 - 2011-08-23 07:23 - 15103488 ____A C:\Users\DesJon\Downloads\python-2.6.5.msi
2011-08-23 07:00 - 2011-08-23 07:00 - 0000000 ___RD C:\Users\DesJon\Documents\Scanned Documents
2011-08-23 07:00 - 2011-08-23 07:00 - 0000000 ____D C:\Users\DesJon\Documents\Fax
2011-08-23 06:49 - 2011-08-23 06:59 - 12270808 ____A C:\Users\DesJon\Desktop\interpersonalcommuni_9781439066201 - Copy.pdf
2011-08-23 06:43 - 2011-08-23 06:41 - 0000000 ____D C:\Users\DesJon\Documents\My Barnes & Noble eBooks
2011-08-23 06:39 - 2011-08-23 06:39 - 0001121 ____A C:\Users\Public\Desktop\NOOK Study.lnk
2011-08-23 06:35 - 2011-08-23 06:34 - 43949824 ____A (Barnes & Noble, Inc.) C:\Users\DesJon\Downloads\NOOKstudy_Setup.exe
2011-08-23 05:54 - 2011-08-23 05:54 - 0103720 ____A C:\Users\DesJon\GoToAssistDownloadHelper.exe
2011-08-23 05:54 - 2011-08-23 05:54 - 0000000 ____D C:\Users\DesJon\AppData\Local\Citrix
2011-08-23 05:48 - 2011-08-23 05:48 - 0615222 ____A C:\Users\DesJon\Desktop\Setting_up_a_Payment_Plan_in_the_Student_Account_Center.pdf
2011-08-22 22:52 - 2011-08-22 22:52 - 1779400 ____A C:\Users\DesJon\Desktop\NCLEX-PN Secrets.pdf
2011-08-22 20:37 - 2011-08-22 20:37 - 0086432 ____A C:\Users\DesJon\Desktop\autumdifferent.pdf
2011-08-22 20:36 - 2011-08-22 20:36 - 0016077 ____A C:\Users\DesJon\Desktop\autumvocabulary_words.pdf
2011-08-22 20:35 - 2011-08-22 20:35 - 0012294 ____A C:\Users\DesJon\Desktop\autumn_lesson_plan.pdf
2011-08-22 17:40 - 2011-08-22 17:15 - 0002880 ____A C:\Users\DesJon\Desktop\LPN Nclex Guide.txt
2011-08-22 15:42 - 2011-08-22 15:42 - 0385773 ____A C:\Users\DesJon\Desktop\refund_policy.pdf
2011-08-22 12:52 - 2011-08-22 12:52 - 0316030 ____A C:\Users\DesJon\Desktop\appealform.pdf
2011-08-22 09:19 - 2011-08-22 09:19 - 0035027 ____A C:\Users\DesJon\Desktop\UNOTranscriptConsent.pdf
2011-08-22 09:18 - 2011-08-22 09:18 - 0000000 ____D C:\Users\DesJon\Documents\MyScans
2011-08-21 13:57 - 2011-08-21 14:07 - 127155669 ____A C:\Users\DesJon\Desktop\MasterNCLEX-PN.pdf
2011-08-21 12:10 - 2011-08-21 12:10 - 1107621 ____A C:\Users\DesJon\Downloads\nclexpower.pdf
2011-08-20 12:28 - 2011-08-20 11:42 - 0000000 ____D C:\Users\DesJon\Downloads\[iTunes]-VA-MMG_Presents_Self_Made_Vol_1-(2011)
2011-08-19 09:18 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\NDF
2011-08-19 07:05 - 2011-04-14 18:30 - 0000000 ____D C:\Users\DesJon\AppData\Local\Google
2011-08-19 07:01 - 2011-08-19 07:01 - 0002318 ____A C:\Users\DesJon\Desktop\Lippincott's Review for NCLEX-PN - 7th Edition.lnk
2011-08-19 07:01 - 2011-08-19 07:01 - 0000000 ____D C:\Program Files\LWW
2011-08-19 03:09 - 2011-08-19 03:10 - 0005413 ____A C:\Users\DesJon\Desktop\CliffsTestPrep NCLEX-PN.pdf
2011-08-19 03:09 - 2011-04-09 00:06 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Adobe
2011-08-19 03:08 - 2011-08-19 03:08 - 0002139 ____A C:\Users\Public\Desktop\Adobe Digital Editions.lnk
2011-08-19 03:08 - 2009-08-27 20:08 - 0000000 ____D C:\Program Files\Adobe
2011-08-18 17:23 - 2011-07-31 07:07 - 0000000 ____D C:\Users\DesJon\Downloads\NCLEX
2011-08-18 17:20 - 2011-07-01 01:07 - 0000000 ____D C:\Users\DesJon\Documents\Saunders_QA_NCLEX-PN_4e
2011-08-16 20:28 - 2011-08-16 20:28 - 4744927 ____A C:\Users\DesJon\Downloads\NCLEX RN QUIZ Win.zip
2011-08-15 20:57 - 2011-08-15 20:57 - 0076212 ____A C:\Users\DesJon\Desktop\22447445-The-30-Most-Important-Must-Know-Drugs-for-Nclex.pdf
2011-08-15 17:31 - 2011-08-15 17:25 - 0003372 __ASH C:\Users\DesJon\AppData\Local\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34
2011-08-15 17:31 - 2011-08-15 17:25 - 0003372 __ASH C:\Users\All Users\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34
2011-08-15 17:31 - 2011-08-15 17:25 - 0003372 __ASH C:\ProgramData\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\rvaj.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\nfth.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\fata.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\cgej.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\nkjl.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\kgdb.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\gymh.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\cmak.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\nkjl.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\kgdb.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\gymh.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\cmak.exe
2011-08-15 14:21 - 2011-05-19 15:49 - 0024416 ____A (Greatis Software) C:\Windows\System32\Drivers\regguard.sys
2011-08-15 14:17 - 2011-08-15 14:07 - 0003494 __ASH C:\Users\DesJon\AppData\Local\k71pyy08114s626scwd0d6s
2011-08-15 14:17 - 2011-08-15 14:07 - 0003494 __ASH C:\Users\All Users\k71pyy08114s626scwd0d6s
2011-08-15 14:17 - 2011-08-15 14:07 - 0003494 __ASH C:\ProgramData\k71pyy08114s626scwd0d6s
2011-08-12 18:20 - 2011-08-12 18:12 - 10472457 ____A C:\Users\DesJon\Downloads\NCLEX-PN Review 2nd - Miller.pdf
2011-08-12 17:37 - 2011-08-12 17:37 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Help
2011-08-12 17:37 - 2011-08-12 17:37 - 0000000 ____D C:\Users\DesJon\AppData\Local\Help
2011-08-12 17:27 - 2011-08-12 17:27 - 1528184 ____A (Microsoft Corporation) C:\Users\DesJon\Downloads\GenuineCheck(1).exe
2011-08-12 05:57 - 2011-08-12 05:57 - 0059584 ____A C:\Users\DesJon\Desktop\CrystalReportsViewer.pdf
2011-08-12 05:41 - 2011-08-12 05:41 - 0088358 ____A C:\Users\DesJon\Desktop\DBoldenResumegw.pdf
2011-08-11 08:20 - 2011-08-11 08:20 - 0862440 ____A C:\Users\DesJon\Downloads\BS_HI.pdf
2011-08-11 08:02 - 2011-08-11 08:02 - 0746619 ____A C:\Users\DesJon\Downloads\MS_NLM.pdf
2011-08-11 07:58 - 2011-08-11 07:58 - 0789986 ____A C:\Users\DesJon\Downloads\BS_NUR.pdf
2011-08-10 16:31 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET
2011-08-08 13:00 - 2011-08-08 13:00 - 0095248 ____A (Barnes & Noble, Inc.) C:\Windows\System32\NookStudyPortMonitor.dll
2011-08-05 14:04 - 2011-04-26 19:53 - 0000000 ____D C:\Program Files\CramMaster
2011-08-05 13:58 - 2011-08-05 13:57 - 0000000 ____D C:\Users\DesJon\Desktop\Wallpapers
2011-08-05 05:05 - 2011-08-05 05:04 - 0211993 ____A C:\Users\DesJon\Downloads\NCLEX Prep.pdf
2011-08-03 03:06 - 2011-05-19 14:56 - 0703056 ____A C:\Windows\ntbtlog.txt
2011-08-03 02:57 - 2011-08-02 23:41 - 0000000 ____D C:\Users\All Users\iJ01300IjGcM01300
2011-08-03 02:57 - 2011-08-02 23:41 - 0000000 ____D C:\ProgramData\iJ01300IjGcM01300
2011-08-03 00:07 - 2011-08-02 23:41 - 0007285 ____A C:\Users\DesJon\AppData\Roaming\68DE.FE6
2011-08-02 12:13 - 2011-07-17 14:07 - 0000120 ____A C:\Users\DesJon\AppData\Local\Sfugutufu.dat
2011-08-02 12:13 - 2011-07-17 14:07 - 0000000 ____A C:\Users\DesJon\AppData\Local\Lsuhuro.bin
2011-07-31 10:00 - 2011-07-31 10:00 - 0001154 ____A C:\Users\DesJon\Desktop\NCLEX-RN Strategy Practice Exam.lnk
2011-07-31 10:00 - 2011-07-31 09:59 - 0000000 ____D C:\Program Files\Kap.NCLEX
2011-07-31 07:05 - 2011-07-31 07:05 - 6375520 ____A (Adobe Systems Inc.) C:\Users\DesJon\Downloads\Shockwave_Installer_Slim.exe
2011-07-31 07:05 - 2011-07-31 07:05 - 0000000 ____D C:\Windows\System32\Adobe
2011-07-31 07:03 - 2011-07-31 07:03 - 3867347 ____A C:\Users\DesJon\Downloads\Kaplan.rar
2011-07-28 11:26 - 2011-07-28 11:25 - 24264256 ____A C:\Users\DesJon\Downloads\27-384.mp3
2011-07-28 11:25 - 2011-07-28 11:23 - 41428586 ____A C:\Users\DesJon\Downloads\26-384.mp3
2011-07-28 11:23 - 2011-07-28 11:21 - 34114718 ____A C:\Users\DesJon\Downloads\25-384.mp3
2011-07-28 11:21 - 2011-07-28 11:17 - 63926493 ____A C:\Users\DesJon\Downloads\24-384.mp3
2011-07-28 11:17 - 2011-07-28 11:15 - 41066216 ____A C:\Users\DesJon\Downloads\21-384.mp3
2011-07-28 10:52 - 2011-07-28 10:49 - 43128008 ____A C:\Users\DesJon\Downloads\20-384.mp3
2011-07-28 10:49 - 2011-07-28 10:47 - 39747136 ____A C:\Users\DesJon\Downloads\19-384.mp3
2011-07-28 10:47 - 2011-07-28 10:45 - 31401327 ____A C:\Users\DesJon\Downloads\18-384.mp3
2011-07-28 10:45 - 2011-07-28 10:40 - 69637487 ____A C:\Users\DesJon\Downloads\17-384.mp3
2011-07-28 10:38 - 2011-07-28 10:35 - 56609700 ____A C:\Users\DesJon\Downloads\16-384.mp3
2011-07-28 10:35 - 2011-07-28 10:34 - 42244860 ____A C:\Users\DesJon\Downloads\15-384.mp3
2011-07-28 10:34 - 2011-07-28 10:32 - 61913184 ____A C:\Users\DesJon\Downloads\14-384.mp3
2011-07-28 10:03 - 2011-05-09 18:04 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\Real
2011-07-28 04:29 - 2011-07-28 04:29 - 11811154 ____A C:\Users\DesJon\Downloads\NCLEX-PN.CramMaster.v1.6.rar
2011-07-26 05:54 - 2011-07-26 05:51 - 0000000 ____D C:\MSPPWSV
2011-07-26 05:51 - 2011-04-08 22:55 - 0000000 ____D C:\Users\DesJon\AppData\Local\VirtualStore
2011-07-21 22:38 - 2011-08-09 11:06 - 5989376 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-07-21 20:56 - 2011-08-09 11:06 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-07-17 14:07 - 2011-07-17 14:07 - 0000000 ____D C:\Users\DesJon\AppData\Local\{DA95F184-57E5-42D4-B9F3-436BB9D62321}
2011-07-16 17:53 - 2011-07-16 17:53 - 0000000 ___RD C:\Program Files\Centricity
2011-07-15 20:37 - 2011-08-09 11:06 - 0169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-07-15 20:34 - 2011-08-09 11:06 - 0868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-07-15 20:34 - 2011-08-09 11:06 - 0290816 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-07-15 20:31 - 2011-08-09 11:06 - 0271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-07-15 20:19 - 2011-08-09 11:06 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-15 20:19 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-07-15 18:21 - 2011-08-09 11:06 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-07-15 18:21 - 2011-08-09 11:06 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-15 18:21 - 2011-08-09 11:06 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-15 18:21 - 2011-08-09 11:06 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-07-14 19:04 - 2009-07-13 20:33 - 0335056 ____A C:\Windows\System32\FNTCACHE.DAT
2011-07-13 01:44 - 2009-07-13 20:34 - 0000000 ____D C:\Windows\ServiceProfiles
2011-07-13 01:38 - 2011-07-13 01:38 - 9435312 ____A (Malwarebytes Corporation ) C:\Users\DesJon\Downloads\mbam-setup-1.51.0.1200.exe
2011-07-12 20:20 - 2011-05-19 15:43 - 0000000 ____D C:\Users\DesJon\Documents\RegRun2
2011-07-12 08:20 - 2011-07-12 08:20 - 0178536 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-07-12 08:20 - 2011-07-12 08:20 - 0083816 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-07-12 08:20 - 2011-07-12 08:20 - 0073064 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-07-12 08:20 - 2011-07-12 08:20 - 0050536 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-07-11 21:27 - 2011-07-11 21:27 - 0000000 ____D C:\Users\DesJon\AppData\Roaming\EazyPlanet
2011-07-11 21:25 - 2011-07-11 21:25 - 1081616 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCTL.OCX
2011-07-11 21:25 - 2011-07-11 21:25 - 0608448 ____A (Microsoft Corporation) C:\Windows\System32\COMCTL32.OCX
2011-07-11 21:25 - 2011-07-11 21:25 - 0164144 ____A (Microsoft Corporation) C:\Windows\System32\COMCT232.OCX
2011-07-11 21:25 - 2011-07-11 21:25 - 0000000 ____D C:\Users\All Users\EazyPlanet
2011-07-11 21:25 - 2011-07-11 21:25 - 0000000 ____D C:\ProgramData\EazyPlanet
2011-07-11 21:25 - 2011-07-11 21:25 - 0000000 ____D C:\Program Files\EazyPlanet
2011-07-11 21:20 - 2011-07-11 21:20 - 0000000 ____A C:\Windows\System32\rtf.cpx
2011-07-11 21:19 - 2011-07-11 21:19 - 10409032 ____A (EazyPaper Inc.) C:\Users\DesJon\Downloads\EazyPaper_setup.exe
2011-07-11 21:19 - 2011-07-11 21:19 - 0000000 ____D C:\Program Files\ScholarWord-3.0
2011-07-11 21:18 - 2011-07-11 21:18 - 9858549 ____A (Xumbrus, LLC.) C:\Users\DesJon\Downloads\ScholarWordv30_WINInstall_121910.exe

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2011-04-09 00:08] - [2009-10-30 21:45] - 2614272 ____A (Microsoft Corporation) 2626FC9755BE22F805D3CFA0CE3EE727

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys
[2009-07-13 15:11] - [2009-07-13 17:19] - 0245328 ____A () 7C28B63E4C9E5C3BE7FFE53789593619


========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 2814.36 MB
Available physical RAM: 2399.39 MB
Total Pagefile: 2812.64 MB
Available Pagefile: 2402.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.31 MB

======================= Partitions =========================

1 Drive c: (TI103196W0D) (Fixed) (Total:223.33 GB) (Free:140.96 GB) NTFS
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.28 GB) NTFS
3 Drive e: (TI103196W0D) (CDROM) (Total:4.11 GB) (Free:0 GB) CDFS
4 Drive f: (USB STICK) (Removable) (Total:0.93 GB) (Free:0.93 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==========================================================

Last Boot: 2011-09-24 12:14

======================= End Of Log ==========================

Edited by msgail, 08 October 2011 - 10:29 AM.


#5 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:23 PM

Posted 08 October 2011 - 10:17 AM

Well done. :thumbup2:

We might be able to restore the system next round. FYI I'm going away for the rest of evening.

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    start
    cmd: type c:\tdss*.txt
    cmd: dir /a/s/b C:\Qoobox
    end
    

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the BartPE CD.
    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • Type the following in the edit box after "Search:".

    volsnap.sys

    Click Search button and post the log it makes to your reply.


#6 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 08 October 2011 - 10:31 AM

Fixlog post was too long, so I seperated it into two

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.3)
Ran by SYSTEM at 2011-10-08 10:21:49 R:1
Running from F:\

==============================================


========= type c:\tdss*.txt =========


c:\TDSSKiller.2.6.2.0_01.10.2011_15.31.44_log.txt


15:31:44.0766 0288 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
15:31:45.0063 0288 ============================================================
15:31:45.0063 0288 Current date / time: 2011/10/01 15:31:45.0063
15:31:45.0063 0288 SystemInfo:
15:31:45.0063 0288
15:31:45.0063 0288 OS Version: 6.1.7600 ServicePack: 0.0
15:31:45.0063 0288 Product type: Workstation
15:31:45.0063 0288 ComputerName: DESJON-PC
15:31:45.0064 0288 UserName: DesJon
15:31:45.0064 0288 Windows directory: C:\windows
15:31:45.0064 0288 System windows directory: C:\windows
15:31:45.0064 0288 Processor architecture: Intel x86
15:31:45.0064 0288 Number of processors: 2
15:31:45.0064 0288 Page size: 0x1000
15:31:45.0064 0288 Boot type: Normal boot
15:31:45.0064 0288 ============================================================
15:31:46.0200 0288 Initialize success
15:31:48.0607 3244 ============================================================
15:31:48.0607 3244 Scan started
15:31:48.0607 3244 Mode: Manual;
15:31:48.0607 3244 ============================================================
15:31:50.0623 3244 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
15:31:50.0626 3244 1394ohci - ok
15:31:50.0751 3244 90bb4c50 (f575ae6bab2fa625002a9ac952d40794) C:\windows\1347206032:1866773423.exe
15:31:50.0751 3244 Suspicious file (Hidden): C:\windows\1347206032:1866773423.exe. md5: f575ae6bab2fa625002a9ac952d40794
15:31:50.0751 3244 90bb4c50 ( HiddenFile.Multi.Generic ) - warning
15:31:50.0751 3244 90bb4c50 - detected HiddenFile.Multi.Generic (1)
15:31:51.0029 3244 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
15:31:51.0033 3244 ACPI - ok
15:31:51.0417 3244 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
15:31:51.0419 3244 AcpiPmi - ok
15:31:51.0897 3244 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
15:31:51.0908 3244 adp94xx - ok
15:31:52.0291 3244 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
15:31:52.0297 3244 adpahci - ok
15:31:52.0716 3244 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
15:31:52.0719 3244 adpu320 - ok
15:31:53.0081 3244 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
15:31:53.0085 3244 AFD - ok
15:31:53.0608 3244 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
15:31:53.0632 3244 AgereSoftModem - ok
15:31:53.0971 3244 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
15:31:53.0984 3244 agp440 - ok
15:31:54.0365 3244 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
15:31:54.0367 3244 aic78xx - ok
15:31:54.0783 3244 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
15:31:54.0793 3244 aliide - ok
15:31:55.0495 3244 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
15:31:55.0497 3244 amdagp - ok
15:31:55.0862 3244 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
15:31:55.0863 3244 amdide - ok
15:31:56.0197 3244 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
15:31:56.0198 3244 AmdK8 - ok
15:31:56.0542 3244 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
15:31:56.0543 3244 AmdPPM - ok
15:31:56.0922 3244 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
15:31:56.0924 3244 amdsata - ok
15:31:57.0292 3244 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
15:31:57.0295 3244 amdsbs - ok
15:31:57.0614 3244 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
15:31:57.0616 3244 amdxata - ok
15:31:57.0970 3244 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
15:31:57.0972 3244 AppID - ok
15:31:58.0407 3244 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
15:31:58.0409 3244 arc - ok
15:31:58.0976 3244 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
15:31:58.0978 3244 arcsas - ok
15:31:59.0321 3244 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
15:31:59.0322 3244 AsyncMac - ok
15:31:59.0644 3244 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
15:31:59.0644 3244 atapi - ok
15:32:00.0114 3244 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
15:32:00.0206 3244 atikmdag - ok
15:32:00.0838 3244 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
15:32:00.0875 3244 AtiPcie - ok
15:32:01.0255 3244 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
15:32:01.0261 3244 b06bdrv - ok
15:32:01.0598 3244 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
15:32:01.0602 3244 b57nd60x - ok
15:32:01.0942 3244 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
15:32:01.0943 3244 Beep - ok
15:32:02.0354 3244 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
15:32:02.0356 3244 BHDrvx86 - ok
15:32:02.0699 3244 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
15:32:02.0700 3244 blbdrive - ok
15:32:03.0090 3244 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
15:32:03.0092 3244 bowser - ok
15:32:03.0422 3244 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
15:32:03.0423 3244 BrFiltLo - ok
15:32:03.0755 3244 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
15:32:03.0757 3244 BrFiltUp - ok
15:32:04.0098 3244 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
15:32:04.0102 3244 Brserid - ok
15:32:04.0433 3244 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
15:32:04.0435 3244 BrSerWdm - ok
15:32:04.0756 3244 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
15:32:04.0757 3244 BrUsbMdm - ok
15:32:05.0078 3244 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
15:32:05.0093 3244 BrUsbSer - ok
15:32:05.0713 3244 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
15:32:05.0715 3244 BTHMODEM - ok
15:32:06.0167 3244 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys
15:32:06.0170 3244 ccHP - ok
15:32:06.0524 3244 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
15:32:06.0526 3244 cdfs - ok
15:32:06.0949 3244 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
15:32:06.0951 3244 cdrom - ok
15:32:07.0283 3244 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
15:32:07.0285 3244 circlass - ok
15:32:07.0516 3244 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
15:32:07.0520 3244 CLFS - ok
15:32:07.0863 3244 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
15:32:07.0864 3244 CmBatt - ok
15:32:08.0185 3244 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
15:32:08.0187 3244 cmdide - ok
15:32:08.0513 3244 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
15:32:08.0518 3244 CNG - ok
15:32:08.0850 3244 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
15:32:08.0851 3244 Compbatt - ok
15:32:09.0184 3244 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
15:32:09.0185 3244 CompositeBus - ok
15:32:09.0518 3244 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
15:32:09.0520 3244 crcdisk - ok
15:32:09.0867 3244 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
15:32:09.0869 3244 DfsC - ok
15:32:10.0187 3244 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
15:32:10.0188 3244 discache - ok
15:32:10.0522 3244 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
15:32:10.0524 3244 Disk - ok
15:32:10.0871 3244 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
15:32:10.0873 3244 drmkaud - ok
15:32:11.0210 3244 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys
15:32:11.0214 3244 DXGKrnl - ok
15:32:11.0612 3244 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
15:32:11.0669 3244 ebdrv - ok
15:32:11.0841 3244 eeCtrl (5461f01b7def17dc90d90b029f874c3b) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:32:11.0844 3244 eeCtrl - ok
15:32:12.0206 3244 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
15:32:12.0218 3244 elxstor - ok
15:32:12.0398 3244 EraserUtilRebootDrv (17fcc372d03ba39f3aee85198c0ec594) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:32:12.0399 3244 EraserUtilRebootDrv - ok
15:32:12.0726 3244 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
15:32:12.0728 3244 ErrDev - ok
15:32:13.0076 3244 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
15:32:13.0079 3244 exfat - ok
15:32:13.0400 3244 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
15:32:13.0403 3244 fastfat - ok
15:32:13.0735 3244 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
15:32:13.0736 3244 fdc - ok
15:32:14.0069 3244 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
15:32:14.0071 3244 FileInfo - ok
15:32:14.0403 3244 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
15:32:14.0405 3244 Filetrace - ok
15:32:14.0737 3244 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
15:32:14.0738 3244 flpydisk - ok
15:32:15.0074 3244 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
15:32:15.0077 3244 FltMgr - ok
15:32:15.0432 3244 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
15:32:15.0434 3244 FsDepends - ok
15:32:15.0755 3244 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
15:32:15.0761 3244 Fs_Rec - ok
15:32:16.0391 3244 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
15:32:16.0394 3244 fvevol - ok
15:32:16.0740 3244 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
15:32:16.0742 3244 gagp30kx - ok
15:32:17.0166 3244 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:32:17.0167 3244 GEARAspiWDM - ok
15:32:17.0536 3244 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
15:32:17.0538 3244 hcw85cir - ok
15:32:17.0868 3244 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
15:32:17.0873 3244 HdAudAddService - ok
15:32:18.0216 3244 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
15:32:18.0218 3244 HDAudBus - ok
15:32:18.0545 3244 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
15:32:18.0546 3244 HidBatt - ok
15:32:18.0871 3244 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
15:32:18.0873 3244 HidBth - ok
15:32:19.0206 3244 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
15:32:19.0208 3244 HidIr - ok
15:32:19.0563 3244 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
15:32:19.0564 3244 HidUsb - ok
15:32:19.0909 3244 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
15:32:19.0911 3244 HpSAMD - ok
15:32:20.0249 3244 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
15:32:20.0261 3244 HTTP - ok
15:32:20.0592 3244 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
15:32:20.0592 3244 hwpolicy - ok
15:32:20.0940 3244 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
15:32:20.0941 3244 i8042prt - ok
15:32:21.0270 3244 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
15:32:21.0275 3244 iaStorV - ok
15:32:21.0431 3244 IDSVix86 (7c8ce2b83a89ee1cb0c3fee5991e62a2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110513.001\IDSvix86.sys
15:32:21.0433 3244 IDSVix86 - ok
15:32:21.0770 3244 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
15:32:21.0772 3244 iirsp - ok
15:32:22.0168 3244 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
15:32:22.0185 3244 IntcAzAudAddService - ok
15:32:22.0504 3244 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
15:32:22.0505 3244 intelide - ok
15:32:22.0839 3244 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
15:32:22.0841 3244 intelppm - ok
15:32:23.0173 3244 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:32:23.0174 3244 IpFilterDriver - ok
15:32:23.0520 3244 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
15:32:23.0522 3244 IPMIDRV - ok
15:32:23.0854 3244 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
15:32:23.0857 3244 IPNAT - ok
15:32:24.0222 3244 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
15:32:24.0223 3244 IRENUM - ok
15:32:24.0546 3244 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
15:32:24.0547 3244 isapnp - ok
15:32:24.0865 3244 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
15:32:24.0868 3244 iScsiPrt - ok
15:32:25.0202 3244 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
15:32:25.0203 3244 kbdclass - ok
15:32:25.0526 3244 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
15:32:25.0527 3244 kbdhid - ok
15:32:25.0852 3244 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
15:32:25.0854 3244 KSecDD - ok
15:32:26.0173 3244 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
15:32:26.0175 3244 KSecPkg - ok
15:32:26.0535 3244 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
15:32:26.0542 3244 lltdio - ok
15:32:27.0188 3244 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
15:32:27.0189 3244 LPCFilter - ok
15:32:27.0526 3244 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
15:32:27.0529 3244 LSI_FC - ok
15:32:27.0861 3244 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
15:32:27.0864 3244 LSI_SAS - ok
15:32:28.0196 3244 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
15:32:28.0198 3244 LSI_SAS2 - ok
15:32:28.0520 3244 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
15:32:28.0522 3244 LSI_SCSI - ok
15:32:28.0854 3244 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
15:32:28.0856 3244 luafv - ok
15:32:29.0224 3244 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys
15:32:29.0224 3244 MBAMProtector - ok
15:32:29.0586 3244 MBAMSwissArmy - ok
15:32:29.0955 3244 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
15:32:29.0958 3244 mcdbus - ok
15:32:30.0302 3244 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
15:32:30.0304 3244 megasas - ok
15:32:30.0630 3244 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
15:32:30.0634 3244 MegaSR - ok
15:32:30.0952 3244 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
15:32:30.0952 3244 Modem - ok
15:32:31.0275 3244 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
15:32:31.0275 3244 monitor - ok
15:32:31.0609 3244 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
15:32:31.0610 3244 mouclass - ok
15:32:31.0932 3244 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
15:32:31.0933 3244 mouhid - ok
15:32:32.0255 3244 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
15:32:32.0256 3244 mountmgr - ok
15:32:32.0571 3244 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
15:32:32.0574 3244 mpio - ok
15:32:32.0883 3244 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
15:32:32.0884 3244 mpsdrv - ok
15:32:33.0207 3244 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
15:32:33.0210 3244 MRxDAV - ok
15:32:33.0534 3244 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
15:32:33.0536 3244 mrxsmb - ok
15:32:33.0864 3244 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:32:33.0867 3244 mrxsmb10 - ok
15:32:34.0182 3244 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:32:34.0183 3244 mrxsmb20 - ok
15:32:34.0491 3244 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
15:32:34.0492 3244 msahci - ok
15:32:34.0806 3244 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
15:32:34.0809 3244 msdsm - ok
15:32:35.0128 3244 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
15:32:35.0130 3244 Msfs - ok
15:32:35.0440 3244 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
15:32:35.0441 3244 mshidkmdf - ok
15:32:35.0751 3244 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
15:32:35.0753 3244 msisadrv - ok
15:32:36.0088 3244 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
15:32:36.0090 3244 MSKSSRV - ok
15:32:36.0422 3244 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
15:32:36.0423 3244 MSPCLOCK - ok
15:32:36.0767 3244 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
15:32:36.0777 3244 MSPQM - ok
15:32:37.0392 3244 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
15:32:37.0395 3244 MsRPC - ok
15:32:37.0704 3244 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
15:32:37.0705 3244 mssmbios - ok
15:32:38.0028 3244 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
15:32:38.0029 3244 MSTEE - ok
15:32:38.0339 3244 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
15:32:38.0341 3244 MTConfig - ok
15:32:38.0651 3244 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
15:32:38.0653 3244 Mup - ok
15:32:38.0992 3244 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
15:32:38.0996 3244 NativeWifiP - ok
15:32:39.0133 3244 NAVENG - ok
15:32:39.0266 3244 NAVEX15 - ok
15:32:39.0608 3244 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
15:32:39.0631 3244 NDIS - ok
15:32:39.0958 3244 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
15:32:39.0959 3244 NdisCap - ok
15:32:40.0291 3244 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
15:32:40.0292 3244 NdisTapi - ok
15:32:40.0625 3244 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
15:32:40.0627 3244 Ndisuio - ok
15:32:40.0949 3244 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
15:32:40.0951 3244 NdisWan - ok
15:32:41.0262 3244 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
15:32:41.0263 3244 NDProxy - ok
15:32:41.0585 3244 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
15:32:41.0586 3244 NetBIOS - ok
15:32:41.0900 3244 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
15:32:41.0903 3244 NetBT - ok
15:32:42.0241 3244 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
15:32:42.0242 3244 nfrd960 - ok
15:32:42.0652 3244 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
15:32:42.0653 3244 Npfs - ok
15:32:42.0975 3244 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
15:32:42.0976 3244 nsiproxy - ok
15:32:43.0317 3244 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
15:32:43.0351 3244 Ntfs - ok
15:32:43.0653 3244 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
15:32:43.0654 3244 Null - ok
15:32:43.0966 3244 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
15:32:43.0968 3244 nvraid - ok
15:32:44.0277 3244 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
15:32:44.0280 3244 nvstor - ok
15:32:44.0589 3244 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
15:32:44.0592 3244 nv_agp - ok
15:32:44.0917 3244 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
15:32:44.0919 3244 ohci1394 - ok
15:32:45.0254 3244 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
15:32:45.0256 3244 Parport - ok
15:32:45.0577 3244 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
15:32:45.0579 3244 partmgr - ok
15:32:45.0900 3244 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
15:32:45.0901 3244 Parvdm - ok
15:32:46.0211 3244 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
15:32:46.0213 3244 pci - ok
15:32:46.0510 3244 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
15:32:46.0511 3244 pciide - ok
15:32:46.0812 3244 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
15:32:46.0815 3244 pcmcia - ok
15:32:47.0121 3244 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
15:32:47.0144 3244 pcw - ok
15:32:47.0808 3244 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
15:32:47.0831 3244 PEAUTH - ok
15:32:48.0176 3244 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
15:32:48.0177 3244 PGEffect - ok
15:32:48.0539 3244 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
15:32:48.0541 3244 PptpMiniport - ok
15:32:48.0856 3244 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
15:32:48.0858 3244 Processor - ok
15:32:49.0185 3244 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
15:32:49.0187 3244 Psched - ok
15:32:49.0526 3244 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
15:32:49.0561 3244 ql2300 - ok
15:32:49.0878 3244 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
15:32:49.0880 3244 ql40xx - ok
15:32:50.0200 3244 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
15:32:50.0202 3244 QWAVEdrv - ok
15:32:50.0522 3244 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
15:32:50.0524 3244 RasAcd - ok
15:32:50.0859 3244 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
15:32:50.0860 3244 RasAgileVpn - ok
15:32:51.0192 3244 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
15:32:51.0194 3244 Rasl2tp - ok
15:32:51.0538 3244 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
15:32:51.0540 3244 RasPppoe - ok
15:32:51.0863 3244 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
15:32:51.0865 3244 RasSstp - ok
15:32:52.0177 3244 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
15:32:52.0181 3244 rdbss - ok
15:32:52.0489 3244 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
15:32:52.0491 3244 rdpbus - ok
15:32:53.0011 3244 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
15:32:53.0011 3244 RDPCDD - ok
15:32:53.0333 3244 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
15:32:53.0334 3244 RDPENCDD - ok
15:32:53.0633 3244 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
15:32:53.0634 3244 RDPREFMP - ok
15:32:53.0938 3244 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
15:32:53.0942 3244 RDPWD - ok
15:32:54.0260 3244 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
15:32:54.0263 3244 rdyboost - ok
15:32:54.0611 3244 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
15:32:54.0612 3244 rspndr - ok
15:32:54.0935 3244 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
15:32:54.0939 3244 RSUSBSTOR - ok
15:32:55.0330 3244 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
15:32:55.0333 3244 RTL8167 - ok
15:32:55.0686 3244 rtl8192se (fd0b1d3ce2e7debd0ae8456494d21488) C:\windows\system32\DRIVERS\rtl8192se.sys
15:32:55.0709 3244 rtl8192se - ok
15:32:56.0013 3244 RtsUIR - ok
15:32:56.0350 3244 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
15:32:56.0353 3244 sbp2port - ok
15:32:56.0674 3244 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
15:32:56.0676 3244 scfilter - ok
15:32:57.0035 3244 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
15:32:57.0036 3244 secdrv - ok
15:32:57.0367 3244 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
15:32:57.0382 3244 Serenum - ok
15:32:57.0991 3244 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
15:32:58.0009 3244 Serial - ok
15:32:58.0503 3244 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
15:32:58.0504 3244 sermouse - ok
15:32:58.0836 3244 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
15:32:58.0838 3244 sffdisk - ok
15:32:59.0159 3244 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
15:32:59.0160 3244 sffp_mmc - ok
15:32:59.0481 3244 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
15:32:59.0483 3244 sffp_sd - ok
15:32:59.0804 3244 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
15:32:59.0806 3244 sfloppy - ok
15:33:00.0138 3244 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
15:33:00.0141 3244 sisagp - ok
15:33:00.0473 3244 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
15:33:00.0475 3244 SiSRaid2 - ok
15:33:00.0798 3244 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
15:33:00.0800 3244 SiSRaid4 - ok
15:33:01.0132 3244 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
15:33:01.0134 3244 Smb - ok
15:33:01.0478 3244 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
15:33:01.0479 3244 spldr - ok
15:33:01.0838 3244 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS
15:33:01.0843 3244 SRTSP - ok
15:33:02.0208 3244 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS
15:33:02.0208 3244 SRTSPX - ok
15:33:02.0536 3244 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
15:33:02.0542 3244 srv - ok
15:33:02.0879 3244 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
15:33:02.0884 3244 srv2 - ok
15:33:03.0211 3244 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
15:33:03.0214 3244 srvnet - ok
15:33:03.0584 3244 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
15:33:03.0586 3244 stexstor - ok
15:33:03.0917 3244 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
15:33:03.0918 3244 StillCam - ok
15:33:04.0253 3244 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
15:33:04.0254 3244 swenum - ok
15:33:04.0604 3244 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS
15:33:04.0610 3244 SymEFA - ok
15:33:04.0936 3244 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS
15:33:04.0937 3244 SymEvent - ok
15:33:05.0302 3244 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS
15:33:05.0304 3244 SYMFW - ok
15:33:05.0623 3244 SymIM (34f1c9d5dcc19df1e824d6b73767b8af) C:\windows\system32\DRIVERS\SymIMv.sys
15:33:05.0623 3244 SymIM - ok
15:33:05.0985 3244 SYMNDISV (dcbf73da96cce94933c8cc6eded3c98b) C:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
15:33:05.0987 3244 SYMNDISV - ok
15:33:06.0328 3244 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
15:33:06.0330 3244 SYMTDI - ok
15:33:06.0665 3244 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
15:33:06.0667 3244 SynTP - ok
15:33:07.0050 3244 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys
15:33:07.0084 3244 Tcpip - ok
15:33:07.0461 3244 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys
15:33:07.0469 3244 TCPIP6 - ok
15:33:07.0851 3244 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
15:33:07.0852 3244 tcpipreg - ok
15:33:08.0186 3244 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
15:33:08.0187 3244 tdcmdpst - ok
15:33:08.0708 3244 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
15:33:08.0709 3244 TDPIPE - ok
15:33:09.0030 3244 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
15:33:09.0032 3244 TDTCP - ok
15:33:09.0353 3244 tdx (d5321d6b97cb85a0b418993f8a9c2d2e) C:\windows\system32\DRIVERS\tdx.sys
15:33:09.0354 3244 Suspicious file (Forged): C:\windows\system32\DRIVERS\tdx.sys. Real md5: d5321d6b97cb85a0b418993f8a9c2d2e, Fake md5: cb39e896a2a83702d1737bfd402b3542
15:33:09.0354 3244 tdx ( ForgedFile.Multi.Generic ) - warning
15:33:09.0354 3244 tdx - detected ForgedFile.Multi.Generic (1)
15:33:09.0677 3244 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
15:33:09.0678 3244 TermDD - ok
15:33:10.0065 3244 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
15:33:10.0070 3244 tos_sps32 - ok
15:33:10.0411 3244 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
15:33:10.0413 3244 tssecsrv - ok
15:33:10.0746 3244 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
15:33:10.0748 3244 tunnel - ok
15:33:11.0110 3244 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
15:33:11.0112 3244 TVALZ - ok
15:33:11.0443 3244 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
15:33:11.0444 3244 TVALZFL - ok
15:33:11.0770 3244 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
15:33:11.0772 3244 uagp35 - ok
15:33:12.0097 3244 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
15:33:12.0102 3244 udfs - ok
15:33:12.0500 3244 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
15:33:12.0502 3244 uliagpkx - ok
15:33:12.0823 3244 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
15:33:12.0825 3244 umbus - ok
15:33:13.0134 3244 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
15:33:13.0136 3244 UmPass - ok
15:33:13.0513 3244 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
15:33:13.0515 3244 usbaudio - ok
15:33:13.0837 3244 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
15:33:13.0839 3244 usbccgp - ok
15:33:14.0151 3244 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
15:33:14.0154 3244 usbcir - ok
15:33:14.0507 3244 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
15:33:14.0508 3244 usbehci - ok
15:33:14.0848 3244 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys
15:33:14.0853 3244 usbhub - ok
15:33:15.0170 3244 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
15:33:15.0171 3244 usbohci - ok
15:33:15.0489 3244 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
15:33:15.0491 3244 usbprint - ok
15:33:15.0813 3244 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:33:15.0816 3244 USBSTOR - ok
15:33:16.0125 3244 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
15:33:16.0126 3244 usbuhci - ok
15:33:16.0467 3244 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys
15:33:16.0479 3244 usbvideo - ok
15:33:16.0826 3244 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
15:33:16.0828 3244 vdrvroot - ok
15:33:17.0171 3244 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
15:33:17.0173 3244 vga - ok
15:33:17.0492 3244 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
15:33:17.0494 3244 VgaSave - ok
15:33:17.0808 3244 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
15:33:17.0812 3244 vhdmp - ok
15:33:18.0142 3244 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
15:33:18.0144 3244 viaagp - ok
15:33:18.0466 3244 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
15:33:18.0468 3244 ViaC7 - ok
15:33:18.0788 3244 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
15:33:18.0798 3244 viaide - ok
15:33:19.0682 3244 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
15:33:19.0685 3244 volmgr - ok
15:33:20.0009 3244 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
15:33:20.0013 3244 volmgrx - ok
15:33:20.0340 3244 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
15:33:20.0345 3244 volsnap - ok
15:33:20.0668 3244 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
15:33:20.0671 3244 vsmraid - ok
15:33:21.0141 3244 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
15:33:21.0143 3244 vwifibus - ok
15:33:21.0553 3244 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
15:33:21.0554 3244 vwififlt - ok
15:33:21.0877 3244 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
15:33:21.0878 3244 WacomPen - ok
15:33:22.0211 3244 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
15:33:22.0213 3244 WANARP - ok
15:33:22.0217 3244 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
15:33:22.0218 3244 Wanarpv6 - ok
15:33:22.0557 3244 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
15:33:22.0559 3244 Wd - ok
15:33:22.0887 3244 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
15:33:22.0899 3244 Wdf01000 - ok
15:33:23.0241 3244 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
15:33:23.0243 3244 WfpLwf - ok
15:33:23.0564 3244 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
15:33:23.0566 3244 WIMMount - ok
15:33:23.0928 3244 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
15:33:23.0930 3244 WinUsb - ok
15:33:24.0253 3244 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
15:33:24.0255 3244 WmiAcpi - ok
15:33:24.0598 3244 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
15:33:24.0600 3244 ws2ifsl - ok
15:33:24.0918 3244 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
15:33:24.0919 3244 WSDPrintDevice - ok
15:33:25.0244 3244 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
15:33:25.0246 3244 WudfPf - ok
15:33:25.0568 3244 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
15:33:25.0571 3244 WUDFRd - ok
15:33:25.0626 3244 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
15:33:25.0635 3244 \Device\Harddisk0\DR0 - ok
15:33:25.0645 3244 Boot (0x1200) (812a8ca52030af64a407027329b060f0) \Device\Harddisk0\DR0\Partition0
15:33:25.0647 3244 \Device\Harddisk0\DR0\Partition0 - ok
15:33:25.0647 3244 ============================================================
15:33:25.0647 3244 Scan finished
15:33:25.0647 3244 ============================================================
15:33:25.0662 3980 Detected object count: 2
15:33:25.0662 3980 Actual detected object count: 2
15:35:02.0107 3980 C:\windows\1347206032:1866773423.exe - copied to quarantine
15:35:02.0107 3980 90bb4c50 ( HiddenFile.Multi.Generic ) - User select action: Quarantine
15:35:02.0439 3980 C:\windows\system32\DRIVERS\tdx.sys - copied to quarantine
15:35:02.0439 3980 tdx ( ForgedFile.Multi.Generic ) - User select action: Quarantine
16:09:15.0464 1312 Deinitialize success

c:\TDSSKiller.2.6.2.0_03.10.2011_09.19.38_log.txt


09:19:38.0560 1468 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
09:19:44.0527 1468 ============================================================
09:19:44.0527 1468 Current date / time: 2011/10/03 09:19:44.0527
09:19:44.0527 1468 SystemInfo:
09:19:44.0527 1468
09:19:44.0527 1468 OS Version: 6.1.7600 ServicePack: 0.0
09:19:44.0527 1468 Product type: Workstation
09:19:44.0527 1468 ComputerName: DESJON-PC
09:19:44.0528 1468 UserName: DesJon
09:19:44.0528 1468 Windows directory: C:\windows
09:19:44.0528 1468 System windows directory: C:\windows
09:19:44.0528 1468 Processor architecture: Intel x86
09:19:44.0528 1468 Number of processors: 2
09:19:44.0528 1468 Page size: 0x1000
09:19:44.0528 1468 Boot type: Normal boot
09:19:44.0528 1468 ============================================================
09:19:46.0230 1468 Initialize success
09:19:48.0559 4860 ============================================================
09:19:48.0559 4860 Scan started
09:19:48.0559 4860 Mode: Manual;
09:19:48.0559 4860 ============================================================
09:19:49.0732 4860 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
09:19:49.0735 4860 1394ohci - ok
09:19:49.0857 4860 90bb4c50 (f575ae6bab2fa625002a9ac952d40794) C:\windows\1347206032:1866773423.exe
09:19:49.0857 4860 Suspicious file (Hidden): C:\windows\1347206032:1866773423.exe. md5: f575ae6bab2fa625002a9ac952d40794
09:19:49.0858 4860 90bb4c50 ( HiddenFile.Multi.Generic ) - warning
09:19:49.0858 4860 90bb4c50 - detected HiddenFile.Multi.Generic (1)
09:19:50.0193 4860 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
09:19:50.0195 4860 ACPI - ok
09:19:50.0537 4860 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
09:19:50.0538 4860 AcpiPmi - ok
09:19:50.0882 4860 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
09:19:50.0894 4860 adp94xx - ok
09:19:51.0444 4860 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
09:19:51.0449 4860 adpahci - ok
09:19:51.0813 4860 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
09:19:51.0816 4860 adpu320 - ok
09:19:52.0190 4860 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
09:19:52.0192 4860 AFD - ok
09:19:52.0627 4860 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
09:19:52.0650 4860 AgereSoftModem - ok
09:19:53.0001 4860 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
09:19:53.0002 4860 agp440 - ok
09:19:53.0351 4860 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
09:19:53.0353 4860 aic78xx - ok
09:19:53.0702 4860 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
09:19:53.0703 4860 aliide - ok
09:19:54.0048 4860 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
09:19:54.0049 4860 amdagp - ok
09:19:54.0392 4860 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
09:19:54.0394 4860 amdide - ok
09:19:54.0738 4860 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
09:19:54.0740 4860 AmdK8 - ok
09:19:55.0106 4860 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
09:19:55.0121 4860 AmdPPM - ok
09:19:55.0752 4860 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
09:19:55.0754 4860 amdsata - ok
09:19:56.0100 4860 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
09:19:56.0103 4860 amdsbs - ok
09:19:56.0478 4860 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
09:19:56.0480 4860 amdxata - ok
09:19:56.0823 4860 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
09:19:56.0825 4860 AppID - ok
09:19:57.0249 4860 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
09:19:57.0251 4860 arc - ok
09:19:57.0584 4860 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
09:19:57.0586 4860 arcsas - ok
09:19:57.0940 4860 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
09:19:57.0941 4860 AsyncMac - ok
09:19:58.0274 4860 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
09:19:58.0274 4860 atapi - ok
09:19:58.0734 4860 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
09:19:58.0763 4860 atikmdag - ok
09:19:59.0123 4860 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
09:19:59.0125 4860 AtiPcie - ok
09:19:59.0507 4860 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
09:19:59.0514 4860 b06bdrv - ok
09:19:59.0862 4860 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
09:19:59.0865 4860 b57nd60x - ok
09:20:00.0217 4860 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
09:20:00.0218 4860 Beep - ok
09:20:00.0629 4860 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
09:20:00.0633 4860 BHDrvx86 - ok
09:20:00.0962 4860 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
09:20:00.0964 4860 blbdrive - ok
09:20:01.0365 4860 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
09:20:01.0367 4860 bowser - ok
09:20:01.0697 4860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
09:20:01.0698 4860 BrFiltLo - ok
09:20:02.0030 4860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
09:20:02.0031 4860 BrFiltUp - ok
09:20:02.0361 4860 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
09:20:02.0365 4860 Brserid - ok
09:20:02.0696 4860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
09:20:02.0698 4860 BrSerWdm - ok
09:20:03.0029 4860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
09:20:03.0031 4860 BrUsbMdm - ok
09:20:03.0374 4860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
09:20:03.0376 4860 BrUsbSer - ok
09:20:03.0709 4860 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
09:20:03.0710 4860 BTHMODEM - ok
09:20:04.0119 4860 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys
09:20:04.0130 4860 ccHP - ok
09:20:04.0464 4860 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
09:20:04.0466 4860 cdfs - ok
09:20:04.0823 4860 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
09:20:04.0825 4860 cdrom - ok
09:20:05.0168 4860 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
09:20:05.0169 4860 circlass - ok
09:20:05.0423 4860 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
09:20:05.0437 4860 CLFS - ok
09:20:06.0070 4860 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
09:20:06.0071 4860 CmBatt - ok
09:20:06.0403 4860 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
09:20:06.0405 4860 cmdide - ok
09:20:06.0754 4860 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
09:20:06.0760 4860 CNG - ok
09:20:07.0091 4860 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
09:20:07.0093 4860 Compbatt - ok
09:20:07.0459 4860 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
09:20:07.0460 4860 CompositeBus - ok
09:20:07.0793 4860 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
09:20:07.0795 4860 crcdisk - ok
09:20:08.0142 4860 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
09:20:08.0144 4860 DfsC - ok
09:20:08.0495 4860 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
09:20:08.0497 4860 discache - ok
09:20:08.0841 4860 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
09:20:08.0843 4860 Disk - ok
09:20:09.0191 4860 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
09:20:09.0192 4860 drmkaud - ok
09:20:09.0540 4860 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys
09:20:09.0563 4860 DXGKrnl - ok
09:20:09.0976 4860 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
09:20:10.0033 4860 ebdrv - ok
09:20:10.0205 4860 eeCtrl (5461f01b7def17dc90d90b029f874c3b) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:20:10.0217 4860 eeCtrl - ok
09:20:10.0581 4860 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
09:20:10.0593 4860 elxstor - ok
09:20:10.0761 4860 EraserUtilRebootDrv (17fcc372d03ba39f3aee85198c0ec594) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:20:10.0763 4860 EraserUtilRebootDrv - ok
09:20:11.0101 4860 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
09:20:11.0102 4860 ErrDev - ok
09:20:11.0440 4860 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
09:20:11.0443 4860 exfat - ok
09:20:11.0786 4860 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
09:20:11.0789 4860 fastfat - ok
09:20:12.0132 4860 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
09:20:12.0133 4860 fdc - ok
09:20:12.0477 4860 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
09:20:12.0479 4860 FileInfo - ok
09:20:12.0811 4860 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
09:20:12.0813 4860 Filetrace - ok
09:20:13.0156 4860 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
09:20:13.0158 4860 flpydisk - ok
09:20:13.0505 4860 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
09:20:13.0508 4860 FltMgr - ok
09:20:13.0840 4860 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
09:20:13.0842 4860 FsDepends - ok
09:20:14.0163 4860 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
09:20:14.0164 4860 Fs_Rec - ok
09:20:14.0499 4860 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
09:20:14.0502 4860 fvevol - ok
09:20:14.0848 4860 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
09:20:14.0850 4860 gagp30kx - ok
09:20:15.0274 4860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
09:20:15.0276 4860 GEARAspiWDM - ok
09:20:15.0666 4860 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
09:20:15.0681 4860 hcw85cir - ok
09:20:16.0254 4860 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
09:20:16.0259 4860 HdAudAddService - ok
09:20:16.0614 4860 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
09:20:16.0615 4860 HDAudBus - ok
09:20:16.0953 4860 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
09:20:16.0954 4860 HidBatt - ok
09:20:17.0290 4860 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
09:20:17.0293 4860 HidBth - ok
09:20:17.0647 4860 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
09:20:17.0649 4860 HidIr - ok
09:20:18.0015 4860 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
09:20:18.0017 4860 HidUsb - ok
09:20:18.0372 4860 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
09:20:18.0374 4860 HpSAMD - ok
09:20:18.0724 4860 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
09:20:18.0736 4860 HTTP - ok
09:20:19.0077 4860 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
09:20:19.0079 4860 hwpolicy - ok
09:20:19.0437 4860 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
09:20:19.0439 4860 i8042prt - ok
09:20:19.0778 4860 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
09:20:19.0782 4860 iaStorV - ok
09:20:19.0938 4860 IDSVix86 (7c8ce2b83a89ee1cb0c3fee5991e62a2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110513.001\IDSvix86.sys
09:20:19.0944 4860 IDSVix86 - ok
09:20:20.0289 4860 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
09:20:20.0290 4860 iirsp - ok
09:20:20.0686 4860 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
09:20:20.0743 4860 IntcAzAudAddService - ok
09:20:21.0067 4860 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
09:20:21.0068 4860 intelide - ok
09:20:21.0435 4860 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
09:20:21.0437 4860 intelppm - ok
09:20:21.0802 4860 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
09:20:21.0804 4860 IpFilterDriver - ok
09:20:22.0160 4860 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
09:20:22.0162 4860 IPMIDRV - ok
09:20:22.0506 4860 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
09:20:22.0508 4860 IPNAT - ok
09:20:22.0874 4860 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
09:20:22.0875 4860 IRENUM - ok
09:20:23.0208 4860 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
09:20:23.0210 4860 isapnp - ok
09:20:23.0539 4860 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
09:20:23.0542 4860 iScsiPrt - ok
09:20:23.0898 4860 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
09:20:23.0900 4860 kbdclass - ok
09:20:24.0244 4860 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
09:20:24.0246 4860 kbdhid - ok
09:20:24.0579 4860 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
09:20:24.0581 4860 KSecDD - ok
09:20:24.0903 4860 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
09:20:24.0906 4860 KSecPkg - ok
09:20:25.0276 4860 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
09:20:25.0278 4860 lltdio - ok
09:20:25.0618 4860 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
09:20:25.0620 4860 LPCFilter - ok
09:20:25.0968 4860 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
09:20:25.0984 4860 LSI_FC - ok
09:20:26.0681 4860 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
09:20:26.0683 4860 LSI_SAS - ok
09:20:27.0026 4860 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
09:20:27.0028 4860 LSI_SAS2 - ok
09:20:27.0362 4860 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
09:20:27.0364 4860 LSI_SCSI - ok
09:20:27.0685 4860 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
09:20:27.0687 4860 luafv - ok
09:20:28.0054 4860 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys
09:20:28.0056 4860 MBAMProtector - ok
09:20:28.0434 4860 MBAMSwissArmy (0905dc0814d738cff53577a59ccd81e0) C:\windows\system32\drivers\mbamswissarmy.sys
09:20:28.0435 4860 MBAMSwissArmy - ok
09:20:28.0808 4860 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
09:20:28.0811 4860 mcdbus - ok
09:20:29.0132 4860 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
09:20:29.0134 4860 megasas - ok
09:20:29.0482 4860 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
09:20:29.0486 4860 MegaSR - ok
09:20:29.0804 4860 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
09:20:29.0805 4860 Modem - ok
09:20:30.0138 4860 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
09:20:30.0139 4860 monitor - ok
09:20:30.0473 4860 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
09:20:30.0474 4860 mouclass - ok
09:20:30.0818 4860 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
09:20:30.0819 4860 mouhid - ok
09:20:31.0163 4860 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
09:20:31.0166 4860 mountmgr - ok
09:20:31.0479 4860 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
09:20:31.0482 4860 mpio - ok
09:20:31.0791 4860 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
09:20:31.0793 4860 mpsdrv - ok
09:20:32.0115 4860 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
09:20:32.0118 4860 MRxDAV - ok
09:20:32.0442 4860 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
09:20:32.0445 4860 mrxsmb - ok
09:20:32.0772 4860 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
09:20:32.0775 4860 mrxsmb10 - ok
09:20:33.0090 4860 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
09:20:33.0092 4860 mrxsmb20 - ok
09:20:33.0399 4860 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
09:20:33.0401 4860 msahci - ok
09:20:33.0714 4860 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
09:20:33.0717 4860 msdsm - ok
09:20:34.0037 4860 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
09:20:34.0038 4860 Msfs - ok
09:20:34.0348 4860 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
09:20:34.0349 4860 mshidkmdf - ok
09:20:34.0671 4860 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
09:20:34.0672 4860 msisadrv - ok
09:20:35.0008 4860 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
09:20:35.0009 4860 MSKSSRV - ok
09:20:35.0341 4860 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
09:20:35.0343 4860 MSPCLOCK - ok
09:20:35.0686 4860 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
09:20:35.0687 4860 MSPQM - ok
09:20:36.0011 4860 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
09:20:36.0014 4860 MsRPC - ok
09:20:36.0335 4860 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys

09:20:36.0335 4860 mssmbios - ok
09:20:36.0658 4860 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
09:20:36.0660 4860 MSTEE - ok
09:20:36.0970 4860 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
09:20:36.0985 4860 MTConfig - ok
09:20:37.0571 4860 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
09:20:37.0572 4860 Mup - ok
09:20:37.0910 4860 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
09:20:37.0914 4860 NativeWifiP - ok
09:20:38.0040 4860 NAVENG - ok
09:20:38.0173 4860 NAVEX15 - ok
09:20:38.0504 4860 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
09:20:38.0527 4860 NDIS - ok
09:20:38.0854 4860 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
09:20:38.0855 4860 NdisCap - ok
09:20:39.0187 4860 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
09:20:39.0189 4860 NdisTapi - ok
09:20:39.0521 4860 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
09:20:39.0523 4860 Ndisuio - ok
09:20:39.0846 4860 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
09:20:39.0848 4860 NdisWan - ok
09:20:40.0180 4860 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
09:20:40.0182 4860 NDProxy - ok
09:20:40.0703 4860 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
09:20:40.0764 4860 NetBIOS - ok
09:20:41.0130 4860 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
09:20:41.0131 4860 NetBT - ok
09:20:41.0470 4860 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
09:20:41.0472 4860 nfrd960 - ok
09:20:41.0883 4860 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
09:20:41.0884 4860 Npfs - ok
09:20:42.0205 4860 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
09:20:42.0207 4860 nsiproxy - ok
09:20:42.0548 4860 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
09:20:42.0582 4860 Ntfs - ok
09:20:42.0884 4860 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
09:20:42.0885 4860 Null - ok
09:20:43.0185 4860 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
09:20:43.0187 4860 nvraid - ok
09:20:43.0486 4860 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
09:20:43.0489 4860 nvstor - ok
09:20:43.0797 4860 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
09:20:43.0800 4860 nv_agp - ok
09:20:44.0125 4860 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
09:20:44.0128 4860 ohci1394 - ok
09:20:44.0462 4860 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
09:20:44.0464 4860 Parport - ok
09:20:44.0785 4860 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
09:20:44.0787 4860 partmgr - ok
09:20:45.0108 4860 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
09:20:45.0109 4860 Parvdm - ok
09:20:45.0419 4860 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
09:20:45.0421 4860 pci - ok
09:20:45.0718 4860 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
09:20:45.0719 4860 pciide - ok
09:20:46.0177 4860 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
09:20:46.0180 4860 pcmcia - ok
09:20:46.0496 4860 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
09:20:46.0498 4860 pcw - ok
09:20:46.0827 4860 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
09:20:46.0850 4860 PEAUTH - ok
09:20:47.0195 4860 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
09:20:47.0197 4860 PGEffect - ok
09:20:47.0814 4860 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
09:20:47.0816 4860 PptpMiniport - ok
09:20:48.0131 4860 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
09:20:48.0132 4860 Processor - ok
09:20:48.0460 4860 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
09:20:48.0461 4860 Psched - ok
09:20:48.0801 4860 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
09:20:48.0847 4860 ql2300 - ok
09:20:49.0164 4860 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
09:20:49.0166 4860 ql40xx - ok
09:20:49.0486 4860 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
09:20:49.0487 4860 QWAVEdrv - ok
09:20:49.0819 4860 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
09:20:49.0821 4860 RasAcd - ok
09:20:50.0156 4860 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
09:20:50.0158 4860 RasAgileVpn - ok
09:20:50.0489 4860 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
09:20:50.0491 4860 Rasl2tp - ok
09:20:50.0835 4860 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
09:20:50.0837 4860 RasPppoe - ok
09:20:51.0160 4860 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
09:20:51.0162 4860 RasSstp - ok
09:20:51.0474 4860 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
09:20:51.0479 4860 rdbss - ok
09:20:51.0786 4860 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
09:20:51.0787 4860 rdpbus - ok
09:20:52.0086 4860 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
09:20:52.0087 4860 RDPCDD - ok
09:20:52.0397 4860 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
09:20:52.0398 4860 RDPENCDD - ok
09:20:52.0697 4860 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
09:20:52.0698 4860 RDPREFMP - ok
09:20:53.0002 4860 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
09:20:53.0005 4860 RDPWD - ok
09:20:53.0335 4860 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
09:20:53.0338 4860 rdyboost - ok
09:20:53.0697 4860 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
09:20:53.0699 4860 rspndr - ok
09:20:54.0032 4860 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
09:20:54.0036 4860 RSUSBSTOR - ok
09:20:54.0371 4860 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
09:20:54.0374 4860 RTL8167 - ok
09:20:54.0716 4860 rtl8192se (fd0b1d3ce2e7debd0ae8456494d21488) C:\windows\system32\DRIVERS\rtl8192se.sys
09:20:54.0723 4860 rtl8192se - ok
09:20:55.0277 4860 RtsUIR - ok
09:20:55.0748 4860 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
09:20:55.0750 4860 sbp2port - ok
09:20:56.0070 4860 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
09:20:56.0072 4860 scfilter - ok
09:20:56.0387 4860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
09:20:56.0388 4860 secdrv - ok
09:20:56.0718 4860 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
09:20:56.0720 4860 Serenum - ok
09:20:57.0032 4860 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
09:20:57.0034 4860 Serial - ok
09:20:57.0354 4860 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
09:20:57.0356 4860 sermouse - ok
09:20:57.0688 4860 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
09:20:57.0689 4860 sffdisk - ok
09:20:58.0010 4860 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
09:20:58.0023 4860 sffp_mmc - ok
09:20:58.0622 4860 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
09:20:58.0623 4860 sffp_sd - ok
09:20:58.0944 4860 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
09:20:58.0947 4860 sfloppy - ok
09:20:59.0280 4860 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
09:20:59.0282 4860 sisagp - ok
09:20:59.0614 4860 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
09:20:59.0616 4860 SiSRaid2 - ok
09:20:59.0940 4860 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
09:20:59.0942 4860 SiSRaid4 - ok
09:21:00.0274 4860 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
09:21:00.0276 4860 Smb - ok
09:21:00.0608 4860 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
09:21:00.0609 4860 spldr - ok
09:21:00.0979 4860 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS
09:21:00.0984 4860 SRTSP - ok
09:21:01.0349 4860 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS
09:21:01.0352 4860 SRTSPX - ok
09:21:01.0678 4860 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
09:21:01.0682 4860 srv - ok
09:21:02.0020 4860 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
09:21:02.0025 4860 srv2 - ok
09:21:02.0353 4860 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
09:21:02.0355 4860 srvnet - ok
09:21:02.0692 4860 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
09:21:02.0694 4860 stexstor - ok
09:21:03.0026 4860 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
09:21:03.0026 4860 StillCam - ok
09:21:03.0361 4860 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
09:21:03.0363 4860 swenum - ok
09:21:03.0701 4860 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS
09:21:03.0706 4860 SymEFA - ok
09:21:04.0033 4860 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS
09:21:04.0036 4860 SymEvent - ok
09:21:04.0399 4860 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS
09:21:04.0401 4860 SYMFW - ok
09:21:04.0720 4860 SymIM (34f1c9d5dcc19df1e824d6b73767b8af) C:\windows\system32\DRIVERS\SymIMv.sys
09:21:04.0721 4860 SymIM - ok
09:21:05.0082 4860 SYMNDISV (dcbf73da96cce94933c8cc6eded3c98b) C:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
09:21:05.0084 4860 SYMNDISV - ok
09:21:05.0425 4860 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
09:21:05.0430 4860 SYMTDI - ok
09:21:05.0773 4860 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
09:21:05.0777 4860 SynTP - ok
09:21:06.0158 4860 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys
09:21:06.0192 4860 Tcpip - ok
09:21:06.0569 4860 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys
09:21:06.0578 4860 TCPIP6 - ok
09:21:06.0903 4860 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
09:21:06.0905 4860 tcpipreg - ok
09:21:07.0239 4860 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
09:21:07.0241 4860 tdcmdpst - ok
09:21:07.0560 4860 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
09:21:07.0561 4860 TDPIPE - ok
09:21:07.0883 4860 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
09:21:07.0884 4860 TDTCP - ok
09:21:08.0217 4860 tdx (d5321d6b97cb85a0b418993f8a9c2d2e) C:\windows\system32\DRIVERS\tdx.sys
09:21:08.0219 4860 tdx - ok
09:21:08.0541 4860 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
09:21:08.0543 4860 TermDD - ok
09:21:08.0940 4860 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
09:21:08.0951 4860 tos_sps32 - ok
09:21:09.0608 4860 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
09:21:09.0610 4860 tssecsrv - ok
09:21:09.0943 4860 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
09:21:09.0945 4860 tunnel - ok
09:21:10.0263 4860 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
09:21:10.0264 4860 TVALZ - ok
09:21:10.0596 4860 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
09:21:10.0597 4860 TVALZFL - ok
09:21:10.0912 4860 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
09:21:10.0914 4860 uagp35 - ok
09:21:11.0239 4860 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
09:21:11.0243 4860 udfs - ok
09:21:11.0575 4860 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
09:21:11.0577 4860 uliagpkx - ok
09:21:11.0909 4860 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
09:21:11.0911 4860 umbus - ok
09:21:12.0220 4860 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
09:21:12.0222 4860 UmPass - ok
09:21:12.0599 4860 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
09:21:12.0601 4860 usbaudio - ok
09:21:12.0923 4860 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
09:21:12.0925 4860 usbccgp - ok
09:21:13.0236 4860 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
09:21:13.0238 4860 usbcir - ok
09:21:13.0536 4860 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
09:21:13.0538 4860 usbehci - ok
09:21:13.0878 4860 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys
09:21:13.0882 4860 usbhub - ok
09:21:14.0199 4860 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
09:21:14.0201 4860 usbohci - ok
09:21:14.0518 4860 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
09:21:14.0520 4860 usbprint - ok
09:21:14.0843 4860 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
09:21:14.0845 4860 USBSTOR - ok
09:21:15.0154 4860 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
09:21:15.0156 4860 usbuhci - ok
09:21:15.0497 4860 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys
09:21:15.0500 4860 usbvideo - ok
09:21:15.0833 4860 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
09:21:15.0834 4860 vdrvroot - ok
09:21:16.0156 4860 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
09:21:16.0157 4860 vga - ok
09:21:16.0466 4860 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
09:21:16.0468 4860 VgaSave - ok
09:21:16.0783 4860 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
09:21:16.0786 4860 vhdmp - ok
09:21:17.0117 4860 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
09:21:17.0119 4860 viaagp - ok
09:21:17.0441 4860 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
09:21:17.0442 4860 ViaC7 - ok
09:21:17.0763 4860 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
09:21:17.0765 4860 viaide - ok
09:21:18.0079 4860 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
09:21:18.0081 4860 volmgr - ok
09:21:18.0395 4860 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
09:21:18.0399 4860 volmgrx - ok
09:21:18.0726 4860 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
09:21:18.0730 4860 volsnap - ok
09:21:19.0062 4860 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
09:21:19.0074 4860 vsmraid - ok
09:21:19.0594 4860 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
09:21:19.0596 4860 vwifibus - ok
09:21:19.0894 4860 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
09:21:19.0896 4860 vwififlt - ok
09:21:20.0229 4860 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
09:21:20.0232 4860 WacomPen - ok
09:21:20.0564 4860 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
09:21:20.0566 4860 WANARP - ok
09:21:20.0570 4860 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
09:21:20.0571 4860 Wanarpv6 - ok
09:21:20.0921 4860 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
09:21:20.0922 4860 Wd - ok
09:21:21.0251 4860 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
09:21:21.0263 4860 Wdf01000 - ok
09:21:21.0616 4860 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
09:21:21.0618 4860 WfpLwf - ok
09:21:21.0939 4860 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
09:21:21.0940 4860 WIMMount - ok
09:21:22.0303 4860 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
09:21:22.0305 4860 WinUsb - ok
09:21:22.0628 4860 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
09:21:22.0629 4860 WmiAcpi - ok
09:21:22.0973 4860 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
09:21:22.0974 4860 ws2ifsl - ok
09:21:23.0292 4860 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
09:21:23.0293 4860 WSDPrintDevice - ok
09:21:23.0619 4860 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
09:21:23.0621 4860 WudfPf - ok
09:21:23.0943 4860 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
09:21:23.0945 4860 WUDFRd - ok
09:21:24.0000 4860 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
09:21:24.0010 4860 \Device\Harddisk0\DR0 - ok
09:21:24.0020 4860 Boot (0x1200) (812a8ca52030af64a407027329b060f0) \Device\Harddisk0\DR0\Partition0
09:21:24.0021 4860 \Device\Harddisk0\DR0\Partition0 - ok
09:21:24.0022 4860 ============================================================
09:21:24.0022 4860 Scan finished
09:21:24.0022 4860 ============================================================
09:21:24.0035 5908 Detected object count: 1
09:21:24.0035 5908 Actual detected object count: 1
09:21:46.0341 5908 HKLM\SYSTEM\ControlSet001\services\90bb4c50 - will be deleted on reboot
09:21:46.0384 5908 HKLM\SYSTEM\ControlSet002\services\90bb4c50 - will be deleted on reboot
09:21:46.0432 5908 C:\windows\1347206032:1866773423.exe - will be deleted on reboot
09:21:46.0432 5908 90bb4c50 ( HiddenFile.Multi.Generic ) - User select action: Delete

c:\TDSSKiller.2.6.2.0_03.10.2011_09.26.48_log.txt


09:26:48.0048 1672 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
09:30:58.0760 1672 ============================================================
09:30:58.0760 1672 Current date / time: 2011/10/03 09:30:58.0760
09:30:58.0760 1672 SystemInfo:
09:30:58.0760 1672
09:30:58.0760 1672 OS Version: 6.1.7600 ServicePack: 0.0
09:30:58.0760 1672 Product type: Workstation
09:30:58.0760 1672 ComputerName: DESJON-PC
09:30:58.0761 1672 UserName: DesJon
09:30:58.0761 1672 Windows directory: C:\windows
09:30:58.0761 1672 System windows directory: C:\windows
09:30:58.0761 1672 Processor architecture: Intel x86
09:30:58.0761 1672 Number of processors: 2
09:30:58.0761 1672 Page size: 0x1000
09:30:58.0761 1672 Boot type: Normal boot
09:30:58.0761 1672 ============================================================
09:30:58.0864 1672 Initialize success
09:31:01.0969 3472 ============================================================
09:31:01.0969 3472 Scan started
09:31:01.0969 3472 Mode: Manual;
09:31:01.0969 3472 ============================================================
09:31:02.0631 3472 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
09:31:02.0632 3472 1394ohci - ok
09:31:03.0060 3472 58312123 (89fdba391985968401f51a5c577933cd) C:\windows\system32\drivers\07696532.sys
09:31:03.0190 3472 90bb4c50 (f575ae6bab2fa625002a9ac952d40794) C:\windows\1347206032:1866773423.exe
09:31:03.0190 3472 Suspicious file (Hidden): C:\windows\1347206032:1866773423.exe. md5: f575ae6bab2fa625002a9ac952d40794
09:31:03.0190 3472 90bb4c50 ( HiddenFile.Multi.Generic ) - warning
09:31:03.0190 3472 90bb4c50 - detected HiddenFile.Multi.Generic (1)
09:31:03.0504 3472 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
09:31:03.0506 3472 ACPI - ok
09:31:04.0047 3472 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
09:31:04.0048 3472 AcpiPmi - ok
09:31:04.0437 3472 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
09:31:04.0440 3472 adp94xx - ok
09:31:04.0788 3472 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
09:31:04.0790 3472 adpahci - ok
09:31:05.0124 3472 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
09:31:05.0125 3472 adpu320 - ok
09:31:05.0489 3472 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
09:31:05.0492 3472 AFD - ok
09:31:05.0882 3472 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
09:31:05.0890 3472 AgereSoftModem - ok
09:31:06.0222 3472 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
09:31:06.0223 3472 agp440 - ok
09:31:06.0572 3472 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
09:31:06.0573 3472 aic78xx - ok
09:31:06.0934 3472 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
09:31:06.0935 3472 aliide - ok
09:31:07.0325 3472 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
09:31:07.0325 3472 amdagp - ok
09:31:07.0658 3472 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
09:31:07.0660 3472 amdide - ok
09:31:08.0026 3472 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
09:31:08.0027 3472 AmdK8 - ok
09:31:08.0372 3472 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
09:31:08.0372 3472 AmdPPM - ok
09:31:08.0718 3472 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
09:31:08.0719 3472 amdsata - ok
09:31:09.0190 3472 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
09:31:09.0192 3472 amdsbs - ok
09:31:09.0522 3472 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
09:31:09.0522 3472 amdxata - ok
09:31:09.0867 3472 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
09:31:09.0867 3472 AppID - ok
09:31:10.0281 3472 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
09:31:10.0282 3472 arc - ok
09:31:10.0606 3472 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
09:31:10.0606 3472 arcsas - ok
09:31:11.0051 3472 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
09:31:11.0052 3472 AsyncMac - ok
09:31:11.0385 3472 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
09:31:11.0386 3472 atapi - ok
09:31:11.0834 3472 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
09:31:11.0864 3472 atikmdag - ok
09:31:12.0201 3472 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
09:31:12.0202 3472 AtiPcie - ok
09:31:12.0907 3472 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
09:31:12.0910 3472 b06bdrv - ok
09:31:13.0240 3472 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
09:31:13.0242 3472 b57nd60x - ok
09:31:13.0584 3472 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
09:31:13.0584 3472 Beep - ok
09:31:13.0985 3472 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys
09:31:13.0987 3472 BHDrvx86 - ok
09:31:14.0774 3472 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
09:31:14.0775 3472 blbdrive - ok
09:31:15.0143 3472 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
09:31:15.0144 3472 bowser - ok
09:31:15.0475 3472 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
09:31:15.0475 3472 BrFiltLo - ok
09:31:15.0797 3472 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
09:31:15.0798 3472 BrFiltUp - ok
09:31:16.0150 3472 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
09:31:16.0152 3472 Brserid - ok
09:31:16.0496 3472 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
09:31:16.0497 3472 BrSerWdm - ok
09:31:16.0896 3472 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
09:31:16.0897 3472 BrUsbMdm - ok
09:31:17.0474 3472 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
09:31:17.0475 3472 BrUsbSer - ok
09:31:18.0065 3472 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
09:31:18.0066 3472 BTHMODEM - ok
09:31:18.0922 3472 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys
09:31:18.0925 3472 ccHP - ok
09:31:19.0676 3472 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
09:31:19.0677 3472 cdfs - ok
09:31:20.0446 3472 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
09:31:20.0447 3472 cdrom - ok
09:31:20.0957 3472 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
09:31:20.0958 3472 circlass - ok
09:31:21.0235 3472 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
09:31:21.0237 3472 CLFS - ok
09:31:21.0637 3472 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
09:31:21.0637 3472 CmBatt - ok
09:31:22.0037 3472 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
09:31:22.0038 3472 cmdide - ok
09:31:22.0387 3472 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
09:31:22.0390 3472 CNG - ok
09:31:23.0191 3472 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
09:31:23.0192 3472 Compbatt - ok
09:31:24.0070 3472 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
09:31:24.0070 3472 CompositeBus - ok
09:31:24.0404 3472 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
09:31:24.0405 3472 crcdisk - ok
09:31:24.0752 3472 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
09:31:24.0753 3472 DfsC - ok
09:31:25.0073 3472 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
09:31:25.0073 3472 discache - ok
09:31:25.0452 3472 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
09:31:25.0453 3472 Disk - ok
09:31:26.0068 3472 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
09:31:26.0069 3472 drmkaud - ok
09:31:26.0407 3472 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys
09:31:26.0411 3472 DXGKrnl - ok
09:31:26.0809 3472 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
09:31:26.0827 3472 ebdrv - ok
09:31:26.0993 3472 eeCtrl (5461f01b7def17dc90d90b029f874c3b) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:31:26.0996 3472 eeCtrl - ok
09:31:27.0358 3472 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
09:31:27.0362 3472 elxstor - ok
09:31:27.0550 3472 EraserUtilRebootDrv (17fcc372d03ba39f3aee85198c0ec594) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:31:27.0551 3472 EraserUtilRebootDrv - ok
09:31:27.0934 3472 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
09:31:27.0935 3472 ErrDev - ok
09:31:28.0329 3472 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
09:31:28.0330 3472 exfat - ok
09:31:28.0653 3472 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
09:31:28.0655 3472 fastfat - ok
09:31:29.0033 3472 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
09:31:29.0033 3472 fdc - ok
09:31:29.0367 3472 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
09:31:29.0368 3472 FileInfo - ok
09:31:29.0712 3472 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
09:31:29.0713 3472 Filetrace - ok
09:31:30.0068 3472 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
09:31:30.0069 3472 flpydisk - ok
09:31:30.0417 3472 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
09:31:30.0419 3472 FltMgr - ok
09:31:30.0763 3472 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
09:31:30.0764 3472 FsDepends - ok
09:31:31.0097 3472 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
09:31:31.0098 3472 Fs_Rec - ok
09:31:31.0467 3472 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
09:31:31.0468 3472 fvevol - ok
09:31:31.0838 3472 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
09:31:31.0839 3472 gagp30kx - ok
09:31:32.0275 3472 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
09:31:32.0275 3472 GEARAspiWDM - ok
09:31:33.0089 3472 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
09:31:33.0090 3472 hcw85cir - ok
09:31:33.0432 3472 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
09:31:33.0435 3472 HdAudAddService - ok
09:31:33.0781 3472 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
09:31:33.0782 3472 HDAudBus - ok
09:31:34.0109 3472 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
09:31:34.0110 3472 HidBatt - ok
09:31:34.0847 3472 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
09:31:34.0847 3472 HidBth - ok
09:31:35.0215 3472 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
09:31:35.0216 3472 HidIr - ok
09:31:35.0627 3472 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
09:31:35.0628 3472 HidUsb - ok
09:31:36.0195 3472 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
09:31:36.0196 3472 HpSAMD - ok
09:31:36.0547 3472 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
09:31:36.0551 3472 HTTP - ok
09:31:36.0889 3472 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
09:31:36.0890 3472 hwpolicy - ok
09:31:37.0260 3472 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
09:31:37.0261 3472 i8042prt - ok
09:31:37.0590 3472 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
09:31:37.0592 3472 iaStorV - ok
09:31:37.0750 3472 IDSVix86 (7c8ce2b83a89ee1cb0c3fee5991e62a2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110513.001\IDSvix86.sys
09:31:37.0752 3472 IDSVix86 - ok
09:31:38.0089 3472 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
09:31:38.0090 3472 iirsp - ok
09:31:38.0490 3472 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
09:31:38.0508 3472 IntcAzAudAddService - ok
09:31:38.0846 3472 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
09:31:38.0846 3472 intelide - ok
09:31:39.0191 3472 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
09:31:39.0192 3472 intelppm - ok
09:31:39.0548 3472 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
09:31:39.0550 3472 IpFilterDriver - ok
09:31:39.0928 3472 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
09:31:39.0929 3472 IPMIDRV - ok
09:31:40.0262 3472 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
09:31:40.0264 3472 IPNAT - ok
09:31:40.0619 3472 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
09:31:40.0620 3472 IRENUM - ok
09:31:41.0009 3472 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
09:31:41.0010 3472 isapnp - ok
09:31:41.0395 3472 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
09:31:41.0397 3472 iScsiPrt - ok
09:31:41.0756 3472 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
09:31:41.0757 3472 kbdclass - ok
09:31:42.0100 3472 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
09:31:42.0101 3472 kbdhid - ok
09:31:42.0456 3472 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
09:31:42.0457 3472 KSecDD - ok
09:31:43.0059 3472 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
09:31:43.0060 3472 KSecPkg - ok
09:31:43.0554 3472 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
09:31:43.0555 3472 lltdio - ok
09:31:43.0896 3472 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
09:31:43.0896 3472 LPCFilter - ok
09:31:44.0246 3472 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
09:31:44.0248 3472 LSI_FC - ok
09:31:44.0580 3472 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
09:31:44.0581 3472 LSI_SAS - ok
09:31:44.0915 3472 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
09:31:44.0916 3472 LSI_SAS2 - ok
09:31:45.0728 3472 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
09:31:45.0729 3472 LSI_SCSI - ok
09:31:46.0063 3472 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
09:31:46.0064 3472 luafv - ok
09:31:46.0433 3472 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys
09:31:46.0433 3472 MBAMProtector - ok
09:31:46.0813 3472 MBAMSwissArmy (0905dc0814d738cff53577a59ccd81e0) C:\windows\system32\drivers\mbamswissarmy.sys
09:31:46.0814 3472 MBAMSwissArmy - ok
09:31:47.0253 3472 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
09:31:47.0254 3472 mcdbus - ok
09:31:47.0589 3472 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
09:31:47.0590 3472 megasas - ok
09:31:47.0917 3472 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
09:31:47.0919 3472 MegaSR - ok
09:31:48.0427 3472 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
09:31:48.0428 3472 Modem - ok
09:31:48.0750 3472 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
09:31:48.0751 3472 monitor - ok
09:31:49.0096 3472 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
09:31:49.0097 3472 mouclass - ok
09:31:49.0430 3472 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
09:31:49.0430 3472 mouhid - ok
09:31:49.0764 3472 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
09:31:49.0765 3472 mountmgr - ok
09:31:50.0103 3472 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
09:31:50.0104 3472 mpio - ok
09:31:50.0414 3472 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
09:31:50.0415 3472 mpsdrv - ok
09:31:50.0738 3472 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
09:31:50.0740 3472 MRxDAV - ok
09:31:51.0065 3472 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
09:31:51.0066 3472 mrxsmb - ok
09:31:51.0406 3472 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
09:31:51.0408 3472 mrxsmb10 - ok
09:31:51.0780 3472 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
09:31:51.0781 3472 mrxsmb20 - ok
09:31:52.0100 3472 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
09:31:52.0101 3472 msahci - ok
09:31:52.0438 3472 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
09:31:52.0439 3472 msdsm - ok
09:31:53.0093 3472 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
09:31:53.0094 3472 Msfs - ok
09:31:53.0438 3472 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
09:31:53.0438 3472 mshidkmdf - ok
09:31:53.0749 3472 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
09:31:53.0750 3472 msisadrv - ok
09:31:54.0098 3472 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
09:31:54.0099 3472 MSKSSRV - ok
09:31:54.0442 3472 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
09:31:54.0443 3472 MSPCLOCK - ok
09:31:54.0787 3472 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
09:31:54.0788 3472 MSPQM - ok
09:31:55.0112 3472 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
09:31:55.0113 3472 MsRPC - ok
09:31:55.0436 3472 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
09:31:55.0436 3472 mssmbios - ok
09:31:55.0770 3472 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
09:31:55.0771 3472 MSTEE - ok
09:31:56.0393 3472 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
09:31:56.0394 3472 MTConfig - ok
09:31:56.0705 3472 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
09:31:56.0706 3472 Mup - ok
09:31:57.0045 3472 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
09:31:57.0047 3472 NativeWifiP - ok
09:31:57.0197 3472 NAVENG - ok
09:31:57.0363 3472 NAVEX15 - ok
09:31:57.0861 3472 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
09:31:57.0867 3472 NDIS - ok
09:31:58.0310 3472 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
09:31:58.0311 3472 NdisCap - ok
09:31:58.0711 3472 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
09:31:58.0711 3472 NdisTapi - ok
09:31:59.0078 3472 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
09:31:59.0079 3472 Ndisuio - ok
09:31:59.0624 3472 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
09:31:59.0625 3472 NdisWan - ok
09:32:00.0003 3472 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
09:32:00.0004 3472 NDProxy - ok
09:32:00.0326 3472 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
09:32:00.0327 3472 NetBIOS - ok
09:32:00.0642 3472 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
09:32:00.0643 3472 NetBT - ok
09:32:00.0993 3472 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
09:32:00.0994 3472 nfrd960 - ok
09:32:01.0416 3472 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
09:32:01.0417 3472 Npfs - ok
09:32:01.0739 3472 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
09:32:01.0739 3472 nsiproxy - ok
09:32:02.0136 3472 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
09:32:02.0144 3472 Ntfs - ok
09:32:02.0451 3472 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
09:32:02.0452 3472 Null - ok
09:32:03.0021 3472 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
09:32:03.0023 3472 nvraid - ok
09:32:03.0323 3472 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
09:32:03.0324 3472 nvstor - ok
09:32:03.0654 3472 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
09:32:03.0655 3472 nv_agp - ok
09:32:03.0982 3472 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
09:32:03.0982 3472 ohci1394 - ok
09:32:04.0452 3472 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
09:32:04.0453 3472 Parport - ok
09:32:04.0819 3472 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
09:32:04.0820 3472 partmgr - ok
09:32:05.0242 3472 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
09:32:05.0243 3472 Parvdm - ok
09:32:05.0685 3472 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
09:32:05.0687 3472 pci - ok
09:32:06.0019 3472 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
09:32:06.0020 3472 pciide - ok
09:32:06.0346 3472 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
09:32:06.0348 3472 pcmcia - ok
09:32:07.0219 3472 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
09:32:07.0220 3472 pcw - ok
09:32:07.0628 3472 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
09:32:07.0633 3472 PEAUTH - ok
09:32:08.0108 3472 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
09:32:08.0109 3472 PGEffect - ok
09:32:08.0504 3472 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
09:32:08.0505 3472 PptpMiniport - ok
09:32:08.0821 3472 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
09:32:08.0822 3472 Processor - ok
09:32:09.0184 3472 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
09:32:09.0185 3472 Psched - ok
09:32:09.0747 3472 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
09:32:09.0756 3472 ql2300 - ok
09:32:10.0098 3472 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
09:32:10.0099 3472 ql40xx - ok
09:32:10.0421 3472 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
09:32:10.0421 3472 QWAVEdrv - ok
09:32:10.0810 3472 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
09:32:10.0810 3472 RasAcd - ok
09:32:11.0168 3472 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
09:32:11.0169 3472 RasAgileVpn - ok
09:32:11.0501 3472 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
09:32:11.0502 3472 Rasl2tp - ok
09:32:11.0847 3472 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
09:32:11.0848 3472 RasPppoe - ok
09:32:12.0195 3472 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
09:32:12.0197 3472 RasSstp - ok
09:32:12.0554 3472 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
09:32:12.0557 3472 rdbss - ok
09:32:13.0043 3472 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
09:32:13.0043 3472 rdpbus - ok
09:32:13.0343 3472 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
09:32:13.0344 3472 RDPCDD - ok
09:32:13.0676 3472 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
09:32:13.0677 3472 RDPENCDD - ok
09:32:13.0976 3472 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
09:32:13.0977 3472 RDPREFMP - ok
09:32:14.0279 3472 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
09:32:14.0280 3472 RDPWD - ok
09:32:14.0635 3472 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
09:32:14.0636 3472 rdyboost - ok
09:32:15.0020 3472 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
09:32:15.0021 3472 rspndr - ok
09:32:15.0344 3472 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
09:32:15.0346 3472 RSUSBSTOR - ok
09:32:15.0695 3472 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
09:32:15.0696 3472 RTL8167 - ok
09:32:16.0095 3472 rtl8192se (fd0b1d3ce2e7debd0ae8456494d21488) C:\windows\system32\DRIVERS\rtl8192se.sys
09:32:16.0101 3472 rtl8192se - ok
09:32:16.0434 3472 RtsUIR - ok
09:32:16.0771 3472 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
09:32:16.0772 3472 sbp2port - ok
09:32:17.0516 3472 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
09:32:17.0516 3472 scfilter - ok
09:32:17.0855 3472 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
09:32:17.0856 3472 secdrv - ok
09:32:18.0198 3472 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
09:32:18.0198 3472 Serenum - ok
09:32:18.0535 3472 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
09:32:18.0536 3472 Serial - ok
09:32:19.0111 3472 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
09:32:19.0112 3472 sermouse - ok
09:32:19.0456 3472 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
09:32:19.0456 3472 sffdisk - ok
09:32:19.0790 3472 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
09:32:19.0791 3472 sffp_mmc - ok
09:32:20.0156 3472 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
09:32:20.0157 3472 sffp_sd - ok
09:32:20.0479 3472 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
09:32:20.0481 3472 sfloppy - ok
09:32:20.0848 3472 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
09:32:20.0849 3472 sisagp - ok
09:32:21.0193 3472 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
09:32:21.0194 3472 SiSRaid2 - ok
09:32:21.0563 3472 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
09:32:21.0564 3472 SiSRaid4 - ok
09:32:21.0942 3472 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
09:32:21.0943 3472 Smb - ok
09:32:22.0320 3472 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
09:32:22.0321 3472 spldr - ok
09:32:22.0714 3472 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS
09:32:22.0716 3472 SRTSP - ok
09:32:23.0106 3472 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS
09:32:23.0107 3472 SRTSPX - ok
09:32:23.0891 3472 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
09:32:23.0893 3472 srv - ok
09:32:24.0266 3472 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
09:32:24.0268 3472 srv2 - ok
09:32:24.0599 3472 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
09:32:24.0600 3472 srvnet - ok
09:32:24.0983 3472 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
09:32:24.0983 3472 stexstor - ok
09:32:25.0316 3472 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
09:32:25.0317 3472 StillCam - ok
09:32:25.0663 3472 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
09:32:25.0663 3472 swenum - ok
09:32:26.0047 3472 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS
09:32:26.0050 3472 SymEFA - ok
09:32:26.0379 3472 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS
09:32:26.0380 3472 SymEvent - ok
09:32:26.0811 3472 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS
09:32:26.0812 3472 SYMFW - ok
09:32:27.0132 3472 SymIM (34f1c9d5dcc19df1e824d6b73767b8af) C:\windows\system32\DRIVERS\SymIMv.sys
09:32:27.0133 3472 SymIM - ok
09:32:28.0117 3472 SYMNDISV (dcbf73da96cce94933c8cc6eded3c98b) C:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS
09:32:28.0117 3472 SYMNDISV - ok
09:32:28.0460 3472 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS
09:32:28.0462 3472 SYMTDI - ok
09:32:28.0786 3472 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
09:32:28.0788 3472 SynTP - ok
09:32:29.0171 3472 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys
09:32:29.0179 3472 Tcpip - ok
09:32:29.0559 3472 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys
09:32:29.0567 3472 TCPIP6 - ok
09:32:29.0938 3472 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
09:32:29.0939 3472 tcpipreg - ok
09:32:30.0274 3472 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
09:32:30.0274 3472 tdcmdpst - ok
09:32:30.0595 3472 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
09:32:30.0596 3472 TDPIPE - ok
09:32:30.0940 3472 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
09:32:30.0940 3472 TDTCP - ok
09:32:31.0319 3472 tdx (d5321d6b97cb85a0b418993f8a9c2d2e) C:\windows\system32\DRIVERS\tdx.sys
09:32:31.0320 3472 tdx - ok
09:32:31.0654 3472 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
09:32:31.0655 3472 TermDD - ok
09:32:32.0042 3472 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
09:32:32.0044 3472 tos_sps32 - ok
09:32:32.0399 3472 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
09:32:32.0399 3472 tssecsrv - ok
09:32:32.0745 3472 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
09:32:32.0746 3472 tunnel - ok
09:32:33.0075 3472 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
09:32:33.0076 3472 TVALZ - ok
09:32:33.0720 3472 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
09:32:33.0720 3472 TVALZFL - ok
09:32:34.0047 3472 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
09:32:34.0048 3472 uagp35 - ok
09:32:34.0363 3472 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
09:32:34.0365 3472 udfs - ok
09:32:34.0699 3472 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
09:32:34.0700 3472 uliagpkx - ok
09:32:35.0033 3472 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
09:32:35.0034 3472 umbus - ok
09:32:35.0344 3472 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
09:32:35.0345 3472 UmPass - ok
09:32:35.0734 3472 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
09:32:35.0735 3472 usbaudio - ok
09:32:36.0058 3472 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
09:32:36.0059 3472 usbccgp - ok
09:32:36.0373 3472 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
09:32:36.0374 3472 usbcir - ok
09:32:36.0704 3472 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
09:32:36.0705 3472 usbehci - ok
09:32:37.0046 3472 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys
09:32:37.0048 3472 usbhub - ok
09:32:37.0368 3472 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
09:32:37.0369 3472 usbohci - ok
09:32:37.0698 3472 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
09:32:37.0698 3472 usbprint - ok
09:32:38.0044 3472 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
09:32:38.0045 3472 USBSTOR - ok
09:32:38.0356 3472 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
09:32:38.0356 3472 usbuhci - ok
09:32:39.0155 3472 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys
09:32:39.0156 3472 usbvideo - ok
09:32:39.0491 3472 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
09:32:39.0492 3472 vdrvroot - ok
09:32:39.0825 3472 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
09:32:39.0826 3472 vga - ok
09:32:40.0247 3472 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
09:32:40.0247 3472 VgaSave - ok
09:32:40.0563 3472 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
09:32:40.0564 3472 vhdmp - ok
09:32:40.0886 3472 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
09:32:40.0886 3472 viaagp - ok
09:32:41.0209 3472 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
09:32:41.0210 3472 ViaC7 - ok
09:32:41.0531 3472 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
09:32:41.0532 3472 viaide - ok
09:32:41.0848 3472 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
09:32:41.0849 3472 volmgr - ok
09:32:42.0163 3472 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
09:32:42.0165 3472 volmgrx - ok
09:32:42.0494 3472 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
09:32:42.0496 3472 volsnap - ok
09:32:42.0821 3472 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
09:32:42.0823 3472 vsmraid - ok
09:32:43.0128 3472 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
09:32:43.0129 3472 vwifibus - ok
09:32:43.0429 3472 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
09:32:43.0430 3472 vwififlt - ok
09:32:43.0753 3472 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
09:32:43.0754 3472 WacomPen - ok
09:32:44.0076 3472 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
09:32:44.0077 3472 WANARP - ok
09:32:44.0088 3472 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
09:32:44.0089 3472 Wanarpv6 - ok
09:32:44.0456 3472 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
09:32:44.0456 3472 Wd - ok
09:32:44.0786 3472 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
09:32:44.0789 3472 Wdf01000 - ok
09:32:45.0151 3472 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
09:32:45.0152 3472 WfpLwf - ok
09:32:45.0474 3472 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
09:32:45.0475 3472 WIMMount - ok
09:32:45.0849 3472 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
09:32:45.0850 3472 WinUsb - ok
09:32:46.0230 3472 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
09:32:46.0231 3472 WmiAcpi - ok
09:32:46.0597 3472 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
09:32:46.0598 3472 ws2ifsl - ok
09:32:46.0916 3472 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
09:32:46.0917 3472 WSDPrintDevice - ok
09:32:47.0254 3472 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
09:32:47.0255 3472 WudfPf - ok
09:32:47.0578 3472 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
09:32:47.0579 3472 WUDFRd - ok
09:32:47.0635 3472 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
09:32:47.0645 3472 \Device\Harddisk0\DR0 - ok
09:32:47.0655 3472 Boot (0x1200) (812a8ca52030af64a407027329b060f0) \Device\Harddisk0\DR0\Partition0
09:32:47.0656 3472 \Device\Harddisk0\DR0\Partition0 - ok
09:32:47.0657 3472 ============================================================
09:32:47.0657 3472 Scan finished
09:32:47.0657 3472 ============================================================
09:32:47.0678 1288 Detected object count: 1
09:32:47.0678 1288 Actual detected object count: 1
09:32:53.0069 1288 HKLM\SYSTEM\ControlSet001\services\90bb4c50 - will be deleted on reboot
09:32:53.0103 1288 HKLM\SYSTEM\ControlSet002\services\90bb4c50 - will be deleted on reboot
09:32:53.0144 1288 C:\windows\1347206032:1866773423.exe - will be deleted on reboot
09:32:53.0144 1288 90bb4c50 ( HiddenFile.Multi.Generic ) - User select action: Delete

========= End of CMD: =========


========= dir /a/s/b C:\Qoobox =========

C:\Qoobox\Add-Remove Programs.txt
C:\Qoobox\BackEnv
C:\Qoobox\ComboFix-quarantined-files.txt
C:\Qoobox\ComboFix2.txt
C:\Qoobox\ComboFix3.txt
C:\Qoobox\ComboFix4.txt
C:\Qoobox\LastRun
C:\Qoobox\Quarantine
C:\Qoobox\SnapShot@2011-06-20_22.06.34.dat
C:\Qoobox\Test
C:\Qoobox\TestC
C:\Qoobox\LastRun\Gateway
C:\Qoobox\Quarantine\C
C:\Qoobox\Quarantine\catchme.log
C:\Qoobox\Quarantine\Registry_backups
C:\Qoobox\Quarantine\C\Program Files
C:\Qoobox\Quarantine\C\ProgramData
C:\Qoobox\Quarantine\C\Users
C:\Qoobox\Quarantine\C\Windows
C:\Qoobox\Quarantine\C\Program Files\PlaySushi
C:\Qoobox\Quarantine\C\Program Files\PlaySushi\PSTExt.dll.vir
C:\Qoobox\Quarantine\C\ProgramData\27516664.exe.vir
C:\Qoobox\Quarantine\C\ProgramData\Microsoft
C:\Qoobox\Quarantine\C\ProgramData\XP
C:\Qoobox\Quarantine\C\ProgramData\yxEebvTBWi.exe.vir
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Network
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Network\Downloader
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Network\Downloader\qmgr0.dat.vir
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Network\Downloader\qmgr1.dat.vir
C:\Qoobox\Quarantine\C\ProgramData\XP\EBLib.dll.vir
C:\Qoobox\Quarantine\C\ProgramData\XP\TPwSav.sys.vir
C:\Qoobox\Quarantine\C\Users\DesJon
C:\Qoobox\Quarantine\C\Users\DesJon\AppData
C:\Qoobox\Quarantine\C\Users\DesJon\Desktop
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Default Programs.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Windows Update.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\WinZip.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\ęTorrent.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\7-Zip
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Adobe Reader 9.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Apple Software Update.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Corel Label@Once
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Coupons
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Credit-Aid_PRO_100_Demo
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\CutePDF
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ExamForce
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\GIMP
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ImgBurn
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ImgBurn.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Inkscape.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Maintenance
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Malwarebytes' Anti-Malware
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Media Center.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works Task Launcher.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Mozilla Firefox.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\NetZero
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\NetZero Internet
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\NetZero Internet.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Norton Internet Security
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\QuickBooks Financial Center.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\QuickTime
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Real
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Sidebar.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Skype
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Startup
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\SUPER c - by eRightSoft
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Tablet PC
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA DVD PLAYER
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Toshiba Online Backup
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Virtual Plastic Surgery Software - VPSS
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Anytime Upgrade.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows DVD Maker.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Fax and Scan.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Live
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Media Player.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\WinZip
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\XPS Viewer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\7-Zip\7-Zip File Manager.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\7-Zip\7-Zip Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Calculator.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\displayswitch.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Math Input Panel.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Mobility Center.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Paint.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Remote Desktop Connection.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Snipping Tool.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Sound Recorder.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Sticky Notes.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Sync Center.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Welcome Center.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Wordpad.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility\Desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility\Speech Recognition.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Character Map.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\dfrgui.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Disk Cleanup.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Resource Monitor.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\System Information.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\System Restore.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Task Scheduler.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\Desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\ShapeCollector.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\TabTip.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC\Windows Journal.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Component Services.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Computer Management.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Data Sources (ODBC).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Event Viewer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\iSCSI Initiator.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Performance Monitor.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\services.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\System Configuration.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Task Scheduler.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\Windows PowerShell Modules.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\CCC - Advanced.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\CCC - Wizard.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\CCC.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Catalyst Control Center\Restart Runtime.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Corel Label@Once\Corel [email protected]
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Coupons\Coupons.com - Print Coupons.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Coupons\Uninstall Coupon Printer for Windows.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Credit-Aid_PRO_100_Demo\Credit Aid PRO 100 DEMO.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Credit-Aid_PRO_100_Demo\Uninstall.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\CutePDF\PDF Writer
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\CutePDF\PDF Writer\Readme.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ExamForce\CramMaster.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\- Play Games -.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\All Casual Games.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\All Enthusiast Games.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\All Family Games.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\All Kids Games.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\All MMO Games.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Bejeweled 2 Deluxe.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Blackhawk Striker 2.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Build-a-lot 3.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Chess.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\FATE Undiscovered Realms.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\FreeCell.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\GameExplorer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Hearts.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Internet Backgammon.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Internet Checkers.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Internet Spades.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Jewel Quest Solitaire 3.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Mahjong.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Minesweeper.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\More Games - WildTangent ORB.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Mystery P.I. - The Vegas Heist.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Polar Bowler.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Purble Place.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Scrabble.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Solitaire.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Spider Solitaire.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Virtual Villagers - The Secret City.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Games\Zuma Deluxe.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\GIMP\GIMP 2.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\GIMP\Uninstall.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Add A Device.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Configure Wireless Settings.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Product Registration.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Product Support Website.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Readme.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Toolbox.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet 4500 G510n-z\Uninstall.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ImgBurn\ImgBurn Read Me.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ImgBurn\ImgBurn.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\ImgBurn\Uninstall.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Backup and Restore Center.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Create Recovery Disc.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Maintenance\Remote Assistance.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes' Anti-Malware.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office - 60 Day Trial.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Re-install MS Office Trial.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Getting Started.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Microsoft Works Calendar.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Microsoft Works Database.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Microsoft Works Portfolio.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Microsoft Works Spreadsheet.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Microsoft Works Task Launcher.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Microsoft Works Word Processor.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works\Re-install MS Works.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba\My Toshiba.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba\Recovery Media Creator Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba\Recovery Media Creator.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba\Toshiba Application Installer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba\Toshiba Registration.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\My Toshiba\User's Guide.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero ControlCenter.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Vision.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Chinese (Simplified).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Chinese (Traditional).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Czech.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Danish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Dutch.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\English (UK).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\English (US).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Finnish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\French.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\German.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Greek.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Hungarian.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Italian.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Japanese.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Korean.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Norwegian.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Polish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Portuguese (Brazil).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Portuguese (Portugal).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Russian.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Spanish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Swedish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Thai.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero ControlCenter\Turkish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Chinese (Simplified).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Chinese (Traditional).lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Czech.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Dutch.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\English.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\French.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\German.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Italian.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Japanese.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Korean.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Polish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Russian.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Spanish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Nero\Nero 10\Nero Help\Nero Vision\Swedish.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\NetZero\NetZero Internet Service.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\NetZero Internet\NetZero Internet.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\NetZero Internet\NetZero Quick Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Norton Internet Security\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Norton Internet Security\LiveUpdate.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Norton Internet Security\Norton Internet Security.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Norton Internet Security\Support.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\QuickTime\About QuickTime.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\QuickTime\PictureViewer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\QuickTime\QuickTime Player.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\QuickTime\Uninstall QuickTime.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Real\RealPlayer Converter.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Real\RealPlayer Trimmer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Real\RealPlayer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Skype\Voice & Video Calls.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Startup\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\SUPER c - by eRightSoft\SUPER c.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\SUPER c - by eRightSoft\Uninstall SUPER c.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\CD&DVD Applications
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Networking
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\CD&DVD Applications\Disc Creator Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\CD&DVD Applications\Disc Creator.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\CD&DVD Applications\DVD-RAM Utility.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\1.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\2.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\3.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\4.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\5.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\6.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\7.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Networking\Modem Region Select.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Networking\V.92 Modem On Hold.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System\Configure Microphone.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System\Read me.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System\TOSHIBA Speech System Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System\Voice Commands.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System\Web Speak.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Accessibility.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\eco Utility.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Face Recognition Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Face Recognition.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Flash Cards Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\HDD SSD Alert Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\HDD SSD Alert.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\HWSetup.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\PC Diagnostic Tool.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\PC Health Monitor.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Restart Flash Cards.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Service Station.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Settings for Flash Cards.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\TOSHIBA Assist.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Web Camera Application Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Web Camera Application.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Zooming Utility Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities\Zooming Utility.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA DVD PLAYER\TOSHIBA DVD PLAYER Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA DVD PLAYER\TOSHIBA DVD PLAYER.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Toshiba Online Backup\Toshiba Online Backup.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\Check for UnHackMe updates.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\How to register.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\Read me.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\Reanimator.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\Register UnHackMe.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\UnHackMe Monitor.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\UnHackMe.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\UnHackMe\Uninstall UnHackMe.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Virtual Plastic Surgery Software - VPSS\Uninstall Virtual Plastic Surgery Software - VPSS.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Virtual Plastic Surgery Software - VPSS\Virtual Plastic Surgery Software - VPSS.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Live\Windows Live Call.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Live\Windows Live Mail.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Live\Windows Live Messenger .lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Live\Windows Live Photo Gallery.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\Windows Live\Windows Live Writer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\1\Programs\WinZip\WinZip 15.5.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\Internet Explorer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\Mozilla Firefox.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\My Toshiba.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\Toshiba Online Backup.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\Windows Explorer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\3\Windows Media Player.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\Credit Aid PRO 100 DEMO.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\desktop.ini
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\GIMP 2.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\ImgBurn.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\Inkscape.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\Malwarebytes' Anti-Malware.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\Nero Vision 10.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\NetZero Internet.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\NetZero Quick Help.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\Norton Internet Security.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\QuickTime Player.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\RealPlayer.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\WinZip.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Local\Temp\smtmp\4\ęTorrent.lnk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Adobe
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Adobe\plugs
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Adobe\shed
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Adobe\plugs\mmc52604192.txt.vir
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Adobe\shed\thr1.chm.vir
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Fix Disk
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery\Uninstall Windows 7 Recovery.lnk.vir
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery\Windows 7 Recovery.lnk.vir
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Fix Disk\Uninstall Windows Fix Disk.lnk.vir
C:\Qoobox\Quarantine\C\Users\DesJon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Fix Disk\Windows Fix Disk.lnk.vir
C:\Qoobox\Quarantine\C\Users\DesJon\Desktop\Windows 7 Recovery.lnk.vir
C:\Qoobox\Quarantine\C\Users\DesJon\Desktop\Windows Fix Disk.lnk.vir
C:\Qoobox\Quarantine\C\Windows\System32
C:\Qoobox\Quarantine\C\Windows\System32\AVSredirect.dll.vir
C:\Qoobox\Quarantine\C\Windows\System32\drivers
C:\Qoobox\Quarantine\C\Windows\System32\drivers\dgqb.sys.vir
C:\Qoobox\Quarantine\Registry_backups\AddRemove-TOSHIBA Software Modem.reg.dat
C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-yxEebvTBWi.reg.dat
C:\Qoobox\Quarantine\Registry_backups\Service_ihslnh.reg.dat
C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat

========= End of CMD: =========


==== End of Fixlog ====

#7 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 08 October 2011 - 10:35 AM

Search Log

Farbars Recovery Scan Tool 2.0.3
Ran by SYSTEM at 2011-10-08 10:22:33
Running from F:\

================== Search: volsnap.sys ===================

C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys
[2009-07-13 15:11] - [2009-07-13 17:19] - 0245328 ____A (Microsoft Corporation) 58DF9D2481A56EDDE167E51B334D44FD

C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_29364d30156a24ca\volsnap.sys
[2009-07-13 15:11] - [2009-07-13 17:19] - 0245328 ____A (Microsoft Corporation) 58DF9D2481A56EDDE167E51B334D44FD

C:\Windows\System32\drivers\volsnap.sys
[2009-07-13 15:11] - [2009-07-13 17:19] - 0245328 ____A () 7C28B63E4C9E5C3BE7FFE53789593619

C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys
[2011-07-07 10:54] - [2010-11-20 04:30] - 0245632 ____A (Microsoft Corporation) F497F67932C6FA693D7DE2780631CFE7

=== End Of Search ===

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:23 PM

Posted 09 October 2011 - 08:10 AM

Well done.

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."


Removal Instructions

I took the liberty of moving some suspect downloaded files too to prevent reinfection by running those programs.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
HKU\DesJon\...\Run: [MSOLAP90ErrorLookup] regsvr32 /s /u "C:\Users\DesJon\AppData\Local\MSOLAP90ErrorLookup\MSOLAP90ErrorLookup.dll" [106496 2011-06-21] ()
HKU\DesJon\...\Winlogon: [Shell] explorer.exe [x]
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [262656 2009-07-13] (Microsoft Corporation)
HKLM\...\runonceex: [Flags] 128 [x]
HKLM\...\runonceex: [Title] UnHackMe Rootkit Check [x]
2011-09-08 10:57 - 2011-09-09 21:07 - 0000000 ____D C:\Users\DesJon\Downloads\The.Help.2011.Cam.Xvid-Biz
2011-09-09 16:00 - 2011-09-09 16:00 - 0000000 ____D C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7
2011-09-09 15:55 - 2011-09-09 16:00 - 85602736 ____A C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7.rar
2011-09-09 15:33 - 2011-09-09 15:33 - 0000000 ____D C:\Users\DesJon\Downloads\Nero 10.0 + Serials en Keygen - DivXNL-Team
2011-09-29 09:16 - 2011-09-29 09:16 - 0000000 ____D C:\Users\DesJon\Downloads\Dragon Naturally Speaking 10.1 Serial
2011-09-28 09:34 - 2011-09-28 09:35 - 23422280 ____A C:\Users\DesJon\Downloads\winzip155(1).exe
2011-10-03 08:47 - 2011-10-03 08:47 - 0000000 ____D C:\Open Cloud AV
2011-08-15 17:31 - 2011-08-15 17:25 - 0003372 __ASH C:\Users\DesJon\AppData\Local\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34
2011-08-15 17:31 - 2011-08-15 17:25 - 0003372 __ASH C:\Users\All Users\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34
2011-08-15 17:31 - 2011-08-15 17:25 - 0003372 __ASH C:\ProgramData\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\rvaj.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\nfth.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\fata.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\DesJon\AppData\Local\cgej.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\nkjl.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\kgdb.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\gymh.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\Users\All Users\cmak.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\nkjl.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\kgdb.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\gymh.exe
2011-08-15 17:25 - 2011-08-15 17:25 - 0000000 ____A C:\ProgramData\cmak.exe
2011-08-15 14:17 - 2011-08-15 14:07 - 0003494 __ASH C:\Users\DesJon\AppData\Local\k71pyy08114s626scwd0d6s
2011-08-15 14:17 - 2011-08-15 14:07 - 0003494 __ASH C:\Users\All Users\k71pyy08114s626scwd0d6s
2011-08-15 14:17 - 2011-08-15 14:07 - 0003494 __ASH C:\ProgramData\k71pyy08114s626scwd0d6s
2011-08-03 02:57 - 2011-08-02 23:41 - 0000000 ____D C:\Users\All Users\iJ01300IjGcM01300
2011-08-03 02:57 - 2011-08-02 23:41 - 0000000 ____D C:\ProgramData\iJ01300IjGcM01300
2011-08-03 00:07 - 2011-08-02 23:41 - 0007285 ____A C:\Users\DesJon\AppData\Roaming\68DE.FE6
2011-08-02 12:13 - 2011-07-17 14:07 - 0000120 ____A C:\Users\DesJon\AppData\Local\Sfugutufu.dat
2011-08-02 12:13 - 2011-07-17 14:07 - 0000000 ____A C:\Users\DesJon\AppData\Local\Lsuhuro.bin
2 90bb4c50;
0 58312123;
C:\windows\1347206032
C:\windows\system32\drivers\07696532.sys
Replace: C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys C:\Windows\System32\drivers\volsnap.sys
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart and let it boot normally and tell me how it went. Please don't run any tool or cleaner after staring.

#9 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 09 October 2011 - 12:55 PM

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.3)
Ran by SYSTEM at 2011-10-09 12:53:16 R:2
Running from F:\

==============================================

HKEY_USERS\DesJon\Software\Microsoft\Windows\CurrentVersion\Run\\MSOLAP90ErrorLookup Value deleted successfully.
HKEY_USERS\DesJon\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell Value deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore Value deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\runonceex\\Flags Value deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\runonceex\\Title Value deleted successfully.
C:\Users\DesJon\Downloads\The.Help.2011.Cam.Xvid-Biz moved successfully.
C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7 moved successfully.
C:\Users\DesJon\Downloads\N3R0_V1S10N_Xtra_V.7.rar moved successfully.
C:\Users\DesJon\Downloads\Nero 10.0 + Serials en Keygen - DivXNL-Team moved successfully.
C:\Users\DesJon\Downloads\Dragon Naturally Speaking 10.1 Serial moved successfully.
C:\Users\DesJon\Downloads\winzip155(1).exe moved successfully.
C:\Open Cloud AV moved successfully.
C:\Users\DesJon\AppData\Local\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34 moved successfully.
C:\Users\All Users\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34 moved successfully.
C:\ProgramData\62o72230qbag61ie5g0cg64885j75ecq6uauuo5byg34 not found.
C:\Users\DesJon\AppData\Local\rvaj.exe moved successfully.
C:\Users\DesJon\AppData\Local\nfth.exe moved successfully.
C:\Users\DesJon\AppData\Local\fata.exe moved successfully.
C:\Users\DesJon\AppData\Local\cgej.exe moved successfully.
C:\Users\All Users\nkjl.exe moved successfully.
C:\Users\All Users\kgdb.exe moved successfully.
C:\Users\All Users\gymh.exe moved successfully.
C:\Users\All Users\cmak.exe moved successfully.
C:\ProgramData\nkjl.exe not found.
C:\ProgramData\kgdb.exe not found.
C:\ProgramData\gymh.exe not found.
C:\ProgramData\cmak.exe not found.
C:\Users\DesJon\AppData\Local\k71pyy08114s626scwd0d6s moved successfully.
C:\Users\All Users\k71pyy08114s626scwd0d6s moved successfully.
C:\ProgramData\k71pyy08114s626scwd0d6s not found.
C:\Users\All Users\iJ01300IjGcM01300 moved successfully.
C:\ProgramData\iJ01300IjGcM01300 not found.
C:\Users\DesJon\AppData\Roaming\68DE.FE6 moved successfully.
C:\Users\DesJon\AppData\Local\Sfugutufu.dat moved successfully.
C:\Users\DesJon\AppData\Local\Lsuhuro.bin moved successfully.
2 90bb4c50; service not found.
0 58312123; service not found.
C:\windows\1347206032 not found.
C:\windows\system32\drivers\07696532.sys not found.
C:\Windows\System32\drivers\volsnap.sys moved successfully.
C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys copied successfully to C:\Windows\System32\drivers\volsnap.sys

==== End of Fixlog ====

#10 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 09 October 2011 - 12:58 PM

I have five people including 3 teens on this laptop, everyone will be reading those links, thank you.

I restarted and it booted in Safe Mode. I didn't start anything, but I did change the boot to normal in msconfig, restarted, and it again booted up just fine. Thank you very much.

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:23 PM

Posted 09 October 2011 - 02:13 PM

Great. :thumbsup:

Please don't run any scan or cleaner until I let you know it is safe.

  • Open your Malwarebytes' Anti-Malware.
    • First update it, to do that under the Update tab press "Check for Updates".
    • Under Scanner tab select "Perform Quick Scan", then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the MBAM log.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

  • Go to Start => Programs or All Programs, check every entry to see if all the programs, tools, icons en shortcuts are there. Check at least this one and tell me if it is there:
    Go to Start => Programs or All Programs =>Accessories => System Tools => Resource Monitor


#12 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 09 October 2011 - 02:53 PM

As Malwarebytes was running the system froze, so I put it back into Safe Mode. It was able to run there. And, the Resource Monitor was there. Here is the log:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7910

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

10/9/2011 2:49:56 PM
mbam-log-2011-10-09 (14-49-56).txt

Scan type: Quick scan
Objects scanned: 174778
Time elapsed: 3 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\Temp\0.3592776032972038.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
c:\Windows\Temp\1363E8.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\gdfstr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Temp\intrau3.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Roaming\ldr.ini (Malware.Trace) -> Quarantined and deleted successfully.

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:23 PM

Posted 09 October 2011 - 03:12 PM

Please run Quick scan once more in normal mode. I want to make sure it runs without any freezing no matter if the log is clean or not.

#14 msgail

msgail
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 09 October 2011 - 03:52 PM

I just tried to run the scan in normal mode, and it froze up again.

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:23 PM

Posted 09 October 2011 - 04:00 PM

  • Run command Prompt as Administrator. To do that:
    Go to Start and type cmd.exe in the Search box.
    It gives you cmd.exe in the upper part. Right-click cmd.exe and select "Run As Administrator".
    Copy the following command, right-click in the open Command prompt window and select Paste:

    sfc /scannow

    Press Enter. Wait until the scan is done. Don't close the command prompt window.
  • Copy the following command, right-click in the open Command prompt window and select Paste:

    chkdsk /f

    Press Enter.

    Type "Y" and press Enter.

    Close the command prompt. Reboot the computer and let it run the disk check.
  • Now run a Quick Scan with Malwarebytes in normal mode and see if it still freezes.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users