Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

after effects of win7 security virus


  • This topic is locked This topic is locked
34 replies to this topic

#1 cornpoop

cornpoop

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 03 January 2012 - 03:57 PM

using win 7 64-bit service pack 1

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Administrator at 15:47:37 on 2012-01-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6109.4095 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\Administrator\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\PreSonus\1394AudioDriver_FirePod\FirePod.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\DeltaIITray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files\Gateway\Gateway Updater\alu.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.att.net
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173611096206p0365v165k4871r23o
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [SansaDispatch] C:\Users\Administrator\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [AdobeBridge]
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [UVS11 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
StartupFolder: C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FIREPO~1.LNK - C:\Program Files (x86)\PreSonus\1394AudioDriver_FirePod\FirePod.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{EA8713C9-52CC-42DD-A388-B7B0CCC5398B} : DhcpNameServer = 10.0.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [UVS11 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\f2f91qss.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15153&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15150&locale=en_US&apn_uid=70D532CA-0CFE-43BC-B399-23B78F5C745F&apn_ptnrs=UF&apn_sauid=C588447D-C3E9-4B9B-A429-64875EC3775D&apn_dtid=&&q=
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff4.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff5.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff6.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff7.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff8.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff9.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Administrator\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files (x86)\AVG\AVG10\Firefox4
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-8-18 7390560]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-6-4 1150496]
R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2011-11-4 20480]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-6-23 517632]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-7-17 4948992]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-8-27 240160]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);C:\Windows\system32\DRIVERS\MAudioDelta.sys --> C:\Windows\system32\DRIVERS\MAudioDelta.sys [?]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y62x64.sys --> C:\Windows\system32\DRIVERS\e1y62x64.sys [?]
S3 Bulk;HDJBulk;C:\Windows\system32\Drivers\HDJBulk.sys --> C:\Windows\system32\Drivers\HDJBulk.sys [?]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-12-8 1038088]
S3 HDJMidi;DJ Control MP3 e2 MIDI;C:\Windows\system32\DRIVERS\HDJMidi.sys --> C:\Windows\system32\DRIVERS\HDJMidi.sys [?]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-01-03 01:12:59 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-01-03 01:11:49 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-01-03 01:11:49 31232 ----a-w- C:\Windows\System32\prevhost.exe
2012-01-03 01:11:36 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-12-31 23:29:02 -------- d-sh--w- C:\$RECYCLE.BIN
2011-12-31 22:44:30 162104 ----a-w- C:\Windows\DP Animation Maker Uninstaller.exe
2011-12-31 22:44:29 -------- d-----w- C:\Program Files (x86)\DP Animation Maker
2011-12-31 22:44:29 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software
2011-12-31 15:31:56 98816 ----a-w- C:\Windows\sed.exe
2011-12-31 15:31:56 518144 ----a-w- C:\Windows\SWREG.exe
2011-12-31 15:31:56 256000 ----a-w- C:\Windows\PEV.exe
2011-12-31 15:31:56 208896 ----a-w- C:\Windows\MBR.exe
2011-12-31 15:31:52 -------- d-----w- C:\ComboFix
2011-12-31 15:30:43 4358181 ------r- C:\ComboFix.exe
2011-12-30 17:45:13 -------- d-----w- C:\Program Files\M-Audio
2011-12-30 13:51:47 -------- d-----w- C:\Users\Administrator\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-12-30 13:40:35 -------- d-----w- C:\Users\Administrator\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-12-30 13:39:16 -------- d-----w- C:\Program Files\Common Files\PACE Anti-Piracy
2011-12-30 13:38:58 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-12-30 13:30:33 -------- d-----w- C:\Program Files (x86)\Adobe Story
2011-12-30 13:29:45 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2011-12-30 13:29:45 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2011-12-30 13:29:45 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2011-12-30 13:29:45 -------- d-----w- C:\Program Files (x86)\My Company Name
2011-12-30 13:29:45 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2011-12-19 21:09:04 146432 ----a-w- C:\Windows\regedit.exe
2011-12-18 00:02:42 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2011-12-18 00:02:42 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2011-12-18 00:02:41 -------- d-----w- C:\Program Files (x86)\XYLIO
2011-12-15 21:41:43 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-15 21:41:43 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-15 21:36:01 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-15 21:36:01 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-15 21:36:01 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-15 21:29:30 43520 ----a-w- C:\Windows\System32\csrsrv.dll
.
==================== Find3M ====================
.
2011-12-21 12:25:51 30236672 ----a-w- C:\Windows\SysWow64\common_res.dll
2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-30 01:28:56 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 15:48:09.40 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 03 January 2012 - 03:59 PM

http://www.bleepingcomputer.com/forums/topic435515.html/page__gopid__2535670#entry2535670

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:12 PM

Posted 08 January 2012 - 02:48 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 08 January 2012 - 09:04 AM

ComboFix 12-01-07.03 - Administrator 01/08/2012 8:01.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6109.3200 [GMT -5:00]
Running from: c:\users\Administrator\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2011-12-08 to 2012-01-08 )))))))))))))))))))))))))))))))
.
.
2012-01-08 13:18 . 2012-01-08 13:18 -------- d-----w- c:\users\Mcx1-LTS\AppData\Local\temp
2012-01-08 13:18 . 2012-01-08 13:18 -------- d-----w- c:\users\Level Three Studios\AppData\Local\temp
2012-01-08 13:18 . 2012-01-08 13:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 23:28 . 2012-01-05 23:28 -------- d-----w- c:\programdata\InterVideo
2012-01-05 23:28 . 2007-03-06 16:58 210456 ----a-w- c:\windows\SysWow64\IVIresizeW7.dll
2012-01-05 23:28 . 2007-03-06 16:58 194072 ----a-w- c:\windows\SysWow64\IVIresizePX.dll
2012-01-05 23:28 . 2007-03-06 16:58 198168 ----a-w- c:\windows\SysWow64\IVIresizeP6.dll
2012-01-05 23:28 . 2007-03-06 16:58 198168 ----a-w- c:\windows\SysWow64\IVIresizeM6.dll
2012-01-05 23:28 . 2007-03-06 16:58 206360 ----a-w- c:\windows\SysWow64\IVIresizeA6.dll
2012-01-05 23:28 . 2007-03-06 16:58 26136 ----a-w- c:\windows\SysWow64\IVIresize.dll
2012-01-05 23:27 . 2012-01-05 23:28 -------- d-----w- c:\program files (x86)\Common Files\Ulead Systems
2012-01-05 23:27 . 2012-01-05 23:27 -------- d-----w- c:\program files (x86)\Ulead Systems
2012-01-05 22:56 . 2012-01-05 22:56 -------- d-----w- c:\programdata\PIXELA
2012-01-05 22:54 . 2012-01-05 22:54 -------- d-----w- c:\users\Administrator\AppData\Roaming\ZoomBrowser EX
2012-01-05 22:38 . 2012-01-05 22:38 -------- d-----w- c:\program files (x86)\PIXELA
2012-01-05 22:34 . 2005-04-04 04:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-01-05 22:34 . 2005-04-04 04:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-01-05 22:34 . 2005-04-04 04:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-01-05 22:34 . 2005-04-04 04:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-01-05 22:34 . 2005-04-04 03:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-01-05 22:34 . 2005-04-04 04:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-01-05 22:34 . 2012-01-05 22:34 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-01-05 22:34 . 2012-01-05 22:34 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-01-05 22:31 . 2012-01-05 22:31 -------- d-----w- c:\programdata\ZoomBrowser
2012-01-05 22:31 . 2012-01-05 22:33 -------- d-----w- c:\program files (x86)\Canon
2012-01-05 22:29 . 2012-01-05 22:29 -------- d-----w- c:\program files (x86)\Common Files\Canon
2012-01-03 02:08 . 2012-01-03 02:08 -------- d-----w- c:\users\Administrator\AppData\Roaming\HPAppData
2012-01-03 01:12 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2012-01-03 01:11 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2012-01-03 01:11 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2012-01-03 01:11 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-12-31 22:44 . 2011-12-31 22:44 162104 ----a-w- c:\windows\DP Animation Maker Uninstaller.exe
2011-12-31 22:44 . 2011-12-31 22:44 -------- d-----w- c:\program files (x86)\DP Animation Maker
2011-12-31 22:44 . 2011-12-31 22:44 -------- d-----w- c:\program files (x86)\Common Files\Thraex Software
2011-12-30 17:45 . 2011-12-30 17:45 -------- d-----w- c:\program files\M-Audio
2011-12-30 13:51 . 2011-12-30 13:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-12-30 13:40 . 2011-12-30 13:40 -------- d-----w- c:\users\Administrator\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-12-30 13:39 . 2011-12-30 13:39 -------- d-----w- c:\program files\Common Files\PACE Anti-Piracy
2011-12-30 13:38 . 2011-12-30 13:38 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-12-30 13:30 . 2011-12-30 13:30 -------- d-----w- c:\program files (x86)\Adobe Story
2011-12-30 13:29 . 2011-12-30 13:29 -------- d-----w- c:\program files (x86)\My Company Name
2011-12-30 13:29 . 2011-12-30 13:29 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2011-12-30 13:29 . 2009-07-09 08:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2011-12-30 13:29 . 2009-06-23 08:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2011-12-30 13:29 . 2009-06-23 08:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2011-12-19 21:09 . 2008-04-14 00:12 146432 ------w- c:\windows\regedit.exe
2011-12-18 00:02 . 2011-02-20 03:03 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-12-18 00:02 . 2011-02-19 04:40 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-12-18 00:02 . 2011-12-18 00:02 -------- d-----w- c:\program files (x86)\XYLIO
2011-12-15 21:41 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 21:41 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-15 21:36 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 21:36 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 21:36 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 21:29 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 12:25 . 2011-02-15 12:46 30236672 ----a-w- c:\windows\SysWow64\common_res.dll
2011-12-10 20:24 . 2009-11-07 19:22 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-30 01:28 . 2011-05-13 22:18 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 058710B720282CA82B909912D3EF28DB . 398336 . . [5.1.2600.5512] .. c:\windows\regedit.exe
[7] 2009-07-14 . 8A4883F5E7AC37444F23279239553878 . 398336 . . [6.1.7600.16385] .. c:\windows\SysWOW64\regedit.exe
[7] 2009-07-14 . 8A4883F5E7AC37444F23279239553878 . 398336 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
.
((((((((((((((((((((((((((((( SnapShot_2011-12-31_05.43.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-03 01:42 . 2012-01-03 01:42 76800 c:\windows\SysWOW64\SetIEInstalledDate.exe
+ 2012-01-03 01:12 . 2011-05-04 04:28 86528 c:\windows\SysWOW64\SearchFilterHost.exe
- 2009-07-14 00:13 . 2009-07-14 01:14 86528 c:\windows\SysWOW64\SearchFilterHost.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 74752 c:\windows\SysWOW64\RegisterIEPKEYs.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 54272 c:\windows\SysWOW64\pngfilt.dll
- 2009-07-14 00:12 . 2009-07-14 01:15 59392 c:\windows\SysWOW64\msscntrs.dll
+ 2012-01-03 01:12 . 2011-05-04 04:32 59392 c:\windows\SysWOW64\msscntrs.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 48640 c:\windows\SysWOW64\mshtmler.dll
+ 2012-01-03 02:30 . 2011-11-03 22:32 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 11776 c:\windows\SysWOW64\mshta.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 10752 c:\windows\SysWOW64\msfeedssync.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 41472 c:\windows\SysWOW64\msfeedsbs.dll
+ 2012-01-03 02:30 . 2011-11-03 22:37 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2003-09-04 19:14 . 2003-09-04 19:14 94208 c:\windows\SysWOW64\Macromed\Flash\GetFlash.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 23552 c:\windows\SysWOW64\licmgr10.dll
+ 2012-01-03 02:30 . 2011-11-03 22:37 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 78848 c:\windows\SysWOW64\inseng.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 35840 c:\windows\SysWOW64\imgutil.dll
- 2010-08-26 00:00 . 2010-08-26 00:00 23552 c:\windows\SysWOW64\igfxexps32.dll
+ 2011-02-11 23:41 . 2011-02-11 23:41 23552 c:\windows\SysWOW64\igfxexps32.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 86528 c:\windows\SysWOW64\iesysprep.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 74752 c:\windows\SysWOW64\iesetup.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 31744 c:\windows\SysWOW64\iernonce.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 74240 c:\windows\SysWOW64\ie4uinit.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 66048 c:\windows\SysWOW64\icardie.dll
+ 2012-01-03 01:12 . 2011-03-11 05:31 74240 c:\windows\SysWOW64\fsutil.exe
+ 2009-07-14 04:54 . 2012-01-08 13:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-30 14:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-30 14:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-08 13:17 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-08 13:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-30 14:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-27 20:15 . 2012-01-05 22:50 51916 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-08 13:43 38052 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-10-07 10:26 . 2012-01-08 13:43 14948 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4201581149-3699643296-3276645504-500_UserData.bin
+ 2012-01-03 01:42 . 2012-01-03 01:42 91648 c:\windows\system32\SetIEInstalledDate.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 89088 c:\windows\system32\RegisterIEPKEYs.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 65024 c:\windows\system32\pngfilt.dll
+ 2012-01-03 01:12 . 2011-05-04 05:22 75264 c:\windows\system32\msscntrs.dll
- 2009-07-14 00:29 . 2009-07-14 01:41 75264 c:\windows\system32\msscntrs.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 48640 c:\windows\system32\mshtmler.dll
+ 2012-01-03 02:30 . 2011-11-04 01:35 96256 c:\windows\system32\mshtmled.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 12288 c:\windows\system32\mshta.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 10752 c:\windows\system32\msfeedssync.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 55296 c:\windows\system32\msfeedsbs.dll
+ 2012-01-03 02:30 . 2011-11-04 01:41 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 30720 c:\windows\system32\licmgr10.dll
+ 2012-01-03 02:30 . 2011-11-04 01:41 85504 c:\windows\system32\jsproxy.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 49664 c:\windows\system32\imgutil.dll
+ 2009-08-27 21:02 . 2011-02-11 23:46 61952 c:\windows\system32\igfxsrvc.dll
- 2009-08-27 21:02 . 2010-08-26 00:04 61952 c:\windows\system32\igfxsrvc.dll
+ 2011-02-11 23:46 . 2011-02-11 23:46 27648 c:\windows\system32\igfxexps.dll
- 2010-08-26 00:04 . 2010-08-26 00:04 27648 c:\windows\system32\igfxexps.dll
+ 2011-02-12 00:21 . 2011-02-12 00:21 90112 c:\windows\system32\igfxCoIn_v2302.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 85504 c:\windows\system32\iesetup.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 39936 c:\windows\system32\iernonce.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 89088 c:\windows\system32\ie4uinit.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 82432 c:\windows\system32\icardie.dll
+ 2012-01-03 01:12 . 2011-03-11 06:30 96768 c:\windows\system32\fsutil.exe
- 2009-07-14 05:30 . 2011-12-30 17:45 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-01-03 01:49 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-01-03 01:12 . 2011-03-11 04:37 91648 c:\windows\system32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_26b33263a639795d\USBSTOR.SYS
+ 2012-01-03 01:12 . 2011-03-25 03:29 30720 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbuhci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 25600 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbohci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 52736 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbehci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 98816 c:\windows\system32\DriverStore\FileRepository\usb.inf_amd64_neutral_153b489118ee37b8\usbccgp.sys
+ 2011-02-12 00:21 . 2011-02-12 00:21 90112 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igxpco64.dll
+ 2011-02-11 23:46 . 2011-02-11 23:46 61952 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxsrvc.dll
+ 2011-02-11 23:41 . 2011-02-11 23:41 23552 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxexps32.dll
+ 2011-02-11 23:46 . 2011-02-11 23:46 27648 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxexps.dll
+ 2011-02-12 00:15 . 2011-02-12 00:15 92356 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfcg500m.bin
+ 2012-01-03 01:12 . 2011-03-11 06:41 27008 c:\windows\system32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_5c3d0d1e97e99e10\amdxata.sys
- 2009-07-14 00:06 . 2009-07-14 00:06 30720 c:\windows\system32\drivers\usbuhci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 30720 c:\windows\system32\drivers\usbuhci.sys
- 2011-05-23 21:49 . 2010-11-20 10:44 91648 c:\windows\system32\drivers\USBSTOR.SYS
+ 2012-01-03 01:12 . 2011-03-11 04:37 91648 c:\windows\system32\drivers\USBSTOR.SYS
- 2009-07-14 00:06 . 2009-07-14 00:06 25600 c:\windows\system32\drivers\usbohci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 25600 c:\windows\system32\drivers\usbohci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 52736 c:\windows\system32\drivers\usbehci.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 98816 c:\windows\system32\drivers\usbccgp.sys
- 2011-05-23 21:48 . 2010-11-20 10:44 98816 c:\windows\system32\drivers\usbccgp.sys
- 2011-05-23 21:49 . 2010-11-20 13:32 27008 c:\windows\system32\drivers\amdxata.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 27008 c:\windows\system32\drivers\amdxata.sys
+ 2009-10-07 10:28 . 2012-01-08 12:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-07 10:28 . 2011-12-31 05:38 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-07 10:28 . 2012-01-08 12:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-07 10:28 . 2011-12-31 05:38 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-31 05:38 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-08 12:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-07 19:15 . 2011-12-31 16:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-07 19:15 . 2011-12-31 05:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-01-06 16:52 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-11-07 19:15 . 2011-12-31 05:40 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-07 19:15 . 2011-12-31 16:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-07 19:15 . 2011-12-31 05:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-07 19:15 . 2011-12-31 16:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-07 06:00 . 2012-01-03 01:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-07 06:00 . 2011-12-31 05:40 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-07 06:00 . 2012-01-03 01:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-07 06:00 . 2011-12-31 05:40 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-03 01:12 . 2011-12-25 20:40 43280 c:\windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe
+ 2012-01-03 01:12 . 2011-12-25 20:42 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-01-03 02:53 . 2012-01-03 02:53 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\6c13d7fb161ed4d7da730a70375b07c9\System.Web.DynamicData.Design.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\94787ab3efcc074396a60ff3d83edf78\System.Web.DynamicData.Design.ni.dll
+ 2009-11-07 21:08 . 2012-01-03 01:50 1604 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2010-08-26 00:03 . 2010-08-26 00:03 4096 c:\windows\system32\IGFXDEVLib.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 4096 c:\windows\system32\IGFXDEVLib.dll
+ 2012-01-03 01:12 . 2011-03-25 03:28 7936 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbd.sys
+ 2011-02-11 23:45 . 2011-02-11 23:45 4096 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\IGFXDEVLib.dll
+ 2012-01-03 01:12 . 2011-03-25 03:28 7936 c:\windows\system32\drivers\usbd.sys
- 2009-07-14 00:06 . 2009-07-14 00:06 7936 c:\windows\system32\drivers\usbd.sys
+ 2012-01-08 13:41 . 2012-01-08 13:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-31 05:38 . 2011-12-31 05:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-31 05:38 . 2011-12-31 05:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-08 13:41 . 2012-01-08 13:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-05-23 21:50 . 2010-11-20 12:21 870912 c:\windows\SysWOW64\XpsPrint.dll
+ 2012-01-03 01:12 . 2011-03-12 11:23 870912 c:\windows\SysWOW64\XpsPrint.dll
+ 2012-01-03 01:12 . 2011-02-24 05:38 288256 c:\windows\SysWOW64\XpsGdiConverter.dll
- 2009-07-14 00:20 . 2009-07-14 01:16 180224 c:\windows\SysWOW64\xmllite.dll
+ 2012-01-03 01:12 . 2011-06-16 04:33 180224 c:\windows\SysWOW64\xmllite.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 152064 c:\windows\SysWOW64\wextract.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 203776 c:\windows\SysWOW64\webcheck.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 420864 c:\windows\SysWOW64\vbscript.dll
+ 2012-01-03 02:30 . 2011-11-03 22:38 231936 c:\windows\SysWOW64\url.dll
- 2009-07-14 00:14 . 2009-07-14 01:14 164352 c:\windows\SysWOW64\SearchProtocolHost.exe
+ 2012-01-03 01:12 . 2011-05-04 04:28 164352 c:\windows\SysWOW64\SearchProtocolHost.exe
+ 2012-01-03 01:12 . 2011-05-04 04:28 427520 c:\windows\SysWOW64\SearchIndexer.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 123392 c:\windows\SysWOW64\occache.dll
+ 2012-01-03 01:12 . 2011-05-04 04:32 666624 c:\windows\SysWOW64\mssvp.dll
- 2011-05-23 21:49 . 2010-11-20 12:19 666624 c:\windows\SysWOW64\mssvp.dll
- 2011-05-23 21:49 . 2010-11-20 12:19 197120 c:\windows\SysWOW64\mssphtb.dll
+ 2012-01-03 01:12 . 2011-05-04 04:32 197120 c:\windows\SysWOW64\mssphtb.dll
- 2009-07-14 00:13 . 2009-07-14 01:15 337408 c:\windows\SysWOW64\mssph.dll
+ 2012-01-03 01:12 . 2011-05-04 04:32 337408 c:\windows\SysWOW64\mssph.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 162304 c:\windows\SysWOW64\msrating.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 161792 c:\windows\SysWOW64\msls31.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 580608 c:\windows\SysWOW64\msfeeds.dll
+ 2012-01-03 02:30 . 2011-11-03 22:34 716800 c:\windows\SysWOW64\jscript.dll
- 2011-04-13 21:31 . 2011-02-18 05:41 716800 c:\windows\SysWOW64\jscript.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 208896 c:\windows\SysWOW64\iglhsip32.dll
- 2010-08-25 23:52 . 2010-08-25 23:52 208896 c:\windows\SysWOW64\iglhsip32.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 147456 c:\windows\SysWOW64\iglhcp32.dll
+ 2011-02-11 23:40 . 2011-02-11 23:40 228864 c:\windows\SysWOW64\igfxdv32.dll
- 2010-08-25 23:59 . 2010-08-25 23:59 228864 c:\windows\SysWOW64\igfxdv32.dll
- 2009-08-27 21:02 . 2010-08-26 00:28 571904 c:\windows\SysWOW64\igdumdx32.dll
+ 2009-08-27 21:02 . 2011-02-12 00:09 571904 c:\windows\SysWOW64\igdumdx32.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 150528 c:\windows\SysWOW64\iexpress.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2011-12-16 06:10 . 2011-11-11 05:40 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-01-03 02:30 . 2011-11-03 22:28 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 118784 c:\windows\SysWOW64\iepeers.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 353584 c:\windows\SysWOW64\iedkcs32.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 434176 c:\windows\SysWOW64\ieapfltr.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 163840 c:\windows\SysWOW64\ieakui.dll
- 2009-07-13 23:42 . 2009-07-14 01:05 163840 c:\windows\SysWOW64\ieakui.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 227840 c:\windows\SysWOW64\ieaksie.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 130560 c:\windows\SysWOW64\ieakeng.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 110592 c:\windows\SysWOW64\IEAdvpack.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 223232 c:\windows\SysWOW64\dxtrans.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 353792 c:\windows\SysWOW64\dxtmsft.dll
+ 2012-01-03 01:12 . 2011-01-17 05:47 161792 c:\windows\SysWOW64\d3d10_1.dll
- 2009-07-13 23:27 . 2009-07-14 01:15 161792 c:\windows\SysWOW64\d3d10_1.dll
- 2011-05-23 21:50 . 2010-11-20 12:18 739840 c:\windows\SysWOW64\d2d1.dll
+ 2012-01-03 01:12 . 2011-02-19 06:30 739840 c:\windows\SysWOW64\d2d1.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 101888 c:\windows\SysWOW64\admparse.dll
+ 2012-01-03 01:12 . 2011-02-24 06:15 476160 c:\windows\system32\XpsGdiConverter.dll
- 2009-07-14 00:41 . 2009-07-14 01:41 199680 c:\windows\system32\xmllite.dll
+ 2012-01-03 01:12 . 2011-06-16 05:49 199680 c:\windows\system32\xmllite.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 160256 c:\windows\system32\wextract.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 249344 c:\windows\system32\webcheck.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 603648 c:\windows\system32\vbscript.dll
+ 2012-01-03 02:30 . 2011-11-04 01:43 237056 c:\windows\system32\url.dll
- 2009-07-14 00:30 . 2009-07-14 01:39 249856 c:\windows\system32\SearchProtocolHost.exe
+ 2012-01-03 01:12 . 2011-05-04 05:19 249856 c:\windows\system32\SearchProtocolHost.exe
+ 2012-01-03 01:12 . 2011-05-04 05:19 591872 c:\windows\system32\SearchIndexer.exe
+ 2012-01-03 01:12 . 2011-05-04 05:19 113664 c:\windows\system32\SearchFilterHost.exe
- 2009-07-14 00:29 . 2009-07-14 01:39 113664 c:\windows\system32\SearchFilterHost.exe
- 2009-07-14 02:36 . 2011-12-31 05:42 615122 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-01-05 22:49 615122 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-01-05 22:49 103496 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-12-31 05:42 103496 c:\windows\system32\perfc009.dat
+ 2012-01-03 01:42 . 2012-01-03 01:42 149504 c:\windows\system32\occache.dll
- 2011-05-23 21:49 . 2010-11-20 13:27 778752 c:\windows\system32\mssvp.dll
+ 2012-01-03 01:12 . 2011-05-04 05:22 778752 c:\windows\system32\mssvp.dll
- 2011-05-23 21:48 . 2010-11-20 13:27 288256 c:\windows\system32\mssphtb.dll
+ 2012-01-03 01:12 . 2011-05-04 05:22 288256 c:\windows\system32\mssphtb.dll
- 2009-07-14 00:30 . 2009-07-14 01:41 491520 c:\windows\system32\mssph.dll
+ 2012-01-03 01:12 . 2011-05-04 05:22 491520 c:\windows\system32\mssph.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 197120 c:\windows\system32\msrating.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 222208 c:\windows\system32\msls31.dll
- 2009-07-13 23:39 . 2009-07-14 01:41 222208 c:\windows\system32\msls31.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 697344 c:\windows\system32\msfeeds.dll
+ 2012-01-03 02:30 . 2011-11-04 01:39 818688 c:\windows\system32\jscript.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 103936 c:\windows\system32\inseng.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 206336 c:\windows\system32\iglhsip64.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 188416 c:\windows\system32\iglhcp64.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 162328 c:\windows\system32\igfxtray.exe
- 2010-08-26 00:04 . 2010-08-26 00:04 380416 c:\windows\system32\igfxTMM.dll
+ 2011-02-11 23:46 . 2011-02-11 23:46 380416 c:\windows\system32\igfxTMM.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 509976 c:\windows\system32\igfxsrvc.exe
- 2009-08-27 21:02 . 2010-08-26 00:03 830464 c:\windows\system32\igfxress.dll
+ 2009-08-27 21:02 . 2011-02-11 23:45 830464 c:\windows\system32\igfxress.dll
+ 2011-02-11 23:46 . 2011-02-11 23:46 244224 c:\windows\system32\igfxpph.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 417304 c:\windows\system32\igfxpers.exe
- 2010-08-26 00:44 . 2010-08-26 00:44 223768 c:\windows\system32\igfxext.exe
+ 2011-02-12 00:25 . 2011-02-12 00:25 223768 c:\windows\system32\igfxext.exe
- 2010-08-26 00:03 . 2010-08-26 00:03 142336 c:\windows\system32\igfxdo.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 142336 c:\windows\system32\igfxdo.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 272896 c:\windows\system32\igfxdev.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 165888 c:\windows\system32\iexpress.exe
+ 2012-01-03 01:42 . 2012-01-03 01:42 173056 c:\windows\system32\ieUnatt.exe
+ 2012-01-03 02:30 . 2011-11-04 01:30 248320 c:\windows\system32\ieui.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 111616 c:\windows\system32\iesysprep.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 145920 c:\windows\system32\iepeers.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 403248 c:\windows\system32\iedkcs32.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 534528 c:\windows\system32\ieapfltr.dll
- 2009-07-13 23:58 . 2009-07-14 01:27 163840 c:\windows\system32\ieakui.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 163840 c:\windows\system32\ieakui.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 267776 c:\windows\system32\ieaksie.dll
- 2009-07-13 23:58 . 2009-07-14 01:41 267776 c:\windows\system32\ieaksie.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 160256 c:\windows\system32\ieakeng.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 135168 c:\windows\system32\IEAdvpack.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 386584 c:\windows\system32\hkcmd.exe
- 2010-08-26 00:44 . 2010-08-26 00:44 386584 c:\windows\system32\hkcmd.exe
+ 2009-08-27 21:02 . 2011-02-11 23:45 108544 c:\windows\system32\hccutils.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 119808 c:\windows\system32\gfxSrvc.dll
- 2010-08-26 00:03 . 2010-08-26 00:03 119808 c:\windows\system32\gfxSrvc.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 282112 c:\windows\system32\dxtrans.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 452608 c:\windows\system32\dxtmsft.dll
+ 2009-07-14 05:30 . 2012-01-03 01:49 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-12-30 17:45 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-12-30 17:45 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-01-03 01:49 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-01-03 01:12 . 2011-03-25 03:29 325120 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbport.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 343040 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbhub.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 343040 c:\windows\system32\DriverStore\FileRepository\usb.inf_amd64_neutral_153b489118ee37b8\usbhub.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 166272 c:\windows\system32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 148352 c:\windows\system32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
+ 2011-02-11 23:35 . 2011-02-11 23:35 206336 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\iglhsip64.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 208896 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\iglhsip32.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 188416 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\iglhcp64.dll
+ 2011-02-11 23:35 . 2011-02-11 23:35 147456 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\iglhcp32.dll
+ 2011-02-12 00:15 . 2011-02-12 00:15 874048 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igkrng575.bin
+ 2011-02-12 00:15 . 2011-02-12 00:15 982240 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igkrng500.bin
+ 2011-02-12 00:25 . 2011-02-12 00:25 162328 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxtray.exe
+ 2011-02-11 23:46 . 2011-02-11 23:46 380416 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxTMM.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 509976 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxsrvc.exe
+ 2011-02-11 23:45 . 2011-02-11 23:45 830464 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxress.dll
+ 2011-02-11 23:46 . 2011-02-11 23:46 244224 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxpph.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 417304 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxpers.exe
+ 2011-02-12 00:25 . 2011-02-12 00:25 223768 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxext.exe
+ 2011-02-11 23:40 . 2011-02-11 23:40 228864 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxdv32.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 142336 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxdo.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 272896 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfxdev.dll
+ 2011-02-12 00:15 . 2011-02-12 00:15 104796 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igfcg575m.bin
+ 2011-02-12 00:09 . 2011-02-12 00:09 571904 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igdumdx32.dll
+ 2011-02-12 00:15 . 2011-02-12 00:15 127868 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igcompkrng575.bin
+ 2011-02-12 00:15 . 2011-02-12 00:15 439308 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igcompkrng500.bin
+ 2011-02-12 00:25 . 2011-02-12 00:25 386584 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\hkcmd.exe
+ 2011-02-11 23:45 . 2011-02-11 23:45 108544 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\hccutils.dll
+ 2011-02-11 23:45 . 2011-02-11 23:45 119808 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\gfxSrvc.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 152600 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\difx64.exe
+ 2012-01-03 01:12 . 2011-03-11 06:41 410496 c:\windows\system32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 107904 c:\windows\system32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_5c3d0d1e97e99e10\amdsata.sys
+ 2009-07-14 05:31 . 2012-01-03 01:49 399360 c:\windows\system32\DriverStore\drvindex.dat
- 2009-07-14 05:31 . 2011-07-14 07:19 399360 c:\windows\system32\DriverStore\drvindex.dat
+ 2012-01-03 01:12 . 2011-03-25 03:29 325120 c:\windows\system32\drivers\usbport.sys
- 2011-05-23 21:49 . 2010-11-20 10:44 325120 c:\windows\system32\drivers\usbport.sys
- 2011-05-23 21:49 . 2010-11-20 10:44 343040 c:\windows\system32\drivers\usbhub.sys
+ 2012-01-03 01:12 . 2011-03-25 03:29 343040 c:\windows\system32\drivers\usbhub.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 189824 c:\windows\system32\drivers\storport.sys
- 2011-05-23 21:49 . 2010-11-20 13:33 189824 c:\windows\system32\drivers\storport.sys
- 2011-05-23 21:50 . 2010-11-20 13:33 166272 c:\windows\system32\drivers\nvstor.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 166272 c:\windows\system32\drivers\nvstor.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 148352 c:\windows\system32\drivers\nvraid.sys
- 2011-05-23 21:49 . 2010-11-20 13:33 148352 c:\windows\system32\drivers\nvraid.sys
- 2011-05-23 21:49 . 2010-11-20 13:33 410496 c:\windows\system32\drivers\iaStorV.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 410496 c:\windows\system32\drivers\iaStorV.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 107904 c:\windows\system32\drivers\amdsata.sys
- 2011-05-23 21:49 . 2010-11-20 13:32 107904 c:\windows\system32\drivers\amdsata.sys
+ 2011-02-12 00:25 . 2011-02-12 00:25 152600 c:\windows\system32\difx64.exe
- 2010-08-26 00:44 . 2010-08-26 00:44 152600 c:\windows\system32\difx64.exe
+ 2012-01-03 01:12 . 2011-01-17 11:09 197120 c:\windows\system32\d3d10_1.dll
- 2009-07-13 23:41 . 2009-07-14 01:40 197120 c:\windows\system32\d3d10_1.dll
+ 2012-01-03 01:12 . 2011-02-19 12:04 902656 c:\windows\system32\d2d1.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 114176 c:\windows\system32\admparse.dll
+ 2009-07-14 05:01 . 2012-01-08 13:39 622928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-03 01:12 . 2011-12-25 20:40 746256 c:\windows\Microsoft.NET\Framework64\v2.0.50727\webengine.dll
+ 2012-01-03 01:12 . 2011-12-25 20:42 437520 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2011-02-18 00:57 . 2011-02-18 00:57 292878 c:\windows\Installer\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\ARPPRODUCTICON.exe
+ 2012-01-05 23:28 . 2012-01-05 23:28 292878 c:\windows\Installer\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\ARPPRODUCTICON.exe
+ 2012-01-03 02:53 . 2012-01-03 02:53 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\f715b47c2f0440ea23a71f1076b0af2b\System.Web.Routing.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\d258f45340e6e538a19a56d1165b750f\System.Web.Entity.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\6f6d11e33e2f3f6bddd4c33809340a48\System.Web.Entity.Design.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\bca38e802e2b45f80f8fbde2b54ce0a2\System.Web.DynamicData.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\0e411c30fc2caebb55813b8fa0689d42\System.Web.Abstractions.ni.dll
+ 2012-01-03 02:02 . 2012-01-03 02:02 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\b434cf95212b804846ae51b54078b667\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-01-03 02:02 . 2012-01-03 02:02 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e50eeb08e5a2faa91ba39a1c9e19a49e\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-01-03 02:02 . 2012-01-03 02:02 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3d61b7222fdbc98ef59bff1333d1bf3\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-01-03 02:02 . 2012-01-03 02:02 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36213ec4fe54a8ea1341292fdadd5e0c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\8e576ae7d946a5440bddfdbe06818a8b\System.Web.Routing.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\5bd4f855a0b0386cb4baf093216ad2d3\System.Web.Extensions.Design.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\8d56e2f2a05dbde707d87cb3bdf0dffc\System.Web.Entity.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f560658d9ee6d2786cab976e775758d6\System.Web.Entity.Design.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e94f08faeb08a8ee9d51a3480083bd07\System.Web.DynamicData.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\2dc7ec41005f6e6fe45e0cc0a20a12bc\System.Web.Abstractions.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\e6fa2be533d9e540ccafe51980ae0103\System.Data.Entity.Design.ni.dll
- 2009-07-13 23:40 . 2009-07-14 01:40 135168 c:\windows\AppPatch\AppPatch64\AcXtrnal.dll
+ 2012-01-03 01:13 . 2011-03-04 06:19 135168 c:\windows\AppPatch\AppPatch64\AcXtrnal.dll
- 2011-05-23 21:49 . 2010-11-20 13:25 350208 c:\windows\AppPatch\AppPatch64\AcLayers.dll
+ 2012-01-03 01:13 . 2011-03-04 06:19 350208 c:\windows\AppPatch\AppPatch64\AcLayers.dll
+ 2012-01-03 02:30 . 2011-11-03 22:39 1127424 c:\windows\SysWOW64\wininet.dll
+ 2012-01-03 02:30 . 2011-11-03 22:40 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-01-03 01:12 . 2011-05-04 04:34 1549312 c:\windows\SysWOW64\tquery.dll
- 2011-05-23 21:50 . 2010-11-20 12:19 1401344 c:\windows\SysWOW64\mssrch.dll
+ 2012-01-03 01:12 . 2011-05-04 04:32 1401344 c:\windows\SysWOW64\mssrch.dll
+ 2012-01-03 02:30 . 2011-11-03 22:47 1798144 c:\windows\SysWOW64\jscript9.dll
+ 2009-08-27 21:02 . 2011-02-12 00:12 4967424 c:\windows\SysWOW64\igdumd32.dll
- 2009-08-27 21:02 . 2010-08-26 00:31 4967424 c:\windows\SysWOW64\igdumd32.dll
+ 2011-02-12 00:04 . 2011-02-12 00:04 4411392 c:\windows\SysWOW64\igd10umd32.dll
+ 2012-01-03 02:30 . 2011-11-03 22:32 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-01-03 02:30 . 2011-11-03 22:46 9705472 c:\windows\SysWOW64\ieframe.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 3695416 c:\windows\SysWOW64\ieapfltr.dat
+ 2012-01-03 01:12 . 2011-02-25 05:30 2616320 c:\windows\SysWOW64\explorer.exe
- 2011-05-23 21:50 . 2010-11-20 12:17 2616320 c:\windows\SysWOW64\explorer.exe
+ 2012-01-03 01:12 . 2011-03-11 05:33 1699328 c:\windows\SysWOW64\esent.dll
+ 2012-01-03 01:12 . 2011-02-19 06:30 1076736 c:\windows\SysWOW64\DWrite.dll
- 2011-05-23 21:50 . 2010-11-20 12:18 1076736 c:\windows\SysWOW64\DWrite.dll
- 2011-05-23 21:50 . 2010-11-20 13:27 1465344 c:\windows\system32\XpsPrint.dll
+ 2012-01-03 01:12 . 2011-03-12 12:08 1465344 c:\windows\system32\XpsPrint.dll
+ 2012-01-03 02:30 . 2011-11-04 01:44 1390080 c:\windows\system32\wininet.dll
+ 2012-01-03 02:30 . 2011-11-04 01:46 1345536 c:\windows\system32\urlmon.dll
+ 2012-01-03 01:12 . 2011-05-04 05:25 2315776 c:\windows\system32\tquery.dll
- 2011-05-23 21:50 . 2010-11-20 13:27 2223616 c:\windows\system32\mssrch.dll
+ 2012-01-03 01:12 . 2011-05-04 05:22 2223616 c:\windows\system32\mssrch.dll
+ 2012-01-03 02:30 . 2011-11-04 01:53 2309120 c:\windows\system32\jscript9.dll
+ 2011-02-12 00:16 . 2011-02-12 00:16 6549504 c:\windows\system32\igdumd64.dll
+ 2011-02-12 00:07 . 2011-02-12 00:07 4722176 c:\windows\system32\igd10umd64.dll
+ 2012-01-03 02:30 . 2011-11-04 01:36 2144256 c:\windows\system32\iertutil.dll
+ 2012-01-03 01:42 . 2012-01-03 01:42 3695416 c:\windows\system32\ieapfltr.dat
+ 2011-02-12 00:25 . 2011-02-12 00:25 3157528 c:\windows\system32\GfxUI.exe
+ 2012-01-03 01:12 . 2011-02-19 12:05 1139200 c:\windows\system32\FntCache.dll
+ 2009-07-14 04:45 . 2012-01-03 01:53 5153208 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2011-12-30 17:01 5153208 c:\windows\system32\FNTCACHE.DAT
- 2011-05-23 21:50 . 2010-11-20 13:26 1544192 c:\windows\system32\DWrite.dll
+ 2012-01-03 01:12 . 2011-02-19 12:04 1544192 c:\windows\system32\DWrite.dll
+ 2011-02-12 00:16 . 2011-02-12 00:16 6549504 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igdumd64.dll
+ 2011-02-12 00:12 . 2011-02-12 00:12 4967424 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igdumd32.dll
+ 2011-02-12 00:07 . 2011-02-12 00:07 4722176 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igd10umd64.dll
+ 2011-02-12 00:04 . 2011-02-12 00:04 4411392 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igd10umd32.dll
+ 2011-02-12 00:25 . 2011-02-12 00:25 3157528 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\GfxUI.exe
- 2011-05-23 21:50 . 2010-11-20 13:33 1659776 c:\windows\system32\drivers\ntfs.sys
+ 2012-01-03 01:12 . 2011-03-11 06:41 1659776 c:\windows\system32\drivers\ntfs.sys
+ 2009-07-14 04:45 . 2012-01-03 02:37 7114111 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-12-30 17:03 7114111 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-01-03 02:33 . 2012-01-08 13:39 9313424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4201581149-3699643296-3276645504-500-12288.dat
+ 2012-01-03 01:12 . 2011-12-25 20:40 5263360 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Web.dll
+ 2012-01-03 01:12 . 2011-12-25 20:42 5255168 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-03-14 21:26 . 2007-03-14 21:26 4457472 c:\windows\Installer\24dd63.msi
+ 2012-01-03 01:12 . 2011-02-25 06:19 2871808 c:\windows\explorer.exe
+ 2012-01-03 02:53 . 2012-01-03 02:53 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\455567dae39910d806447b77ee657a85\System.WorkflowServices.ni.dll
+ 2012-01-03 01:59 . 2012-01-03 01:59 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\45339e741d73e8f1f9393df8163c8c00\System.Workflow.Runtime.ni.dll
+ 2012-01-03 01:59 . 2012-01-03 01:59 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\48ef2f59740ad3d438d0514b335dd334\System.Workflow.ComponentModel.ni.dll
+ 2012-01-03 01:59 . 2012-01-03 01:59 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\7972e04df268430da009e63e90ff4ca9\System.Workflow.Activities.ni.dll
+ 2012-01-03 01:59 . 2012-01-03 01:59 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\8d374a0a9c49f485a7ce6e89ec354b4c\System.Web.Services.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\91ecefc70d74ed44e5139ea2929adbb8\System.Web.Mobile.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\71da5a6d09e12eb94be32935e4a8d5a2\System.Web.Extensions.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2bb91a2edcc92d2bb79007e7d2ddc2ae\System.Web.Extensions.Design.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\3a6ac85c04453976c0f3a7c6a64ec43a\System.ServiceModel.Web.ni.dll
+ 2012-01-03 01:59 . 2012-01-03 01:59 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\d12c2299179cb05591cf08c8712a6495\System.Runtime.Remoting.ni.dll
+ 2012-01-03 02:51 . 2012-01-03 02:51 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\1f90d38a42906a776be313d9720e350d\System.IdentityModel.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\1d2c369d8e2d6f95c99ca90aca273418\System.Data.Services.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\b7bd7d91dc9abd73f2506bb7a0292373\System.Data.Entity.Design.ni.dll
+ 2012-01-03 02:52 . 2012-01-03 02:52 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\53fcf7f34708a9482d3e4059ce29608c\MIGUIControls.ni.dll
+ 2012-01-03 02:53 . 2012-01-03 02:53 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\486ff8cee09c8c63aa9c60ff4f5feafa\Microsoft.VisualBasic.ni.dll
+ 2012-01-03 02:52 . 2012-01-03 02:52 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b68f19bf3f3d545547d2b680eb54a660\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-01-03 02:52 . 2012-01-03 02:52 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\7e81f50c34dec17b90bfebec5929853a\Microsoft.MediaCenter.UI.ni.dll
+ 2012-01-03 02:51 . 2012-01-03 02:51 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\65a892a923b49b062bd8fc97254940d3\Microsoft.MediaCenter.ni.dll
+ 2012-01-03 02:52 . 2012-01-03 02:52 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\33fd1381f221898a53253303cb7e5380\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-01-03 02:02 . 2012-01-03 02:02 6394368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b18cc8f74e2cc93fd0942ddadd118a65\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-01-03 02:02 . 2012-01-03 02:02 2001920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\605212ca6fbbc96fd6c528f945552d1b\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-01-03 02:51 . 2012-01-03 02:51 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a612958eaf641f0ba83b0daae44cb7b1\System.WorkflowServices.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\ad68aa9e6fa1ec8005e1f604579a76be\System.Workflow.Runtime.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 4515840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\00b0a14ef5cb0154db7989da39a7f1e5\System.Workflow.ComponentModel.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\54873f241a4ad6d2a13e48d2da444538\System.Workflow.Activities.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\be4f1d78d06979df7fd08dedf0d8c804\System.Web.Services.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\d957ec1fb12ff02282a7f73d6318b66b\System.Web.Mobile.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a90f033a5a062ff29f7df8f9edc1a80c\System.Web.Extensions.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\828e31a37bfd9d432083be6307845630\System.ServiceModel.Web.ni.dll
+ 2012-01-03 02:03 . 2012-01-03 02:03 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c0d9df88f2b37d14cf416281364c5b7f\System.IdentityModel.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\76e676a9b6387aad5544d61a4ac12a78\System.Data.Services.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\20d18697deb8413c01119531c6b987ad\MIGUIControls.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dd759df05fad8dc6d3404e8e02b40819\Microsoft.VisualBasic.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\695508ea67706e5f66208cabe5363099\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\5662462cfa995c71817791af93686db2\Microsoft.MediaCenter.ni.dll
+ 2012-01-03 02:50 . 2012-01-03 02:50 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4676e3f99469bd1120f8aed9cf37e4d2\Microsoft.MediaCenter.UI.ni.dll
- 2011-05-23 21:50 . 2010-11-05 01:53 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-03 01:12 . 2011-12-25 20:42 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-03 01:12 . 2011-12-25 20:40 5263360 c:\windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-01-03 01:12 . 2011-12-25 20:42 5255168 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-01-03 01:12 . 2011-08-30 04:21 12872704 c:\windows\SysWOW64\shell32.dll
+ 2012-01-03 02:30 . 2011-11-03 23:02 12279808 c:\windows\SysWOW64\mshtml.dll
+ 2011-02-11 23:51 . 2011-02-11 23:51 11039744 c:\windows\SysWOW64\ig4icd32.dll
+ 2009-07-14 02:34 . 2012-01-03 02:33 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-01-03 01:12 . 2011-08-30 05:25 14173184 c:\windows\system32\shell32.dll
+ 2012-01-03 02:30 . 2011-11-04 02:38 17786368 c:\windows\system32\mshtml.dll
+ 2011-02-11 23:59 . 2011-02-11 23:59 15035392 c:\windows\system32\ig4icd64.dll
+ 2012-01-03 02:30 . 2011-11-04 01:59 10886656 c:\windows\system32\ieframe.dll
+ 2011-02-12 00:16 . 2011-02-12 00:16 10628640 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\igdkmd64.sys
+ 2011-02-11 23:59 . 2011-02-11 23:59 15035392 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\ig4icd64.dll
+ 2011-02-11 23:51 . 2011-02-11 23:51 11039744 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_21c3a7f1ad99989b\ig4icd32.dll
+ 2011-02-12 00:16 . 2011-02-12 00:16 10628640 c:\windows\system32\drivers\igdkmd64.sys
+ 2012-01-03 01:59 . 2012-01-03 01:59 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\ab920a032a9b63aa07f26c5592d7c72c\System.Web.ni.dll
+ 2012-01-03 02:51 . 2012-01-03 02:51 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\4bf05a9a1aebde89033c40b9e51af495\System.ServiceModel.ni.dll
+ 2012-01-03 01:59 . 2012-01-03 01:59 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\665178c1ccfd538896eaa0fff283b6ef\System.Design.ni.dll
+ 2012-01-03 02:52 . 2012-01-03 02:52 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\897b2e70eb1754bf8c557fadd93faf98\ehshell.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll
+ 2012-01-03 02:03 . 2012-01-03 02:03 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7bc7e33d4568a214f226cdb6a161a37a\System.ServiceModel.ni.dll
+ 2012-01-03 02:00 . 2012-01-03 02:00 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\70f9f6de6dc9611157ed563bdb4e79a4\System.Design.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-12-14 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-12-14 20:51 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-12-14 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-27 39408]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-08-30 328568]
"SansaDispatch"="c:\users\Administrator\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2010-12-23 79872]
"AdobeBridge"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2009-07-01 37888]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2007-10-31 77824]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [BU]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-12-14 1398440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Hercules DJ Series"="c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" [2009-10-23 639784]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"M-Audio Taskbar Icon"="c:\windows\system32\DeltaIITray.exe" [2011-02-18 236040]
"UVS11 Preload"="c:\program files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2010-5-21 576000]
OpenOffice.org 2.4.lnk - c:\program files (x86)\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FirePod Control Panel.lnk - c:\program files (x86)\PreSonus\1394AudioDriver_FirePod\FirePod.exe [2009-11-7 1126400]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
ImageMixer 3 SE Camera Monitor.lnk - c:\program files (x86)\PIXELA\ImageMixer 3 SE\CameraMonitor.exe [2012-1-5 253952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
R3 ATICDSDr;ATICDSDr;c:\users\ADMINI~1\AppData\Local\Temp\ATICDSDr.sys [x]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys [x]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-12-09 1038088]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys [x]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-18 7390560]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 Greg_Service;GRegService;c:\program files (x86)\Gateway\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2007-11-21 20480]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-09-04 517632]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 4948992]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-08-12 62208]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [2009-07-04 240160]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\DRIVERS\MAudioDelta.sys [x]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.att.net
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173611096206p0365v165k4871r23o
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\f2f91qss.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15153&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15150&locale=en_US&apn_uid=70D532CA-0CFE-43BC-B399-23B78F5C745F&apn_ptnrs=UF&apn_sauid=C588447D-C3E9-4B9B-A429-64875EC3775D&apn_dtid=&&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files (x86)\AVG\AVG10\Firefox4
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23} - c:\program files (x86)\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,12,cf,
01,9b,be,e4,0e,b8,99,b1,17,8f,6b,f1,d6
"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,3b,1b,53,c4,79,
b6,6e,2b,5f,0a,ab,f5,85,26,b6,e8,6c,48
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1a,d8,
c2,73,f2,3c,0f,a1,7b,d7,65,c2,80,c4,bc
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:e2,e1,7d,2d,bc,c9,cc,01
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,4c,38,af,13,cb,65,48,bd,f0,43,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,4c,38,af,13,cb,65,48,bd,f0,43,\
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AVI"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="OpenOffice.org.Doc"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\winamp.exe"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mkv"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP3"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nfo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\notepad.exe"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WinRAR"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VOB\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.vob"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.wav"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-4201581149-3699643296-3276645504-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CakewalkPlugIns\ˆ¸1*]
"Description"="Cakewal"
"HelpFilePath"=""
"HelpFileTopic"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:50,48,36,4f,74,a5,71,e2,80,ab,fe,b6,ba,e8,22,ef,8e,3d,e7,81,b8,
fb,63,8e,12,83,c4,3f,7a,66,e0,f3,f1,0d,88,8c,23,c3,39,62,09,ed,78,ba,18,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:50,48,36,4f,74,a5,71,e2,80,ab,fe,b6,ba,e8,22,ef,8e,3d,e7,81,b8,
fb,63,8e,12,83,c4,3f,7a,66,e0,f3,f1,0d,88,8c,23,c3,39,62,09,ed,78,ba,18,68,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\OpenOffice.org 2.4\program\soffice.exe
c:\program files (x86)\OpenOffice.org 2.4\program\soffice.BIN
c:\windows\SysWOW64\DeltaIITray.exe
c:\program files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2012-01-08 09:01:45 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-08 14:01
ComboFix2.txt 2011-12-19 22:12
.
Pre-Run: 39,262,007,296 bytes free
Post-Run: 40,033,087,488 bytes free
.
- - End Of File - - A30BA48E6A56DD6262DB04F95A99E012

when combofix finished and rebooted on the restart I got a regedit was unable to start error 0xc0000142 4 or 5 times

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:12 PM

Posted 08 January 2012 - 02:49 PM

let me know if this works for the windows firewall


http://download.bleepingcomputer.com/sUBs/MiniFixes/RestoreBFE.exe


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 08 January 2012 - 03:11 PM

says...error this tool does not apply to you

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:12 PM

Posted 08 January 2012 - 05:13 PM

Hello


This is best done with IE

Download both the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 08 January 2012 - 05:35 PM

when I try to start regedit it gives me a error "the application was unable to start correctly 0xc0000142

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:12 PM

Posted 08 January 2012 - 06:02 PM

is your firewall working?

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:12 PM

Posted 10 January 2012 - 11:27 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 11 January 2012 - 12:06 AM

no nothing has changed..the firewall wont work and regedit wont work

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:12 PM

Posted 11 January 2012 - 11:16 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 11 January 2012 - 03:33 PM

15:31:41.0975 8148 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
15:31:43.0987 8148 ============================================================
15:31:43.0987 8148 Current date / time: 2012/01/11 15:31:43.0987
15:31:43.0987 8148 SystemInfo:
15:31:43.0987 8148
15:31:43.0987 8148 OS Version: 6.1.7601 ServicePack: 1.0
15:31:43.0987 8148 Product type: Workstation
15:31:43.0987 8148 ComputerName: LTS
15:31:43.0987 8148 UserName: Administrator
15:31:43.0987 8148 Windows directory: C:\Windows
15:31:43.0987 8148 System windows directory: C:\Windows
15:31:43.0987 8148 Running under WOW64
15:31:43.0987 8148 Processor architecture: Intel x64
15:31:43.0987 8148 Number of processors: 2
15:31:43.0987 8148 Page size: 0x1000
15:31:43.0987 8148 Boot type: Normal boot
15:31:43.0987 8148 ============================================================
15:31:44.0471 8148 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
15:31:44.0487 8148 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:31:54.0096 8148 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:00.0383 8148 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0B00000, SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:00.0399 8148 Drive \Device\Harddisk4\DR4 - Size: 0x1E6E80000, SectorSize: 0x200, Cylinders: 0x3E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:00.0617 8148 Initialize success
15:32:03.0550 5836 ============================================================
15:32:03.0550 5836 Scan started
15:32:03.0550 5836 Mode: Manual;
15:32:03.0550 5836 ============================================================
15:32:05.0734 5836 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:32:05.0765 5836 1394ohci - ok
15:32:05.0812 5836 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
15:32:05.0827 5836 61883 - ok
15:32:05.0890 5836 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:32:05.0890 5836 ACPI - ok
15:32:05.0937 5836 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:32:05.0952 5836 AcpiPmi - ok
15:32:06.0015 5836 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:32:06.0015 5836 adfs - ok
15:32:06.0077 5836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:32:06.0093 5836 adp94xx - ok
15:32:06.0108 5836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:32:06.0108 5836 adpahci - ok
15:32:06.0124 5836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:32:06.0124 5836 adpu320 - ok
15:32:06.0186 5836 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:32:06.0202 5836 AFD - ok
15:32:06.0233 5836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:32:06.0249 5836 agp440 - ok
15:32:06.0264 5836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:32:06.0264 5836 aliide - ok
15:32:06.0311 5836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:32:06.0311 5836 amdide - ok
15:32:06.0342 5836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:32:06.0358 5836 AmdK8 - ok
15:32:06.0358 5836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:32:06.0358 5836 AmdPPM - ok
15:32:06.0405 5836 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:32:06.0420 5836 amdsata - ok
15:32:06.0420 5836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:32:06.0420 5836 amdsbs - ok
15:32:06.0451 5836 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:32:06.0451 5836 amdxata - ok
15:32:06.0498 5836 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:32:06.0498 5836 AppID - ok
15:32:06.0514 5836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:32:06.0514 5836 arc - ok
15:32:06.0545 5836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:32:06.0545 5836 arcsas - ok
15:32:06.0561 5836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:32:06.0576 5836 AsyncMac - ok
15:32:06.0592 5836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:32:06.0592 5836 atapi - ok
15:32:06.0732 5836 ATICDSDr - ok
15:32:06.0779 5836 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
15:32:06.0779 5836 Avc - ok
15:32:06.0873 5836 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
15:32:06.0873 5836 AVGIDSDriver - ok
15:32:06.0919 5836 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
15:32:06.0919 5836 AVGIDSEH - ok
15:32:06.0982 5836 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
15:32:06.0982 5836 AVGIDSFilter - ok
15:32:07.0060 5836 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
15:32:07.0060 5836 Avgldx64 - ok
15:32:07.0122 5836 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
15:32:07.0122 5836 Avgmfx64 - ok
15:32:07.0185 5836 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
15:32:07.0185 5836 Avgrkx64 - ok
15:32:07.0216 5836 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
15:32:07.0216 5836 Avgtdia - ok
15:32:07.0278 5836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:32:07.0294 5836 b06bdrv - ok
15:32:07.0309 5836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:32:07.0325 5836 b57nd60a - ok
15:32:07.0341 5836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:32:07.0341 5836 Beep - ok
15:32:07.0372 5836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:32:07.0372 5836 blbdrive - ok
15:32:07.0419 5836 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:32:07.0419 5836 bowser - ok
15:32:07.0434 5836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:32:07.0450 5836 BrFiltLo - ok
15:32:07.0450 5836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:32:07.0450 5836 BrFiltUp - ok
15:32:07.0465 5836 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:32:07.0465 5836 BridgeMP - ok
15:32:07.0481 5836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:32:07.0481 5836 Brserid - ok
15:32:07.0497 5836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:32:07.0497 5836 BrSerWdm - ok
15:32:07.0512 5836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:32:07.0528 5836 BrUsbMdm - ok
15:32:07.0528 5836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:32:07.0528 5836 BrUsbSer - ok
15:32:07.0543 5836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:32:07.0559 5836 BTHMODEM - ok
15:32:07.0606 5836 Bulk (d8bd549336593ca304b3524ff2f42717) C:\Windows\system32\Drivers\HDJBulk.sys
15:32:07.0621 5836 Bulk - ok
15:32:07.0715 5836 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
15:32:07.0715 5836 BVRPMPR5a64 - ok
15:32:07.0731 5836 catchme - ok
15:32:07.0746 5836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:32:07.0746 5836 cdfs - ok
15:32:07.0809 5836 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:32:07.0824 5836 cdrom - ok
15:32:07.0855 5836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:32:07.0855 5836 circlass - ok
15:32:07.0887 5836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:32:07.0887 5836 CLFS - ok
15:32:07.0918 5836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:32:07.0918 5836 CmBatt - ok
15:32:07.0965 5836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:32:07.0980 5836 cmdide - ok
15:32:08.0027 5836 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:32:08.0027 5836 CNG - ok
15:32:08.0058 5836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:32:08.0058 5836 Compbatt - ok
15:32:08.0105 5836 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:32:08.0105 5836 CompositeBus - ok
15:32:08.0121 5836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:32:08.0136 5836 crcdisk - ok
15:32:08.0167 5836 DELTAII (432071b1a990611f001932481bc5b7f1) C:\Windows\system32\DRIVERS\MAudioDelta.sys
15:32:08.0183 5836 DELTAII - ok
15:32:08.0230 5836 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:32:08.0245 5836 DfsC - ok
15:32:08.0292 5836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:32:08.0292 5836 discache - ok
15:32:08.0308 5836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:32:08.0308 5836 Disk - ok
15:32:08.0370 5836 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:32:08.0386 5836 Dot4 - ok
15:32:08.0433 5836 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
15:32:08.0433 5836 Dot4Print - ok
15:32:08.0495 5836 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:32:08.0495 5836 dot4usb - ok
15:32:08.0511 5836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:32:08.0511 5836 drmkaud - ok
15:32:08.0573 5836 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:32:08.0573 5836 DXGKrnl - ok
15:32:08.0620 5836 e1yexpress (761b9edd97a021aa1922501b7a056635) C:\Windows\system32\DRIVERS\e1y62x64.sys
15:32:08.0635 5836 e1yexpress - ok
15:32:08.0698 5836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:32:08.0776 5836 ebdrv - ok
15:32:08.0869 5836 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys
15:32:08.0869 5836 ElbyCDIO - ok
15:32:08.0916 5836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:32:08.0916 5836 elxstor - ok
15:32:08.0963 5836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:32:08.0979 5836 ErrDev - ok
15:32:08.0994 5836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:32:08.0994 5836 exfat - ok
15:32:09.0025 5836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:32:09.0025 5836 fastfat - ok
15:32:09.0041 5836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:32:09.0041 5836 fdc - ok
15:32:09.0072 5836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:32:09.0072 5836 FileInfo - ok
15:32:09.0088 5836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:32:09.0088 5836 Filetrace - ok
15:32:09.0119 5836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:32:09.0119 5836 flpydisk - ok
15:32:09.0181 5836 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:32:09.0181 5836 FltMgr - ok
15:32:09.0213 5836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:32:09.0213 5836 FsDepends - ok
15:32:09.0228 5836 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:32:09.0228 5836 Fs_Rec - ok
15:32:09.0275 5836 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:32:09.0291 5836 fvevol - ok
15:32:09.0322 5836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:32:09.0322 5836 gagp30kx - ok
15:32:09.0369 5836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:32:09.0369 5836 hcw85cir - ok
15:32:09.0415 5836 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:32:09.0431 5836 HdAudAddService - ok
15:32:09.0493 5836 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:32:09.0493 5836 HDAudBus - ok
15:32:09.0540 5836 HDJMidi (f10b45171f7e8618e0868f3a0c9efe84) C:\Windows\system32\DRIVERS\HDJMidi.sys
15:32:09.0540 5836 HDJMidi - ok
15:32:09.0571 5836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:32:09.0571 5836 HidBatt - ok
15:32:09.0587 5836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:32:09.0587 5836 HidBth - ok
15:32:09.0603 5836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:32:09.0603 5836 HidIr - ok
15:32:09.0634 5836 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:32:09.0634 5836 HidUsb - ok
15:32:09.0712 5836 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:32:09.0712 5836 HpSAMD - ok
15:32:09.0774 5836 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:32:09.0790 5836 HTTP - ok
15:32:09.0852 5836 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:32:09.0852 5836 hwpolicy - ok
15:32:09.0915 5836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:32:09.0915 5836 i8042prt - ok
15:32:09.0946 5836 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
15:32:09.0946 5836 iaStor - ok
15:32:10.0008 5836 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:32:10.0008 5836 iaStorV - ok
15:32:10.0242 5836 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:32:10.0492 5836 igfx - ok
15:32:10.0539 5836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:32:10.0539 5836 iirsp - ok
15:32:10.0632 5836 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
15:32:10.0663 5836 IntcAzAudAddService - ok
15:32:10.0695 5836 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
15:32:10.0695 5836 IntcHdmiAddService - ok
15:32:10.0741 5836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:32:10.0741 5836 intelide - ok
15:32:10.0773 5836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:32:10.0773 5836 intelppm - ok
15:32:10.0819 5836 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:32:10.0835 5836 IpFilterDriver - ok
15:32:10.0882 5836 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:32:10.0913 5836 IPMIDRV - ok
15:32:10.0929 5836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:32:10.0929 5836 IPNAT - ok
15:32:10.0975 5836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:32:10.0975 5836 IRENUM - ok
15:32:11.0022 5836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:32:11.0022 5836 isapnp - ok
15:32:11.0085 5836 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:32:11.0085 5836 iScsiPrt - ok
15:32:11.0116 5836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:32:11.0116 5836 kbdclass - ok
15:32:11.0194 5836 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:32:11.0194 5836 kbdhid - ok
15:32:11.0209 5836 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:32:11.0225 5836 KSecDD - ok
15:32:11.0272 5836 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:32:11.0272 5836 KSecPkg - ok
15:32:11.0287 5836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:32:11.0287 5836 ksthunk - ok
15:32:11.0334 5836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:32:11.0334 5836 lltdio - ok
15:32:11.0381 5836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:32:11.0381 5836 LSI_FC - ok
15:32:11.0397 5836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:32:11.0397 5836 LSI_SAS - ok
15:32:11.0412 5836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:32:11.0412 5836 LSI_SAS2 - ok
15:32:11.0428 5836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:32:11.0428 5836 LSI_SCSI - ok
15:32:11.0459 5836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:32:11.0459 5836 luafv - ok
15:32:11.0521 5836 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
15:32:11.0553 5836 mcdbus - ok
15:32:11.0584 5836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:32:11.0599 5836 megasas - ok
15:32:11.0615 5836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:32:11.0615 5836 MegaSR - ok
15:32:11.0631 5836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:32:11.0631 5836 Modem - ok
15:32:11.0693 5836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:32:11.0693 5836 monitor - ok
15:32:11.0755 5836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:32:11.0755 5836 mouclass - ok
15:32:11.0771 5836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:32:11.0771 5836 mouhid - ok
15:32:11.0818 5836 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:32:11.0833 5836 mountmgr - ok
15:32:11.0880 5836 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:32:11.0896 5836 mpio - ok
15:32:11.0911 5836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:32:11.0911 5836 mpsdrv - ok
15:32:12.0036 5836 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
15:32:12.0036 5836 MREMP50 - ok
15:32:12.0083 5836 MREMP50a64 - ok
15:32:12.0099 5836 MREMPR5 - ok
15:32:12.0114 5836 MRENDIS5 - ok
15:32:12.0114 5836 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
15:32:12.0130 5836 MRESP50 - ok
15:32:12.0130 5836 MRESP50a64 - ok
15:32:12.0192 5836 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:32:12.0192 5836 MRxDAV - ok
15:32:12.0239 5836 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:32:12.0239 5836 mrxsmb - ok
15:32:12.0301 5836 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:32:12.0301 5836 mrxsmb10 - ok
15:32:12.0317 5836 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:32:12.0317 5836 mrxsmb20 - ok
15:32:12.0364 5836 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:32:12.0364 5836 msahci - ok
15:32:12.0426 5836 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:32:12.0426 5836 msdsm - ok
15:32:12.0457 5836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:32:12.0457 5836 Msfs - ok
15:32:12.0473 5836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:32:12.0473 5836 mshidkmdf - ok
15:32:12.0520 5836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:32:12.0520 5836 msisadrv - ok
15:32:12.0551 5836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:32:12.0551 5836 MSKSSRV - ok
15:32:12.0567 5836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:32:12.0567 5836 MSPCLOCK - ok
15:32:12.0582 5836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:32:12.0582 5836 MSPQM - ok
15:32:12.0629 5836 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:32:12.0645 5836 MsRPC - ok
15:32:12.0691 5836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:32:12.0691 5836 mssmbios - ok
15:32:12.0754 5836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:32:12.0754 5836 MSTEE - ok
15:32:12.0769 5836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:32:12.0769 5836 MTConfig - ok
15:32:12.0785 5836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:32:12.0801 5836 Mup - ok
15:32:12.0816 5836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:32:12.0832 5836 NativeWifiP - ok
15:32:12.0910 5836 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:32:12.0925 5836 NDIS - ok
15:32:12.0941 5836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:32:12.0941 5836 NdisCap - ok
15:32:12.0972 5836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:32:12.0972 5836 NdisTapi - ok
15:32:13.0019 5836 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:32:13.0019 5836 Ndisuio - ok
15:32:13.0066 5836 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:32:13.0066 5836 NdisWan - ok
15:32:13.0128 5836 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:32:13.0128 5836 NDProxy - ok
15:32:13.0175 5836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:32:13.0175 5836 NetBIOS - ok
15:32:13.0237 5836 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:32:13.0237 5836 NetBT - ok
15:32:13.0253 5836 NetworkX - ok
15:32:13.0269 5836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:32:13.0284 5836 nfrd960 - ok
15:32:13.0331 5836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:32:13.0331 5836 Npfs - ok
15:32:13.0347 5836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:32:13.0347 5836 nsiproxy - ok
15:32:13.0440 5836 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:32:13.0456 5836 Ntfs - ok
15:32:13.0487 5836 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
15:32:13.0503 5836 NTIDrvr - ok
15:32:13.0518 5836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:32:13.0518 5836 Null - ok
15:32:13.0549 5836 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:32:13.0549 5836 nvraid - ok
15:32:13.0596 5836 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:32:13.0596 5836 nvstor - ok
15:32:13.0643 5836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:32:13.0643 5836 nv_agp - ok
15:32:13.0690 5836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:32:13.0690 5836 ohci1394 - ok
15:32:13.0752 5836 pae_1394 (af47815c950cb74b1f679058cfac50f1) C:\Windows\system32\Drivers\pae_1394_x64.sys
15:32:13.0752 5836 pae_1394 - ok
15:32:13.0783 5836 pae_avs (2fa369b7118ba983b2a6737ce7eb9eb0) C:\Windows\system32\Drivers\pae_avs_x64.sys
15:32:13.0799 5836 pae_avs - ok
15:32:13.0815 5836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:32:13.0815 5836 Parport - ok
15:32:13.0861 5836 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:32:13.0861 5836 partmgr - ok
15:32:13.0924 5836 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:32:13.0924 5836 pci - ok
15:32:13.0971 5836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:32:13.0971 5836 pciide - ok
15:32:13.0986 5836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:32:13.0986 5836 pcmcia - ok
15:32:14.0033 5836 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
15:32:14.0049 5836 pcouffin - ok
15:32:14.0064 5836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:32:14.0064 5836 pcw - ok
15:32:14.0095 5836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:32:14.0095 5836 PEAUTH - ok
15:32:14.0205 5836 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:32:14.0220 5836 PptpMiniport - ok
15:32:14.0236 5836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:32:14.0236 5836 Processor - ok
15:32:14.0283 5836 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:32:14.0298 5836 Psched - ok
15:32:14.0376 5836 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:32:14.0392 5836 PxHlpa64 - ok
15:32:14.0439 5836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:32:14.0454 5836 ql2300 - ok
15:32:14.0470 5836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:32:14.0470 5836 ql40xx - ok
15:32:14.0501 5836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:32:14.0517 5836 QWAVEdrv - ok
15:32:14.0532 5836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:32:14.0532 5836 RasAcd - ok
15:32:14.0595 5836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:32:14.0595 5836 RasAgileVpn - ok
15:32:14.0641 5836 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:14.0657 5836 Rasl2tp - ok
15:32:14.0673 5836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:14.0673 5836 RasPppoe - ok
15:32:14.0688 5836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:32:14.0688 5836 RasSstp - ok
15:32:14.0751 5836 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:32:14.0751 5836 rdbss - ok
15:32:14.0766 5836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:32:14.0766 5836 rdpbus - ok
15:32:14.0797 5836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:14.0797 5836 RDPCDD - ok
15:32:14.0813 5836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:32:14.0813 5836 RDPENCDD - ok
15:32:14.0829 5836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:32:14.0829 5836 RDPREFMP - ok
15:32:14.0891 5836 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:32:14.0891 5836 RDPWD - ok
15:32:14.0938 5836 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:32:14.0938 5836 rdyboost - ok
15:32:14.0985 5836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:32:14.0985 5836 rspndr - ok
15:32:15.0031 5836 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:32:15.0031 5836 sbp2port - ok
15:32:15.0094 5836 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:32:15.0094 5836 scfilter - ok
15:32:15.0125 5836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:32:15.0125 5836 secdrv - ok
15:32:15.0141 5836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:32:15.0141 5836 Serenum - ok
15:32:15.0172 5836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:32:15.0187 5836 Serial - ok
15:32:15.0234 5836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:32:15.0234 5836 sermouse - ok
15:32:15.0312 5836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:32:15.0312 5836 sffdisk - ok
15:32:15.0343 5836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:32:15.0343 5836 sffp_mmc - ok
15:32:15.0359 5836 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:32:15.0359 5836 sffp_sd - ok
15:32:15.0375 5836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:32:15.0375 5836 sfloppy - ok
15:32:15.0390 5836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:32:15.0390 5836 SiSRaid2 - ok
15:32:15.0406 5836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:32:15.0406 5836 SiSRaid4 - ok
15:32:15.0421 5836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:32:15.0421 5836 Smb - ok
15:32:15.0437 5836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:32:15.0437 5836 spldr - ok
15:32:15.0515 5836 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:32:15.0515 5836 srv - ok
15:32:15.0577 5836 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:32:15.0593 5836 srv2 - ok
15:32:15.0609 5836 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:32:15.0609 5836 srvnet - ok
15:32:15.0640 5836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:32:15.0640 5836 stexstor - ok
15:32:15.0702 5836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:32:15.0702 5836 swenum - ok
15:32:15.0811 5836 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:32:15.0858 5836 Tcpip - ok
15:32:15.0889 5836 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:32:15.0889 5836 TCPIP6 - ok
15:32:15.0967 5836 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:32:15.0967 5836 tcpipreg - ok
15:32:15.0999 5836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:32:15.0999 5836 TDPIPE - ok
15:32:16.0030 5836 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:32:16.0030 5836 TDTCP - ok
15:32:16.0077 5836 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:32:16.0092 5836 tdx - ok
15:32:16.0092 5836 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:32:16.0108 5836 TermDD - ok
15:32:16.0155 5836 Tpkd (2e595c44b1c1160070b1530edf6de098) C:\Windows\system32\drivers\Tpkd.sys
15:32:16.0155 5836 Tpkd - ok
15:32:16.0233 5836 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:16.0233 5836 tssecsrv - ok
15:32:16.0279 5836 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:32:16.0295 5836 TsUsbFlt - ok
15:32:16.0357 5836 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:32:16.0357 5836 tunnel - ok
15:32:16.0389 5836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:32:16.0389 5836 uagp35 - ok
15:32:16.0435 5836 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
15:32:16.0435 5836 UBHelper - ok
15:32:16.0498 5836 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:32:16.0498 5836 udfs - ok
15:32:16.0560 5836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:32:16.0560 5836 uliagpkx - ok
15:32:16.0576 5836 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:32:16.0591 5836 umbus - ok
15:32:16.0623 5836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:32:16.0638 5836 UmPass - ok
15:32:16.0716 5836 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:32:16.0732 5836 usbaudio - ok
15:32:16.0779 5836 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:16.0779 5836 usbccgp - ok
15:32:16.0825 5836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:32:16.0841 5836 usbcir - ok
15:32:16.0903 5836 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:32:16.0903 5836 usbehci - ok
15:32:16.0935 5836 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:32:16.0935 5836 usbhub - ok
15:32:16.0950 5836 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:32:16.0966 5836 usbohci - ok
15:32:16.0981 5836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:32:16.0981 5836 usbprint - ok
15:32:17.0028 5836 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:32:17.0044 5836 usbscan - ok
15:32:17.0075 5836 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:32:17.0075 5836 USBSTOR - ok
15:32:17.0091 5836 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:17.0106 5836 usbuhci - ok
15:32:17.0169 5836 VClone (c5e70c4e64666db9d69c9f2fdae22428) C:\Windows\system32\DRIVERS\VClone.sys
15:32:17.0169 5836 VClone - ok
15:32:17.0231 5836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:32:17.0231 5836 vdrvroot - ok
15:32:17.0262 5836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:17.0262 5836 vga - ok
15:32:17.0278 5836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:32:17.0278 5836 VgaSave - ok
15:32:17.0325 5836 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:32:17.0340 5836 vhdmp - ok
15:32:17.0387 5836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:32:17.0387 5836 viaide - ok
15:32:17.0434 5836 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:32:17.0434 5836 volmgr - ok
15:32:17.0496 5836 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:32:17.0496 5836 volmgrx - ok
15:32:17.0559 5836 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:32:17.0559 5836 volsnap - ok
15:32:17.0590 5836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:32:17.0590 5836 vsmraid - ok
15:32:17.0621 5836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:32:17.0637 5836 vwifibus - ok
15:32:17.0652 5836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:32:17.0668 5836 WacomPen - ok
15:32:17.0683 5836 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:17.0683 5836 WANARP - ok
15:32:17.0699 5836 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:17.0699 5836 Wanarpv6 - ok
15:32:17.0715 5836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:32:17.0730 5836 Wd - ok
15:32:17.0761 5836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:32:17.0761 5836 Wdf01000 - ok
15:32:17.0793 5836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:32:17.0793 5836 WfpLwf - ok
15:32:17.0824 5836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:32:17.0824 5836 WIMMount - ok
15:32:17.0902 5836 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:32:17.0917 5836 WinUsb - ok
15:32:17.0980 5836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:32:17.0980 5836 WmiAcpi - ok
15:32:18.0011 5836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:32:18.0027 5836 ws2ifsl - ok
15:32:18.0073 5836 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:32:18.0089 5836 WudfPf - ok
15:32:18.0105 5836 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:18.0105 5836 WUDFRd - ok
15:32:18.0136 5836 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:32:18.0183 5836 \Device\Harddisk0\DR0 - ok
15:32:18.0198 5836 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:32:18.0214 5836 \Device\Harddisk1\DR1 - ok
15:32:18.0229 5836 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk2\DR2
15:32:18.0417 5836 \Device\Harddisk2\DR2 - ok
15:32:18.0448 5836 MBR (0x1B8) (8f558eb66

#14 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 11 January 2012 - 03:35 PM

15:31:41.0975 8148 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
15:31:43.0987 8148 ============================================================
15:31:43.0987 8148 Current date / time: 2012/01/11 15:31:43.0987
15:31:43.0987 8148 SystemInfo:
15:31:43.0987 8148
15:31:43.0987 8148 OS Version: 6.1.7601 ServicePack: 1.0
15:31:43.0987 8148 Product type: Workstation
15:31:43.0987 8148 ComputerName: LTS
15:31:43.0987 8148 UserName: Administrator
15:31:43.0987 8148 Windows directory: C:\Windows
15:31:43.0987 8148 System windows directory: C:\Windows
15:31:43.0987 8148 Running under WOW64
15:31:43.0987 8148 Processor architecture: Intel x64
15:31:43.0987 8148 Number of processors: 2
15:31:43.0987 8148 Page size: 0x1000
15:31:43.0987 8148 Boot type: Normal boot
15:31:43.0987 8148 ============================================================
15:31:44.0471 8148 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
15:31:44.0487 8148 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:31:54.0096 8148 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:00.0383 8148 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0B00000, SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:00.0399 8148 Drive \Device\Harddisk4\DR4 - Size: 0x1E6E80000, SectorSize: 0x200, Cylinders: 0x3E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:32:00.0617 8148 Initialize success
15:32:03.0550 5836 ============================================================
15:32:03.0550 5836 Scan started
15:32:03.0550 5836 Mode: Manual;
15:32:03.0550 5836 ============================================================
15:32:05.0734 5836 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:32:05.0765 5836 1394ohci - ok
15:32:05.0812 5836 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
15:32:05.0827 5836 61883 - ok
15:32:05.0890 5836 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:32:05.0890 5836 ACPI - ok
15:32:05.0937 5836 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:32:05.0952 5836 AcpiPmi - ok
15:32:06.0015 5836 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:32:06.0015 5836 adfs - ok
15:32:06.0077 5836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:32:06.0093 5836 adp94xx - ok
15:32:06.0108 5836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:32:06.0108 5836 adpahci - ok
15:32:06.0124 5836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:32:06.0124 5836 adpu320 - ok
15:32:06.0186 5836 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:32:06.0202 5836 AFD - ok
15:32:06.0233 5836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:32:06.0249 5836 agp440 - ok
15:32:06.0264 5836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:32:06.0264 5836 aliide - ok
15:32:06.0311 5836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:32:06.0311 5836 amdide - ok
15:32:06.0342 5836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:32:06.0358 5836 AmdK8 - ok
15:32:06.0358 5836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:32:06.0358 5836 AmdPPM - ok
15:32:06.0405 5836 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:32:06.0420 5836 amdsata - ok
15:32:06.0420 5836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:32:06.0420 5836 amdsbs - ok
15:32:06.0451 5836 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:32:06.0451 5836 amdxata - ok
15:32:06.0498 5836 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:32:06.0498 5836 AppID - ok
15:32:06.0514 5836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:32:06.0514 5836 arc - ok
15:32:06.0545 5836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:32:06.0545 5836 arcsas - ok
15:32:06.0561 5836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:32:06.0576 5836 AsyncMac - ok
15:32:06.0592 5836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:32:06.0592 5836 atapi - ok
15:32:06.0732 5836 ATICDSDr - ok
15:32:06.0779 5836 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
15:32:06.0779 5836 Avc - ok
15:32:06.0873 5836 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
15:32:06.0873 5836 AVGIDSDriver - ok
15:32:06.0919 5836 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
15:32:06.0919 5836 AVGIDSEH - ok
15:32:06.0982 5836 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
15:32:06.0982 5836 AVGIDSFilter - ok
15:32:07.0060 5836 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
15:32:07.0060 5836 Avgldx64 - ok
15:32:07.0122 5836 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
15:32:07.0122 5836 Avgmfx64 - ok
15:32:07.0185 5836 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
15:32:07.0185 5836 Avgrkx64 - ok
15:32:07.0216 5836 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
15:32:07.0216 5836 Avgtdia - ok
15:32:07.0278 5836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:32:07.0294 5836 b06bdrv - ok
15:32:07.0309 5836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:32:07.0325 5836 b57nd60a - ok
15:32:07.0341 5836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:32:07.0341 5836 Beep - ok
15:32:07.0372 5836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:32:07.0372 5836 blbdrive - ok
15:32:07.0419 5836 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:32:07.0419 5836 bowser - ok
15:32:07.0434 5836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:32:07.0450 5836 BrFiltLo - ok
15:32:07.0450 5836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:32:07.0450 5836 BrFiltUp - ok
15:32:07.0465 5836 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:32:07.0465 5836 BridgeMP - ok
15:32:07.0481 5836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:32:07.0481 5836 Brserid - ok
15:32:07.0497 5836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:32:07.0497 5836 BrSerWdm - ok
15:32:07.0512 5836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:32:07.0528 5836 BrUsbMdm - ok
15:32:07.0528 5836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:32:07.0528 5836 BrUsbSer - ok
15:32:07.0543 5836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:32:07.0559 5836 BTHMODEM - ok
15:32:07.0606 5836 Bulk (d8bd549336593ca304b3524ff2f42717) C:\Windows\system32\Drivers\HDJBulk.sys
15:32:07.0621 5836 Bulk - ok
15:32:07.0715 5836 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
15:32:07.0715 5836 BVRPMPR5a64 - ok
15:32:07.0731 5836 catchme - ok
15:32:07.0746 5836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:32:07.0746 5836 cdfs - ok
15:32:07.0809 5836 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:32:07.0824 5836 cdrom - ok
15:32:07.0855 5836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:32:07.0855 5836 circlass - ok
15:32:07.0887 5836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:32:07.0887 5836 CLFS - ok
15:32:07.0918 5836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:32:07.0918 5836 CmBatt - ok
15:32:07.0965 5836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:32:07.0980 5836 cmdide - ok
15:32:08.0027 5836 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:32:08.0027 5836 CNG - ok
15:32:08.0058 5836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:32:08.0058 5836 Compbatt - ok
15:32:08.0105 5836 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:32:08.0105 5836 CompositeBus - ok
15:32:08.0121 5836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:32:08.0136 5836 crcdisk - ok
15:32:08.0167 5836 DELTAII (432071b1a990611f001932481bc5b7f1) C:\Windows\system32\DRIVERS\MAudioDelta.sys
15:32:08.0183 5836 DELTAII - ok
15:32:08.0230 5836 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:32:08.0245 5836 DfsC - ok
15:32:08.0292 5836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:32:08.0292 5836 discache - ok
15:32:08.0308 5836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:32:08.0308 5836 Disk - ok
15:32:08.0370 5836 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:32:08.0386 5836 Dot4 - ok
15:32:08.0433 5836 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
15:32:08.0433 5836 Dot4Print - ok
15:32:08.0495 5836 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:32:08.0495 5836 dot4usb - ok
15:32:08.0511 5836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:32:08.0511 5836 drmkaud - ok
15:32:08.0573 5836 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:32:08.0573 5836 DXGKrnl - ok
15:32:08.0620 5836 e1yexpress (761b9edd97a021aa1922501b7a056635) C:\Windows\system32\DRIVERS\e1y62x64.sys
15:32:08.0635 5836 e1yexpress - ok
15:32:08.0698 5836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:32:08.0776 5836 ebdrv - ok
15:32:08.0869 5836 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys
15:32:08.0869 5836 ElbyCDIO - ok
15:32:08.0916 5836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:32:08.0916 5836 elxstor - ok
15:32:08.0963 5836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:32:08.0979 5836 ErrDev - ok
15:32:08.0994 5836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:32:08.0994 5836 exfat - ok
15:32:09.0025 5836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:32:09.0025 5836 fastfat - ok
15:32:09.0041 5836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:32:09.0041 5836 fdc - ok
15:32:09.0072 5836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:32:09.0072 5836 FileInfo - ok
15:32:09.0088 5836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:32:09.0088 5836 Filetrace - ok
15:32:09.0119 5836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:32:09.0119 5836 flpydisk - ok
15:32:09.0181 5836 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:32:09.0181 5836 FltMgr - ok
15:32:09.0213 5836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:32:09.0213 5836 FsDepends - ok
15:32:09.0228 5836 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:32:09.0228 5836 Fs_Rec - ok
15:32:09.0275 5836 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:32:09.0291 5836 fvevol - ok
15:32:09.0322 5836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:32:09.0322 5836 gagp30kx - ok
15:32:09.0369 5836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:32:09.0369 5836 hcw85cir - ok
15:32:09.0415 5836 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:32:09.0431 5836 HdAudAddService - ok
15:32:09.0493 5836 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:32:09.0493 5836 HDAudBus - ok
15:32:09.0540 5836 HDJMidi (f10b45171f7e8618e0868f3a0c9efe84) C:\Windows\system32\DRIVERS\HDJMidi.sys
15:32:09.0540 5836 HDJMidi - ok
15:32:09.0571 5836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:32:09.0571 5836 HidBatt - ok
15:32:09.0587 5836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:32:09.0587 5836 HidBth - ok
15:32:09.0603 5836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:32:09.0603 5836 HidIr - ok
15:32:09.0634 5836 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:32:09.0634 5836 HidUsb - ok
15:32:09.0712 5836 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:32:09.0712 5836 HpSAMD - ok
15:32:09.0774 5836 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:32:09.0790 5836 HTTP - ok
15:32:09.0852 5836 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:32:09.0852 5836 hwpolicy - ok
15:32:09.0915 5836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:32:09.0915 5836 i8042prt - ok
15:32:09.0946 5836 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
15:32:09.0946 5836 iaStor - ok
15:32:10.0008 5836 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:32:10.0008 5836 iaStorV - ok
15:32:10.0242 5836 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:32:10.0492 5836 igfx - ok
15:32:10.0539 5836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:32:10.0539 5836 iirsp - ok
15:32:10.0632 5836 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
15:32:10.0663 5836 IntcAzAudAddService - ok
15:32:10.0695 5836 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
15:32:10.0695 5836 IntcHdmiAddService - ok
15:32:10.0741 5836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:32:10.0741 5836 intelide - ok
15:32:10.0773 5836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:32:10.0773 5836 intelppm - ok
15:32:10.0819 5836 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:32:10.0835 5836 IpFilterDriver - ok
15:32:10.0882 5836 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:32:10.0913 5836 IPMIDRV - ok
15:32:10.0929 5836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:32:10.0929 5836 IPNAT - ok
15:32:10.0975 5836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:32:10.0975 5836 IRENUM - ok
15:32:11.0022 5836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:32:11.0022 5836 isapnp - ok
15:32:11.0085 5836 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:32:11.0085 5836 iScsiPrt - ok
15:32:11.0116 5836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:32:11.0116 5836 kbdclass - ok
15:32:11.0194 5836 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:32:11.0194 5836 kbdhid - ok
15:32:11.0209 5836 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:32:11.0225 5836 KSecDD - ok
15:32:11.0272 5836 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:32:11.0272 5836 KSecPkg - ok
15:32:11.0287 5836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:32:11.0287 5836 ksthunk - ok
15:32:11.0334 5836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:32:11.0334 5836 lltdio - ok
15:32:11.0381 5836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:32:11.0381 5836 LSI_FC - ok
15:32:11.0397 5836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:32:11.0397 5836 LSI_SAS - ok
15:32:11.0412 5836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:32:11.0412 5836 LSI_SAS2 - ok
15:32:11.0428 5836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:32:11.0428 5836 LSI_SCSI - ok
15:32:11.0459 5836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:32:11.0459 5836 luafv - ok
15:32:11.0521 5836 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
15:32:11.0553 5836 mcdbus - ok
15:32:11.0584 5836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:32:11.0599 5836 megasas - ok
15:32:11.0615 5836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:32:11.0615 5836 MegaSR - ok
15:32:11.0631 5836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:32:11.0631 5836 Modem - ok
15:32:11.0693 5836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:32:11.0693 5836 monitor - ok
15:32:11.0755 5836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:32:11.0755 5836 mouclass - ok
15:32:11.0771 5836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:32:11.0771 5836 mouhid - ok
15:32:11.0818 5836 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:32:11.0833 5836 mountmgr - ok
15:32:11.0880 5836 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:32:11.0896 5836 mpio - ok
15:32:11.0911 5836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:32:11.0911 5836 mpsdrv - ok
15:32:12.0036 5836 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
15:32:12.0036 5836 MREMP50 - ok
15:32:12.0083 5836 MREMP50a64 - ok
15:32:12.0099 5836 MREMPR5 - ok
15:32:12.0114 5836 MRENDIS5 - ok
15:32:12.0114 5836 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
15:32:12.0130 5836 MRESP50 - ok
15:32:12.0130 5836 MRESP50a64 - ok
15:32:12.0192 5836 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:32:12.0192 5836 MRxDAV - ok
15:32:12.0239 5836 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:32:12.0239 5836 mrxsmb - ok
15:32:12.0301 5836 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:32:12.0301 5836 mrxsmb10 - ok
15:32:12.0317 5836 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:32:12.0317 5836 mrxsmb20 - ok
15:32:12.0364 5836 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:32:12.0364 5836 msahci - ok
15:32:12.0426 5836 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:32:12.0426 5836 msdsm - ok
15:32:12.0457 5836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:32:12.0457 5836 Msfs - ok
15:32:12.0473 5836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:32:12.0473 5836 mshidkmdf - ok
15:32:12.0520 5836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:32:12.0520 5836 msisadrv - ok
15:32:12.0551 5836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:32:12.0551 5836 MSKSSRV - ok
15:32:12.0567 5836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:32:12.0567 5836 MSPCLOCK - ok
15:32:12.0582 5836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:32:12.0582 5836 MSPQM - ok
15:32:12.0629 5836 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:32:12.0645 5836 MsRPC - ok
15:32:12.0691 5836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:32:12.0691 5836 mssmbios - ok
15:32:12.0754 5836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:32:12.0754 5836 MSTEE - ok
15:32:12.0769 5836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:32:12.0769 5836 MTConfig - ok
15:32:12.0785 5836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:32:12.0801 5836 Mup - ok
15:32:12.0816 5836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:32:12.0832 5836 NativeWifiP - ok
15:32:12.0910 5836 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:32:12.0925 5836 NDIS - ok
15:32:12.0941 5836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:32:12.0941 5836 NdisCap - ok
15:32:12.0972 5836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:32:12.0972 5836 NdisTapi - ok
15:32:13.0019 5836 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:32:13.0019 5836 Ndisuio - ok
15:32:13.0066 5836 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:32:13.0066 5836 NdisWan - ok
15:32:13.0128 5836 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:32:13.0128 5836 NDProxy - ok
15:32:13.0175 5836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:32:13.0175 5836 NetBIOS - ok
15:32:13.0237 5836 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:32:13.0237 5836 NetBT - ok
15:32:13.0253 5836 NetworkX - ok
15:32:13.0269 5836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:32:13.0284 5836 nfrd960 - ok
15:32:13.0331 5836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:32:13.0331 5836 Npfs - ok
15:32:13.0347 5836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:32:13.0347 5836 nsiproxy - ok
15:32:13.0440 5836 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:32:13.0456 5836 Ntfs - ok
15:32:13.0487 5836 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
15:32:13.0503 5836 NTIDrvr - ok
15:32:13.0518 5836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:32:13.0518 5836 Null - ok
15:32:13.0549 5836 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:32:13.0549 5836 nvraid - ok
15:32:13.0596 5836 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:32:13.0596 5836 nvstor - ok
15:32:13.0643 5836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:32:13.0643 5836 nv_agp - ok
15:32:13.0690 5836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:32:13.0690 5836 ohci1394 - ok
15:32:13.0752 5836 pae_1394 (af47815c950cb74b1f679058cfac50f1) C:\Windows\system32\Drivers\pae_1394_x64.sys
15:32:13.0752 5836 pae_1394 - ok
15:32:13.0783 5836 pae_avs (2fa369b7118ba983b2a6737ce7eb9eb0) C:\Windows\system32\Drivers\pae_avs_x64.sys
15:32:13.0799 5836 pae_avs - ok
15:32:13.0815 5836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:32:13.0815 5836 Parport - ok
15:32:13.0861 5836 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:32:13.0861 5836 partmgr - ok
15:32:13.0924 5836 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:32:13.0924 5836 pci - ok
15:32:13.0971 5836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:32:13.0971 5836 pciide - ok
15:32:13.0986 5836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:32:13.0986 5836 pcmcia - ok
15:32:14.0033 5836 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
15:32:14.0049 5836 pcouffin - ok
15:32:14.0064 5836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:32:14.0064 5836 pcw - ok
15:32:14.0095 5836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:32:14.0095 5836 PEAUTH - ok
15:32:14.0205 5836 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:32:14.0220 5836 PptpMiniport - ok
15:32:14.0236 5836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:32:14.0236 5836 Processor - ok
15:32:14.0283 5836 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:32:14.0298 5836 Psched - ok
15:32:14.0376 5836 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:32:14.0392 5836 PxHlpa64 - ok
15:32:14.0439 5836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:32:14.0454 5836 ql2300 - ok
15:32:14.0470 5836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:32:14.0470 5836 ql40xx - ok
15:32:14.0501 5836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:32:14.0517 5836 QWAVEdrv - ok
15:32:14.0532 5836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:32:14.0532 5836 RasAcd - ok
15:32:14.0595 5836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:32:14.0595 5836 RasAgileVpn - ok
15:32:14.0641 5836 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:14.0657 5836 Rasl2tp - ok
15:32:14.0673 5836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:14.0673 5836 RasPppoe - ok
15:32:14.0688 5836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:32:14.0688 5836 RasSstp - ok
15:32:14.0751 5836 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:32:14.0751 5836 rdbss - ok
15:32:14.0766 5836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:32:14.0766 5836 rdpbus - ok
15:32:14.0797 5836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:14.0797 5836 RDPCDD - ok
15:32:14.0813 5836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:32:14.0813 5836 RDPENCDD - ok
15:32:14.0829 5836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:32:14.0829 5836 RDPREFMP - ok
15:32:14.0891 5836 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:32:14.0891 5836 RDPWD - ok
15:32:14.0938 5836 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:32:14.0938 5836 rdyboost - ok
15:32:14.0985 5836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:32:14.0985 5836 rspndr - ok
15:32:15.0031 5836 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:32:15.0031 5836 sbp2port - ok
15:32:15.0094 5836 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:32:15.0094 5836 scfilter - ok
15:32:15.0125 5836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:32:15.0125 5836 secdrv - ok
15:32:15.0141 5836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:32:15.0141 5836 Serenum - ok
15:32:15.0172 5836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:32:15.0187 5836 Serial - ok
15:32:15.0234 5836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:32:15.0234 5836 sermouse - ok
15:32:15.0312 5836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:32:15.0312 5836 sffdisk - ok
15:32:15.0343 5836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:32:15.0343 5836 sffp_mmc - ok
15:32:15.0359 5836 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:32:15.0359 5836 sffp_sd - ok
15:32:15.0375 5836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:32:15.0375 5836 sfloppy - ok
15:32:15.0390 5836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:32:15.0390 5836 SiSRaid2 - ok
15:32:15.0406 5836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:32:15.0406 5836 SiSRaid4 - ok
15:32:15.0421 5836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:32:15.0421 5836 Smb - ok
15:32:15.0437 5836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:32:15.0437 5836 spldr - ok
15:32:15.0515 5836 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:32:15.0515 5836 srv - ok
15:32:15.0577 5836 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:32:15.0593 5836 srv2 - ok
15:32:15.0609 5836 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:32:15.0609 5836 srvnet - ok
15:32:15.0640 5836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:32:15.0640 5836 stexstor - ok
15:32:15.0702 5836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:32:15.0702 5836 swenum - ok
15:32:15.0811 5836 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:32:15.0858 5836 Tcpip - ok
15:32:15.0889 5836 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:32:15.0889 5836 TCPIP6 - ok
15:32:15.0967 5836 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:32:15.0967 5836 tcpipreg - ok
15:32:15.0999 5836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:32:15.0999 5836 TDPIPE - ok
15:32:16.0030 5836 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:32:16.0030 5836 TDTCP - ok
15:32:16.0077 5836 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:32:16.0092 5836 tdx - ok
15:32:16.0092 5836 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:32:16.0108 5836 TermDD - ok
15:32:16.0155 5836 Tpkd (2e595c44b1c1160070b1530edf6de098) C:\Windows\system32\drivers\Tpkd.sys
15:32:16.0155 5836 Tpkd - ok
15:32:16.0233 5836 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:16.0233 5836 tssecsrv - ok
15:32:16.0279 5836 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:32:16.0295 5836 TsUsbFlt - ok
15:32:16.0357 5836 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:32:16.0357 5836 tunnel - ok
15:32:16.0389 5836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:32:16.0389 5836 uagp35 - ok
15:32:16.0435 5836 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
15:32:16.0435 5836 UBHelper - ok
15:32:16.0498 5836 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:32:16.0498 5836 udfs - ok
15:32:16.0560 5836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:32:16.0560 5836 uliagpkx - ok
15:32:16.0576 5836 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:32:16.0591 5836 umbus - ok
15:32:16.0623 5836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:32:16.0638 5836 UmPass - ok
15:32:16.0716 5836 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:32:16.0732 5836 usbaudio - ok
15:32:16.0779 5836 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:16.0779 5836 usbccgp - ok
15:32:16.0825 5836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:32:16.0841 5836 usbcir - ok
15:32:16.0903 5836 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:32:16.0903 5836 usbehci - ok
15:32:16.0935 5836 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:32:16.0935 5836 usbhub - ok
15:32:16.0950 5836 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:32:16.0966 5836 usbohci - ok
15:32:16.0981 5836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:32:16.0981 5836 usbprint - ok
15:32:17.0028 5836 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:32:17.0044 5836 usbscan - ok
15:32:17.0075 5836 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:32:17.0075 5836 USBSTOR - ok
15:32:17.0091 5836 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:17.0106 5836 usbuhci - ok
15:32:17.0169 5836 VClone (c5e70c4e64666db9d69c9f2fdae22428) C:\Windows\system32\DRIVERS\VClone.sys
15:32:17.0169 5836 VClone - ok
15:32:17.0231 5836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:32:17.0231 5836 vdrvroot - ok
15:32:17.0262 5836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:17.0262 5836 vga - ok
15:32:17.0278 5836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:32:17.0278 5836 VgaSave - ok
15:32:17.0325 5836 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:32:17.0340 5836 vhdmp - ok
15:32:17.0387 5836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:32:17.0387 5836 viaide - ok
15:32:17.0434 5836 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:32:17.0434 5836 volmgr - ok
15:32:17.0496 5836 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:32:17.0496 5836 volmgrx - ok
15:32:17.0559 5836 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:32:17.0559 5836 volsnap - ok
15:32:17.0590 5836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:32:17.0590 5836 vsmraid - ok
15:32:17.0621 5836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:32:17.0637 5836 vwifibus - ok
15:32:17.0652 5836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:32:17.0668 5836 WacomPen - ok
15:32:17.0683 5836 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:17.0683 5836 WANARP - ok
15:32:17.0699 5836 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:32:17.0699 5836 Wanarpv6 - ok
15:32:17.0715 5836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:32:17.0730 5836 Wd - ok
15:32:17.0761 5836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:32:17.0761 5836 Wdf01000 - ok
15:32:17.0793 5836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:32:17.0793 5836 WfpLwf - ok
15:32:17.0824 5836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:32:17.0824 5836 WIMMount - ok
15:32:17.0902 5836 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:32:17.0917 5836 WinUsb - ok
15:32:17.0980 5836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:32:17.0980 5836 WmiAcpi - ok
15:32:18.0011 5836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:32:18.0027 5836 ws2ifsl - ok
15:32:18.0073 5836 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:32:18.0089 5836 WudfPf - ok
15:32:18.0105 5836 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:18.0105 5836 WUDFRd - ok
15:32:18.0136 5836 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:32:18.0183 5836 \Device\Harddisk0\DR0 - ok
15:32:18.0198 5836 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:32:18.0214 5836 \Device\Harddisk1\DR1 - ok
15:32:18.0229 5836 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk2\DR2
15:32:18.0417 5836 \Device\Harddisk2\DR2 - ok
15:32:18.0448 5836 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
15:32:18.0448 5836 \Device\Harddisk3\DR3 - ok
15:32:18.0463 5836 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
15:32:18.0463 5836 \Device\Harddisk4\DR4 - ok
15:32:18.0479 5836 Boot (0x1200) (ce72ec9aee5497c42f64c6472ac6f3dc) \Device\Harddisk0\DR0\Partition0
15:32:18.0479 5836 \Device\Harddisk0\DR0\Partition0 - ok
15:32:18.0495 5836 Boot (0x1200) (1c1c0f551d0a9daa727eef0bb999d1dc) \Device\Harddisk0\DR0\Partition1
15:32:18.0495 5836 \Device\Harddisk0\DR0\Partition1 - ok
15:32:18.0495 5836 Boot (0x1200) (9b971d9f3a820293192c0080bf3b5c40) \Device\Harddisk1\DR1\Partition0
15:32:18.0495 5836 \Device\Harddisk1\DR1\Partition0 - ok
15:32:18.0495 5836 Boot (0x1200) (c1149627787f88e9ed2f9e03fd10aef7) \Device\Harddisk2\DR2\Partition0
15:32:18.0510 5836 \Device\Harddisk2\DR2\Partition0 - ok
15:32:18.0510 5836 Boot (0x1200) (618a5115a0db0742cbff91098a8fe33f) \Device\Harddisk3\DR3\Partition0
15:32:18.0510 5836 \Device\Harddisk3\DR3\Partition0 - ok
15:32:18.0510 5836 Boot (0x1200) (b205b2080fcab217f439e602b31e8f4f) \Device\Harddisk4\DR4\Partition0
15:32:18.0510 5836 \Device\Harddisk4\DR4\Partition0 - ok
15:32:18.0510 5836 ============================================================
15:32:18.0510 5836 Scan finished
15:32:18.0510 5836 ============================================================
15:32:18.0526 8652 Detected object count: 0
15:32:18.0526 8652 Actual detected object count: 0

#15 cornpoop

cornpoop
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:12 PM

Posted 11 January 2012 - 03:39 PM

I posted twice cause it didnt post the full scan the first time...found nothing




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users