Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What am I infected with???


  • This topic is locked This topic is locked
10 replies to this topic

#1 GuardsRed928

GuardsRed928

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 09 April 2012 - 11:54 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Pedro at 23:44:51 on 2012-04-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5173 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\system32\locator.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Soda PDF 2011\ConversionService.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
C:\Program Files (x86)\TwonkyMedia\twonkywebdav.exe
C:\Program Files (x86)\TwonkyMedia\TwonkyMediaServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pedro\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Users\Pedro\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Simpo PDF Creator Pro\SpcProSrv.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com/calendar/render?tab=mc&pli=1&gsessionid=9iac8Z7tXbW9lbAnN91oXA
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=fx6840&r=17360411z306p04d5v155k4751r520
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Soda PDF 2011 Helper: {5cfcaff6-5bb0-4864-b626-021c99ed82e5} - C:\Program Files (x86)\Soda PDF 2011\PDFIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: CrossRider: {a876e312-7d08-401a-b7a6-fafc5dc2f292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Soda PDF 2011 Toolbar: {980eb9ec-6eb5-4258-bddb-efe25c5f99ef} - C:\Program Files (x86)\Soda PDF 2011\PDFIEPlugin.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [CDC3CB6BC84F67BABA95C926C2DFBB40B778EA87._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe
uRun: [Akamai NetSession Interface] "C:\Users\Pedro\AppData\Local\Akamai\netsession_win.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Simpo PDF Creator Pro Server] "C:\Program Files (x86)\Simpo PDF Creator Pro\SpcProSrv.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
StartupFolder: C:\Users\Pedro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\Pedro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Add to Playlist - C:\Program Files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Beam to - C:\Program Files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/231
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - {BE8D0059-D24D-4919-B76F-99F4A2203647} {BE8D0059-D24D-4919-B76F-99F4A2203647} - {be8d0059-d24d-4919-b76f-99f4a2203647}\inprocserver32 does not exist!
DPF: {30A3CCA5-F34C-4E87-BB57-5A2F2C935E14} - file:///E:/CDVIEWER/CdViewer.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} - hxxp://lewisdrug.lifepics.com/net/Uploader/LPUploader57.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} - hxxp://zeppelinxpress.dyndns.org/HiDvrOcx.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 172.16.0.1
TCP: Interfaces\{4F695AB3-B852-4A93-9CD5-5E6D2D7A4DE7} : DhcpNameServer = 172.16.0.1
TCP: Interfaces\{A896323F-ED95-4046-B4E3-80EFAF9F97C5} : DhcpNameServer = 172.26.38.1 172.26.38.2
TCP: Interfaces\{C44346B1-6505-44AF-B492-80FAEE110C02} : DhcpNameServer = 24.220.0.10 24.220.0.11 8.8.8.8
TCP: Interfaces\{E633F805-8AFE-4A58-B5B9-4F1B29E3BBD8} : DhcpNameServer = 24.220.0.10 24.220.0.11
TCP: Interfaces\{EB14D4FA-F838-4B3E-B9C1-790B714275F9} : DhcpNameServer = 192.168.0.1 205.171.2.25
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - D:\Eudora\EuShlExt.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Soda PDF 2011 Helper: {5CFCAFF6-5BB0-4864-B626-021C99ED82E5} - C:\Program Files (x86)\Soda PDF 2011\PDFIEHelper.dll
BHO-X64: Soda PDF 2011 Helper - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: CrossRider: {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll
BHO-X64: CrossRider - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO-X64: GOM Player + Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: GOM Player + Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Soda PDF 2011 Toolbar: {980EB9EC-6EB5-4258-BDDB-EFE25C5F99EF} - C:\Program Files (x86)\Soda PDF 2011\PDFIEPlugin.dll
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Simpo PDF Creator Pro Server] "C:\Program Files (x86)\Simpo PDF Creator Pro\SpcProSrv.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: Eudora's Shell Extension: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - D:\Eudora\EuShlExt.dll
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-3-16 782744]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-16 44768]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
R2 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-8 652360]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-9-24 341312]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-10-10 341296]
R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-9-24 68928]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Soda PDF 2011 Service;Soda PDF 2011 Service;C:\Program Files (x86)\Soda PDF 2011\ConversionService.exe [2011-12-1 903512]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-11 2358656]
R2 TwonkyMedia;TwonkyMedia;C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe -serviceversion 0 --> C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe -serviceversion 0 [?]
R2 TwonkyWebDav;TwonkyWebDav;C:\Program Files (x86)\TwonkyMedia\twonkywebdav.exe -start --> C:\Program Files (x86)\TwonkyMedia\twonkywebdav.exe -start [?]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-7-27 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-13 76320]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-25 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 253600]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-4-25 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-4-25 79360]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-25 135664]
S3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\system32\DRIVERS\AE2500w764.sys --> C:\Windows\system32\DRIVERS\AE2500w764.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;C:\Windows\system32\DRIVERS\wg111v3.sys --> C:\Windows\system32\DRIVERS\wg111v3.sys [?]
S3 Samsung UPD Service2;Samsung UPD Service2;"C:\Windows\System32\SUPDSvc2.exe" --> C:\Windows\System32\SUPDSvc2.exe [?]
S3 Soda PDF 2011 Helper Service;Soda PDF 2011 Helper Service;C:\Program Files (x86)\Soda PDF 2011\HelperService.exe [2011-12-1 828760]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
.txt=GetDiz.Document
.
=============== Created Last 30 ================
.
2012-04-09 16:39:13 -------- d-sh--w- C:\$RECYCLE.BIN
2012-04-09 16:39:12 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B4B168A-438A-4857-8D7C-D22B30D52A66}\offreg.dll
2012-04-09 04:15:34 98816 ----a-w- C:\Windows\sed.exe
2012-04-09 04:15:34 518144 ----a-w- C:\Windows\SWREG.exe
2012-04-09 04:15:34 256000 ----a-w- C:\Windows\PEV.exe
2012-04-09 04:15:34 208896 ----a-w- C:\Windows\MBR.exe
2012-04-09 04:15:28 -------- d-----w- C:\ComboFix
2012-04-09 03:39:09 -------- d-----w- C:\Program Files (x86)\ESET
2012-04-09 03:06:29 57480 ----a-w- C:\Windows\System32\drivers\eubakup.sys
2012-04-09 03:06:29 19592 ----a-w- C:\Windows\System32\drivers\eudskacs.sys
2012-04-09 03:06:29 189576 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys
2012-04-09 03:06:27 48264 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys
2012-04-09 03:05:10 -------- d-----w- C:\My Backups
2012-04-09 03:00:31 -------- d-----w- C:\Users\Pedro\AppData\Roaming\VS Revo Group
2012-04-09 02:57:56 -------- d-----w- C:\Users\Pedro\AppData\Local\VS Revo Group
2012-04-09 02:57:54 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2012-04-09 02:57:53 -------- d-----w- C:\Program Files\VS Revo Group
2012-04-06 07:42:31 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B4B168A-438A-4857-8D7C-D22B30D52A66}\mpengine.dll
2012-04-04 22:53:42 -------- d-----w- C:\Program Files (x86)\Application Updater
2012-04-04 22:53:41 -------- d-----w- C:\Program Files (x86)\pdfforge Toolbar
2012-04-04 22:53:41 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2012-04-03 23:34:54 -------- d-----w- C:\ProgramData\EaseUS
2012-04-03 21:37:39 73728 ----a-w- C:\Windows\System32\ssdevm64.dll
2012-04-03 21:37:39 57344 ----a-w- C:\Windows\SysWow64\ssdevm.dll
2012-04-03 21:37:39 54072 ----a-w- C:\Windows\System32\drivers\DgivEcp.sys
2012-04-03 21:37:39 49152 ----a-w- C:\Windows\SysWow64\ssusbpn.dll
2012-04-03 21:37:39 47104 ----a-w- C:\Windows\System32\ssusbp64.dll
2012-04-03 21:37:39 11576 ----a-w- C:\Windows\System32\drivers\SSPORT.sys
2012-04-03 21:37:27 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-04-03 21:37:27 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-04-03 21:37:27 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-04-03 21:37:27 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-04-03 21:37:26 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-04-01 19:04:34 89600 ----a-w- C:\Windows\System32\SSGR3ci.dll
2012-04-01 19:04:34 22016 ----a-w- C:\Windows\System32\SSGR3l6.dll
2012-03-31 05:19:31 -------- d-----w- C:\ProgramData\Samsung
2012-03-31 05:19:29 36864 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\spd__pc.dll
2012-03-31 05:19:23 -------- d-----w- C:\Program Files (x86)\Samsung
2012-03-31 05:18:25 437328 ----a-w- C:\Windows\System32\UPDIO2.dll
2012-03-31 05:18:25 164432 ----a-w- C:\Windows\System32\SUPDSvcA2.dll
2012-03-31 05:18:24 89600 ----a-w- C:\Windows\System32\spd__ci.dll
2012-03-31 05:18:24 34304 ----a-w- C:\Windows\System32\spd__l.dll
2012-03-31 05:18:24 260688 ----a-w- C:\Windows\SUPDRun.exe
2012-03-31 05:18:24 165456 ----a-w- C:\Windows\System32\SUPDSvc2.exe
2012-03-31 05:18:24 151552 ----a-w- C:\Windows\System32\spd__ci.exe
2012-03-31 05:14:23 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2012-03-16 07:02:38 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-03-15 04:30:30 -------- d-----w- C:\Users\Pedro\AppData\Roaming\FastSum
2012-03-15 04:28:43 -------- d-----w- C:\Program Files (x86)\FastSum
2012-03-14 08:03:39 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-14 08:03:38 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 08:03:38 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-13 21:18:03 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-13 21:18:02 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-13 21:18:02 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-13 21:17:17 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-13 21:17:17 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-13 21:17:17 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-13 21:17:17 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-13 21:17:17 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-13 21:17:16 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-13 21:17:16 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
.
==================== Find3M ====================
.
2012-03-31 05:14:23 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr
2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-20 19:11:57 530488 ----a-w- C:\Windows\System32\drivers\sptd.sys
.
============= FINISH: 23:45:05.94 ===============
Attached File  Attach.zip   6.95KB   1 downloads

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 11 April 2012 - 06:07 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 GuardsRed928

GuardsRed928
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 11 April 2012 - 11:19 AM

I ran combofix and the computer seems less slugish and internet explorer is running faster, but it still crashes often. I am still missing many of the program links that were installed and listed on the start menu (the program list shrunk by half or more). In windows restore the list only goes back to April 6th which leads me to believe that the virus hit around that time and removed my other restore points. I have 482Gb of free space on Drive C. Thanks for your help!!!

Here is the combofix report:

ComboFix 12-04-08.02 - Pedro 04/11/2012 10:01:34.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5957 [GMT -5:00]
Running from: c:\users\Pedro\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Shop to Win 15
c:\program files (x86)\Shop to Win 15\patch.bat
c:\program files (x86)\Shop to Win 15\settings.xml
c:\program files (x86)\Shop to Win 15\Shop to Win 15.dll
c:\program files (x86)\Shop to Win 15\ShoppingBHO.dll
c:\program files (x86)\Shop to Win 15\ShopToWin.ico
c:\program files (x86)\Shop to Win 15\Uninst.exe
c:\program files (x86)\Shop to Win 15\version.txt
c:\program files (x86)\Shop to Win
c:\program files (x86)\Shop to Win\InstallNotifier.exe
c:\program files (x86)\Shop to Win\ShopToWin.exe
c:\program files (x86)\Shop to Win\TestFeeds\DisableStatus.xml
c:\program files (x86)\Shop to Win\TestFeeds\DisableStatusDirection.xml
c:\program files (x86)\Shop to Win\TestFeeds\GenericPopup.xml
c:\program files (x86)\Shop to Win\TestFeeds\MainStatus.xml
c:\program files (x86)\Shop to Win\TestFeeds\ShoppingConfirmation.xml
c:\program files (x86)\Shop to Win\unins000.dat
c:\program files (x86)\Shop to Win\unins000.exe
c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwONkyieplugin.dll
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Check out Previous Winners.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Frequently Asked Questions.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\How can I win $100,000.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\How can I win $500 Today.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Shop To Win Privacy Policy.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Shop to Win Terms and Conditions.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Sweepstakes Official Rules.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Uninstall.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\View My Shop to Win Account.lnk
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 15\Visit the Shop to Win Mall.lnk
c:\users\Pedro\Documents\~WRL2560.tmp
c:\users\Pedro\Documents\ShopToWin
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\WanPacket.dll
c:\windows\SysWow64\wpcap.dll
D:\autorun.inf
R:\autorun.inf
S:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-09 03:39 . 2012-04-09 03:39 -------- d-----w- c:\program files (x86)\ESET
2012-04-09 03:06 . 2011-12-23 04:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-04-09 03:06 . 2011-12-23 04:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-04-09 03:06 . 2011-12-23 04:09 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-04-09 03:06 . 2012-02-08 20:48 48264 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-04-09 03:05 . 2012-04-09 03:05 -------- d-----w- C:\My Backups
2012-04-09 03:00 . 2012-04-09 03:00 -------- d-----w- c:\users\Pedro\AppData\Roaming\VS Revo Group
2012-04-09 02:57 . 2012-04-09 02:57 -------- d-----w- c:\users\Pedro\AppData\Local\VS Revo Group
2012-04-09 02:57 . 2009-12-30 15:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-04-09 02:57 . 2012-04-09 02:57 -------- d-----w- c:\program files\VS Revo Group
2012-04-06 07:42 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2B4B168A-438A-4857-8D7C-D22B30D52A66}\mpengine.dll
2012-04-04 22:53 . 2012-04-04 22:53 -------- d-----w- c:\program files (x86)\Application Updater
2012-04-04 22:53 . 2012-04-04 22:53 -------- d-----w- c:\program files (x86)\pdfforge Toolbar
2012-04-04 22:53 . 2012-04-04 22:53 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2012-04-03 23:34 . 2012-04-03 23:34 -------- d-----w- c:\programdata\EaseUS
2012-04-03 21:37 . 2006-11-30 22:09 57344 ----a-w- c:\windows\SysWow64\ssdevm.dll
2012-04-03 21:37 . 2006-11-02 20:01 11576 ----a-w- c:\windows\system32\drivers\SSPORT.sys
2012-04-03 21:37 . 2006-11-02 16:27 54072 ----a-w- c:\windows\system32\drivers\DgivEcp.sys
2012-04-03 21:37 . 2006-08-15 23:42 49152 ----a-w- c:\windows\SysWow64\ssusbpn.dll
2012-04-03 21:37 . 2006-08-15 23:42 47104 ----a-w- c:\windows\system32\ssusbp64.dll
2012-04-03 21:37 . 2006-08-15 23:42 73728 ----a-w- c:\windows\system32\ssdevm64.dll
2012-04-03 21:37 . 2001-09-05 09:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-04-03 21:37 . 2001-09-05 09:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-04-03 21:37 . 2001-09-05 09:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-04-03 21:37 . 2001-09-05 09:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-04-03 21:37 . 2005-06-16 00:18 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-04-01 19:04 . 2006-12-04 06:26 22016 ----a-w- c:\windows\system32\SSGR3l6.dll
2012-04-01 19:04 . 2006-11-21 16:40 89600 ----a-w- c:\windows\system32\SSGR3ci.dll
2012-03-31 05:19 . 2012-04-03 01:26 -------- d-----w- c:\programdata\Samsung
2012-03-31 05:19 . 2011-04-19 10:37 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\spd__pc.dll
2012-03-31 05:19 . 2012-04-03 01:26 -------- d-----w- c:\program files (x86)\Samsung
2012-03-31 05:18 . 2011-12-02 03:12 164432 ----a-w- c:\windows\system32\SUPDSvcA2.dll
2012-03-31 05:18 . 2011-12-02 03:12 437328 ----a-w- c:\windows\system32\UPDIO2.dll
2012-03-31 05:18 . 2011-12-02 03:12 165456 ----a-w- c:\windows\system32\SUPDSvc2.exe
2012-03-31 05:18 . 2011-12-02 03:12 260688 ----a-w- c:\windows\SUPDRun.exe
2012-03-31 05:18 . 2011-04-11 05:26 34304 ----a-w- c:\windows\system32\spd__l.dll
2012-03-31 05:18 . 2010-10-20 08:46 89600 ----a-w- c:\windows\system32\spd__ci.dll
2012-03-31 05:18 . 2010-05-11 05:28 151552 ----a-w- c:\windows\system32\spd__ci.exe
2012-03-31 05:14 . 2012-03-31 05:14 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-03-16 07:02 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-15 04:30 . 2012-03-15 04:30 -------- d-----w- c:\users\Pedro\AppData\Roaming\FastSum
2012-03-15 04:28 . 2012-03-15 04:28 -------- d-----w- c:\program files (x86)\FastSum
2012-03-14 08:03 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 08:03 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 08:03 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-13 21:18 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-13 21:18 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-13 21:18 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 21:17 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 21:17 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 21:17 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 21:17 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 21:17 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 21:17 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 21:17 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-31 05:14 . 2011-05-16 17:28 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-06 23:15 . 2011-04-26 05:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2011-04-26 05:19 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-06 23:15 . 2011-04-26 05:20 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:04 . 2011-04-26 05:20 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:04 . 2011-04-26 05:20 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:01 . 2011-04-26 05:20 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2011-04-26 05:20 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2011-04-26 05:20 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 14:18 . 2011-04-26 01:28 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5CFCAFF6-5BB0-4864-B626-021C99ED82E5}]
2011-12-02 01:49 91992 ----a-w- c:\program files (x86)\Soda PDF 2011\PDFIEHelper.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 20:23 1385864 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{980EB9EC-6EB5-4258-BDDB-EFE25C5F99EF}"= "c:\program files (x86)\Soda PDF 2011\PDFIEPlugin.dll" [2011-12-02 747352]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{980eb9ec-6eb5-4258-bddb-efe25c5f99ef}]
[HKEY_CLASSES_ROOT\SodaPDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{EA100F6A-F239-4E91-9EA6-8B47CAD4EF0D}]
[HKEY_CLASSES_ROOT\SodaPDFIEPlugin.PDFIEConverter]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-28 39408]
"CDC3CB6BC84F67BABA95C926C2DFBB40B778EA87._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-04-04 1224176]
"CrossRiderPlugin"="c:\program files (x86)\CrossriderWebApps\Crossrider.exe" [2011-05-15 478720]
"Akamai NetSession Interface"="c:\users\Pedro\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" [2009-11-17 244480]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-26 98304]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2010-01-22 1016320]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Hotkey Utility"="c:\program files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe" [2010-05-06 609312]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Simpo PDF Creator Pro Server"="c:\program files (x86)\Simpo PDF Creator Pro\SpcProSrv.exe" [2010-12-11 101376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-03-17 974688]
.
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-8-8 977408]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 135664]
R2 TwonkyWebDav;TwonkyWebDav;c:\program files (x86)\TwonkyMedia\twonkywebdav.exe [2011-11-21 245760]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 253600]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-04-26 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-04-26 79360]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 135664]
R3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe [x]
R3 Soda PDF 2011 Helper Service;Soda PDF 2011 Helper Service;c:\program files (x86)\Soda PDF 2011\HelperService.exe [2011-12-02 828760]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-03-17 782744]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736]
S2 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [2010-01-08 23584]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-10-10 341296]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Soda PDF 2011 Service;Soda PDF 2011 Service;c:\program files (x86)\Soda PDF 2011\ConversionService.exe [2011-12-02 903512]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TwonkyMedia;TwonkyMedia;c:\program files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe [2011-11-21 509704]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [2010-01-28 243232]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - EUDISK
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 05:14]
.
2012-04-09 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-23 21:20]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 01:59]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 01:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060320]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"BbPrintMonitor"="c:\program files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe" [2010-11-30 201376]
"BbInstallUser"="c:\program files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe" [2011-08-12 38560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/calendar/render?tab=mc&pli=1&gsessionid=9iac8Z7tXbW9lbAnN91oXA
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=fx6840&r=17360411z306p04d5v155k4751r520
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Playlist - c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Beam to - c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/231
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {{339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - {BE8D0059-D24D-4919-B76F-99F4A2203647} {BE8D0059-D24D-4919-B76F-99F4A2203647} - {be8d0059-d24d-4919-b76f-99f4a2203647}\inprocserver32 does not exist!
TCP: DhcpNameServer = 172.16.0.1
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} - hxxp://zeppelinxpress.dyndns.org/HiDvrOcx.cab
.
.
------- File Associations -------
.
.txt=GetDiz.Document
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-VoxOxNG - c:\program files (x86)\Voxox\Voxox.exe
ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - d:\eudora\EuShlExt.dll
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
AddRemove-{E73C20C0-532D-4AD6-8692-7AE86E94DA1A}_is1 - c:\program files (x86)\Shop To Win\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3654469530-1325855490-2393117803-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3654469530-1325855490-2393117803-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\01\00\08\01\06\1ar"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer]
"Path"="c:\\Program Files (x86)\\Twonky\\TwonkyBeam\\Internet Explorer"
"Language"="1033"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\TwonkyMedia\TwonkyMediaServer.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2012-04-11 11:10:41 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-11 11:11
.
Pre-Run: 510,349,500,416 bytes free
Post-Run: 516,717,424,640 bytes free
.
- - End Of File - - F7480D429BFE0D05614DA2B47ABD29D5

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 11 April 2012 - 11:43 AM

Hello


I would like you to run these and see if it helps with your start menu

http://download.bleepingcomputer.com/grinler/unhide.exe

http://download.bleepingcomputer.com/grinler/fakehdd/win7-x64-sm-reset.exe



I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 GuardsRed928

GuardsRed928
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 12 April 2012 - 04:53 PM

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 04/12/2012 11:36:28 AM

Your operating system, Windows 7, is not supported.

------------

win7-x64-sm-reset.exe

This didn't change much on my Start Menu. Most of the installed software items are still missing.

------------

11:42:05.0798 2632 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
11:42:05.0969 2632 ============================================================
11:42:05.0969 2632 Current date / time: 2012/04/12 11:42:05.0969
11:42:05.0969 2632 SystemInfo:
11:42:05.0969 2632
11:42:05.0969 2632 OS Version: 6.1.7601 ServicePack: 1.0
11:42:05.0969 2632 Product type: Workstation
11:42:05.0969 2632 ComputerName: DESKTOP-PC
11:42:05.0969 2632 UserName: Pedro
11:42:05.0969 2632 Windows directory: C:\Windows
11:42:05.0969 2632 System windows directory: C:\Windows
11:42:05.0969 2632 Running under WOW64
11:42:05.0969 2632 Processor architecture: Intel x64
11:42:05.0969 2632 Number of processors: 8
11:42:05.0969 2632 Page size: 0x1000
11:42:05.0969 2632 Boot type: Normal boot
11:42:05.0969 2632 ============================================================
11:42:06.0344 2632 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:42:06.0344 2632 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:42:06.0344 2632 Drive \Device\Harddisk11\DR11 - Size: 0x785000000 (30.08 Gb), SectorSize: 0x200, Cylinders: 0xF56, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:42:06.0406 2632 Drive \Device\Harddisk7\DR7 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:42:06.0422 2632 Drive \Device\Harddisk8\DR8 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:42:06.0422 2632 Drive \Device\Harddisk9\DR9 - Size: 0xAEA6C00000 (698.61 Gb), SectorSize: 0x200, Cylinders: 0x1643D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:42:06.0734 2632 \Device\Harddisk0\DR0:
11:42:06.0734 2632 MBR used
11:42:06.0734 2632 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
11:42:06.0734 2632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x71ED3800
11:42:06.0734 2632 \Device\Harddisk1\DR1:
11:42:06.0734 2632 MBR used
11:42:06.0734 2632 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x8DD65058
11:42:06.0734 2632 \Device\Harddisk11\DR11:
11:42:06.0734 2632 MBR used
11:42:06.0734 2632 \Device\Harddisk11\DR11\Partition0: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3C26000
11:42:06.0734 2632 \Device\Harddisk7\DR7:
11:42:06.0734 2632 MBR used
11:42:06.0734 2632 \Device\Harddisk7\DR7\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
11:42:06.0734 2632 \Device\Harddisk8\DR8:
11:42:06.0734 2632 MBR used
11:42:06.0734 2632 \Device\Harddisk8\DR8\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
11:42:06.0734 2632 \Device\Harddisk9\DR9:
11:42:06.0734 2632 MBR used
11:42:06.0734 2632 \Device\Harddisk9\DR9\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57535800
11:42:07.0327 2632 Initialize success
11:42:07.0327 2632 ============================================================
11:42:58.0370 6972 ============================================================
11:42:58.0370 6972 Scan started
11:42:58.0370 6972 Mode: Manual;
11:42:58.0370 6972 ============================================================
11:42:59.0150 6972 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:42:59.0150 6972 1394ohci - ok
11:42:59.0181 6972 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:42:59.0181 6972 ACPI - ok
11:42:59.0228 6972 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:42:59.0228 6972 AcpiPmi - ok
11:42:59.0353 6972 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:42:59.0353 6972 AdobeARMservice - ok
11:42:59.0462 6972 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:42:59.0462 6972 AdobeFlashPlayerUpdateSvc - ok
11:42:59.0524 6972 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:42:59.0524 6972 adp94xx - ok
11:42:59.0540 6972 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:42:59.0540 6972 adpahci - ok
11:42:59.0571 6972 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:42:59.0571 6972 adpu320 - ok
11:42:59.0602 6972 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:42:59.0602 6972 AeLookupSvc - ok
11:42:59.0665 6972 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:42:59.0665 6972 AFD - ok
11:42:59.0680 6972 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:42:59.0696 6972 agp440 - ok
11:42:59.0712 6972 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:42:59.0712 6972 ALG - ok
11:42:59.0727 6972 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:42:59.0727 6972 aliide - ok
11:42:59.0774 6972 AMD External Events Utility (6a17a31af7d85435566970bc97f8385e) C:\Windows\system32\atiesrxx.exe
11:42:59.0774 6972 AMD External Events Utility - ok
11:42:59.0790 6972 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:42:59.0790 6972 amdide - ok
11:42:59.0821 6972 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:42:59.0821 6972 AmdK8 - ok
11:42:59.0930 6972 amdkmdag (4b24b270904a9c11e6433f89c06c07d9) C:\Windows\system32\DRIVERS\atipmdag.sys
11:43:00.0055 6972 amdkmdag - ok
11:43:00.0086 6972 amdkmdap (df0236c8eb72cf2698c9e74702d3e127) C:\Windows\system32\DRIVERS\atikmpag.sys
11:43:00.0086 6972 amdkmdap - ok
11:43:00.0102 6972 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:43:00.0102 6972 AmdPPM - ok
11:43:00.0133 6972 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:43:00.0133 6972 amdsata - ok
11:43:00.0164 6972 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:43:00.0164 6972 amdsbs - ok
11:43:00.0180 6972 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:43:00.0180 6972 amdxata - ok
11:43:00.0211 6972 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:43:00.0226 6972 AppID - ok
11:43:00.0242 6972 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:43:00.0242 6972 AppIDSvc - ok
11:43:00.0258 6972 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:43:00.0258 6972 Appinfo - ok
11:43:00.0304 6972 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:43:00.0304 6972 Apple Mobile Device - ok
11:43:00.0414 6972 Application Updater (efacaab066d923a10435cf87e8c4d280) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
11:43:00.0414 6972 Application Updater - ok
11:43:00.0476 6972 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:43:00.0476 6972 arc - ok
11:43:00.0492 6972 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:43:00.0492 6972 arcsas - ok
11:43:00.0523 6972 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
11:43:00.0523 6972 aswFsBlk - ok
11:43:00.0554 6972 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
11:43:00.0554 6972 aswMonFlt - ok
11:43:00.0601 6972 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
11:43:00.0601 6972 aswRdr - ok
11:43:00.0632 6972 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
11:43:00.0648 6972 aswSnx - ok
11:43:00.0694 6972 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
11:43:00.0694 6972 aswSP - ok
11:43:00.0710 6972 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
11:43:00.0710 6972 aswTdi - ok
11:43:00.0726 6972 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:43:00.0741 6972 AsyncMac - ok
11:43:00.0757 6972 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:43:00.0757 6972 atapi - ok
11:43:00.0804 6972 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
11:43:00.0804 6972 AtiHdmiService - ok
11:43:00.0850 6972 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:43:00.0866 6972 AudioEndpointBuilder - ok
11:43:00.0882 6972 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:43:00.0897 6972 AudioSrv - ok
11:43:00.0975 6972 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:43:00.0975 6972 avast! Antivirus - ok
11:43:00.0991 6972 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:43:00.0991 6972 AxInstSV - ok
11:43:01.0022 6972 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:43:01.0022 6972 b06bdrv - ok
11:43:01.0069 6972 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:43:01.0069 6972 b57nd60a - ok
11:43:01.0162 6972 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:43:01.0162 6972 BBSvc - ok
11:43:01.0209 6972 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:43:01.0225 6972 BBUpdate - ok
11:43:01.0240 6972 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:43:01.0256 6972 BDESVC - ok
11:43:01.0272 6972 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:43:01.0272 6972 Beep - ok
11:43:01.0350 6972 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:43:01.0365 6972 BFE - ok
11:43:01.0396 6972 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:43:01.0412 6972 BITS - ok
11:43:01.0443 6972 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:43:01.0459 6972 blbdrive - ok
11:43:01.0521 6972 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:43:01.0521 6972 Bonjour Service - ok
11:43:01.0568 6972 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:43:01.0568 6972 bowser - ok
11:43:01.0584 6972 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:43:01.0584 6972 BrFiltLo - ok
11:43:01.0599 6972 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:43:01.0599 6972 BrFiltUp - ok
11:43:01.0630 6972 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:43:01.0630 6972 BridgeMP - ok
11:43:01.0662 6972 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:43:01.0677 6972 Browser - ok
11:43:01.0693 6972 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:43:01.0693 6972 Brserid - ok
11:43:01.0740 6972 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:43:01.0740 6972 BrSerWdm - ok
11:43:01.0755 6972 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:43:01.0755 6972 BrUsbMdm - ok
11:43:01.0818 6972 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:43:01.0818 6972 BrUsbSer - ok
11:43:01.0833 6972 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:43:01.0849 6972 BTHMODEM - ok
11:43:01.0864 6972 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:43:01.0880 6972 bthserv - ok
11:43:01.0880 6972 CarboniteService - ok
11:43:01.0896 6972 catchme - ok
11:43:01.0927 6972 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:43:01.0927 6972 cdfs - ok
11:43:01.0958 6972 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:43:01.0974 6972 cdrom - ok
11:43:02.0005 6972 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:43:02.0005 6972 CertPropSvc - ok
11:43:02.0020 6972 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:43:02.0020 6972 circlass - ok
11:43:02.0052 6972 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:43:02.0052 6972 CLFS - ok
11:43:02.0114 6972 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:43:02.0114 6972 clr_optimization_v2.0.50727_32 - ok
11:43:02.0161 6972 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:43:02.0161 6972 clr_optimization_v2.0.50727_64 - ok
11:43:02.0223 6972 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:43:02.0223 6972 clr_optimization_v4.0.30319_32 - ok
11:43:02.0239 6972 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:43:02.0239 6972 clr_optimization_v4.0.30319_64 - ok
11:43:02.0254 6972 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:43:02.0254 6972 CmBatt - ok
11:43:02.0270 6972 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:43:02.0270 6972 cmdide - ok
11:43:02.0317 6972 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:43:02.0332 6972 CNG - ok
11:43:02.0364 6972 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:43:02.0364 6972 Compbatt - ok
11:43:02.0410 6972 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:43:02.0410 6972 CompositeBus - ok
11:43:02.0426 6972 COMSysApp - ok
11:43:02.0473 6972 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:43:02.0473 6972 crcdisk - ok
11:43:02.0551 6972 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:43:02.0551 6972 Creative ALchemy AL6 Licensing Service - ok
11:43:02.0582 6972 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:43:02.0582 6972 Creative Audio Engine Licensing Service - ok
11:43:02.0629 6972 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
11:43:02.0629 6972 CryptSvc - ok
11:43:02.0707 6972 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:43:02.0707 6972 cvhsvc - ok
11:43:02.0769 6972 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:43:02.0785 6972 DcomLaunch - ok
11:43:02.0800 6972 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:43:02.0800 6972 defragsvc - ok
11:43:02.0847 6972 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:43:02.0847 6972 DfsC - ok
11:43:02.0894 6972 DgiVecp (cfbb4907c7542180b5e0282301240006) C:\Windows\system32\Drivers\DgiVecp.sys
11:43:02.0894 6972 DgiVecp - ok
11:43:02.0925 6972 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:43:02.0941 6972 Dhcp - ok
11:43:02.0956 6972 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:43:02.0956 6972 discache - ok
11:43:02.0988 6972 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:43:02.0988 6972 Disk - ok
11:43:03.0019 6972 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:43:03.0019 6972 Dnscache - ok
11:43:03.0066 6972 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:43:03.0081 6972 dot3svc - ok
11:43:03.0112 6972 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:43:03.0128 6972 DPS - ok
11:43:03.0159 6972 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:43:03.0159 6972 drmkaud - ok
11:43:03.0206 6972 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:43:03.0222 6972 DXGKrnl - ok
11:43:03.0268 6972 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:43:03.0268 6972 EapHost - ok
11:43:03.0346 6972 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:43:03.0424 6972 ebdrv - ok
11:43:03.0456 6972 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:43:03.0456 6972 EFS - ok
11:43:03.0502 6972 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:43:03.0518 6972 ehRecvr - ok
11:43:03.0534 6972 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:43:03.0534 6972 ehSched - ok
11:43:03.0596 6972 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
11:43:03.0596 6972 ElbyCDIO - ok
11:43:03.0627 6972 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:43:03.0643 6972 elxstor - ok
11:43:03.0674 6972 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:43:03.0674 6972 ErrDev - ok
11:43:03.0705 6972 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:43:03.0705 6972 EventSystem - ok
11:43:03.0736 6972 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:43:03.0736 6972 exfat - ok
11:43:03.0768 6972 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:43:03.0768 6972 fastfat - ok
11:43:03.0830 6972 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:43:03.0830 6972 Fax - ok
11:43:03.0861 6972 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:43:03.0861 6972 fdc - ok
11:43:03.0877 6972 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:43:03.0877 6972 fdPHost - ok
11:43:03.0908 6972 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:43:03.0908 6972 FDResPub - ok
11:43:03.0924 6972 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:43:03.0924 6972 FileInfo - ok
11:43:03.0939 6972 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:43:03.0939 6972 Filetrace - ok
11:43:03.0970 6972 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:43:03.0970 6972 flpydisk - ok
11:43:04.0017 6972 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:43:04.0017 6972 FltMgr - ok
11:43:04.0064 6972 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:43:04.0095 6972 FontCache - ok
11:43:04.0173 6972 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:43:04.0173 6972 FontCache3.0.0.0 - ok
11:43:04.0251 6972 FreeAgentGoNext Service (9513b437b7adb1e6065b7f0d83d11ecf) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
11:43:04.0251 6972 FreeAgentGoNext Service - ok
11:43:04.0267 6972 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:43:04.0282 6972 FsDepends - ok
11:43:04.0314 6972 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:43:04.0314 6972 fssfltr - ok
11:43:04.0423 6972 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:43:04.0438 6972 fsssvc - ok
11:43:04.0470 6972 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:43:04.0470 6972 Fs_Rec - ok
11:43:04.0532 6972 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:43:04.0532 6972 fvevol - ok
11:43:04.0548 6972 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:43:04.0548 6972 gagp30kx - ok
11:43:04.0594 6972 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:43:04.0594 6972 GEARAspiWDM - ok
11:43:04.0641 6972 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:43:04.0657 6972 gpsvc - ok
11:43:04.0704 6972 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
11:43:04.0704 6972 GREGService - ok
11:43:04.0828 6972 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:43:04.0828 6972 gupdate - ok
11:43:04.0844 6972 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:43:04.0844 6972 gupdatem - ok
11:43:04.0860 6972 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:43:04.0860 6972 gusvc - ok
11:43:04.0891 6972 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:43:04.0891 6972 hcw85cir - ok
11:43:04.0953 6972 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:43:04.0953 6972 HdAudAddService - ok
11:43:05.0000 6972 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:43:05.0000 6972 HDAudBus - ok
11:43:05.0016 6972 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:43:05.0031 6972 HidBatt - ok
11:43:05.0047 6972 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:43:05.0047 6972 HidBth - ok
11:43:05.0094 6972 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:43:05.0094 6972 HidIr - ok
11:43:05.0125 6972 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:43:05.0140 6972 hidserv - ok
11:43:05.0156 6972 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:43:05.0156 6972 HidUsb - ok
11:43:05.0203 6972 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:43:05.0203 6972 hkmsvc - ok
11:43:05.0234 6972 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:43:05.0234 6972 HomeGroupListener - ok
11:43:05.0281 6972 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:43:05.0296 6972 HomeGroupProvider - ok
11:43:05.0312 6972 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:43:05.0328 6972 HpSAMD - ok
11:43:05.0390 6972 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:43:05.0390 6972 HTTP - ok
11:43:05.0437 6972 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:43:05.0437 6972 hwpolicy - ok
11:43:05.0452 6972 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:43:05.0468 6972 i8042prt - ok
11:43:05.0484 6972 IAANTMON (660bf3255a1eb18ed803fd2fba6ae400) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:43:05.0484 6972 IAANTMON - ok
11:43:05.0515 6972 iaStor (bf5442dc14608d18949dc83de37e667a) C:\Windows\system32\DRIVERS\iaStor.sys
11:43:05.0530 6972 iaStor - ok
11:43:05.0562 6972 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:43:05.0562 6972 iaStorV - ok
11:43:05.0640 6972 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:43:05.0655 6972 idsvc - ok
11:43:05.0686 6972 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:43:05.0686 6972 iirsp - ok
11:43:05.0733 6972 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:43:05.0733 6972 IKEEXT - ok
11:43:05.0827 6972 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
11:43:05.0842 6972 IntcAzAudAddService - ok
11:43:05.0858 6972 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:43:05.0858 6972 intelide - ok
11:43:05.0889 6972 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:43:05.0889 6972 intelppm - ok
11:43:05.0905 6972 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:43:05.0905 6972 IPBusEnum - ok
11:43:05.0936 6972 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:43:05.0936 6972 IpFilterDriver - ok
11:43:05.0983 6972 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:43:05.0983 6972 iphlpsvc - ok
11:43:06.0014 6972 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:43:06.0014 6972 IPMIDRV - ok
11:43:06.0045 6972 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:43:06.0045 6972 IPNAT - ok
11:43:06.0123 6972 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:43:06.0123 6972 iPod Service - ok
11:43:06.0154 6972 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:43:06.0154 6972 IRENUM - ok
11:43:06.0170 6972 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:43:06.0170 6972 isapnp - ok
11:43:06.0201 6972 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:43:06.0201 6972 iScsiPrt - ok
11:43:06.0232 6972 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:43:06.0232 6972 kbdclass - ok
11:43:06.0248 6972 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:43:06.0248 6972 kbdhid - ok
11:43:06.0295 6972 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:06.0295 6972 KeyIso - ok
11:43:06.0310 6972 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:43:06.0310 6972 KSecDD - ok
11:43:06.0342 6972 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:43:06.0342 6972 KSecPkg - ok
11:43:06.0357 6972 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:43:06.0357 6972 ksthunk - ok
11:43:06.0388 6972 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:43:06.0404 6972 KtmRm - ok
11:43:06.0435 6972 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:43:06.0435 6972 LanmanServer - ok
11:43:06.0466 6972 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:43:06.0466 6972 LanmanWorkstation - ok
11:43:06.0544 6972 Linksys_adapter_H (584528bf596a54b2bf6be5067adda44a) C:\Windows\system32\DRIVERS\AE2500w764.sys
11:43:06.0576 6972 Linksys_adapter_H - ok
11:43:06.0607 6972 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:43:06.0607 6972 lltdio - ok
11:43:06.0638 6972 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:43:06.0638 6972 lltdsvc - ok
11:43:06.0654 6972 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:43:06.0654 6972 lmhosts - ok
11:43:06.0685 6972 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:43:06.0685 6972 LSI_FC - ok
11:43:06.0700 6972 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:43:06.0700 6972 LSI_SAS - ok
11:43:06.0732 6972 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:43:06.0732 6972 LSI_SAS2 - ok
11:43:06.0747 6972 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:43:06.0747 6972 LSI_SCSI - ok
11:43:06.0778 6972 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:43:06.0778 6972 luafv - ok
11:43:06.0810 6972 MarvinBus (024da28053d57e9e32bee52600576bbb) C:\Windows\system32\DRIVERS\MarvinBus64.sys
11:43:06.0825 6972 MarvinBus - ok
11:43:06.0872 6972 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:43:06.0872 6972 MBAMProtector - ok
11:43:06.0966 6972 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:43:06.0966 6972 MBAMService - ok
11:43:06.0997 6972 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
11:43:06.0997 6972 MBfilt - ok
11:43:07.0028 6972 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:43:07.0028 6972 Mcx2Svc - ok
11:43:07.0059 6972 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:43:07.0059 6972 megasas - ok
11:43:07.0090 6972 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:43:07.0090 6972 MegaSR - ok
11:43:07.0122 6972 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:43:07.0122 6972 MMCSS - ok
11:43:07.0137 6972 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:43:07.0137 6972 Modem - ok
11:43:07.0184 6972 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:43:07.0184 6972 monitor - ok
11:43:07.0215 6972 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:43:07.0215 6972 mouclass - ok
11:43:07.0246 6972 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:43:07.0246 6972 mouhid - ok
11:43:07.0293 6972 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:43:07.0293 6972 mountmgr - ok
11:43:07.0324 6972 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:43:07.0324 6972 mpio - ok
11:43:07.0356 6972 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:43:07.0356 6972 mpsdrv - ok
11:43:07.0402 6972 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:43:07.0418 6972 MpsSvc - ok
11:43:07.0449 6972 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:43:07.0449 6972 MRxDAV - ok
11:43:07.0496 6972 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:43:07.0496 6972 mrxsmb - ok
11:43:07.0543 6972 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:43:07.0543 6972 mrxsmb10 - ok
11:43:07.0574 6972 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:43:07.0574 6972 mrxsmb20 - ok
11:43:07.0590 6972 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:43:07.0590 6972 msahci - ok
11:43:07.0621 6972 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:43:07.0621 6972 msdsm - ok
11:43:07.0636 6972 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:43:07.0652 6972 MSDTC - ok
11:43:07.0668 6972 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:43:07.0668 6972 Msfs - ok
11:43:07.0683 6972 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:43:07.0683 6972 mshidkmdf - ok
11:43:07.0699 6972 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:43:07.0699 6972 msisadrv - ok
11:43:07.0730 6972 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:43:07.0746 6972 MSiSCSI - ok
11:43:07.0746 6972 msiserver - ok
11:43:07.0792 6972 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:43:07.0792 6972 MSKSSRV - ok
11:43:07.0824 6972 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:43:07.0824 6972 MSPCLOCK - ok
11:43:07.0824 6972 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:43:07.0839 6972 MSPQM - ok
11:43:07.0870 6972 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:43:07.0886 6972 MsRPC - ok
11:43:07.0902 6972 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:43:07.0902 6972 mssmbios - ok
11:43:07.0917 6972 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:43:07.0917 6972 MSTEE - ok
11:43:07.0948 6972 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:43:07.0948 6972 MTConfig - ok
11:43:07.0964 6972 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:43:07.0964 6972 Mup - ok
11:43:08.0011 6972 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:43:08.0026 6972 napagent - ok
11:43:08.0073 6972 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:43:08.0073 6972 NativeWifiP - ok
11:43:08.0214 6972 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
11:43:08.0229 6972 NAUpdate - ok
11:43:08.0260 6972 NBVol (daca803a8d732fe5eeaa024ec342f81d) C:\Windows\system32\DRIVERS\NBVol.sys
11:43:08.0260 6972 NBVol - ok
11:43:08.0276 6972 NBVolUp (6208f622e9e35860dfb0753dff56f0c0) C:\Windows\system32\DRIVERS\NBVolUp.sys
11:43:08.0276 6972 NBVolUp - ok
11:43:08.0307 6972 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:43:08.0323 6972 NDIS - ok
11:43:08.0338 6972 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:43:08.0338 6972 NdisCap - ok
11:43:08.0354 6972 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:43:08.0354 6972 NdisTapi - ok
11:43:08.0401 6972 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:43:08.0401 6972 Ndisuio - ok
11:43:08.0432 6972 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:43:08.0448 6972 NdisWan - ok
11:43:08.0479 6972 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:43:08.0494 6972 NDProxy - ok
11:43:08.0541 6972 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:43:08.0557 6972 Nero BackItUp Scheduler 4.0 - ok
11:43:08.0588 6972 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
11:43:08.0588 6972 Netaapl - ok
11:43:08.0604 6972 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:43:08.0604 6972 NetBIOS - ok
11:43:08.0635 6972 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:43:08.0635 6972 NetBT - ok
11:43:08.0682 6972 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:08.0682 6972 Netlogon - ok
11:43:08.0728 6972 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:43:08.0744 6972 Netman - ok
11:43:08.0775 6972 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:43:08.0775 6972 netprofm - ok
11:43:08.0853 6972 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:43:08.0853 6972 NetTcpPortSharing - ok
11:43:08.0884 6972 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:43:08.0884 6972 nfrd960 - ok
11:43:08.0994 6972 NitroDriverReadSpool (7f98566a311ceb1fe2994f8c2a05fbc1) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
11:43:08.0994 6972 NitroDriverReadSpool - ok
11:43:09.0040 6972 NitroReaderDriverReadSpool2 (f7f0dfced28c897e43ef72502f967ca4) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
11:43:09.0040 6972 NitroReaderDriverReadSpool2 - ok
11:43:09.0087 6972 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:43:09.0103 6972 NlaSvc - ok
11:43:09.0150 6972 nlsX86cc (7bfa0c5d8a4a2f1c46a6a3a698bde3e5) C:\Windows\SysWOW64\NLSSRV32.EXE
11:43:09.0150 6972 nlsX86cc - ok
11:43:09.0165 6972 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:43:09.0165 6972 Npfs - ok
11:43:09.0196 6972 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:43:09.0196 6972 nsi - ok
11:43:09.0212 6972 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:43:09.0212 6972 nsiproxy - ok
11:43:09.0274 6972 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:43:09.0306 6972 Ntfs - ok
11:43:09.0352 6972 NTI IScheduleSvc (070ec05d5b1447e9bbf4167980ad7518) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
11:43:09.0352 6972 NTI IScheduleSvc - ok
11:43:09.0368 6972 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
11:43:09.0368 6972 NTIDrvr - ok
11:43:09.0384 6972 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:43:09.0384 6972 Null - ok
11:43:09.0430 6972 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:43:09.0430 6972 nvraid - ok
11:43:09.0462 6972 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:43:09.0462 6972 nvstor - ok
11:43:09.0493 6972 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:43:09.0493 6972 nv_agp - ok
11:43:09.0540 6972 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:43:09.0540 6972 ohci1394 - ok
11:43:09.0571 6972 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:43:09.0571 6972 ose - ok
11:43:09.0680 6972 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:43:09.0774 6972 osppsvc - ok
11:43:09.0805 6972 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:43:09.0805 6972 p2pimsvc - ok
11:43:09.0836 6972 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:43:09.0836 6972 p2psvc - ok
11:43:09.0852 6972 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:43:09.0852 6972 Parport - ok
11:43:09.0898 6972 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:43:09.0898 6972 partmgr - ok
11:43:09.0930 6972 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:43:09.0930 6972 PcaSvc - ok
11:43:09.0945 6972 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:43:09.0945 6972 pci - ok
11:43:09.0976 6972 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:43:09.0976 6972 pciide - ok
11:43:10.0008 6972 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:43:10.0008 6972 pcmcia - ok
11:43:10.0023 6972 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:43:10.0023 6972 pcw - ok
11:43:10.0070 6972 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:43:10.0070 6972 PEAUTH - ok
11:43:10.0132 6972 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:43:10.0148 6972 PerfHost - ok
11:43:10.0210 6972 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:43:10.0242 6972 pla - ok
11:43:10.0304 6972 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:43:10.0320 6972 PlugPlay - ok
11:43:10.0335 6972 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:43:10.0335 6972 PNRPAutoReg - ok
11:43:10.0351 6972 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:43:10.0366 6972 PNRPsvc - ok
11:43:10.0398 6972 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:43:10.0398 6972 PolicyAgent - ok
11:43:10.0429 6972 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:43:10.0444 6972 Power - ok
11:43:10.0476 6972 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:43:10.0491 6972 PptpMiniport - ok
11:43:10.0507 6972 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:43:10.0507 6972 Processor - ok
11:43:10.0522 6972 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
11:43:10.0538 6972 ProfSvc - ok
11:43:10.0585 6972 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:10.0585 6972 ProtectedStorage - ok
11:43:10.0632 6972 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:43:10.0632 6972 Psched - ok
11:43:10.0694 6972 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:43:10.0725 6972 ql2300 - ok
11:43:10.0772 6972 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:43:10.0772 6972 ql40xx - ok
11:43:10.0788 6972 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:43:10.0803 6972 QWAVE - ok
11:43:10.0819 6972 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:43:10.0834 6972 QWAVEdrv - ok
11:43:10.0897 6972 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
11:43:10.0897 6972 RapiMgr - ok
11:43:10.0928 6972 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:43:10.0928 6972 RasAcd - ok
11:43:10.0944 6972 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:43:10.0944 6972 RasAgileVpn - ok
11:43:10.0959 6972 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:43:10.0975 6972 RasAuto - ok
11:43:10.0990 6972 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:43:11.0006 6972 Rasl2tp - ok
11:43:11.0053 6972 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:43:11.0053 6972 RasMan - ok
11:43:11.0084 6972 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:43:11.0084 6972 RasPppoe - ok
11:43:11.0100 6972 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:43:11.0115 6972 RasSstp - ok
11:43:11.0131 6972 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:43:11.0146 6972 rdbss - ok
11:43:11.0162 6972 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:43:11.0178 6972 rdpbus - ok
11:43:11.0193 6972 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:43:11.0193 6972 RDPCDD - ok
11:43:11.0224 6972 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:43:11.0224 6972 RDPENCDD - ok
11:43:11.0240 6972 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:43:11.0240 6972 RDPREFMP - ok
11:43:11.0287 6972 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:43:11.0287 6972 RDPWD - ok
11:43:11.0349 6972 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:43:11.0349 6972 rdyboost - ok
11:43:11.0380 6972 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:43:11.0380 6972 RemoteAccess - ok
11:43:11.0412 6972 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:43:11.0412 6972 RemoteRegistry - ok
11:43:11.0474 6972 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
11:43:11.0474 6972 Revoflt - ok
11:43:11.0505 6972 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:43:11.0505 6972 RpcEptMapper - ok
11:43:11.0521 6972 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:43:11.0536 6972 RpcLocator - ok
11:43:11.0583 6972 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:43:11.0599 6972 RpcSs - ok
11:43:11.0661 6972 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:43:11.0661 6972 rspndr - ok
11:43:11.0724 6972 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:43:11.0724 6972 RTL8167 - ok
11:43:11.0786 6972 RTL8187B (4a06585c8673f4458e9fbbc9dddb4d28) C:\Windows\system32\DRIVERS\wg111v3.sys
11:43:11.0786 6972 RTL8187B - ok
11:43:11.0833 6972 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:11.0833 6972 SamSs - ok
11:43:11.0880 6972 Samsung UPD Service2 (2c31378a5695526e99adab928157b992) C:\Windows\System32\SUPDSvc2.exe
11:43:11.0895 6972 Samsung UPD Service2 - ok
11:43:11.0926 6972 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:43:11.0926 6972 sbp2port - ok
11:43:11.0958 6972 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:43:11.0958 6972 SCardSvr - ok
11:43:11.0989 6972 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:43:12.0004 6972 scfilter - ok
11:43:12.0051 6972 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:43:12.0082 6972 Schedule - ok
11:43:12.0129 6972 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:43:12.0129 6972 SCPolicySvc - ok
11:43:12.0176 6972 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:43:12.0176 6972 SDRSVC - ok
11:43:12.0207 6972 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:43:12.0207 6972 secdrv - ok
11:43:12.0238 6972 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:43:12.0254 6972 seclogon - ok
11:43:12.0285 6972 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:43:12.0285 6972 SENS - ok
11:43:12.0316 6972 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:43:12.0316 6972 SensrSvc - ok
11:43:12.0441 6972 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:43:12.0441 6972 Serenum - ok
11:43:12.0472 6972 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:43:12.0472 6972 Serial - ok
11:43:12.0519 6972 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:43:12.0535 6972 sermouse - ok
11:43:12.0566 6972 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:43:12.0566 6972 SessionEnv - ok
11:43:12.0613 6972 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:43:12.0613 6972 sffdisk - ok
11:43:12.0628 6972 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:43:12.0628 6972 sffp_mmc - ok
11:43:12.0644 6972 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:43:12.0644 6972 sffp_sd - ok
11:43:12.0675 6972 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:43:12.0675 6972 sfloppy - ok
11:43:12.0722 6972 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:43:12.0738 6972 Sftfs - ok
11:43:12.0831 6972 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:43:12.0831 6972 sftlist - ok
11:43:12.0862 6972 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:43:12.0862 6972 Sftplay - ok
11:43:12.0894 6972 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:43:12.0894 6972 Sftredir - ok
11:43:12.0909 6972 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:43:12.0909 6972 Sftvol - ok
11:43:12.0925 6972 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:43:12.0940 6972 sftvsa - ok
11:43:12.0987 6972 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:43:12.0987 6972 SharedAccess - ok
11:43:13.0065 6972 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:43:13.0081 6972 ShellHWDetection - ok
11:43:13.0081 6972 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:43:13.0081 6972 SiSRaid2 - ok
11:43:13.0096 6972 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:43:13.0096 6972 SiSRaid4 - ok
11:43:13.0112 6972 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:43:13.0112 6972 Smb - ok
11:43:13.0159 6972 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:43:13.0159 6972 SNMPTRAP - ok
11:43:13.0221 6972 Soda PDF 2011 Helper Service (a2fcc672e65fa604801bce2ecb301e7d) C:\Program Files (x86)\Soda PDF 2011\HelperService.exe
11:43:13.0237 6972 Soda PDF 2011 Helper Service - ok
11:43:13.0268 6972 Soda PDF 2011 Service (1349cc7e264575f6071f5c8db81a6605) C:\Program Files (x86)\Soda PDF 2011\ConversionService.exe
11:43:13.0284 6972 Soda PDF 2011 Service - ok
11:43:13.0299 6972 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:43:13.0299 6972 spldr - ok
11:43:13.0330 6972 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:43:13.0330 6972 Spooler - ok
11:43:13.0424 6972 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:43:13.0440 6972 sppsvc - ok
11:43:13.0455 6972 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:43:13.0455 6972 sppuinotify - ok
11:43:13.0471 6972 sptd - ok
11:43:13.0518 6972 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:43:13.0533 6972 srv - ok
11:43:13.0549 6972 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:43:13.0564 6972 srv2 - ok
11:43:13.0580 6972 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:43:13.0580 6972 srvnet - ok
11:43:13.0611 6972 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:43:13.0627 6972 SSDPSRV - ok
11:43:13.0658 6972 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
11:43:13.0658 6972 SSPORT - ok
11:43:13.0689 6972 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:43:13.0689 6972 SstpSvc - ok
11:43:13.0767 6972 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
11:43:13.0767 6972 StarWindServiceAE - ok
11:43:13.0783 6972 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:43:13.0798 6972 stexstor - ok
11:43:13.0814 6972 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
11:43:13.0814 6972 StillCam - ok
11:43:13.0861 6972 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:43:13.0876 6972 stisvc - ok
11:43:13.0908 6972 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:43:13.0908 6972 swenum - ok
11:43:14.0001 6972 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:43:14.0001 6972 SwitchBoard - ok
11:43:14.0032 6972 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:43:14.0048 6972 swprv - ok
11:43:14.0142 6972 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:43:14.0173 6972 SysMain - ok
11:43:14.0204 6972 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:43:14.0204 6972 TabletInputService - ok
11:43:14.0235 6972 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:43:14.0235 6972 TapiSrv - ok
11:43:14.0251 6972 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:43:14.0266 6972 TBS - ok
11:43:14.0329 6972 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:43:14.0376 6972 Tcpip - ok
11:43:14.0407 6972 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:43:14.0422 6972 TCPIP6 - ok
11:43:14.0469 6972 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:43:14.0469 6972 tcpipreg - ok
11:43:14.0485 6972 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:43:14.0485 6972 TDPIPE - ok
11:43:14.0516 6972 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:43:14.0516 6972 TDTCP - ok
11:43:14.0547 6972 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:43:14.0547 6972 tdx - ok
11:43:14.0672 6972 TeamViewer6 (01a402d34732ca3da91786adcc765069) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
11:43:14.0688 6972 TeamViewer6 - ok
11:43:14.0719 6972 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:43:14.0719 6972 TermDD - ok
11:43:14.0750 6972 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:43:14.0766 6972 TermService - ok
11:43:14.0797 6972 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:43:14.0797 6972 Themes - ok
11:43:14.0828 6972 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:43:14.0828 6972 THREADORDER - ok
11:43:14.0859 6972 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:43:14.0859 6972 TrkWks - ok
11:43:14.0890 6972 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:43:14.0890 6972 TrustedInstaller - ok
11:43:14.0937 6972 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:43:14.0937 6972 tssecsrv - ok
11:43:14.0968 6972 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:43:14.0968 6972 TsUsbFlt - ok
11:43:15.0015 6972 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:43:15.0031 6972 tunnel - ok
11:43:15.0062 6972 TwonkyMedia - ok
11:43:15.0062 6972 TwonkyWebDav - ok
11:43:15.0093 6972 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:43:15.0093 6972 uagp35 - ok
11:43:15.0124 6972 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
11:43:15.0124 6972 UBHelper - ok
11:43:15.0156 6972 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:43:15.0171 6972 udfs - ok
11:43:15.0218 6972 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:43:15.0218 6972 UI0Detect - ok
11:43:15.0249 6972 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:43:15.0249 6972 uliagpkx - ok
11:43:15.0280 6972 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:43:15.0280 6972 umbus - ok
11:43:15.0327 6972 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:43:15.0327 6972 UmPass - ok
11:43:15.0390 6972 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
11:43:15.0390 6972 Updater Service - ok
11:43:15.0421 6972 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:43:15.0436 6972 upnphost - ok
11:43:15.0452 6972 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:43:15.0468 6972 USBAAPL64 - ok
11:43:15.0499 6972 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:43:15.0499 6972 usbccgp - ok
11:43:15.0546 6972 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:43:15.0546 6972 usbcir - ok
11:43:15.0577 6972 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:43:15.0577 6972 usbehci - ok
11:43:15.0608 6972 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:43:15.0624 6972 usbhub - ok
11:43:15.0639 6972 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:43:15.0655 6972 usbohci - ok
11:43:15.0655 6972 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:43:15.0655 6972 usbprint - ok
11:43:15.0748 6972 USBS3S4Detection (b5e6c4f280ebf0b16f74a5b415f2e0df) C:\OEM\USBDECTION\USBS3S4Detection.exe
11:43:15.0748 6972 USBS3S4Detection - ok
11:43:15.0764 6972 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:43:15.0764 6972 usbscan - ok
11:43:15.0780 6972 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:43:15.0780 6972 USBSTOR - ok
11:43:15.0811 6972 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:43:15.0811 6972 usbuhci - ok
11:43:15.0826 6972 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:43:15.0842 6972 UxSms - ok
11:43:15.0873 6972 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:43:15.0889 6972 VaultSvc - ok
11:43:15.0920 6972 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
11:43:15.0920 6972 VClone - ok
11:43:15.0951 6972 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:43:15.0951 6972 vdrvroot - ok
11:43:15.0998 6972 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:43:16.0014 6972 vds - ok
11:43:16.0045 6972 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:43:16.0045 6972 vga - ok
11:43:16.0076 6972 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:43:16.0076 6972 VgaSave - ok
11:43:16.0107 6972 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:43:16.0107 6972 vhdmp - ok
11:43:16.0138 6972 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:43:16.0138 6972 viaide - ok
11:43:16.0170 6972 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:43:16.0170 6972 volmgr - ok
11:43:16.0201 6972 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:43:16.0201 6972 volmgrx - ok
11:43:16.0232 6972 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:43:16.0232 6972 volsnap - ok
11:43:16.0263 6972 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:43:16.0263 6972 vsmraid - ok
11:43:16.0341 6972 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:43:16.0357 6972 VSS - ok
11:43:16.0372 6972 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:43:16.0372 6972 vwifibus - ok
11:43:16.0404 6972 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:43:16.0404 6972 vwififlt - ok
11:43:16.0435 6972 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:43:16.0435 6972 W32Time - ok
11:43:16.0466 6972 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:43:16.0466 6972 WacomPen - ok
11:43:16.0497 6972 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:43:16.0497 6972 WANARP - ok
11:43:16.0497 6972 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:43:16.0497 6972 Wanarpv6 - ok
11:43:16.0560 6972 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:43:16.0591 6972 WatAdminSvc - ok
11:43:16.0653 6972 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:43:16.0700 6972 wbengine - ok
11:43:16.0731 6972 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:43:16.0731 6972 WbioSrvc - ok
11:43:16.0794 6972 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
11:43:16.0794 6972 WcesComm - ok
11:43:16.0840 6972 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:43:16.0856 6972 wcncsvc - ok
11:43:16.0887 6972 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:43:16.0903 6972 WcsPlugInService - ok
11:43:16.0918 6972 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:43:16.0918 6972 Wd - ok
11:43:16.0965 6972 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
11:43:16.0965 6972 WDC_SAM - ok
11:43:16.0996 6972 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:43:17.0012 6972 Wdf01000 - ok
11:43:17.0028 6972 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:43:17.0028 6972 WdiServiceHost - ok
11:43:17.0043 6972 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:43:17.0043 6972 WdiSystemHost - ok
11:43:17.0090 6972 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:43:17.0090 6972 WebClient - ok
11:43:17.0106 6972 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:43:17.0121 6972 Wecsvc - ok
11:43:17.0137 6972 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:43:17.0137 6972 wercplsupport - ok
11:43:17.0168 6972 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:43:17.0168 6972 WerSvc - ok
11:43:17.0184 6972 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:43:17.0184 6972 WfpLwf - ok
11:43:17.0199 6972 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:43:17.0199 6972 WIMMount - ok
11:43:17.0230 6972 WinDefend - ok
11:43:17.0230 6972 WinHttpAutoProxySvc - ok
11:43:17.0386 6972 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:43:17.0386 6972 Winmgmt - ok
11:43:17.0464 6972 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:43:17.0511 6972 WinRM - ok
11:43:17.0574 6972 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:43:17.0574 6972 WinUsb - ok
11:43:17.0605 6972 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:43:17.0636 6972 Wlansvc - ok
11:43:17.0761 6972 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:43:17.0761 6972 wlcrasvc - ok
11:43:17.0839 6972 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:43:17.0886 6972 wlidsvc - ok
11:43:17.0917 6972 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:43:17.0917 6972 WmiAcpi - ok
11:43:17.0948 6972 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:43:17.0948 6972 wmiApSrv - ok
11:43:17.0964 6972 WMPNetworkSvc - ok
11:43:17.0995 6972 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:43:17.0995 6972 WPCSvc - ok
11:43:18.0042 6972 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:43:18.0057 6972 WPDBusEnum - ok
11:43:18.0073 6972 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:43:18.0073 6972 ws2ifsl - ok
11:43:18.0104 6972 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:43:18.0120 6972 wscsvc - ok
11:43:18.0151 6972 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:43:18.0151 6972 WSDPrintDevice - ok
11:43:18.0166 6972 WSearch - ok
11:43:18.0244 6972 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:43:18.0260 6972 wuauserv - ok
11:43:18.0307 6972 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:43:18.0307 6972 WudfPf - ok
11:43:18.0338 6972 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:43:18.0338 6972 WUDFRd - ok
11:43:18.0385 6972 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:43:18.0400 6972 wudfsvc - ok
11:43:18.0416 6972 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:43:18.0432 6972 WwanSvc - ok
11:43:18.0494 6972 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:43:18.0510 6972 YahooAUService - ok
11:43:18.0556 6972 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0
11:43:18.0588 6972 \Device\Harddisk0\DR0 - ok
11:43:18.0603 6972 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:43:18.0603 6972 \Device\Harddisk1\DR1 - ok
11:43:18.0603 6972 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk11\DR11
11:43:18.0619 6972 \Device\Harddisk11\DR11 - ok
11:43:18.0619 6972 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk7\DR7
11:43:18.0619 6972 \Device\Harddisk7\DR7 - ok
11:43:18.0650 6972 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk8\DR8
11:43:18.0650 6972 \Device\Harddisk8\DR8 - ok
11:43:18.0946 6972 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk9\DR9
11:43:18.0993 6972 \Device\Harddisk9\DR9 - ok
11:43:19.0009 6972 Boot (0x1200) (0144c498166ed547c7264f27a3fffe99) \Device\Harddisk0\DR0\Partition0
11:43:19.0009 6972 \Device\Harddisk0\DR0\Partition0 - ok
11:43:19.0024 6972 Boot (0x1200) (bfebe921789e8460c476dd2e8a5ba630) \Device\Harddisk0\DR0\Partition1
11:43:19.0024 6972 \Device\Harddisk0\DR0\Partition1 - ok
11:43:19.0024 6972 Boot (0x1200) (4a3a219ac6487584c0eeaf13ef0132c9) \Device\Harddisk1\DR1\Partition0
11:43:19.0024 6972 \Device\Harddisk1\DR1\Partition0 - ok
11:43:19.0040 6972 Boot (0x1200) (dacb0866dd1d7d7e97c56118bb912d67) \Device\Harddisk11\DR11\Partition0
11:43:19.0040 6972 \Device\Harddisk11\DR11\Partition0 - ok
11:43:19.0040 6972 Boot (0x1200) (9230991b90cd70e0181adaa15c1da05d) \Device\Harddisk7\DR7\Partition0
11:43:19.0040 6972 \Device\Harddisk7\DR7\Partition0 - ok
11:43:19.0040 6972 Boot (0x1200) (4ed7179a5cdb1760f83db50dd95e155e) \Device\Harddisk8\DR8\Partition0
11:43:19.0040 6972 \Device\Harddisk8\DR8\Partition0 - ok
11:43:19.0040 6972 Boot (0x1200) (a9bd354406c15105666793b88931da4f) \Device\Harddisk9\DR9\Partition0
11:43:19.0056 6972 \Device\Harddisk9\DR9\Partition0 - ok
11:43:19.0056 6972 ============================================================
11:43:19.0056 6972 Scan finished
11:43:19.0056 6972 ============================================================
11:43:19.0056 6936 Detected object count: 0
11:43:19.0056 6936 Actual detected object count: 0
11:47:16.0847 5556 ============================================================
11:47:16.0847 5556 Scan started
11:47:16.0847 5556 Mode: Manual; SigCheck; TDLFS;
11:47:16.0847 5556 ============================================================
11:47:17.0268 5556 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:47:17.0346 5556 1394ohci - ok
11:47:17.0362 5556 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:47:17.0377 5556 ACPI - ok
11:47:17.0408 5556 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:47:17.0440 5556 AcpiPmi - ok
11:47:17.0533 5556 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:47:17.0549 5556 AdobeARMservice - ok
11:47:17.0642 5556 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:47:17.0658 5556 AdobeFlashPlayerUpdateSvc - ok
11:47:17.0705 5556 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:47:17.0720 5556 adp94xx - ok
11:47:17.0720 5556 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:47:17.0736 5556 adpahci - ok
11:47:17.0767 5556 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:47:17.0783 5556 adpu320 - ok
11:47:17.0814 5556 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:47:17.0861 5556 AeLookupSvc - ok
11:47:17.0892 5556 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:47:17.0923 5556 AFD - ok
11:47:17.0939 5556 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:47:17.0954 5556 agp440 - ok
11:47:17.0986 5556 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:47:18.0001 5556 ALG - ok
11:47:18.0017 5556 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:47:18.0017 5556 aliide - ok
11:47:18.0048 5556 AMD External Events Utility (6a17a31af7d85435566970bc97f8385e) C:\Windows\system32\atiesrxx.exe
11:47:18.0079 5556 AMD External Events Utility - ok
11:47:18.0095 5556 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:47:18.0110 5556 amdide - ok
11:47:18.0126 5556 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:47:18.0142 5556 AmdK8 - ok
11:47:18.0266 5556 amdkmdag (4b24b270904a9c11e6433f89c06c07d9) C:\Windows\system32\DRIVERS\atipmdag.sys
11:47:18.0329 5556 amdkmdag - ok
11:47:18.0360 5556 amdkmdap (df0236c8eb72cf2698c9e74702d3e127) C:\Windows\system32\DRIVERS\atikmpag.sys
11:47:18.0407 5556 amdkmdap - ok
11:47:18.0422 5556 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:47:18.0469 5556 AmdPPM - ok
11:47:18.0516 5556 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:47:18.0532 5556 amdsata - ok
11:47:18.0563 5556 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:47:18.0594 5556 amdsbs - ok
11:47:18.0625 5556 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:47:18.0641 5556 amdxata - ok
11:47:18.0688 5556 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:47:18.0750 5556 AppID - ok
11:47:18.0781 5556 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:47:18.0812 5556 AppIDSvc - ok
11:47:18.0844 5556 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:47:18.0890 5556 Appinfo - ok
11:47:18.0968 5556 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:47:18.0984 5556 Apple Mobile Device - ok
11:47:19.0031 5556 Application Updater (efacaab066d923a10435cf87e8c4d280) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
11:47:19.0078 5556 Application Updater - ok
11:47:19.0078 5556 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:47:19.0093 5556 arc - ok
11:47:19.0124 5556 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:47:19.0140 5556 arcsas - ok
11:47:19.0171 5556 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
11:47:19.0202 5556 aswFsBlk - ok
11:47:19.0218 5556 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
11:47:19.0218 5556 aswMonFlt - ok
11:47:19.0249 5556 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
11:47:19.0265 5556 aswRdr - ok
11:47:19.0296 5556 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
11:47:19.0327 5556 aswSnx - ok
11:47:19.0343 5556 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
11:47:19.0358 5556 aswSP - ok
11:47:19.0390 5556 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
11:47:19.0390 5556 aswTdi - ok
11:47:19.0421 5556 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:47:19.0499 5556 AsyncMac - ok
11:47:19.0514 5556 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:47:19.0530 5556 atapi - ok
11:47:19.0561 5556 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
11:47:19.0608 5556 AtiHdmiService - ok
11:47:19.0670 5556 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:47:19.0748 5556 AudioEndpointBuilder - ok
11:47:19.0748 5556 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:47:19.0780 5556 AudioSrv - ok
11:47:19.0858 5556 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:47:19.0889 5556 avast! Antivirus - ok
11:47:19.0936 5556 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:47:19.0982 5556 AxInstSV - ok
11:47:20.0076 5556 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:47:20.0107 5556 b06bdrv - ok
11:47:20.0170 5556 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:47:20.0216 5556 b57nd60a - ok
11:47:20.0279 5556 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:47:20.0310 5556 BBSvc - ok
11:47:20.0357 5556 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:47:20.0372 5556 BBUpdate - ok
11:47:20.0404 5556 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:47:20.0435 5556 BDESVC - ok
11:47:20.0466 5556 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:47:20.0528 5556 Beep - ok
11:47:20.0591 5556 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:47:20.0638 5556 BFE - ok
11:47:20.0700 5556 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:47:20.0778 5556 BITS - ok
11:47:20.0794 5556 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:47:20.0825 5556 blbdrive - ok
11:47:20.0887 5556 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:47:20.0918 5556 Bonjour Service - ok
11:47:20.0950 5556 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:47:20.0950 5556 bowser - ok
11:47:20.0981 5556 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:47:21.0012 5556 BrFiltLo - ok
11:47:21.0028 5556 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:47:21.0028 5556 BrFiltUp - ok
11:47:21.0059 5556 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:47:21.0090 5556 BridgeMP - ok
11:47:21.0121 5556 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:47:21.0215 5556 Browser - ok
11:47:21.0293 5556 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:47:21.0324 5556 Brserid - ok
11:47:21.0355 5556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:47:21.0402 5556 BrSerWdm - ok
11:47:21.0433 5556 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:47:21.0480 5556 BrUsbMdm - ok
11:47:21.0511 5556 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:47:21.0542 5556 BrUsbSer - ok
11:47:21.0558 5556 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:47:21.0605 5556 BTHMODEM - ok
11:47:21.0620 5556 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:47:21.0683 5556 bthserv - ok
11:47:21.0683 5556 CarboniteService - ok
11:47:21.0714 5556 catchme - ok
11:47:21.0745 5556 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:47:21.0808 5556 cdfs - ok
11:47:21.0886 5556 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:47:21.0917 5556 cdrom - ok
11:47:21.0964 5556 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:47:22.0026 5556 CertPropSvc - ok
11:47:22.0042 5556 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:47:22.0073 5556 circlass - ok
11:47:22.0088 5556 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:47:22.0104 5556 CLFS - ok
11:47:22.0213 5556 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:22.0229 5556 clr_optimization_v2.0.50727_32 - ok
11:47:22.0276 5556 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:47:22.0291 5556 clr_optimization_v2.0.50727_64 - ok
11:47:22.0354 5556 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:22.0369 5556 clr_optimization_v4.0.30319_32 - ok
11:47:22.0416 5556 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:47:22.0432 5556 clr_optimization_v4.0.30319_64 - ok
11:47:22.0447 5556 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:47:22.0478 5556 CmBatt - ok
11:47:22.0525 5556 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:47:22.0541 5556 cmdide - ok
11:47:22.0603 5556 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:47:22.0650 5556 CNG - ok
11:47:22.0666 5556 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:47:22.0681 5556 Compbatt - ok
11:47:22.0744 5556 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:47:22.0790 5556 CompositeBus - ok
11:47:22.0790 5556 COMSysApp - ok
11:47:22.0806 5556 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:47:22.0822 5556 crcdisk - ok
11:47:22.0868 5556 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:47:22.0900 5556 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:47:22.0900 5556 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:47:22.0931 5556 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:47:22.0946 5556 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:47:22.0946 5556 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:47:22.0993 5556 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
11:47:23.0040 5556 CryptSvc - ok
11:47:23.0102 5556 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:47:23.0134 5556 cvhsvc - ok
11:47:23.0180 5556 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:47:23.0243 5556 DcomLaunch - ok
11:47:23.0258 5556 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:47:23.0305 5556 defragsvc - ok
11:47:23.0336 5556 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:47:23.0399 5556 DfsC - ok
11:47:23.0446 5556 DgiVecp (cfbb4907c7542180b5e0282301240006) C:\Windows\system32\Drivers\DgiVecp.sys
11:47:23.0461 5556 DgiVecp - ok
11:47:23.0492 5556 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:47:23.0570 5556 Dhcp - ok
11:47:23.0586 5556 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:47:23.0617 5556 discache - ok
11:47:23.0633 5556 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:47:23.0648 5556 Disk - ok
11:47:23.0680 5556 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:47:23.0695 5556 Dnscache - ok
11:47:23.0742 5556 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:47:23.0773 5556 dot3svc - ok
11:47:23.0820 5556 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:47:23.0898 5556 DPS - ok
11:47:23.0914 5556 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:47:23.0945 5556 drmkaud - ok
11:47:23.0992 5556 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:47:24.0038 5556 DXGKrnl - ok
11:47:24.0070 5556 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:47:24.0116 5556 EapHost - ok
11:47:24.0179 5556 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:47:24.0226 5556 ebdrv - ok
11:47:24.0257 5556 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:47:24.0272 5556 EFS - ok
11:47:24.0319 5556 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:47:24.0335 5556 ehRecvr - ok
11:47:24.0366 5556 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:47:24.0382 5556 ehSched - ok
11:47:24.0413 5556 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
11:47:24.0428 5556 ElbyCDIO - ok
11:47:24.0460 5556 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:47:24.0475 5556 elxstor - ok
11:47:24.0506 5556 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:47:24.0522 5556 ErrDev - ok
11:47:24.0569 5556 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:47:24.0600 5556 EventSystem - ok
11:47:24.0616 5556 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:47:24.0647 5556 exfat - ok
11:47:24.0662 5556 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:47:24.0725 5556 fastfat - ok
11:47:24.0772 5556 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:47:24.0787 5556 Fax - ok
11:47:24.0803 5556 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:47:24.0834 5556 fdc - ok
11:47:24.0850 5556 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:47:24.0881 5556 fdPHost - ok
11:47:24.0896 5556 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:47:24.0959 5556 FDResPub - ok
11:47:24.0990 5556 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:47:24.0990 5556 FileInfo - ok
11:47:25.0006 5556 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:47:25.0052 5556 Filetrace - ok
11:47:25.0068 5556 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:47:25.0084 5556 flpydisk - ok
11:47:25.0115 5556 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:47:25.0146 5556 FltMgr - ok
11:47:25.0193 5556 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:47:25.0224 5556 FontCache - ok
11:47:25.0271 5556 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:47:25.0286 5556 FontCache3.0.0.0 - ok
11:47:25.0364 5556 FreeAgentGoNext Service (9513b437b7adb1e6065b7f0d83d11ecf) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
11:47:25.0380 5556 FreeAgentGoNext Service - ok
11:47:25.0396 5556 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:47:25.0396 5556 FsDepends - ok
11:47:25.0442 5556 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:47:25.0458 5556 fssfltr - ok
11:47:25.0567 5556 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:47:25.0614 5556 fsssvc - ok
11:47:25.0630 5556 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:47:25.0645 5556 Fs_Rec - ok
11:47:25.0692 5556 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:47:25.0708 5556 fvevol - ok
11:47:25.0723 5556 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:47:25.0723 5556 gagp30kx - ok
11:47:25.0770 5556 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:47:25.0786 5556 GEARAspiWDM - ok
11:47:25.0832 5556 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:47:25.0895 5556 gpsvc - ok
11:47:25.0942 5556 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
11:47:25.0942 5556 GREGService - ok
11:47:26.0020 5556 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:26.0035 5556 gupdate - ok
11:47:26.0035 5556 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:26.0051 5556 gupdatem - ok
11:47:26.0066 5556 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:47:26.0082 5556 gusvc - ok
11:47:26.0098 5556 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:47:26.0113 5556 hcw85cir - ok
11:47:26.0160 5556 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:47:26.0191 5556 HdAudAddService - ok
11:47:26.0207 5556 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:47:26.0238 5556 HDAudBus - ok
11:47:26.0254 5556 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:47:26.0269 5556 HidBatt - ok
11:47:26.0300 5556 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:47:26.0332 5556 HidBth - ok
11:47:26.0363 5556 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:47:26.0378 5556 HidIr - ok
11:47:26.0410 5556 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:47:26.0488 5556 hidserv - ok
11:47:26.0503 5556 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:47:26.0519 5556 HidUsb - ok
11:47:26.0566 5556 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:47:26.0628 5556 hkmsvc - ok
11:47:26.0659 5556 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:47:26.0675 5556 HomeGroupListener - ok
11:47:26.0706 5556 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:47:26.0753 5556 HomeGroupProvider - ok
11:47:26.0768 5556 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:47:26.0784 5556 HpSAMD - ok
11:47:26.0831 5556 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:47:26.0893 5556 HTTP - ok
11:47:26.0924 5556 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:47:26.0956 5556 hwpolicy - ok
11:47:26.0971 5556 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:47:26.0987 5556 i8042prt - ok
11:47:27.0018 5556 IAANTMON (660bf3255a1eb18ed803fd2fba6ae400) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:47:27.0034 5556 IAANTMON - ok
11:47:27.0065 5556 iaStor (bf5442dc14608d18949dc83de37e667a) C:\Windows\system32\DRIVERS\iaStor.sys
11:47:27.0096 5556 iaStor - ok
11:47:27.0127 5556 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:47:27.0143 5556 iaStorV - ok
11:47:27.0221 5556 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:47:27.0252 5556 idsvc - ok
11:47:27.0283 5556 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:47:27.0299 5556 iirsp - ok
11:47:27.0346 5556 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:47:27.0377 5556 IKEEXT - ok
11:47:27.0439 5556 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
11:47:27.0502 5556 IntcAzAudAddService - ok
11:47:27.0517 5556 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:47:27.0517 5556 intelide - ok
11:47:27.0533 5556 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:47:27.0548 5556 intelppm - ok
11:47:27.0564 5556 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:47:27.0595 5556 IPBusEnum - ok
11:47:27.0611 5556 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:47:27.0658 5556 IpFilterDriver - ok
11:47:27.0689 5556 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:47:27.0751 5556 iphlpsvc - ok
11:47:27.0782 5556 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:47:27.0782 5556 IPMIDRV - ok
11:47:27.0798 5556 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:47:27.0845 5556 IPNAT - ok
11:47:27.0923 5556 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
11:47:27.0954 5556 iPod Service - ok
11:47:27.0970 5556 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:47:28.0001 5556 IRENUM - ok
11:47:28.0016 5556 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:47:28.0032 5556 isapnp - ok
11:47:28.0063 5556 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:47:28.0063 5556 iScsiPrt - ok
11:47:28.0079 5556 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:47:28.0094 5556 kbdclass - ok
11:47:28.0110 5556 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:47:28.0157 5556 kbdhid - ok
11:47:28.0188 5556 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:47:28.0204 5556 KeyIso - ok
11:47:28.0219 5556 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:47:28.0250 5556 KSecDD - ok
11:47:28.0266 5556 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:47:28.0282 5556 KSecPkg - ok
11:47:28.0313 5556 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:47:28.0328 5556 ksthunk - ok
11:47:28.0422 5556 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:47:28.0500 5556 KtmRm - ok
11:47:28.0531 5556 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:47:28.0562 5556 LanmanServer - ok
11:47:28.0609 5556 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:47:28.0640 5556 LanmanWorkstation - ok
11:47:28.0921 5556 Linksys_adapter_H (584528bf596a54b2bf6be5067adda44a) C:\Windows\system32\DRIVERS\AE2500w764.sys
11:47:28.0952 5556 Linksys_adapter_H - ok
11:47:28.0984 5556 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:47:29.0030 5556 lltdio - ok
11:47:29.0124 5556 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:47:29.0155 5556 lltdsvc - ok
11:47:29.0171 5556 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:47:29.0202 5556 lmhosts - ok
11:47:29.0218 5556 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:47:29.0233 5556 LSI_FC - ok
11:47:29.0264 5556 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:47:29.0280 5556 LSI_SAS - ok
11:47:29.0296 5556 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:47:29.0311 5556 LSI_SAS2 - ok
11:47:29.0327 5556 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:47:29.0342 5556 LSI_SCSI - ok
11:47:29.0374 5556 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:47:29.0405 5556 luafv - ok
11:47:29.0436 5556 MarvinBus (024da28053d57e9e32bee52600576bbb) C:\Windows\system32\DRIVERS\MarvinBus64.sys
11:47:29.0467 5556 MarvinBus - ok
11:47:29.0498 5556 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:47:29.0514 5556 MBAMProtector - ok
11:47:29.0701 5556 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:47:29.0732 5556 MBAMService - ok
11:47:29.0748 5556 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
11:47:29.0764 5556 MBfilt - ok
11:47:29.0795 5556 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:47:29.0842 5556 Mcx2Svc - ok
11:47:29.0873 5556 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:47:29.0888 5556 megasas - ok
11:47:29.0920 5556 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:47:29.0951 5556 MegaSR - ok
11:47:29.0982 5556 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:47:30.0029 5556 MMCSS - ok
11:47:30.0044 5556 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:47:30.0076 5556 Modem - ok
11:47:30.0107 5556 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:47:30.0154 5556 monitor - ok
11:47:30.0169 5556 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:47:30.0185 5556 mouclass - ok
11:47:30.0216 5556 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:47:30.0247 5556 mouhid - ok
11:47:30.0278 5556 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:47:30.0310 5556 mountmgr - ok
11:47:30.0341 5556 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:47:30.0356 5556 mpio - ok
11:47:30.0372 5556 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:47:30.0419 5556 mpsdrv - ok
11:47:30.0466 5556 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:47:30.0528 5556 MpsSvc - ok
11:47:30.0559 5556 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:47:30.0590 5556 MRxDAV - ok
11:47:30.0637 5556 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:47:30.0684 5556 mrxsmb - ok
11:47:30.0715 5556 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:47:30.0746 5556 mrxsmb10 - ok
11:47:30.0778 5556 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:47:30.0809 5556 mrxsmb20 - ok
11:47:30.0824 5556 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:47:30.0856 5556 msahci - ok
11:47:30.0871 5556 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:47:30.0887 5556 msdsm - ok
11:47:30.0918 5556 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:47:30.0934 5556 MSDTC - ok
11:47:30.0949 5556 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:47:30.0980 5556 Msfs - ok
11:47:30.0996 5556 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:47:31.0027 5556 mshidkmdf - ok
11:47:31.0043 5556 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:47:31.0043 5556 msisadrv - ok
11:47:31.0090 5556 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:47:31.0121 5556 MSiSCSI - ok
11:47:31.0136 5556 msiserver - ok
11:47:31.0152 5556 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:47:31.0168 5556 MSKSSRV - ok
11:47:31.0199 5556 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:47:31.0214 5556 MSPCLOCK - ok
11:47:31.0230 5556 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:47:31.0261 5556 MSPQM - ok
11:47:31.0292 5556 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:47:31.0308 5556 MsRPC - ok
11:47:31.0324 5556 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:47:31.0339 5556 mssmbios - ok
11:47:31.0355 5556 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:47:31.0417 5556 MSTEE - ok
11:47:31.0448 5556 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:47:31.0464 5556 MTConfig - ok
11:47:31.0480 5556 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:47:31.0495 5556 Mup - ok
11:47:31.0526 5556 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:47:31.0604 5556 napagent - ok
11:47:31.0620 5556 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:47:31.0667 5556 NativeWifiP - ok
11:47:31.0792 5556 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
11:47:31.0823 5556 NAUpdate - ok
11:47:31.0854 5556 NBVol (daca803a8d732fe5eeaa024ec342f81d) C:\Windows\system32\DRIVERS\NBVol.sys
11:47:31.0870 5556 NBVol - ok
11:47:31.0885 5556 NBVolUp (6208f622e9e35860dfb0753dff56f0c0) C:\Windows\system32\DRIVERS\NBVolUp.sys
11:47:31.0901 5556 NBVolUp - ok
11:47:31.0932 5556 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:47:31.0963 5556 NDIS - ok
11:47:31.0979 5556 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:47:32.0010 5556 NdisCap - ok
11:47:32.0010 5556 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:47:32.0041 5556 NdisTapi - ok
11:47:32.0072 5556 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:47:32.0104 5556 Ndisuio - ok
11:47:32.0135 5556 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:47:32.0197 5556 NdisWan - ok
11:47:32.0244 5556 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:47:32.0275 5556 NDProxy - ok
11:47:32.0322 5556 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:47:32.0338 5556 Nero BackItUp Scheduler 4.0 - ok
11:47:32.0384 5556 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
11:47:32.0416 5556 Netaapl - ok
11:47:32.0431 5556 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:47:32.0494 5556 NetBIOS - ok
11:47:32.0572 5556 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:47:32.0634 5556 NetBT - ok
11:47:32.0681 5556 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:47:32.0712 5556 Netlogon - ok
11:47:32.0806 5556 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:47:32.0852 5556 Netman - ok
11:47:32.0899 5556 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:47:32.0946 5556 netprofm - ok
11:47:33.0071 5556 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:47:33.0102 5556 NetTcpPortSharing - ok
11:47:33.0118 5556 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:47:33.0133 5556 nfrd960 - ok
11:47:33.0320 5556 NitroDriverReadSpool (7f98566a311ceb1fe2994f8c2a05fbc1) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
11:47:33.0336 5556 NitroDriverReadSpool - ok
11:47:33.0430 5556 NitroReaderDriverReadSpool2 (f7f0dfced28c897e43ef72502f967ca4) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
11:47:33.0445 5556 NitroReaderDriverReadSpool2 - ok
11:47:33.0508 5556 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:47:33.0586 5556 NlaSvc - ok
11:47:33.0695 5556 nlsX86cc (7bfa0c5d8a4a2f1c46a6a3a698bde3e5) C:\Windows\SysWOW64\NLSSRV32.EXE
11:47:33.0710 5556 nlsX86cc - ok
11:47:33.0726 5556 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:47:33.0757 5556 Npfs - ok
11:47:33.0788 5556 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:47:33.0820 5556 nsi - ok
11:47:33.0820 5556 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:47:33.0898 5556 nsiproxy - ok
11:47:33.0944 5556 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:47:33.0960 5556 Ntfs - ok
11:47:34.0038 5556 NTI IScheduleSvc (070ec05d5b1447e9bbf4167980ad7518) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
11:47:34.0054 5556 NTI IScheduleSvc - ok
11:47:34.0054 5556 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
11:47:34.0069 5556 NTIDrvr - ok
11:47:34.0085 5556 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:47:34.0100 5556 Null - ok
11:47:34.0132 5556 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:47:34.0147 5556 nvraid - ok
11:47:34.0163 5556 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:47:34.0178 5556 nvstor - ok
11:47:34.0194 5556 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:47:34.0210 5556 nv_agp - ok
11:47:34.0241 5556 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:47:34.0272 5556 ohci1394 - ok
11:47:34.0303 5556 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:47:34.0319 5556 ose - ok
11:47:34.0412 5556 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:47:34.0459 5556 osppsvc - ok
11:47:34.0490 5556 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:47:34.0506 5556 p2pimsvc - ok
11:47:34.0537 5556 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:47:34.0537 5556 p2psvc - ok
11:47:34.0553 5556 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:47:34.0568 5556 Parport - ok
11:47:34.0600 5556 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:47:34.0615 5556 partmgr - ok
11:47:34.0631 5556 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:47:34.0662 5556 PcaSvc - ok
11:47:34.0678 5556 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:47:34.0693 5556 pci - ok
11:47:34.0709 5556 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:47:34.0724 5556 pciide - ok
11:47:34.0740 5556 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:47:34.0756 5556 pcmcia - ok
11:47:34.0771 5556 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:47:34.0787 5556 pcw - ok
11:47:34.0802 5556 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:47:34.0865 5556 PEAUTH - ok
11:47:34.0912 5556 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:47:34.0943 5556 PerfHost - ok
11:47:35.0021 5556 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:47:35.0068 5556 pla - ok
11:47:35.0114 5556 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:47:35.0130 5556 PlugPlay - ok
11:47:35.0146 5556 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:47:35.0177 5556 PNRPAutoReg - ok
11:47:35.0208 5556 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:47:35.0224 5556 PNRPsvc - ok
11:47:35.0239 5556 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:47:35.0270 5556 PolicyAgent - ok
11:47:35.0286 5556 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:47:35.0317 5556 Power - ok
11:47:35.0348 5556 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:47:35.0380 5556 PptpMiniport - ok
11:47:35.0395 5556 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:47:35.0426 5556 Processor - ok
11:47:35.0458 5556 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
11:47:35.0504 5556 ProfSvc - ok
11:47:35.0551 5556 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:47:35.0582 5556 ProtectedStorage - ok
11:47:35.0614 5556 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:47:35.0645 5556 Psched - ok
11:47:35.0692 5556 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:47:35.0707 5556 ql2300 - ok
11:47:35.0738 5556 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:47:35.0754 5556 ql40xx - ok
11:47:35.0770 5556 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:47:35.0785 5556 QWAVE - ok
11:47:35.0801 5556 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:47:35.0832 5556 QWAVEdrv - ok
11:47:35.0879 5556 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
11:47:35.0894 5556 RapiMgr - ok
11:47:35.0910 5556 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:47:35.0941 5556 RasAcd - ok
11:47:35.0972 5556 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:47:36.0004 5556 RasAgileVpn - ok
11:47:36.0019 5556 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:47:36.0066 5556 RasAuto - ok
11:47:36.0082 5556 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:47:36.0144 5556 Rasl2tp - ok
11:47:36.0160 5556 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:47:36.0206 5556 RasMan - ok
11:47:36.0222 5556 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:47:36.0253 5556 RasPppoe - ok
11:47:36.0269 5556 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:47:36.0284 5556 RasSstp - ok
11:47:36.0316 5556 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:47:36.0347 5556 rdbss - ok
11:47:36.0378 5556 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:47:36.0394 5556 rdpbus - ok
11:47:36.0409 5556 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:47:36.0440 5556 RDPCDD - ok
11:47:36.0440 5556 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:47:36.0472 5556 RDPENCDD - ok
11:47:36.0487 5556 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:47:36.0518 5556 RDPREFMP - ok
11:47:36.0565 5556 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:47:36.0596 5556 RDPWD - ok
11:47:36.0643 5556 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:47:36.0659 5556 rdyboost - ok
11:47:36.0690 5556 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:47:36.0752 5556 RemoteAccess - ok
11:47:36.0768 5556 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:47:36.0799 5556 RemoteRegistry - ok
11:47:36.0830 5556 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
11:47:36.0846 5556 Revoflt - ok
11:47:36.0862 5556 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:47:36.0908 5556 RpcEptMapper - ok
11:47:36.0924 5556 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:47:36.0971 5556 RpcLocator - ok
11:47:37.0018 5556 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:47:37.0064 5556 RpcSs - ok
11:47:37.0080 5556 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:47:37.0127 5556 rspndr - ok
11:47:37.0158 5556 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:47:37.0174 5556 RTL8167 - ok
11:47:37.0205 5556 RTL8187B (4a06585c8673f4458e9fbbc9dddb4d28) C:\Windows\system32\DRIVERS\wg111v3.sys
11:47:37.0236 5556 RTL8187B - ok
11:47:37.0267 5556 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:47:37.0298 5556 SamSs - ok
11:47:37.0345 5556 Samsung UPD Service2 (2c31378a5695526e99adab928157b992) C:\Windows\System32\SUPDSvc2.exe
11:47:37.0361 5556 Samsung UPD Service2 - ok
11:47:37.0408 5556 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:47:37.0439 5556 sbp2port - ok
11:47:37.0454 5556 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:47:37.0501 5556 SCardSvr - ok
11:47:37.0532 5556 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:47:37.0595 5556 scfilter - ok
11:47:37.0642 5556 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:47:37.0673 5556 Schedule - ok
11:47:37.0720 5556 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:47:37.0766 5556 SCPolicySvc - ok
11:47:37.0844 5556 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:47:37.0860 5556 SDRSVC - ok
11:47:37.0891 5556 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:47:37.0938 5556 secdrv - ok
11:47:37.0969 5556 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:47:38.0016 5556 seclogon - ok
11:47:38.0047 5556 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:47:38.0110 5556 SENS - ok
11:47:38.0125 5556 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:47:38.0141 5556 SensrSvc - ok
11:47:38.0250 5556 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:47:38.0266 5556 Serenum - ok
11:47:38.0297 5556 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:47:38.0312 5556 Serial - ok
11:47:38.0328 5556 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:47:38.0359 5556 sermouse - ok
11:47:38.0406 5556 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:47:38.0468 5556 SessionEnv - ok
11:47:38.0515 5556 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:47:38.0546 5556 sffdisk - ok
11:47:38.0578 5556 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:47:38.0593 5556 sffp_mmc - ok
11:47:38.0609 5556 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:47:38.0640 5556 sffp_sd - ok
11:47:38.0671 5556 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:47:38.0702 5556 sfloppy - ok
11:47:38.0734 5556 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:47:38.0765 5556 Sftfs - ok
11:47:38.0843 5556 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:47:38.0874 5556 sftlist - ok
11:47:38.0890 5556 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:47:38.0921 5556 Sftplay - ok
11:47:38.0936 5556 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:47:38.0952 5556 Sftredir - ok
11:47:38.0968 5556 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:47:38.0968 5556 Sftvol - ok
11:47:38.0983 5556 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:47:38.0999 5556 sftvsa - ok
11:47:39.0046 5556 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:47:39.0108 5556 SharedAccess - ok
11:47:39.0155 5556 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:47:39.0217 5556 ShellHWDetection - ok
11:47:39.0233 5556 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:47:39.0248 5556 SiSRaid2 - ok
11:47:39.0248 5556 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:47:39.0264 5556 SiSRaid4 - ok
11:47:39.0280 5556 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:47:39.0311 5556 Smb - ok
11:47:39.0342 5556 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:47:39.0358 5556 SNMPTRAP - ok
11:47:39.0420 5556 Soda PDF 2011 Helper Service (a2fcc672e65fa604801bce2ecb301e7d) C:\Program Files (x86)\Soda PDF 2011\HelperService.exe
11:47:39.0451 5556 Soda PDF 2011 Helper Service - ok
11:47:39.0498 5556 Soda PDF 2011 Service (1349cc7e264575f6071f5c8db81a6605) C:\Program Files (x86)\Soda PDF 2011\ConversionService.exe
11:47:39.0514 5556 Soda PDF 2011 Service - ok
11:47:39.0529 5556 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:47:39.0545 5556 spldr - ok
11:47:39.0576 5556 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:47:39.0607 5556 Spooler - ok
11:47:39.0701 5556 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:47:39.0763 5556 sppsvc - ok
11:47:39.0779 5556 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:47:39.0810 5556 sppuinotify - ok
11:47:39.0810 5556 sptd - ok
11:47:39.0857 5556 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:47:39.0888 5556 srv - ok
11:47:39.0919 5556 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:47:39.0935 5556 srv2 - ok
11:47:39.0966 5556 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:47:39.0982 5556 srvnet - ok
11:47:40.0013 5556 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:47:40.0060 5556 SSDPSRV - ok
11:47:40.0106 5556 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
11:47:40.0122 5556 SSPORT - ok
11:47:40.0138 5556 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:47:40.0200 5556 SstpSvc - ok
11:47:40.0262 5556 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
11:47:40.0278 5556 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
11:47:40.0278 5556 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
11:47:40.0294 5556 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:47:40.0309 5556 stexstor - ok
11:47:40.0340 5556 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
11:47:40.0372 5556 StillCam - ok
11:47:40.0418 5556 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:47:40.0465 5556 stisvc - ok
11:47:40.0496 5556 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:47:40.0512 5556 swenum - ok
11:47:40.0590 5556 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:47:40.0621 5556 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:47:40.0621 5556 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:47:40.0637 5556 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:47:40.0684 5556 swprv - ok
11:47:40.0746 5556 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:47:40.0793 5556 SysMain - ok
11:47:40.0824 5556 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:47:40.0855 5556 TabletInputService - ok
11:47:40.0902 5556 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:47:40.0949 5556 TapiSrv - ok
11:47:40.0964 5556 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:47:40.0980 5556 TBS - ok
11:47:41.0042 5556 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:47:41.0089 5556 Tcpip - ok
11:47:41.0136 5556 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:47:41.0167 5556 TCPIP6 - ok
11:47:41.0214 5556 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:47:41.0276 5556 tcpipreg - ok
11:47:41.0292 5556 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:47:41.0292 5556 TDPIPE - ok
11:47:41.0323 5556 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:47:41.0354 5556 TDTCP - ok
11:47:41.0386 5556 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:47:41.0417 5556 tdx - ok
11:47:41.0510 5556 TeamViewer6 (01a402d34732ca3da91786adcc765069) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
11:47:41.0542 5556 TeamViewer6 - ok
11:47:41.0557 5556 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:47:41.0573 5556 TermDD - ok
11:47:41.0588 5556 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:47:41.0635 5556 TermService - ok
11:47:41.0651 5556 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:47:41.0666 5556 Themes - ok
11:47:41.0698 5556 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:47:41.0729 5556 THREADORDER - ok
11:47:41.0744 5556 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:47:41.0791 5556 TrkWks - ok
11:47:41.0807 5556 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:47:41.0854 5556 TrustedInstaller - ok
11:47:41.0885 5556 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:41.0947 5556 tssecsrv - ok
11:47:41.0963 5556 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:47:41.0978 5556 TsUsbFlt - ok
11:47:42.0010 5556 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:47:42.0056 5556 tunnel - ok
11:47:42.0088 5556 TwonkyMedia - ok
11:47:42.0088 5556 TwonkyWebDav - ok
11:47:42.0103 5556 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:47:42.0119 5556 uagp35 - ok
11:47:42.0134 5556 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
11:47:42.0150 5556 UBHelper - ok
11:47:42.0166 5556 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:47:42.0197 5556 udfs - ok
11:47:42.0212 5556 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:47:42.0228 5556 UI0Detect - ok
11:47:42.0244 5556 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:47:42.0259 5556 uliagpkx - ok
11:47:42.0306 5556 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:47:42.0337 5556 umbus - ok
11:47:42.0368 5556 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:47:42.0415 5556 UmPass - ok
11:47:42.0478 5556 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
11:47:42.0509 5556 Updater Service - ok
11:47:42.0524 5556 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:47:42.0587 5556 upnphost - ok
11:47:42.0712 5556 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:47:42.0743 5556 USBAAPL64 - ok
11:47:42.0790 5556 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:42.0805 5556 usbccgp - ok
11:47:42.0836 5556 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:47:42.0883 5556 usbcir - ok
11:47:42.0914 5556 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:47:42.0930 5556 usbehci - ok
11:47:42.0977 5556 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:47:43.0008 5556 usbhub - ok
11:47:43.0039 5556 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:47:43.0070 5556 usbohci - ok
11:47:43.0086 5556 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:47:43.0117 5556 usbprint - ok
11:47:43.0180 5556 USBS3S4Detection (b5e6c4f280ebf0b16f74a5b415f2e0df) C:\OEM\USBDECTION\USBS3S4Detection.exe
11:47:43.0195 5556 USBS3S4Detection - ok
11:47:43.0226 5556 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:47:43.0289 5556 usbscan - ok
11:47:43.0320 5556 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:43.0367 5556 USBSTOR - ok
11:47:43.0414 5556 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:47:43.0429 5556 usbuhci - ok
11:47:43.0445 5556 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:47:43.0507 5556 UxSms - ok
11:47:43.0554 5556 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:47:43.0570 5556 VaultSvc - ok
11:47:43.0585 5556 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
11:47:43.0601 5556 VClone - ok
11:47:43.0757 5556 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:47:43.0788 5556 vdrvroot - ok
11:47:43.0819 5556 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:47:43.0866 5556 vds - ok
11:47:43.0897 5556 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:43.0913 5556 vga - ok
11:47:43.0928 5556 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:47:43.0991 5556 VgaSave - ok
11:47:44.0022 5556 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:47:44.0038 5556 vhdmp - ok
11:47:44.0053 5556 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:47:44.0053 5556 viaide - ok
11:47:44.0084 5556 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:47:44.0084 5556 volmgr - ok
11:47:44.0131 5556 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:47:44.0162 5556 volmgrx - ok
11:47:44.0178 5556 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:47:44.0194 5556 volsnap - ok
11:47:44.0209 5556 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:47:44.0225 5556 vsmraid - ok
11:47:44.0287 5556 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:47:44.0350 5556 VSS - ok
11:47:44.0365 5556 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:47:44.0396 5556 vwifibus - ok
11:47:44.0428 5556 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:47:44.0459 5556 vwififlt - ok
11:47:44.0506 5556 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:47:44.0552 5556 W32Time - ok
11:47:44.0584 5556 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:47:44.0584 5556 WacomPen - ok
11:47:44.0599 5556 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:44.0646 5556 WANARP - ok
11:47:44.0646 5556 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:44.0677 5556 Wanarpv6 - ok
11:47:44.0724 5556 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:47:44.0755 5556 WatAdminSvc - ok
11:47:44.0833 5556 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:47:44.0864 5556 wbengine - ok
11:47:44.0880 5556 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:47:44.0896 5556 WbioSrvc - ok
11:47:44.0942 5556 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
11:47:44.0974 5556 WcesComm - ok
11:47:45.0020 5556 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:47:45.0036 5556 wcncsvc - ok
11:47:45.0052 5556 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:47:45.0083 5556 WcsPlugInService - ok
11:47:45.0098 5556 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:47:45.0114 5556 Wd - ok
11:47:45.0145 5556 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
11:47:45.0161 5556 WDC_SAM - ok
11:47:45.0208 5556 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:47:45.0239 5556 Wdf01000 - ok
11:47:45.0254 5556 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:47:45.0286 5556 WdiServiceHost - ok
11:47:45.0286 5556 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:47:45.0317 5556 WdiSystemHost - ok
11:47:45.0348 5556 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:47:45.0379 5556 WebClient - ok
11:47:45.0395 5556 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:47:45.0426 5556 Wecsvc - ok
11:47:45.0442 5556 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:47:45.0488 5556 wercplsupport - ok
11:47:45.0504 5556 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:47:45.0535 5556 WerSvc - ok
11:47:45.0551 5556 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:47:45.0566 5556 WfpLwf - ok
11:47:45.0582 5556 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:47:45.0598 5556 WIMMount - ok
11:47:45.0613 5556 WinDefend - ok
11:47:45.0613 5556 WinHttpAutoProxySvc - ok
11:47:45.0769 5556 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:47:45.0816 5556 Winmgmt - ok
11:47:45.0878 5556 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:47:45.0941 5556 WinRM - ok
11:47:45.0972 5556 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:47:46.0003 5556 WinUsb - ok
11:47:46.0050 5556 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:47:46.0097 5556 Wlansvc - ok
11:47:46.0190 5556 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:47:46.0206 5556 wlcrasvc - ok
11:47:46.0300 5556 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:46.0331 5556 wlidsvc - ok
11:47:46.0362 5556 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:47:46.0378 5556 WmiAcpi - ok
11:47:46.0409 5556 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:47:46.0440 5556 wmiApSrv - ok
11:47:46.0471 5556 WMPNetworkSvc - ok
11:47:46.0487 5556 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:47:46.0518 5556 WPCSvc - ok
11:47:46.0549 5556 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:47:46.0580 5556 WPDBusEnum - ok
11:47:46.0596 5556 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:47:46.0627 5556 ws2ifsl - ok
11:47:46.0643 5556 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:47:46.0674 5556 wscsvc - ok
11:47:46.0705 5556 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:47:46.0752 5556 WSDPrintDevice - ok
11:47:46.0768 5556 WSearch - ok
11:47:46.0846 5556 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:47:46.0908 5556 wuauserv - ok
11:47:46.0939 5556 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:47:46.0986 5556 WudfPf - ok
11:47:47.0033 5556 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:47.0064 5556 WUDFRd - ok
11:47:47.0095 5556 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:47:47.0158 5556 wudfsvc - ok
11:47:47.0189 5556 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:47:47.0220 5556 WwanSvc - ok
11:47:47.0282 5556 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:47:47.0314 5556 YahooAUService - ok
11:47:47.0360 5556 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0
11:47:47.0470 5556 \Device\Harddisk0\DR0 - ok
11:47:47.0470 5556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:47:47.0953 5556 \Device\Harddisk1\DR1 - ok
11:47:47.0969 5556 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk11\DR11
11:47:48.0172 5556 \Device\Harddisk11\DR11 - ok
11:47:48.0172 5556 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk7\DR7
11:47:48.0312 5556 \Device\Harddisk7\DR7 - ok
11:47:48.0328 5556 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk8\DR8
11:47:48.0484 5556 \Device\Harddisk8\DR8 - ok
11:47:48.0484 5556 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk9\DR9
11:47:48.0952 5556 \Device\Harddisk9\DR9 - ok
11:47:48.0967 5556 Boot (0x1200) (0144c498166ed547c7264f27a3fffe99) \Device\Harddisk0\DR0\Partition0
11:47:48.0967 5556 \Device\Harddisk0\DR0\Partition0 - ok
11:47:48.0967 5556 Boot (0x1200) (bfebe921789e8460c476dd2e8a5ba630) \Device\Harddisk0\DR0\Partition1
11:47:48.0983 5556 \Device\Harddisk0\DR0\Partition1 - ok
11:47:48.0983 5556 Boot (0x1200) (4a3a219ac6487584c0eeaf13ef0132c9) \Device\Harddisk1\DR1\Partition0
11:47:48.0983 5556 \Device\Harddisk1\DR1\Partition0 - ok
11:47:48.0983 5556 Boot (0x1200) (dacb0866dd1d7d7e97c56118bb912d67) \Device\Harddisk11\DR11\Partition0
11:47:48.0983 5556 \Device\Harddisk11\DR11\Partition0 - ok
11:47:48.0998 5556 Boot (0x1200) (9230991b90cd70e0181adaa15c1da05d) \Device\Harddisk7\DR7\Partition0
11:47:48.0998 5556 \Device\Harddisk7\DR7\Partition0 - ok
11:47:49.0014 5556 Boot (0x1200) (4ed7179a5cdb1760f83db50dd95e155e) \Device\Harddisk8\DR8\Partition0
11:47:49.0030 5556 \Device\Harddisk8\DR8\Partition0 - ok
11:47:49.0030 5556 Boot (0x1200) (a9bd354406c15105666793b88931da4f) \Device\Harddisk9\DR9\Partition0
11:47:49.0030 5556 \Device\Harddisk9\DR9\Partition0 - ok
11:47:49.0030 5556 ============================================================
11:47:49.0030 5556 Scan finished
11:47:49.0030 5556 ============================================================
11:47:49.0045 5672 Detected object count: 4
11:47:49.0045 5672 Actual detected object count: 4
11:49:40.0773 5672 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:49:40.0773 5672 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:49:40.0773 5672 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:49:40.0773 5672 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:49:40.0773 5672 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
11:49:40.0773 5672 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:49:40.0773 5672 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:49:40.0773 5672 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

-------------

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-12 11:51:54
-----------------------------
11:51:54.532 OS Version: Windows x64 6.1.7601 Service Pack 1
11:51:54.532 Number of processors: 8 586 0x1E05
11:51:54.532 ComputerName: DESKTOP-PC UserName: Pedro
11:51:56.217 Initialize success
11:51:56.264 AVAST engine defs: 12041200
11:52:12.800 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:52:12.800 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
11:52:12.800 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
11:52:12.800 Disk 1 Vendor: WDC_WD20 51.0 Size: 1907729MB BusType: 3
11:52:12.816 Disk 7 \Device\Harddisk7\DR7 -> \Device\0000008c
11:52:12.816 Disk 7 Vendor: Size: 1907729MB BusType: 0
11:52:12.816 Disk 8 \Device\Harddisk8\DR8 -> \Device\00000094
11:52:12.831 Disk 8 Vendor: Size: 1907729MB BusType: 0
11:52:12.831 Disk 9 \Device\Harddisk9\DR9 -> \Device\00000096
11:52:12.847 Disk 9 Vendor: Size: 1907729MB BusType: 0
11:52:12.847 Disk 11 \Device\Harddisk11\DR11 -> \Device\000000ae
11:52:12.862 Disk 11 Vendor: Size: 1907729MB BusType: 0
11:52:12.878 Disk 0 MBR read successfully
11:52:12.894 Disk 0 MBR scan
11:52:12.894 Disk 0 unknown MBR code
11:52:12.894 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 20480 MB offset 2048
11:52:12.909 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 41945088
11:52:12.909 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 933287 MB offset 42149888
11:52:12.925 Disk 0 scanning C:\Windows\system32\drivers
11:52:19.149 Service scanning
11:52:33.361 Modules scanning
11:52:33.361 Disk 0 trace - called modules:
11:52:33.377 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:52:33.392 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ddd790]
11:52:33.392 3 CLASSPNP.SYS[fffff88001b7d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b19050]
11:52:34.937 AVAST engine scan C:\Windows
11:52:38.603 AVAST engine scan C:\Windows\system32
11:54:10.939 AVAST engine scan C:\Windows\system32\drivers
11:54:19.706 AVAST engine scan C:\Users\Pedro
11:56:59.981 File: C:\Users\Pedro\AppData\LocalLow\FCSB000063445\Toolbar\ShoppingBHO.dll **INFECTED** Win32:Adware-gen [Adw]
12:05:51.349 AVAST engine scan C:\ProgramData
12:07:32.032 Scan finished successfully
16:51:18.084 Disk 0 MBR has been saved successfully to "C:\Users\Pedro\Desktop\MBR.dat"
16:51:18.084 The log file has been saved successfully to "C:\Users\Pedro\Desktop\aswMBR.txt"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 12 April 2012 - 05:59 PM

Greetings

for what is left missing you will have to do the following



In case, program's link shows as (empty):

Posted Image

  • Open Windows Explorer, navigate to Avast folder in Program Files
  • Right click on Avast ".exe" file, click "Create shortcut":

Posted Image

  • Copy that shortcut, go back to Start menu.
  • Right click on avast!Free Antivirus, click "Paste".
  • You'll see Avast shortcut recreated replacing (empty) entry.

Alternatively....
...you paste that shortcut in:
(XP) - C:\Documents and Settings\All Users\Start Menu\Programs\Avast
(Vista/7) - C:\Program Data\Start Menu\Programs\Avast



At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 GuardsRed928

GuardsRed928
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 14 April 2012 - 10:51 AM

Ongoing printer problems (Samsung Laser & HP Officejet 6500a Plus). It's like the spooler stalls. I'll try re-booting.

I didn't trust windows firewall so I installed ZoneAlarm.

Combofix after CFS Script:

ComboFix 12-04-14.01 - Pedro 04/14/2012 3:04.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5938 [GMT -5:00]
Running from: c:\users\Pedro\Desktop\ComboFix1.exe
Command switches used :: c:\users\Pedro\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pedro\AppData\Local\Temp\nsetr.dll
c:\users\Pedro\AppData\Local\Temp\ogmprv.dll
S:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-03-14 to 2012-04-14 )))))))))))))))))))))))))))))))
.
.
2012-04-14 08:22 . 2012-04-14 08:22 -------- d-----w- c:\users\Timmah\AppData\Local\temp
2012-04-14 08:22 . 2012-04-14 08:22 -------- d-----w- c:\users\Sam\AppData\Local\temp
2012-04-14 08:22 . 2012-04-14 08:22 -------- d-----w- c:\users\Livy\AppData\Local\temp
2012-04-14 08:22 . 2012-04-14 08:22 -------- d-----w- c:\users\Leah\AppData\Local\temp
2012-04-14 08:22 . 2012-04-14 08:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-14 03:13 . 2012-04-14 03:13 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26C781ED-CDE9-49D1-B21C-E61F74660688}\offreg.dll
2012-04-14 03:11 . 2012-04-14 03:11 -------- d-----w- c:\program files\iPod
2012-04-14 03:11 . 2012-04-14 03:11 -------- d-----w- c:\program files\iTunes
2012-04-13 23:35 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26C781ED-CDE9-49D1-B21C-E61F74660688}\mpengine.dll
2012-04-12 08:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 08:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 08:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 08:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 08:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-12 08:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-12 08:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-09 03:39 . 2012-04-09 03:39 -------- d-----w- c:\program files (x86)\ESET
2012-04-09 03:06 . 2011-12-23 04:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-04-09 03:06 . 2011-12-23 04:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-04-09 03:06 . 2011-12-23 04:09 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-04-09 03:06 . 2012-02-08 20:48 48264 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-04-09 03:05 . 2012-04-09 03:05 -------- d-----w- C:\My Backups
2012-04-09 03:00 . 2012-04-09 03:00 -------- d-----w- c:\users\Pedro\AppData\Roaming\VS Revo Group
2012-04-09 02:57 . 2012-04-09 02:57 -------- d-----w- c:\users\Pedro\AppData\Local\VS Revo Group
2012-04-09 02:57 . 2009-12-30 15:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-04-09 02:57 . 2012-04-09 02:57 -------- d-----w- c:\program files\VS Revo Group
2012-04-04 22:53 . 2012-04-04 22:53 -------- d-----w- c:\program files (x86)\Application Updater
2012-04-04 22:53 . 2012-04-04 22:53 -------- d-----w- c:\program files (x86)\pdfforge Toolbar
2012-04-04 22:53 . 2012-04-04 22:53 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-04-03 23:34 . 2012-04-03 23:34 -------- d-----w- c:\programdata\EaseUS
2012-04-03 21:37 . 2006-11-30 22:09 57344 ----a-w- c:\windows\SysWow64\ssdevm.dll
2012-04-03 21:37 . 2006-11-02 20:01 11576 ----a-w- c:\windows\system32\drivers\SSPORT.sys
2012-04-03 21:37 . 2006-11-02 16:27 54072 ----a-w- c:\windows\system32\drivers\DgivEcp.sys
2012-04-03 21:37 . 2006-08-15 23:42 49152 ----a-w- c:\windows\SysWow64\ssusbpn.dll
2012-04-03 21:37 . 2006-08-15 23:42 47104 ----a-w- c:\windows\system32\ssusbp64.dll
2012-04-03 21:37 . 2006-08-15 23:42 73728 ----a-w- c:\windows\system32\ssdevm64.dll
2012-04-03 21:37 . 2001-09-05 09:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-04-03 21:37 . 2001-09-05 09:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-04-03 21:37 . 2001-09-05 09:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-04-03 21:37 . 2001-09-05 09:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-04-03 21:37 . 2005-06-16 00:18 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-04-01 19:04 . 2006-12-04 06:26 22016 ----a-w- c:\windows\system32\SSGR3l6.dll
2012-04-01 19:04 . 2006-11-21 16:40 89600 ----a-w- c:\windows\system32\SSGR3ci.dll
2012-03-31 05:19 . 2012-04-03 01:26 -------- d-----w- c:\programdata\Samsung
2012-03-31 05:19 . 2011-04-19 10:37 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\spd__pc.dll
2012-03-31 05:19 . 2012-04-03 01:26 -------- d-----w- c:\program files (x86)\Samsung
2012-03-31 05:18 . 2011-12-02 03:12 164432 ----a-w- c:\windows\system32\SUPDSvcA2.dll
2012-03-31 05:18 . 2011-12-02 03:12 437328 ----a-w- c:\windows\system32\UPDIO2.dll
2012-03-31 05:18 . 2011-12-02 03:12 165456 ----a-w- c:\windows\system32\SUPDSvc2.exe
2012-03-31 05:18 . 2011-12-02 03:12 260688 ----a-w- c:\windows\SUPDRun.exe
2012-03-31 05:18 . 2011-04-11 05:26 34304 ----a-w- c:\windows\system32\spd__l.dll
2012-03-31 05:18 . 2010-10-20 08:46 89600 ----a-w- c:\windows\system32\spd__ci.dll
2012-03-31 05:18 . 2010-05-11 05:28 151552 ----a-w- c:\windows\system32\spd__ci.exe
2012-03-31 05:14 . 2012-03-31 05:14 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-03-16 07:02 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-31 05:14 . 2011-05-16 17:28 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-06 23:15 . 2011-04-26 05:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2011-04-26 05:19 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-06 23:15 . 2011-04-26 05:20 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:04 . 2011-04-26 05:20 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:04 . 2011-04-26 05:20 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:01 . 2011-04-26 05:20 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2011-04-26 05:20 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2011-04-26 05:20 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 14:18 . 2011-04-26 01:28 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 06:38 . 2012-03-13 21:17 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-13 21:17 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-13 21:17 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-13 21:17 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 16:01 . 2012-02-15 16:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 16:01 . 2012-02-15 16:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-10 06:36 . 2012-03-13 21:18 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-13 21:18 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-03 04:34 . 2012-03-13 21:18 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 06:38 . 2012-03-13 21:17 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 06:38 . 2012-03-13 21:17 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:33 . 2012-03-13 21:17 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-01-20 19:11 . 2012-01-20 19:11 530488 ----a-w- c:\windows\system32\drivers\sptd.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-09_16.05.44 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-02-16 09:00 . 2011-12-14 02:50 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-04-12 08:03 . 2012-02-28 01:03 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-04-12 08:03 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-02-16 09:00 . 2011-12-14 02:54 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-02-16 09:00 . 2011-12-14 02:54 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-04-12 08:03 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-04-14 08:24 . 2012-04-14 08:24 13923 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-04-09 05:07 . 2012-04-09 05:07 13923 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 04:54 . 2012-04-14 08:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-04-09 16:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-14 08:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-09 16:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-14 08:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-09 16:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-28 03:25 . 2012-04-14 08:29 59878 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-14 08:29 33996 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-04-26 01:52 . 2012-04-14 08:29 14900 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3654469530-1325855490-2393117803-1001_UserData.bin
+ 2012-04-12 08:03 . 2012-02-28 06:43 96256 c:\windows\system32\mshtmled.dll
- 2012-02-16 09:00 . 2011-12-14 06:57 96256 c:\windows\system32\mshtmled.dll
+ 2012-04-12 08:03 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-02-16 09:00 . 2011-12-14 07:02 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-02-16 09:00 . 2011-12-14 07:01 85504 c:\windows\system32\jsproxy.dll
+ 2012-04-12 08:03 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll
- 2009-07-14 05:30 . 2012-04-01 02:33 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-04-14 07:55 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-15 16:01 . 2012-02-15 16:01 52736 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaapl64.sys
+ 2011-04-25 19:35 . 2012-04-14 03:23 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-04-25 19:35 . 2012-04-09 16:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-04-25 19:35 . 2012-04-14 03:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-04-25 19:35 . 2012-04-09 16:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-14 03:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-09 16:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-04-14 07:47 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2012-02-28 09:03 . 2012-02-28 09:03 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-02-28 09:03 . 2012-02-28 09:03 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-02-28 09:03 . 2012-02-28 09:03 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-02-28 09:03 . 2012-02-28 09:03 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-02-28 09:03 . 2012-02-28 09:03 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-02-28 09:03 . 2012-02-28 09:03 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-12 08:04 . 2012-04-12 08:04 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-02-21 02:28 . 2012-02-21 02:28 53608 c:\windows\Installer\$PatchCache$\Managed\057978BEDBCC3104FB5D20494DADB50D\2.1.7\pthreadVC2.dll
+ 2012-02-21 02:28 . 2012-02-21 02:28 23248 c:\windows\Installer\$PatchCache$\Managed\057978BEDBCC3104FB5D20494DADB50D\2.1.7\AppleVersions.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\66b5c693a8aa660276216d7a521da5e2\System.Web.DynamicData.Design.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\5aa50d178dd6774b1d6b46a0997f0b95\WindowsLiveWriter.ni.exe
+ 2012-04-12 13:39 . 2012-04-12 13:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1371ed674fc04f510cb41524e2d4322d\System.Web.DynamicData.Design.ni.dll
- 2012-04-09 16:01 . 2012-04-09 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-14 08:25 . 2012-04-14 08:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-09 16:01 . 2012-04-09 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-14 08:25 . 2012-04-14 08:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-12 08:03 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll
- 2012-02-16 09:00 . 2011-12-14 02:55 231936 c:\windows\SysWOW64\url.dll
+ 2012-04-12 08:03 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll
- 2012-02-16 09:00 . 2011-12-14 02:53 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-04-12 08:03 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll
- 2012-02-16 09:00 . 2011-12-14 02:47 176640 c:\windows\SysWOW64\ieui.dll
- 2012-02-16 09:00 . 2011-12-14 07:03 237056 c:\windows\system32\url.dll
+ 2012-04-12 08:03 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll
- 2009-07-14 02:36 . 2012-04-03 22:00 624942 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-12 08:04 624942 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-12 08:04 107246 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-04-03 22:00 107246 c:\windows\system32\perfc009.dat
+ 2012-04-12 08:03 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll
- 2012-02-16 09:00 . 2011-12-14 07:00 818688 c:\windows\system32\jscript.dll
- 2012-02-16 09:00 . 2011-12-14 06:53 248320 c:\windows\system32\ieui.dll
+ 2012-04-12 08:03 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll
- 2009-07-14 05:30 . 2012-04-01 02:33 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-04-14 07:55 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-03-31 05:19 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-04-14 07:55 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-05-07 22:51 . 2011-05-07 22:51 454232 c:\windows\system32\DriverStore\FileRepository\vsdatant.inf_amd64_neutral_0a0e8d9d2ce16ccc\vsdatant.sys
+ 2011-05-07 22:51 . 2011-05-07 22:51 454232 c:\windows\system32\drivers\vsdatant.sys
+ 2009-07-14 05:01 . 2012-04-14 08:24 407432 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-04-09 05:07 407432 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-21 22:40 . 2012-01-21 22:40 616216 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2012-04-12 05:22 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-01-21 22:40 . 2012-01-21 22:40 616216 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2012-04-12 05:22 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-02-28 09:03 . 2012-02-28 09:03 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-12 08:04 . 2012-04-12 08:04 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-12 08:04 . 2012-04-12 08:04 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-02-10 16:38 . 2012-02-10 16:38 475136 c:\windows\Installer\2e9d6.msi
+ 2012-04-02 18:33 . 2012-04-14 03:12 380928 c:\windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe
- 2012-04-02 18:33 . 2012-04-02 18:33 380928 c:\windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe
+ 2012-04-14 03:12 . 2012-04-14 03:12 897024 c:\windows\Installer\{6D172D0A-B9F1-4046-AFAB-8599288545BF}\SafariIco.exe
+ 2012-02-15 16:02 . 2012-02-15 16:02 236904 c:\windows\Installer\$PatchCache$\Managed\A977DA8BAD2856347A0DDAD3FC5CC5FF\5.1.1\OutlookChangeNotifierAddIn_x64.dll
+ 2012-02-15 16:02 . 2012-02-15 16:02 227176 c:\windows\Installer\$PatchCache$\Managed\A977DA8BAD2856347A0DDAD3FC5CC5FF\5.1.1\OutlookChangeNotifierAddIn.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\3893bfa343bfd255531a743ffa660722\WindowsFormsIntegration.ni.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\a38a67bfd6245b2f72eb918a57d37bcd\System.ServiceProcess.ni.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\cdf11c8e0679ce7ff91dc37c6e1b5545\System.Messaging.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\81c23cf78d9779b1447762a8ffb26d0b\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ebd99d5801192b27f605630e2665db37\WindowsFormsIntegration.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9cabbb335fc6dff10392376707a4d0a2\System.ServiceProcess.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\621d2aae96fd06f9ccf66d335d7f1232\System.Messaging.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\62c9a6fe14577f82bcd2a8420b8fa2db\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\718e8186ee8de8555888be444b86d443\WindowsFormsIntegration.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\6138a7bf63fa559ffe856b586e369ba2\TaskScheduler.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\01e6d953aaaada7216112df9e0f39c11\System.Web.Routing.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\32b4d44198ecd16ca5deb1024642313f\System.Web.Entity.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\9d7b9e05e5bc7eab07de61a8dd70757a\System.Web.Entity.Design.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\e59cbe4ccb29922c44bf66d3ae044b32\System.Web.DynamicData.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\cb674da808088671f0633d46d1dade03\System.Web.Abstractions.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\2ea95f3113ace6c1adf4ab9f9fc4285e\System.ServiceProcess.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\c5bef7173a92e1a66e3f7a34eeed891f\System.Messaging.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\a94125636875d06389922fcd86b7a615\System.Drawing.Design.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\cc4082d64c96ff7569aa540b2bfb4e4e\napsnap.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\30d62e0be22cd4569141c32f8650773b\napinit.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\0da2c8a454593084e0215266b5572bf0\MMCFxCommon.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ecaf4199c3937827b85be8e8ac36de2b\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8dd963b1ac45ad4d484855d9853747bd\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\fe924ef08b715e71e410270c60cc372c\Microsoft.ManagementConsole.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\857d04eadbf226277488bfabfda2a01d\mcplayerinterop.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\7a2e04f455b793a14e9d1df5fdd93bf7\mcGlidHostObj.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\56c25b27b777af0b93999261cfeec0cd\EventViewer.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\2c9f3eaa3e79d491c1e29ab58fdcc54a\ehExtHost.ni.exe
+ 2012-04-12 13:36 . 2012-04-12 13:36 380416 c:\windows\assembly\NativeImages_v2.0.50727_64\Bluebeam.Stamp\8d519e8518bfe1b81fa3814455db0c79\Bluebeam.Stamp.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 436224 c:\windows\assembly\NativeImages_v2.0.50727_64\Bluebeam.Registrati#\afe2012ff93ae8808ac5a27a96d0b510\Bluebeam.Registration.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\d18f95503898b5d36f34b0c2872e3bf8\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dfc4c5fb2fd7cf7ef2ca7904ed8894cd\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c1cebbe0a603a48640715cc614a56e17\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7199c63efa6d23b6c1d6b9ff71c398b8\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6f253f7ba5f5f6c78b49e04ced9dd12a\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6dcc537cfbcba1817782f9e511c2e723\WindowsLive.Writer.Interop.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\56037ee13224135f0d3ee8880bbb33fc\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\33a88abae7d5ca2d8ead246bf37f50e1\WindowsLive.Writer.Api.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1b9c8bb92aacd9125d1e28ca09671a91\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1813db84c903f2ef58c0ba888a4facb8\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0d389bf5258c236e30054063334a45ee\WindowsLive.Writer.Controls.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\4725a5afe563175d731fa6b5c338803b\WindowsLive.Client.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\688abb339fb8301c37b0889a0d01dfa3\WindowsFormsIntegration.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\97d8bd8f21969a91b7c5171031250d1e\TaskScheduler.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\2d9aab831590b771aa70cd6991f7af88\System.Web.Routing.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47e3f7fa0b07e85e269f2e152e0e5e29\System.Web.Extensions.Design.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\3595f5769afb7d38aa5a05abef97364c\System.Web.Entity.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7485eeab1b46532b35d7ab5814a43a30\System.Web.Entity.Design.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ec083a1d2f94e4c565545f9d090c5039\System.Web.DynamicData.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\88430faf21e241f93d02711e35173de6\System.Web.Abstractions.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c2c7f68605a42caef1b7a19c51de58b4\System.ServiceProcess.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\69b1de7425d09eb9fe42f81882d2896e\System.Messaging.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b64b898fd099d1644a8673137ac56011\System.Drawing.Design.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\2ffec892832457d3530d59a9da07324c\napsnap.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\1167a79ab309e2a4e6da2bd2dbea01a6\napinit.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\c83df01d683dbeb36be10218cc50ff03\MMCFxCommon.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\68842b507f3ad7fa603bf57c813c6a0c\Microsoft.ManagementConsole.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\4e2b9e7e956dcee6a9721b57c8ccde60\EventViewer.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\380a1283ad9a74eb337feb276453a87f\ehExtHost32.ni.exe
+ 2012-04-12 13:39 . 2012-04-12 13:39 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Bluebeam.Stamp\5b44ca7dbc8226c66387d3b4b7f21de7\Bluebeam.Stamp.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 341504 c:\windows\assembly\NativeImages_v2.0.50727_32\Bluebeam.Registrati#\3fdd10a3a8a8a1d79cf4b5ce808503d3\Bluebeam.Registration.ni.dll
+ 2012-04-12 05:22 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-12 08:03 . 2012-02-28 01:11 1127424 c:\windows\SysWOW64\wininet.dll
- 2012-02-16 09:00 . 2011-12-14 02:57 1127424 c:\windows\SysWOW64\wininet.dll
- 2012-02-16 09:00 . 2011-12-14 02:57 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-04-12 08:03 . 2012-02-28 01:12 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-04-12 08:03 . 2012-03-06 05:59 3913072 c:\windows\SysWOW64\ntoskrnl.exe
- 2012-03-14 08:03 . 2011-11-19 14:50 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-04-12 08:03 . 2012-03-06 05:59 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-04-12 08:03 . 2012-02-28 01:18 1799168 c:\windows\SysWOW64\jscript9.dll
- 2012-02-16 09:00 . 2011-12-14 02:52 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-04-12 08:03 . 2012-02-28 01:04 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-04-12 08:03 . 2012-02-28 01:27 9705984 c:\windows\SysWOW64\ieframe.dll
- 2012-02-16 09:00 . 2011-12-14 07:04 1390080 c:\windows\system32\wininet.dll
+ 2012-04-12 08:03 . 2012-02-28 06:49 1390080 c:\windows\system32\wininet.dll
- 2012-02-16 09:00 . 2011-12-14 07:04 1345536 c:\windows\system32\urlmon.dll
+ 2012-04-12 08:03 . 2012-02-28 06:50 1345536 c:\windows\system32\urlmon.dll
- 2012-03-14 08:03 . 2011-11-19 15:20 5559152 c:\windows\system32\ntoskrnl.exe
+ 2012-04-12 08:03 . 2012-03-06 06:53 5559152 c:\windows\system32\ntoskrnl.exe
+ 2012-04-12 08:03 . 2012-02-28 06:56 2311168 c:\windows\system32\jscript9.dll
- 2012-02-16 09:00 . 2011-12-14 06:59 2144256 c:\windows\system32\iertutil.dll
+ 2012-04-12 08:03 . 2012-02-28 06:43 2144256 c:\windows\system32\iertutil.dll
+ 2012-02-15 16:01 . 2012-02-15 16:01 4547944 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaaplrc.dll
+ 2009-07-14 04:45 . 2012-04-12 13:33 7113258 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-03-14 12:44 7113258 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-25 08:21 . 2012-04-14 08:24 1836984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-05-25 08:21 . 2012-04-09 03:09 1836984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-02-28 09:02 . 2012-02-28 09:02 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-12 08:04 . 2012-04-12 08:04 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-02-28 09:02 . 2012-02-28 09:02 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-03-20 20:06 . 2012-03-20 20:06 2887680 c:\windows\Installer\e05f6.msi
+ 2012-03-20 20:05 . 2012-03-20 20:05 4895744 c:\windows\Installer\e05ec.msi
+ 2012-03-20 20:06 . 2012-03-20 20:06 9965056 c:\windows\Installer\e05e2.msi
+ 2012-01-22 15:20 . 2012-01-22 15:20 1707520 c:\windows\Installer\d9f0734.msp
+ 2012-04-12 08:08 . 2012-04-12 08:08 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\fb00cd7183b28470878a3b5687929a56\WindowsBase.ni.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\80de3f9f56bed3e05ba97741905abddb\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\21c096f214db354198e2664473875f06\System.Printing.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\9bcabb321026ee927401cbba73dff054\System.Drawing.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\90ec5a09a2329a45554d79e0fd9fbbee\System.Deployment.ni.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\45d4a9fa235f5658f8c9b89f6a4f691f\System.Activities.Presentation.ni.dll
+ 2012-04-12 08:09 . 2012-04-12 08:09 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8ad595c3d0668d10777d8ce28b88cc7c\ReachFramework.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\cb31bfb24a52f83cf826c00979827ba6\PresentationUI.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\a93e8035988f3d15d34aee7c817c547a\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\5281ac494089700d1c72c16478ab3363\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02ea3ff3b5908b51da47e1aeb9e75b04\WindowsBase.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\acae13e8725a0a5da6dcda3e309cb9d2\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\7175344bfab919484674d37de776a82f\System.Printing.ni.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 1665536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c02325260bdcecd695a87bbb24547df2\System.Drawing.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d0ae88ebdc709e940fbd0c6bafcab13c\System.Deployment.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\f4311e621d2bbf4de0d32bae765b1484\System.Activities.Presentation.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\f4ab7bc19b981163de613143a1e1c997\ReachFramework.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3e896ba1c3cc8d62c267508dccd7aa5a\PresentationUI.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\b568128ba083f17ce78eb224d9b85f4d\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-12 08:10 . 2012-04-12 08:10 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1f54c28f39e25b121c374480ad50d384\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\8f4bee781d2709ba927b31c6bee8abce\System.WorkflowServices.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\d26e6d07c2e10bc55c2bfd2440ec14bc\System.Workflow.ComponentModel.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\f044eaa5dc79454c4081bdbea81bf67e\System.Workflow.Activities.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\57631b92442dcbaa782800614f11eed4\System.Web.Mobile.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\f21b305ec2cacfd1737aba590508716a\System.Web.Extensions.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\01e5bdd5a9c2db218cf64aff1875bf10\System.Web.Extensions.Design.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\7e62d5f06809c96b0e957cc948d98d7c\System.Printing.ni.dll
+ 2012-04-12 13:33 . 2012-04-12 13:33 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\95d41ace5d8803b9318366ad5f0fbdff\System.Drawing.ni.dll
+ 2012-04-12 13:33 . 2012-04-12 13:33 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\7e705656ef1ee9078e0d51699d9e0858\System.Deployment.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 9486336 c:\windows\assembly\NativeImages_v2.0.50727_64\SlimDX\381d9c61cc733b329a4b156739eddf63\SlimDX.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\df3b4d20eaf81da80db9be811947e475\ReachFramework.ni.dll
+ 2012-04-12 13:33 . 2012-04-12 13:33 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\8e76dcfa3f4676022f95437037c8ad51\PresentationUI.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\92ab2a505e2b1e55887248752fc8791b\Narrator.ni.exe
+ 2012-04-12 13:37 . 2012-04-12 13:37 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\b843ee3c17f0b9d517f74f2fc2cef321\MMCEx.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\ff499b53b4b43e5cf6175a7d95fb15ea\MIGUIControls.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\a2368cca7264c3f047d16fefcb29ca66\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a365fda36604d8f8b6ea67667dc3dd46\Microsoft.PowerShell.Editor.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a1c24b217f836d73170c0f32b7dda5c2\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8dff78b6458b3995288e7e89aa7ae34a\Microsoft.MediaCenter.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\88b7272ddb53920b927a7ef59fd3ad6a\Microsoft.MediaCenter.UI.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1225d00b36449afd4a4314eadcb8bf58\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 2396672 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\d623b6052b6b0b754b844be1f65336a5\Microsoft.Ink.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\9e91d7c4464a12eb7d2c174ffc56c168\Microsoft.Ink.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\a67cf1480b9711c9e9da320bc5114879\Microsoft.Build.Tasks.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\7b5c7863043af7cd47dfb104c0fe6879\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\a1c741fa6d3e2635dd2a2a77890c87b5\mcstore.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 4598784 c:\windows\assembly\NativeImages_v2.0.50727_64\Bluebeam.Utilities\0721cf4eb8af0f92decaab11c72edc92\Bluebeam.Utilities.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ccd6bd76154a0c65e99ce3dfbfd99a77\WindowsLive.Writer.Localization.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b92ca36379e0e7fcfe5ef1e28b5cd7cf\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5a0f0d8b2827bb43452046b47b5846a8\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\02ffe1a4f894782e139d2da83562dfb8\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d362f68d3bf954ba55a4494a659492af\System.WorkflowServices.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6d2f8bad410dae6049507d7bc097a62d\System.Workflow.ComponentModel.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\31fd6842b7ccb502dc2f5f11c1f991bd\System.Workflow.Activities.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\a118322b0f5ffc0e67c06658e8788e1d\System.Web.Mobile.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e6747d0470e8a42907df14af10862844\System.Web.Extensions.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0b27d6da6e6bc319c3805435b818c1e5\System.Printing.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 1590784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\e45611cad86870a7011bb18b9e993861\System.Deployment.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 6590464 c:\windows\assembly\NativeImages_v2.0.50727_32\SlimDX\09148ae886db0d65f7354e347216320b\SlimDX.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\ffe872f5d03f8bf4d1e1aca71274aec4\ReachFramework.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\167ae650f54f5cd46c07329972f179ad\PresentationUI.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\a61a4567bd8a09a0068db7fcc46151e1\Narrator.ni.exe
+ 2012-04-12 13:39 . 2012-04-12 13:39 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\a8ac3e062a13d75ff8d632bed75358b0\MMCEx.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\2a348513f0f83117bedeb39a7d10b034\MIGUIControls.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ce70b84dbb9970e1893672c5d430c80\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a7364db379808ebdee5cd876d5af2656\Microsoft.PowerShell.Editor.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2a9dff80feb7cf8dbac17adb959159ca\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4a603d10666b9ee9487e7f0ce27c1c68\Microsoft.MediaCenter.UI.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\142b59a72b233db75ede02941b86291d\Microsoft.MediaCenter.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ffc29e128c4ddebb991189d617ed1bf7\Microsoft.Ink.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\0c9d80e810caa6aeb85bd4d253281434\Microsoft.Build.Tasks.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\008b235de7df9c690e3f289f3c776eda\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-12 13:39 . 2012-04-12 13:39 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\227b7eaefe6ae6b78190516516793b4b\mcstore.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 3848192 c:\windows\assembly\NativeImages_v2.0.50727_32\Bluebeam.Utilities\500b978255958185662500a5ffaa055f\Bluebeam.Utilities.ni.dll
+ 2012-04-12 08:03 . 2012-02-28 01:52 12281856 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-04-12 08:21 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-04-03 01:30 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-04-12 08:03 . 2012-02-28 07:34 17790976 c:\windows\system32\mshtml.dll
+ 2011-07-01 20:18 . 2012-04-12 08:01 57249312 c:\windows\system32\MRT.exe
+ 2012-04-12 08:03 . 2012-02-28 07:02 10888704 c:\windows\system32\ieframe.dll
+ 2011-05-26 03:16 . 2012-04-14 07:37 36976320 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3654469530-1325855490-2393117803-1001-12288.dat
+ 2012-04-04 13:32 . 2012-04-04 13:32 16613376 c:\windows\Installer\a98a5d.msp
+ 2012-04-14 03:12 . 2012-04-14 03:12 38234112 c:\windows\Installer\814225e.msi
+ 2012-04-14 03:09 . 2012-04-14 03:09 49125888 c:\windows\Installer\8142233.msi
+ 2012-04-14 03:09 . 2012-04-14 03:09 11105280 c:\windows\Installer\814163e.msi
+ 2012-04-14 03:09 . 2012-04-14 03:09 11631616 c:\windows\Installer\8141556.msi
+ 2012-04-14 03:09 . 2012-04-14 03:09 20396032 c:\windows\Installer\814149a.msi
+ 2012-04-12 08:09 . 2012-04-12 08:09 17353728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\c80f2e11e938ed65b843f750add94b35\System.Windows.Forms.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 24407040 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\b93196152e384bd43b9abf1e20c8d067\PresentationFramework.ni.dll
+ 2012-04-12 08:08 . 2012-04-12 08:08 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\fc074b5198bd925a4f5b48403bba0e34\PresentationCore.ni.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 13197312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0b36565a61f83137806e71b287d81042\System.Windows.Forms.ni.dll
+ 2012-04-12 08:06 . 2012-04-12 08:06 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7786f3e95a399a8b6691170ae2fe0e1c\PresentationFramework.ni.dll
+ 2012-04-12 08:05 . 2012-04-12 08:05 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\239eba799555dbe10760ee80c8c8df7c\PresentationCore.ni.dll
+ 2012-04-12 13:33 . 2012-04-12 13:33 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\3466442b4168ba11787961fcfd410adf\System.Windows.Forms.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\79c8a2e836c01784bb8e3e2d0ed26850\System.Web.ni.dll
+ 2012-04-12 13:34 . 2012-04-12 13:34 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\552733f73f5483946cce9229b27bdcb2\System.Design.ni.dll
+ 2012-04-12 13:33 . 2012-04-12 13:33 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\b87e4cff3eb13680c55a5f4ee9786b56\PresentationFramework.ni.dll
+ 2012-04-12 13:33 . 2012-04-12 13:33 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\1233412b58120995b639428b5e6d998e\PresentationCore.ni.dll
+ 2012-04-12 13:37 . 2012-04-12 13:37 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\d9a8c2b82b4370a5b0f537a65d867f49\ehshell.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 16584704 c:\windows\assembly\NativeImages_v2.0.50727_64\Bluebeam.Revu\52151f5e60949a7c4c8f7f1c99a1803d\Bluebeam.Revu.ni.dll
+ 2012-04-12 13:36 . 2012-04-12 13:36 30476800 c:\windows\assembly\NativeImages_v2.0.50727_64\Bluebeam.PDF\036468a4a335c9d18fa2f0fca17c0944\Bluebeam.PDF.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\846a51eb446bee41a26a6914a95e38cd\System.Design.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\43e23da6683962ea1168aaf007bbc35d\PresentationFramework.ni.dll
+ 2012-04-12 13:32 . 2012-04-12 13:32 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74d980e52c1791f1b8608d767a393144\PresentationCore.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 13629952 c:\windows\assembly\NativeImages_v2.0.50727_32\Bluebeam.Revu\6a517db2d22074fabfc88cdfb0d38223\Bluebeam.Revu.ni.dll
+ 2012-04-12 13:38 . 2012-04-12 13:38 24331776 c:\windows\assembly\NativeImages_v2.0.50727_32\Bluebeam.PDF\1c88c28daf699b99b5195f761800992e\Bluebeam.PDF.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
2012-03-14 04:41 266960 ----a-w- c:\program files (x86)\Check Point Software Technologies LTD\zonealarm\1.5.20.3\bh\zonealarm.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 20:23 1385864 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{980EB9EC-6EB5-4258-BDDB-EFE25C5F99EF}"= "c:\program files (x86)\Soda PDF 2011\PDFIEPlugin.dll" [2011-12-02 747352]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
"{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}"= "c:\program files (x86)\Check Point Software Technologies LTD\zonealarm\1.5.20.3\zonealarmTlbr.dll" [2012-03-14 274640]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{980eb9ec-6eb5-4258-bddb-efe25c5f99ef}]
[HKEY_CLASSES_ROOT\SodaPDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{EA100F6A-F239-4E91-9EA6-8B47CAD4EF0D}]
[HKEY_CLASSES_ROOT\SodaPDFIEPlugin.PDFIEConverter]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{438fae3e-bdef-44d3-ab8b-0c7c8350df59}]
[HKEY_CLASSES_ROOT\checkpoint.zonealarmdskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\checkpoint.zonealarmdskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-28 39408]
"CDC3CB6BC84F67BABA95C926C2DFBB40B778EA87._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-04-09 1224176]
"CrossRiderPlugin"="c:\program files (x86)\CrossriderWebApps\Crossrider.exe" [2011-05-15 478720]
"Akamai NetSession Interface"="c:\users\Pedro\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" [2009-11-17 244480]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-26 98304]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2010-01-22 1016320]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Hotkey Utility"="c:\program files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe" [2010-05-06 609312]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Simpo PDF Creator Pro Server"="c:\program files (x86)\Simpo PDF Creator Pro\SpcProSrv.exe" [2010-12-11 101376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-20 73360]
.
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-8-8 977408]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "d:\eudora\EuShlExt.dll" [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 135664]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-04-26 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-04-26 79360]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 135664]
R3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe [x]
R3 Soda PDF 2011 Helper Service;Soda PDF 2011 Helper Service;c:\program files (x86)\Soda PDF 2011\HelperService.exe [2011-12-02 828760]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-03-17 782744]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736]
S2 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [2010-01-08 23584]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-03-16 33672]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-03-16 827520]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-10-10 341296]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Soda PDF 2011 Service;Soda PDF 2011 Service;c:\program files (x86)\Soda PDF 2011\ConversionService.exe [2011-12-02 903512]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TwonkyMedia;TwonkyMedia;c:\program files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe [2011-11-21 509704]
S2 TwonkyWebDav;TwonkyWebDav;c:\program files (x86)\TwonkyMedia\twonkywebdav.exe [2011-11-21 245760]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [2010-01-28 243232]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - EUDISK
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 08:54]
.
2012-04-14 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-10-23 21:20]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 01:59]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-26 01:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060320]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"BbPrintMonitor"="c:\program files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe" [2010-11-30 201376]
"BbInstallUser"="c:\program files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe" [2011-08-12 38560]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 1126528]
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/calendar/render?tab=mc&pli=1&gsessionid=9iac8Z7tXbW9lbAnN91oXA
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=fx6840&r=17360411z306p04d5v155k4751r520
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Playlist - c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Beam to - c:\program files (x86)\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/231
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {{339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - {BE8D0059-D24D-4919-B76F-99F4A2203647} {BE8D0059-D24D-4919-B76F-99F4A2203647} - {be8d0059-d24d-4919-b76f-99f4a2203647}\inprocserver32 does not exist!
TCP: DhcpNameServer = 172.16.0.1
DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} - hxxp://zeppelinxpress.dyndns.org/HiDvrOcx.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-ogmprv - c:\users\Pedro\AppData\Local\Temp\ogmprv.dll
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3654469530-1325855490-2393117803-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3654469530-1325855490-2393117803-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\01\00\08\01\06\1ar"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\T*w*o*n*k*y*B*e*a*m*"!\Internet Explorer]
"Path"="c:\\Program Files (x86)\\Twonky\\TwonkyBeam\\Internet Explorer"
"Language"="1033"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\TwonkyMedia\TwonkyMediaServer.exe
c:\program files (x86)\TwonkyMedia\plugins\auto-update-plugin.exe
c:\program files (x86)\TwonkyMedia\plugins\mediafusion-integration-plugin.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
.
**************************************************************************
.
Completion time: 2012-04-14 05:11:06 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-14 10:09
.
Pre-Run: 518,238,281,728 bytes free
Post-Run: 517,980,438,528 bytes free
.
- - End Of File - - 6517B8FBD848F8E9BEDB86C80CFDFFC3

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 14 April 2012 - 03:28 PM

Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld


These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Advertising Center
Ask Toolbar
Bing Bar
Bing Rewards Client Installer
Java™ 6 Update 30
Uniblue DriverScanner
Vuze
Vuze Remote Toolbar
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.



Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 16 April 2012 - 11:28 PM

Hello


Just checking in on you as it has been a couple of days since I have heard from you.

Are you having any troubles or just need more time?




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 19 April 2012 - 11:21 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:51 AM

Posted 22 April 2012 - 11:58 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users