Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Infection - Symptom - browser redirect


  • This topic is locked This topic is locked
15 replies to this topic

#1 8chip8

8chip8

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 21 April 2012 - 06:02 PM

Thanks in advance for the help. Per the instructions DDS logs attached.

Worth noting - I have tried to fix this myself, and ran combofix before I realized I shouldn't.

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 21 April 2012 - 07:59 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 8chip8

8chip8
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 21 April 2012 - 08:46 PM

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Sophos Virus Removal Tool
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
Sophos Anti-Rootkit 1.5.20
Java™ 6 Update 31
Adobe Reader X 10.0.1 Adobe Reader out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

Getting ready to run combo fix now

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 21 April 2012 - 08:57 PM

ok I will be here


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 8chip8

8chip8
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 22 April 2012 - 08:10 AM

Still getting redirected - See below for combofix log

ComboFix 12-04-20.03 - test 04/22/2012 8:09.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.6235 [GMT -4:00]
Running from: c:\users\test\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\jna5369688953009546702.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-22 to 2012-04-22 )))))))))))))))))))))))))))))))
.
.
2012-04-22 12:43 . 2012-04-22 12:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-22 12:43 . 2012-04-22 12:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-22 12:43 . 2012-04-22 12:43 -------- d-----w- c:\users\chip2\AppData\Local\temp
2012-04-22 12:43 . 2012-04-22 12:43 -------- d-----w- c:\users\Chip2.CHIPI7\AppData\Local\temp
2012-04-22 12:43 . 2012-04-22 12:43 -------- d-----w- c:\users\Chip\AppData\Local\temp
2012-04-21 11:50 . 2012-04-21 11:50 -------- d-----w- c:\users\test\AppData\Roaming\QuickScan
2012-04-20 22:24 . 2012-04-20 22:24 -------- d-----w- c:\users\test\AppData\Local\DDMSettings
2012-04-20 22:05 . 2012-04-21 11:34 -------- d-----w- c:\users\test\AppData\Roaming\DivX
2012-04-20 22:05 . 2012-04-20 22:05 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-04-20 22:04 . 2012-04-20 22:05 -------- d-----w- c:\program files\DivX
2012-04-20 22:04 . 2012-04-20 22:04 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-04-20 22:04 . 2012-04-20 22:23 -------- d-----w- c:\users\test\AppData\Local\Google
2012-04-20 22:04 . 2012-04-20 22:05 -------- d-----w- c:\program files (x86)\Google
2012-04-20 22:03 . 2012-04-20 22:06 -------- d-----w- c:\program files (x86)\DivX
2012-04-20 22:03 . 2012-04-20 22:06 -------- d-----w- c:\programdata\DivX
2012-04-20 21:46 . 2012-04-20 21:46 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-04-20 21:46 . 2012-04-20 21:46 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-20 21:28 . 2012-04-20 21:46 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-20 17:17 . 2012-04-20 17:17 -------- d-----w- c:\users\test\AppData\Roaming\Roxio Log Files
2012-04-20 09:19 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8EF0A478-8CAE-4CA4-B1FF-F6AA3CC73FFD}\mpengine.dll
2012-04-19 12:20 . 2012-04-20 17:30 -------- d-----w- C:\sh4ldr
2012-04-19 12:20 . 2012-04-19 12:20 -------- d-----w- c:\program files\Enigma Software Group
2012-04-19 12:19 . 2012-04-20 17:30 -------- d-----w- c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-04-19 12:19 . 2012-04-19 12:19 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-04-15 22:58 . 2012-04-15 22:58 -------- d-----w- c:\users\test\AppData\Local\visi_coupon
2012-04-15 13:37 . 2012-04-15 13:37 -------- d-----w- c:\programdata\Sophos
2012-04-15 13:36 . 2012-04-15 13:36 73728 ----a-r- c:\users\test\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-15 13:36 . 2012-04-15 13:36 73728 ----a-r- c:\users\test\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-15 13:36 . 2012-04-15 13:36 73728 ----a-r- c:\users\test\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2012-04-12 07:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 07:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 07:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-12 07:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 07:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 07:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-12 07:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-07 01:57 . 2012-04-07 01:57 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-04-07 01:56 . 2012-04-07 01:56 -------- d-----w- c:\programdata\Ask
2012-04-07 01:56 . 2012-04-07 01:56 472808 ------w- c:\windows\SysWow64\deployJava1.dll
2012-04-06 21:21 . 2012-04-06 21:21 -------- d-----w- c:\program files\iTunes
2012-04-06 21:21 . 2012-04-06 21:21 -------- d-----w- c:\program files\iPod
2012-04-03 22:23 . 2012-04-03 22:23 -------- d-----w- c:\programdata\CrashPlan
2012-04-03 22:23 . 2012-04-03 22:23 -------- d-----w- c:\program files\CrashPlan
2012-04-03 22:22 . 2012-04-03 22:23 -------- d-----w- c:\users\test\AppData\Roaming\CrashPlan
2012-04-03 13:06 . 2012-04-03 13:06 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-04-02 17:36 . 2012-04-02 18:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-04-02 17:36 . 2012-04-02 17:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-04-01 21:01 . 2012-04-01 21:01 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2012-04-01 21:01 . 2012-04-01 21:01 -------- d--h--w- c:\programdata\CanonBJ
2012-04-01 21:01 . 2010-05-16 09:00 84480 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPA5.DLL
2012-04-01 21:01 . 2010-05-16 09:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDA5.DLL
2012-04-01 19:08 . 2012-04-10 12:51 -------- d-----w- c:\program files (x86)\Malwarebytes2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-20 21:46 . 2011-07-28 18:43 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-16 07:05 . 2012-03-16 07:05 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-16 07:05 . 2012-03-16 07:05 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-16 07:05 . 2012-03-16 07:05 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-16 07:05 . 2012-03-16 07:05 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-16 07:05 . 2012-03-16 07:05 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-16 07:05 . 2012-03-16 07:05 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-16 07:05 . 2012-03-16 07:05 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-16 07:05 . 2012-03-16 07:05 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-16 07:05 . 2012-03-16 07:05 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-16 07:05 . 2012-03-16 07:05 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-16 07:05 . 2012-03-16 07:05 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-16 07:05 . 2012-03-16 07:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-16 07:05 . 2012-03-16 07:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-16 07:05 . 2012-03-16 07:05 448512 ----a-w- c:\windows\system32\html.iec
2012-03-16 07:05 . 2012-03-16 07:05 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-16 07:05 . 2012-03-16 07:05 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-16 07:05 . 2012-03-16 07:05 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-16 07:05 . 2012-03-16 07:05 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-16 07:05 . 2012-03-16 07:05 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-16 07:05 . 2012-03-16 07:05 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-16 07:05 . 2012-03-16 07:05 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-16 07:05 . 2012-03-16 07:05 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-16 07:05 . 2012-03-16 07:05 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-16 07:05 . 2012-03-16 07:05 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-16 07:05 . 2012-03-16 07:05 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-16 07:05 . 2012-03-16 07:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-16 07:05 . 2012-03-16 07:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-16 07:05 . 2012-03-16 07:05 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-16 07:05 . 2012-03-16 07:05 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-16 07:05 . 2012-03-16 07:05 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-16 07:05 . 2012-03-16 07:05 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-16 07:05 . 2012-03-16 07:05 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-16 07:05 . 2012-03-16 07:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-16 07:05 . 2012-03-16 07:05 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-23 14:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 06:38 . 2012-03-14 03:21 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 03:21 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 03:21 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 03:21 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 15:01 . 2012-02-15 15:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-10 06:36 . 2012-03-14 03:23 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-14 03:23 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-07 20:35 . 2011-12-06 19:01 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-02-07 20:35 . 2011-12-06 19:01 34688 ----a-w- c:\windows\system32\LMIport.dll
2012-02-07 20:35 . 2011-12-06 19:01 80768 ----a-w- c:\windows\system32\LMIinit.dll
2012-02-03 04:34 . 2012-03-14 03:23 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 06:38 . 2012-03-14 03:21 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 06:38 . 2012-03-14 03:21 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:33 . 2012-03-14 03:21 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-11_22.11.33 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-03-16 07:05 . 2012-03-16 07:05 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-04-12 07:01 . 2012-02-28 01:03 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-04-12 07:01 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-04-12 07:01 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2011-10-20 23:26 . 2011-10-20 23:26 94208 c:\windows\SysWOW64\dpl100.dll
+ 2012-04-22 11:52 . 2012-04-22 11:52 25082 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-04-10 17:36 . 2012-04-10 17:36 25082 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-04-03 13:06 . 2012-04-08 13:46 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2012-04-03 13:06 . 2012-04-20 21:46 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-21 03:09 . 2012-04-21 11:35 58948 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-22 11:55 36870 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-08-08 13:07 . 2012-04-22 11:55 11312 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-246083176-1408816233-4024804650-1006_UserData.bin
- 2012-03-16 07:05 . 2012-03-16 07:05 96256 c:\windows\system32\mshtmled.dll
+ 2012-04-12 07:01 . 2012-02-28 06:43 96256 c:\windows\system32\mshtmled.dll
+ 2012-04-12 07:01 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 85504 c:\windows\system32\jsproxy.dll
+ 2012-04-12 07:01 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll
+ 2012-04-20 21:46 . 2012-04-20 21:46 16384 c:\windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:46 . 2012-04-21 11:41 93232 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2012-03-21 07:02 . 2012-03-21 07:02 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-03-21 07:02 . 2012-03-21 07:02 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-20 22:09 . 2012-04-20 22:09 25600 c:\windows\Installer\9103c4.msi
+ 2011-07-29 01:51 . 2012-04-12 07:01 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2012-04-12 07:29 . 2012-04-12 07:29 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\66b5c693a8aa660276216d7a521da5e2\System.Web.DynamicData.Design.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 83968 c:\windows\assembly\NativeImages_v2.0.50727_64\Interop\5ea6b990a0208ae4846cb3a504d680e4\Interop.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\AjaVideoProperties\83e2b0b4197a9c127a9acf9240e04f5b\AjaVideoProperties.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\22042bb80f32eb3f244143538b33662e\WindowsLiveWriter.ni.exe
+ 2012-04-12 07:26 . 2012-04-12 07:26 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\985c7cac0d1a1c2a27fd5d5503cc73c3\WindowsLive.Writer.Api.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1371ed674fc04f510cb41524e2d4322d\System.Web.DynamicData.Design.ni.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 66956 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCall.dll
+ 2011-08-11 13:28 . 2012-04-22 11:52 4370 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-04-10 19:54 . 2012-04-11 18:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-22 11:53 . 2012-04-22 11:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-22 11:53 . 2012-04-22 11:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-10 19:54 . 2012-04-11 18:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-29 01:51 . 2012-04-12 07:01 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-04-12 07:01 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 231936 c:\windows\SysWOW64\url.dll
+ 2012-04-17 14:20 . 2012-04-17 14:20 213724 c:\windows\SysWOW64\mlfcache.dat
+ 2012-04-20 21:46 . 2012-04-20 21:46 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe
+ 2012-04-20 21:28 . 2012-04-20 21:28 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
+ 2012-04-20 21:28 . 2012-04-20 21:28 424608 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.dll
+ 2012-04-20 21:28 . 2012-04-20 21:46 253088 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-04-12 07:01 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-04-12 07:01 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 176640 c:\windows\SysWOW64\ieui.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 843776 c:\windows\SysWOW64\divx_xx16.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 839680 c:\windows\SysWOW64\divx_xx11.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\SysWOW64\divx_xx0c.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 847872 c:\windows\SysWOW64\divx_xx0a.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\SysWOW64\divx_xx07.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 720384 c:\windows\SysWOW64\DivX.dll
+ 2011-07-30 04:19 . 2012-04-22 11:51 228764 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2012-03-16 07:05 . 2012-03-16 07:05 237056 c:\windows\system32\url.dll
+ 2012-04-12 07:01 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll
+ 2012-04-20 21:46 . 2012-04-20 21:46 630944 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_Plugin.exe
+ 2012-04-20 21:28 . 2012-04-20 21:28 630944 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_ActiveX.exe
+ 2012-04-20 21:28 . 2012-04-20 21:28 462496 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_ActiveX.dll
+ 2012-04-12 07:01 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 818688 c:\windows\system32\jscript.dll
+ 2012-04-12 07:01 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 248320 c:\windows\system32\ieui.dll
+ 2009-07-14 05:01 . 2012-04-22 11:52 472776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-21 21:40 . 2012-01-21 21:40 616216 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2012-04-12 02:58 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-01-21 21:40 . 2012-01-21 21:40 616216 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2012-04-12 02:58 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-07-29 01:51 . 2012-03-14 07:01 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2011-07-29 01:51 . 2012-03-14 07:01 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-07-29 01:51 . 2012-04-12 07:01 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2012-04-12 07:07 . 2012-04-12 07:07 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\3893bfa343bfd255531a743ffa660722\WindowsFormsIntegration.ni.dll
+ 2012-04-12 07:07 . 2012-04-12 07:07 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\a38a67bfd6245b2f72eb918a57d37bcd\System.ServiceProcess.ni.dll
+ 2012-04-12 07:07 . 2012-04-12 07:07 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\cdf11c8e0679ce7ff91dc37c6e1b5545\System.Messaging.ni.dll
+ 2012-04-12 07:05 . 2012-04-12 07:05 421888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\8dca4801dc8dbd797a61938b40293e4e\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ebd99d5801192b27f605630e2665db37\WindowsFormsIntegration.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9cabbb335fc6dff10392376707a4d0a2\System.ServiceProcess.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\621d2aae96fd06f9ccf66d335d7f1232\System.Messaging.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\796d72681d9bb03a7736fc4ce25ce6ed\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\718e8186ee8de8555888be444b86d443\WindowsFormsIntegration.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\6138a7bf63fa559ffe856b586e369ba2\TaskScheduler.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\01e6d953aaaada7216112df9e0f39c11\System.Web.Routing.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\32b4d44198ecd16ca5deb1024642313f\System.Web.Entity.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\9d7b9e05e5bc7eab07de61a8dd70757a\System.Web.Entity.Design.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\e59cbe4ccb29922c44bf66d3ae044b32\System.Web.DynamicData.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\cb674da808088671f0633d46d1dade03\System.Web.Abstractions.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\2ea95f3113ace6c1adf4ab9f9fc4285e\System.ServiceProcess.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\c5bef7173a92e1a66e3f7a34eeed891f\System.Messaging.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\a94125636875d06389922fcd86b7a615\System.Drawing.Design.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 298496 c:\windows\assembly\NativeImages_v2.0.50727_64\Sony.Vegas.NetRender\78ea8a3102ef63a807a0b5f2660853ee\Sony.Vegas.NetRender.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 722432 c:\windows\assembly\NativeImages_v2.0.50727_64\Sony.MediaSoftware.#\010c499bbfbaba604c85740a1a7762b1\Sony.MediaSoftware.ExternalVideoDevice.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 850944 c:\windows\assembly\NativeImages_v2.0.50727_64\Sony.Capture\41ab6f847f7f0c3670935c2f09f3b213\Sony.Capture.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\cc4082d64c96ff7569aa540b2bfb4e4e\napsnap.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\30d62e0be22cd4569141c32f8650773b\napinit.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\0da2c8a454593084e0215266b5572bf0\MMCFxCommon.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ecaf4199c3937827b85be8e8ac36de2b\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8dd963b1ac45ad4d484855d9853747bd\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\fe924ef08b715e71e410270c60cc372c\Microsoft.ManagementConsole.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\857d04eadbf226277488bfabfda2a01d\mcplayerinterop.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\7a2e04f455b793a14e9d1df5fdd93bf7\mcGlidHostObj.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\56c25b27b777af0b93999261cfeec0cd\EventViewer.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\2c9f3eaa3e79d491c1e29ab58fdcc54a\ehExtHost.ni.exe
+ 2012-04-12 07:27 . 2012-04-12 07:27 523264 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreUI\fb490341ac714e9449649c9d87ff277a\CoreUI.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 174080 c:\windows\assembly\NativeImages_v2.0.50727_64\CorePrimitives\1700a915261e856660ee8bd178f9e54b\CorePrimitives.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 103936 c:\windows\assembly\NativeImages_v2.0.50727_64\ControlLibrary\bd4383ff8af17440b5a3263d853fa787\ControlLibrary.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\d1e90301ff4f6cefe0fb3aac38bfee5d\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\eaaa0c4ebb048e71cfc0c950928a2716\WindowsLive.Writer.Passport.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d9ff621ee05d77e83abc5a2771225c28\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c99e1f1f3c188a5ad6b204df5b814e21\WindowsLive.Writer.Interop.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bba56d8a8fdc77d9df5c8764186da578\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b9474a764b3cc7d0cc1c35cb46bafd69\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\96a91ec609a909989d597bdfb7d467e3\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7dfe39847124fbe8b7513d614e95ba64\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5a4d4e007c48920527316297bf926d79\WindowsLive.Writer.Localization.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4cdb3e1a577222aa6db563cce10ca07b\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\49f32f1a4622ccf086fbc1c383eddf36\WindowsLive.Writer.Controls.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1d864d14dd01ef63f7d17287e720342b\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\e6c4ac966ec2cee796f3217fc9b12cb7\WindowsLive.Client.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\688abb339fb8301c37b0889a0d01dfa3\WindowsFormsIntegration.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\97d8bd8f21969a91b7c5171031250d1e\TaskScheduler.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\2d9aab831590b771aa70cd6991f7af88\System.Web.Routing.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47e3f7fa0b07e85e269f2e152e0e5e29\System.Web.Extensions.Design.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\3595f5769afb7d38aa5a05abef97364c\System.Web.Entity.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7485eeab1b46532b35d7ab5814a43a30\System.Web.Entity.Design.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ec083a1d2f94e4c565545f9d090c5039\System.Web.DynamicData.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\88430faf21e241f93d02711e35173de6\System.Web.Abstractions.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c2c7f68605a42caef1b7a19c51de58b4\System.ServiceProcess.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\69b1de7425d09eb9fe42f81882d2896e\System.Messaging.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b64b898fd099d1644a8673137ac56011\System.Drawing.Design.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\2ffec892832457d3530d59a9da07324c\napsnap.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\1167a79ab309e2a4e6da2bd2dbea01a6\napinit.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\c83df01d683dbeb36be10218cc50ff03\MMCFxCommon.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\68842b507f3ad7fa603bf57c813c6a0c\Microsoft.ManagementConsole.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\4e2b9e7e956dcee6a9721b57c8ccde60\EventViewer.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\380a1283ad9a74eb337feb276453a87f\ehExtHost32.ni.exe
+ 2012-04-12 02:58 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-19 12:19 . 2012-04-19 12:19 189844 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla36.exe
+ 2012-04-20 17:20 . 2012-04-20 17:20 189844 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla36.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 175992 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla34.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 176035 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla33.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 176545 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla32.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 184966 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla31.exe
+ 2012-04-20 17:20 . 2012-04-20 17:20 189750 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla21.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 176035 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla2.dll
+ 2012-04-20 17:20 . 2012-04-20 17:20 179526 c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla.dll
+ 2012-04-12 07:01 . 2012-02-28 01:11 1127424 c:\windows\SysWOW64\wininet.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 1127424 c:\windows\SysWOW64\wininet.dll
+ 2012-04-12 07:01 . 2012-02-28 01:12 1103360 c:\windows\SysWOW64\urlmon.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-04-12 07:01 . 2012-03-06 05:59 3913072 c:\windows\SysWOW64\ntoskrnl.exe
+ 2012-04-12 07:01 . 2012-03-06 05:59 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
- 2012-03-14 07:01 . 2011-11-19 14:50 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-04-20 21:46 . 2012-04-20 21:46 8797344 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
+ 2012-04-12 07:01 . 2012-02-28 01:18 1799168 c:\windows\SysWOW64\jscript9.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-04-12 07:01 . 2012-02-28 01:04 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-04-12 07:01 . 2012-02-28 01:27 9705984 c:\windows\SysWOW64\ieframe.dll
+ 2012-04-12 07:01 . 2012-02-28 06:49 1390080 c:\windows\system32\wininet.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 1390080 c:\windows\system32\wininet.dll
+ 2012-04-12 07:01 . 2012-02-28 06:50 1345536 c:\windows\system32\urlmon.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 1345536 c:\windows\system32\urlmon.dll
+ 2012-04-12 07:01 . 2012-03-06 06:53 5559152 c:\windows\system32\ntoskrnl.exe
- 2012-03-14 07:01 . 2011-11-19 15:20 5559152 c:\windows\system32\ntoskrnl.exe
+ 2012-04-12 07:01 . 2012-02-28 06:56 2311168 c:\windows\system32\jscript9.dll
- 2012-03-16 07:05 . 2012-03-16 07:05 2144256 c:\windows\system32\iertutil.dll
+ 2012-04-12 07:01 . 2012-02-28 06:43 2144256 c:\windows\system32\iertutil.dll
+ 2009-07-14 04:45 . 2012-04-20 19:40 4981984 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-03-16 07:24 7189662 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-04-20 19:43 7189662 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-04-12 07:03 . 2012-04-12 07:03 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-03-21 07:02 . 2012-03-21 07:02 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-03-21 07:01 . 2012-03-21 07:01 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-01-22 14:20 . 2012-01-22 14:20 1707520 c:\windows\Installer\2ca9954.msp
+ 2012-03-22 17:09 . 2012-03-22 17:09 5521920 c:\windows\Installer\2ca9948.msp
+ 2012-04-12 07:05 . 2012-04-12 07:05 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\fb00cd7183b28470878a3b5687929a56\WindowsBase.ni.dll
+ 2012-04-12 07:07 . 2012-04-12 07:07 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\80de3f9f56bed3e05ba97741905abddb\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-12 07:07 . 2012-04-12 07:07 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\21c096f214db354198e2664473875f06\System.Printing.ni.dll
+ 2012-04-12 07:06 . 2012-04-12 07:06 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\9bcabb321026ee927401cbba73dff054\System.Drawing.ni.dll
+ 2012-04-12 07:06 . 2012-04-12 07:06 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\90ec5a09a2329a45554d79e0fd9fbbee\System.Deployment.ni.dll
+ 2012-04-12 07:07 . 2012-04-12 07:07 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\45d4a9fa235f5658f8c9b89f6a4f691f\System.Activities.Presentation.ni.dll
+ 2012-04-12 07:07 . 2012-04-12 07:07 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8ad595c3d0668d10777d8ce28b88cc7c\ReachFramework.ni.dll
+ 2012-04-12 07:06 . 2012-04-12 07:06 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\cb31bfb24a52f83cf826c00979827ba6\PresentationUI.ni.dll
+ 2012-04-12 07:05 . 2012-04-12 07:05 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\a93e8035988f3d15d34aee7c817c547a\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-12 07:05 . 2012-04-12 07:05 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\5281ac494089700d1c72c16478ab3363\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02ea3ff3b5908b51da47e1aeb9e75b04\WindowsBase.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\acae13e8725a0a5da6dcda3e309cb9d2\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\7175344bfab919484674d37de776a82f\System.Printing.ni.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 1665536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c02325260bdcecd695a87bbb24547df2\System.Drawing.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d0ae88ebdc709e940fbd0c6bafcab13c\System.Deployment.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\f4311e621d2bbf4de0d32bae765b1484\System.Activities.Presentation.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\f4ab7bc19b981163de613143a1e1c997\ReachFramework.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3e896ba1c3cc8d62c267508dccd7aa5a\PresentationUI.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\b568128ba083f17ce78eb224d9b85f4d\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-12 07:08 . 2012-04-12 07:08 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1f54c28f39e25b121c374480ad50d384\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 1702912 c:\windows\assembly\NativeImages_v2.0.50727_64\WidgetLibrary\9875a02d1dea9d8c033ddb6ba5c12692\WidgetLibrary.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\8f4bee781d2709ba927b31c6bee8abce\System.WorkflowServices.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\d26e6d07c2e10bc55c2bfd2440ec14bc\System.Workflow.ComponentModel.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\f044eaa5dc79454c4081bdbea81bf67e\System.Workflow.Activities.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\57631b92442dcbaa782800614f11eed4\System.Web.Mobile.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\f21b305ec2cacfd1737aba590508716a\System.Web.Extensions.ni.dll
+ 2012-04-12 07:29 . 2012-04-12 07:29 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\01e5bdd5a9c2db218cf64aff1875bf10\System.Web.Extensions.Design.ni.dll
+ 2012-04-12 07:22 . 2012-04-12 07:22 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\7e62d5f06809c96b0e957cc948d98d7c\System.Printing.ni.dll
+ 2012-04-12 07:21 . 2012-04-12 07:21 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\95d41ace5d8803b9318366ad5f0fbdff\System.Drawing.ni.dll
+ 2012-04-12 07:21 . 2012-04-12 07:21 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\7e705656ef1ee9078e0d51699d9e0858\System.Deployment.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 1546752 c:\windows\assembly\NativeImages_v2.0.50727_64\Sony.Vegas\fef8671dc3c7e8a18d7473e1b15b8d49\Sony.Vegas.ni.dll
+ 2012-04-12 07:22 . 2012-04-12 07:22 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\df3b4d20eaf81da80db9be811947e475\ReachFramework.ni.dll
+ 2012-04-12 07:22 . 2012-04-12 07:22 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\8e76dcfa3f4676022f95437037c8ad51\PresentationUI.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\92ab2a505e2b1e55887248752fc8791b\Narrator.ni.exe
+ 2012-04-12 07:28 . 2012-04-12 07:28 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\b843ee3c17f0b9d517f74f2fc2cef321\MMCEx.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\ff499b53b4b43e5cf6175a7d95fb15ea\MIGUIControls.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\a2368cca7264c3f047d16fefcb29ca66\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a365fda36604d8f8b6ea67667dc3dd46\Microsoft.PowerShell.Editor.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a1c24b217f836d73170c0f32b7dda5c2\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8dff78b6458b3995288e7e89aa7ae34a\Microsoft.MediaCenter.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\88b7272ddb53920b927a7ef59fd3ad6a\Microsoft.MediaCenter.UI.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1225d00b36449afd4a4314eadcb8bf58\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\9e91d7c4464a12eb7d2c174ffc56c168\Microsoft.Ink.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\a67cf1480b9711c9e9da320bc5114879\Microsoft.Build.Tasks.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\7b5c7863043af7cd47dfb104c0fe6879\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\a1c741fa6d3e2635dd2a2a77890c87b5\mcstore.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 1017856 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreUI.XmlSerialize#\ac8fa62743b662bd3aa42931546e09c8\CoreUI.XmlSerializers.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 2076672 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreGraphics\9d005ed05f22f9bafb8e98032606773c\CoreGraphics.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 1481728 c:\windows\assembly\NativeImages_v2.0.50727_64\CoreGraphics.XmlSer#\6bb0ad961d2fa5c8395a1387584bb378\CoreGraphics.XmlSerializers.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1105408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cb5f852d17c54b2a936d20f0e1f3f854\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\10db4618ce60ac43e0abbf3e7f1896df\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 6394368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0590a3c8c710820fc9d12ae3f959d187\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d362f68d3bf954ba55a4494a659492af\System.WorkflowServices.ni.dll
+ 2012-04-12 07:24 . 2012-04-12 07:24 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6d2f8bad410dae6049507d7bc097a62d\System.Workflow.ComponentModel.ni.dll
+ 2012-04-12 07:24 . 2012-04-12 07:24 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\31fd6842b7ccb502dc2f5f11c1f991bd\System.Workflow.Activities.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\a118322b0f5ffc0e67c06658e8788e1d\System.Web.Mobile.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e6747d0470e8a42907df14af10862844\System.Web.Extensions.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0b27d6da6e6bc319c3805435b818c1e5\System.Printing.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 1590784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\e45611cad86870a7011bb18b9e993861\System.Deployment.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\ffe872f5d03f8bf4d1e1aca71274aec4\ReachFramework.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\167ae650f54f5cd46c07329972f179ad\PresentationUI.ni.dll
+ 2012-04-12 07:27 . 2012-04-12 07:27 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\a61a4567bd8a09a0068db7fcc46151e1\Narrator.ni.exe
+ 2012-04-12 07:26 . 2012-04-12 07:26 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\a8ac3e062a13d75ff8d632bed75358b0\MMCEx.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\2a348513f0f83117bedeb39a7d10b034\MIGUIControls.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ce70b84dbb9970e1893672c5d430c80\Microsoft.VisualBasic.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a7364db379808ebdee5cd876d5af2656\Microsoft.PowerShell.Editor.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2a9dff80feb7cf8dbac17adb959159ca\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4a603d10666b9ee9487e7f0ce27c1c68\Microsoft.MediaCenter.UI.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\142b59a72b233db75ede02941b86291d\Microsoft.MediaCenter.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ffc29e128c4ddebb991189d617ed1bf7\Microsoft.Ink.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\0c9d80e810caa6aeb85bd4d253281434\Microsoft.Build.Tasks.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\008b235de7df9c690e3f289f3c776eda\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-12 07:26 . 2012-04-12 07:26 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\227b7eaefe6ae6b78190516516793b4b\mcstore.ni.dll
+ 2012-04-12 07:01 . 2012-02-28 01:52 12281856 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-04-12 07:19 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-03-16 07:21 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-04-12 07:01 . 2012-02-28 07:34 17790976 c:\windows\system32\mshtml.dll
+ 2012-04-20 21:46 . 2012-04-20 21:46 11589280 c:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll
+ 2012-04-12 07:01 . 2012-02-28 07:02 10888704 c:\windows\system32\ieframe.dll
+ 2011-08-08 14:28 . 2012-04-22 11:52 31207872 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-246083176-1408816233-4024804650-1006-12288.dat
+ 2012-03-30 20:44 . 2012-03-30 20:44 80808448 c:\windows\Installer\2e33fe.msi
+ 2012-03-28 22:10 . 2012-03-28 22:10 12098048 c:\windows\Installer\2ca991c.msp
+ 2012-04-12 07:07 . 2012-04-12 07:07 17353728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\c80f2e11e938ed65b843f750add94b35\System.Windows.Forms.ni.dll
+ 2012-04-12 07:06 . 2012-04-12 07:06 24407040 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\b93196152e384bd43b9abf1e20c8d067\PresentationFramework.ni.dll
+ 2012-04-12 07:06 . 2012-04-12 07:06 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\fc074b5198bd925a4f5b48403bba0e34\PresentationCore.ni.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 13197312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0b36565a61f83137806e71b287d81042\System.Windows.Forms.ni.dll
+ 2012-04-12 07:04 . 2012-04-12 07:04 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7786f3e95a399a8b6691170ae2fe0e1c\PresentationFramework.ni.dll
+ 2012-04-12 07:03 . 2012-04-12 07:03 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\239eba799555dbe10760ee80c8c8df7c\PresentationCore.ni.dll
+ 2012-04-12 07:22 . 2012-04-12 07:22 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\3466442b4168ba11787961fcfd410adf\System.Windows.Forms.ni.dll
+ 2012-04-12 07:22 . 2012-04-12 07:22 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\79c8a2e836c01784bb8e3e2d0ed26850\System.Web.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\552733f73f5483946cce9229b27bdcb2\System.Design.ni.dll
+ 2012-04-12 07:22 . 2012-04-12 07:22 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\b87e4cff3eb13680c55a5f4ee9786b56\PresentationFramework.ni.dll
+ 2012-04-12 07:21 . 2012-04-12 07:21 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\1233412b58120995b639428b5e6d998e\PresentationCore.ni.dll
+ 2012-04-12 07:28 . 2012-04-12 07:28 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\d9a8c2b82b4370a5b0f537a65d867f49\ehshell.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\846a51eb446bee41a26a6914a95e38cd\System.Design.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\43e23da6683962ea1168aaf007bbc35d\PresentationFramework.ni.dll
+ 2012-04-12 07:23 . 2012-04-12 07:23 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74d980e52c1791f1b8608d767a393144\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2008-06-09 2645528]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-27 740216]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-27 75048]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"NexusServer"="c:\program files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" [2007-03-26 389120]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes2\mbamgui.exe" [2012-04-04 462408]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\test\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-3-26 217088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/07/21 05:57;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-26 236016]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-20 135664]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R2 WcsPlugInService32;Windows Color System ;c:\windows\system32\msvcr7032.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 253088]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-20 135664]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\6ED.tmp [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCDSRVC{67F2314B-25F2B3C0-06020101}_0;PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\gencotst\pcdsrvc_x64.pkms [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Business 2011b\RpcAgentSrv.exe [2009-08-10 93848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]
S1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2012-03-26 222720]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2008-06-09 1386008]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-02-07 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 21:46]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-20 22:04]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-20 22:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-11 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-11 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-11 418840]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-02-18 312936]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 71.242.0.12
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Notify-igfxcui - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\DUMeterSvc]
"ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\6ED.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCDSRVC{67F2314B-25F2B3C0-06020101}_0]
"ImagePath"="\??\c:\gencotst\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-22 09:04:20
ComboFix-quarantined-files.txt 2012-04-22 13:04
ComboFix2.txt 2012-04-11 22:30
ComboFix3.txt 2012-04-02 00:42
ComboFix4.txt 2011-10-28 12:20
.
Pre-Run: 238,329,880,576 bytes free
Post-Run: 238,638,702,592 bytes free
.
- - End Of File - - 2313BCC0FEC6625BA53E92CA11140DA7

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 22 April 2012 - 08:57 AM

Greetings

I would like you to check which browsers are being redirected - check all that are installed and let me know

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 8chip8

8chip8
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 22 April 2012 - 12:36 PM

Hey Gringo - Boy that was an adventure. Neither of the programs would run, even after a reboot, so I thought I would try running them in safe mode. I guess that was a mistake. They wouldn't run, and when I tried to bring the computer back up in normal mode - well it wouldn't. Long story short - after running bootrec /fixmbr and bootrec /fixboot I'm back in and the tdsskiller is running. The question now is which options. With the default options it didn't find anything, but if I run it with "detect TDLFS file system" then it finds some things, one that says its a TDSS file system - I'm holding off on applying any fixes until I hear from you. aswmbr is running now - will post results when finished (It found alureon-K right away - still running)

13:07:10.0875 5256 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
13:07:10.0922 5256 ============================================================
13:07:10.0922 5256 Current date / time: 2012/04/22 13:07:10.0922
13:07:10.0922 5256 SystemInfo:
13:07:10.0922 5256
13:07:10.0922 5256 OS Version: 6.1.7601 ServicePack: 1.0
13:07:10.0922 5256 Product type: Workstation
13:07:10.0922 5256 ComputerName: CHIPI7
13:07:10.0922 5256 UserName: test
13:07:10.0922 5256 Windows directory: C:\Windows
13:07:10.0922 5256 System windows directory: C:\Windows
13:07:10.0922 5256 Running under WOW64
13:07:10.0922 5256 Processor architecture: Intel x64
13:07:10.0922 5256 Number of processors: 8
13:07:10.0922 5256 Page size: 0x1000
13:07:10.0922 5256 Boot type: Normal boot
13:07:10.0922 5256 ============================================================
13:07:12.0716 5256 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:07:13.0059 5256 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:07:13.0059 5256 \Device\Harddisk0\DR0:
13:07:13.0059 5256 MBR partitions:
13:07:13.0059 5256 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3882C800
13:07:13.0059 5256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3882D000, BlocksNum 0x1B54030
13:07:13.0059 5256 \Device\Harddisk1\DR1:
13:07:13.0059 5256 MBR partitions:
13:07:13.0059 5256 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
13:07:13.0091 5256 C: <-> \Device\Harddisk0\DR0\Partition0
13:07:13.0137 5256 D: <-> \Device\Harddisk0\DR0\Partition1
13:07:13.0153 5256 E: <-> \Device\Harddisk1\DR1\Partition0
13:07:13.0153 5256 Initialize success
13:07:13.0153 5256 ============================================================
13:07:18.0987 5296 ============================================================
13:07:18.0987 5296 Scan started
13:07:18.0987 5296 Mode: Manual;
13:07:18.0987 5296 ============================================================
13:07:19.0424 5296 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:07:19.0424 5296 1394ohci - ok
13:07:19.0471 5296 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
13:07:19.0471 5296 Acceler - ok
13:07:19.0549 5296 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:07:19.0549 5296 ACPI - ok
13:07:19.0580 5296 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:07:19.0580 5296 AcpiPmi - ok
13:07:19.0658 5296 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:07:19.0674 5296 AdobeFlashPlayerUpdateSvc - ok
13:07:19.0721 5296 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:07:19.0736 5296 adp94xx - ok
13:07:19.0783 5296 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:07:19.0799 5296 adpahci - ok
13:07:19.0923 5296 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:07:19.0923 5296 adpu320 - ok
13:07:19.0970 5296 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:07:19.0970 5296 AeLookupSvc - ok
13:07:20.0017 5296 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:07:20.0017 5296 AERTFilters - ok
13:07:20.0142 5296 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:07:20.0173 5296 AFD - ok
13:07:20.0235 5296 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:07:20.0235 5296 agp440 - ok
13:07:20.0267 5296 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:07:20.0267 5296 ALG - ok
13:07:20.0298 5296 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:07:20.0313 5296 aliide - ok
13:07:20.0454 5296 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:07:20.0454 5296 amdide - ok
13:07:20.0469 5296 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:07:20.0485 5296 AmdK8 - ok
13:07:20.0579 5296 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:07:20.0579 5296 AmdPPM - ok
13:07:20.0719 5296 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:07:20.0719 5296 amdsata - ok
13:07:20.0797 5296 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:07:20.0797 5296 amdsbs - ok
13:07:20.0875 5296 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:07:20.0875 5296 amdxata - ok
13:07:20.0984 5296 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:07:20.0984 5296 AppID - ok
13:07:21.0140 5296 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:07:21.0156 5296 AppIDSvc - ok
13:07:21.0218 5296 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:07:21.0234 5296 Appinfo - ok
13:07:21.0327 5296 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:07:21.0343 5296 Apple Mobile Device - ok
13:07:21.0530 5296 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:07:21.0530 5296 arc - ok
13:07:21.0639 5296 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:07:21.0639 5296 arcsas - ok
13:07:21.0717 5296 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:07:21.0717 5296 AsyncMac - ok
13:07:21.0780 5296 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:07:21.0780 5296 atapi - ok
13:07:21.0842 5296 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:07:21.0842 5296 AudioEndpointBuilder - ok
13:07:21.0920 5296 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:07:21.0920 5296 AudioSrv - ok
13:07:21.0936 5296 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:07:21.0936 5296 AxInstSV - ok
13:07:22.0029 5296 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:07:22.0029 5296 b06bdrv - ok
13:07:22.0092 5296 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:07:22.0107 5296 b57nd60a - ok
13:07:22.0185 5296 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:07:22.0201 5296 BDESVC - ok
13:07:22.0419 5296 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:07:22.0419 5296 Beep - ok
13:07:22.0716 5296 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:07:22.0731 5296 BFE - ok
13:07:22.0950 5296 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
13:07:22.0981 5296 BITS - ok
13:07:23.0231 5296 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:07:23.0231 5296 blbdrive - ok
13:07:23.0402 5296 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:07:23.0449 5296 Bonjour Service - ok
13:07:23.0683 5296 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:07:23.0683 5296 bowser - ok
13:07:23.0808 5296 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:07:23.0823 5296 BrFiltLo - ok
13:07:23.0886 5296 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:07:23.0901 5296 BrFiltUp - ok
13:07:24.0151 5296 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:07:24.0167 5296 BridgeMP - ok
13:07:24.0276 5296 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:07:24.0276 5296 Browser - ok
13:07:24.0354 5296 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:07:24.0369 5296 Brserid - ok
13:07:24.0416 5296 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:07:24.0432 5296 BrSerWdm - ok
13:07:24.0463 5296 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:07:24.0463 5296 BrUsbMdm - ok
13:07:24.0510 5296 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:07:24.0510 5296 BrUsbSer - ok
13:07:24.0572 5296 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:07:24.0572 5296 BthEnum - ok
13:07:24.0588 5296 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:07:24.0588 5296 BTHMODEM - ok
13:07:24.0635 5296 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:07:24.0650 5296 BthPan - ok
13:07:24.0759 5296 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:07:24.0775 5296 BTHPORT - ok
13:07:24.0806 5296 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:07:24.0806 5296 bthserv - ok
13:07:24.0884 5296 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:07:24.0884 5296 BTHUSB - ok
13:07:25.0103 5296 catchme - ok
13:07:25.0274 5296 CbFs (d8466df7629a7acd2bed0cde206e5df9) C:\Windows\system32\drivers\cbfs.sys
13:07:25.0274 5296 CbFs - ok
13:07:25.0352 5296 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:07:25.0352 5296 cdfs - ok
13:07:25.0399 5296 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:07:25.0399 5296 cdrom - ok
13:07:25.0446 5296 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:07:25.0461 5296 CertPropSvc - ok
13:07:25.0555 5296 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:07:25.0555 5296 circlass - ok
13:07:25.0649 5296 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:07:25.0664 5296 CLFS - ok
13:07:25.0742 5296 CLKMSVC10_9EC60124 (730bf325e4cc1e3935b81943ac6da216) C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
13:07:25.0758 5296 CLKMSVC10_9EC60124 - ok
13:07:25.0851 5296 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:07:25.0851 5296 clr_optimization_v2.0.50727_32 - ok
13:07:25.0914 5296 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:07:25.0914 5296 clr_optimization_v2.0.50727_64 - ok
13:07:25.0976 5296 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:07:25.0992 5296 clr_optimization_v4.0.30319_32 - ok
13:07:26.0039 5296 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:07:26.0039 5296 clr_optimization_v4.0.30319_64 - ok
13:07:26.0148 5296 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:07:26.0163 5296 CmBatt - ok
13:07:26.0241 5296 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:07:26.0241 5296 cmdide - ok
13:07:26.0351 5296 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:07:26.0351 5296 CNG - ok
13:07:26.0397 5296 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:07:26.0397 5296 Compbatt - ok
13:07:26.0429 5296 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:07:26.0429 5296 CompositeBus - ok
13:07:26.0444 5296 COMSysApp - ok
13:07:26.0553 5296 CrashPlanService (2ccc97e81ffb6263a038709d3d28dd48) C:\Program Files\CrashPlan\CrashPlanService.exe
13:07:26.0569 5296 CrashPlanService - ok
13:07:26.0616 5296 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:07:26.0631 5296 crcdisk - ok
13:07:26.0694 5296 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
13:07:26.0694 5296 CryptSvc - ok
13:07:26.0741 5296 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
13:07:26.0741 5296 CtClsFlt - ok
13:07:26.0928 5296 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:07:26.0943 5296 cvhsvc - ok
13:07:27.0006 5296 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:07:27.0021 5296 DcomLaunch - ok
13:07:27.0037 5296 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:07:27.0053 5296 defragsvc - ok
13:07:27.0099 5296 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:07:27.0099 5296 DfsC - ok
13:07:27.0115 5296 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:07:27.0131 5296 Dhcp - ok
13:07:27.0193 5296 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:07:27.0193 5296 discache - ok
13:07:27.0224 5296 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:07:27.0224 5296 Disk - ok
13:07:27.0396 5296 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:07:27.0396 5296 Dnscache - ok
13:07:27.0458 5296 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:07:27.0474 5296 dot3svc - ok
13:07:27.0505 5296 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:07:27.0505 5296 DPS - ok
13:07:27.0552 5296 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:07:27.0552 5296 drmkaud - ok
13:07:27.0614 5296 DUMeterSvc - ok
13:07:27.0692 5296 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:07:27.0692 5296 DXGKrnl - ok
13:07:27.0770 5296 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:07:27.0770 5296 EapHost - ok
13:07:27.0911 5296 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:07:27.0973 5296 ebdrv - ok
13:07:28.0035 5296 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:07:28.0035 5296 EFS - ok
13:07:28.0082 5296 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:07:28.0098 5296 ehRecvr - ok
13:07:28.0098 5296 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:07:28.0098 5296 ehSched - ok
13:07:28.0145 5296 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:07:28.0160 5296 elxstor - ok
13:07:28.0176 5296 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:07:28.0176 5296 ErrDev - ok
13:07:28.0254 5296 esgiguard - ok
13:07:28.0347 5296 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:07:28.0347 5296 EventSystem - ok
13:07:28.0410 5296 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:07:28.0410 5296 exfat - ok
13:07:28.0441 5296 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:07:28.0441 5296 fastfat - ok
13:07:28.0503 5296 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:07:28.0535 5296 Fax - ok
13:07:28.0581 5296 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:07:28.0581 5296 fdc - ok
13:07:28.0613 5296 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:07:28.0628 5296 fdPHost - ok
13:07:28.0659 5296 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:07:28.0659 5296 FDResPub - ok
13:07:28.0722 5296 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:07:28.0722 5296 FileInfo - ok
13:07:28.0753 5296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:07:28.0753 5296 Filetrace - ok
13:07:28.0784 5296 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:07:28.0784 5296 flpydisk - ok
13:07:28.0815 5296 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:07:28.0831 5296 FltMgr - ok
13:07:28.0878 5296 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:07:28.0909 5296 FontCache - ok
13:07:28.0940 5296 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:07:28.0940 5296 FontCache3.0.0.0 - ok
13:07:29.0003 5296 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:07:29.0003 5296 FsDepends - ok
13:07:29.0065 5296 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:07:29.0065 5296 Fs_Rec - ok
13:07:29.0112 5296 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:07:29.0112 5296 fvevol - ok
13:07:29.0377 5296 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:07:29.0377 5296 gagp30kx - ok
13:07:29.0611 5296 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:07:29.0611 5296 GEARAspiWDM - ok
13:07:29.0985 5296 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:07:30.0001 5296 gpsvc - ok
13:07:30.0188 5296 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:07:30.0188 5296 gupdate - ok
13:07:30.0204 5296 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:07:30.0204 5296 gupdatem - ok
13:07:30.0563 5296 Hardlock (091582da724f54830012e3faaf2f1d1a) C:\Windows\system32\drivers\hardlock.sys
13:07:30.0609 5296 Hardlock - ok
13:07:30.0781 5296 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:07:30.0781 5296 hcw85cir - ok
13:07:30.0953 5296 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:07:30.0968 5296 HDAudBus - ok
13:07:31.0077 5296 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:07:31.0077 5296 HidBatt - ok
13:07:31.0374 5296 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:07:31.0374 5296 HidBth - ok
13:07:31.0577 5296 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:07:31.0592 5296 HidIr - ok
13:07:31.0764 5296 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:07:31.0764 5296 hidserv - ok
13:07:31.0811 5296 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:07:31.0811 5296 HidUsb - ok
13:07:31.0857 5296 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:07:31.0857 5296 hkmsvc - ok
13:07:31.0889 5296 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:07:31.0889 5296 HomeGroupListener - ok
13:07:31.0920 5296 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:07:31.0920 5296 HomeGroupProvider - ok
13:07:31.0951 5296 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:07:31.0951 5296 HpSAMD - ok
13:07:31.0982 5296 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:07:31.0998 5296 HTTP - ok
13:07:32.0013 5296 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:07:32.0013 5296 hwpolicy - ok
13:07:32.0045 5296 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:07:32.0045 5296 i8042prt - ok
13:07:32.0076 5296 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
13:07:32.0091 5296 iaStor - ok
13:07:32.0154 5296 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:07:32.0185 5296 iaStorV - ok
13:07:32.0279 5296 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:07:32.0294 5296 idsvc - ok
13:07:32.0528 5296 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:07:32.0715 5296 igfx - ok
13:07:32.0762 5296 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:07:32.0762 5296 iirsp - ok
13:07:32.0793 5296 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:07:32.0825 5296 IKEEXT - ok
13:07:32.0856 5296 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
13:07:32.0856 5296 Impcd - ok
13:07:32.0934 5296 InstallShield Licensing Service (05b276181079a4d24ec92db41a626097) C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
13:07:32.0934 5296 InstallShield Licensing Service - ok
13:07:33.0012 5296 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys
13:07:33.0027 5296 IntcAzAudAddService - ok
13:07:33.0059 5296 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
13:07:33.0059 5296 IntcDAud - ok
13:07:33.0090 5296 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:07:33.0090 5296 intelide - ok
13:07:33.0121 5296 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:07:33.0121 5296 intelppm - ok
13:07:33.0152 5296 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:07:33.0152 5296 IPBusEnum - ok
13:07:33.0168 5296 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:07:33.0183 5296 IpFilterDriver - ok
13:07:33.0199 5296 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:07:33.0215 5296 iphlpsvc - ok
13:07:33.0230 5296 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:07:33.0230 5296 IPMIDRV - ok
13:07:33.0246 5296 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:07:33.0246 5296 IPNAT - ok
13:07:33.0339 5296 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
13:07:33.0355 5296 iPod Service - ok
13:07:33.0371 5296 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:07:33.0371 5296 IRENUM - ok
13:07:33.0386 5296 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:07:33.0402 5296 isapnp - ok
13:07:33.0433 5296 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:07:33.0433 5296 iScsiPrt - ok
13:07:33.0495 5296 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
13:07:33.0495 5296 ivusb - ok
13:07:33.0527 5296 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:07:33.0527 5296 kbdclass - ok
13:07:33.0558 5296 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:07:33.0558 5296 kbdhid - ok
13:07:33.0589 5296 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:07:33.0589 5296 KeyIso - ok
13:07:33.0636 5296 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:07:33.0636 5296 KSecDD - ok
13:07:33.0698 5296 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:07:33.0698 5296 KSecPkg - ok
13:07:33.0714 5296 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:07:33.0714 5296 ksthunk - ok
13:07:33.0745 5296 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:07:33.0745 5296 KtmRm - ok
13:07:33.0776 5296 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
13:07:33.0792 5296 LanmanServer - ok
13:07:33.0807 5296 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:07:33.0823 5296 LanmanWorkstation - ok
13:07:33.0839 5296 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:07:33.0839 5296 lltdio - ok
13:07:33.0854 5296 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:07:33.0854 5296 lltdsvc - ok
13:07:33.0885 5296 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:07:33.0885 5296 lmhosts - ok
13:07:33.0995 5296 LMIGuardianSvc (ad988709675d9e35a60b2616bef108e9) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
13:07:33.0995 5296 LMIGuardianSvc - ok
13:07:34.0010 5296 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
13:07:34.0010 5296 LMIInfo - ok
13:07:34.0026 5296 LMIMaint (bd043199fc0bf5f2810f54c8b374590b) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
13:07:34.0026 5296 LMIMaint - ok
13:07:34.0088 5296 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
13:07:34.0088 5296 lmimirr - ok
13:07:34.0119 5296 LMIRfsClientNP - ok
13:07:34.0151 5296 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
13:07:34.0151 5296 LMIRfsDriver - ok
13:07:34.0166 5296 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
13:07:34.0166 5296 LogMeIn - ok
13:07:34.0197 5296 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:07:34.0197 5296 LSI_FC - ok
13:07:34.0229 5296 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:07:34.0244 5296 LSI_SAS - ok
13:07:34.0275 5296 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:07:34.0275 5296 LSI_SAS2 - ok
13:07:34.0291 5296 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:07:34.0291 5296 LSI_SCSI - ok
13:07:34.0322 5296 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:07:34.0322 5296 luafv - ok
13:07:34.0353 5296 MBAMProtector - ok
13:07:34.0416 5296 MBAMService (de199f3aa9c541a349af95a5c72a71af) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:07:34.0431 5296 MBAMService - ok
13:07:34.0478 5296 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:07:34.0478 5296 Mcx2Svc - ok
13:07:34.0541 5296 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:07:34.0541 5296 MDM - ok
13:07:34.0619 5296 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:07:34.0619 5296 megasas - ok
13:07:34.0650 5296 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:07:34.0650 5296 MegaSR - ok
13:07:34.0697 5296 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
13:07:34.0697 5296 MEIx64 - ok
13:07:34.0775 5296 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\6ED.tmp
13:07:34.0775 5296 MEMSWEEP2 - ok
13:07:34.0806 5296 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:07:34.0821 5296 MMCSS - ok
13:07:34.0837 5296 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:07:34.0837 5296 Modem - ok
13:07:34.0853 5296 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:07:34.0868 5296 monitor - ok
13:07:34.0884 5296 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:07:34.0899 5296 mouclass - ok
13:07:34.0915 5296 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:07:34.0915 5296 mouhid - ok
13:07:34.0931 5296 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:07:34.0931 5296 mountmgr - ok
13:07:34.0962 5296 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:07:34.0962 5296 mpio - ok
13:07:34.0977 5296 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:07:34.0993 5296 mpsdrv - ok
13:07:35.0009 5296 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:07:35.0040 5296 MpsSvc - ok
13:07:35.0055 5296 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:07:35.0071 5296 MRxDAV - ok
13:07:35.0102 5296 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:07:35.0102 5296 mrxsmb - ok
13:07:35.0133 5296 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:07:35.0133 5296 mrxsmb10 - ok
13:07:35.0165 5296 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:07:35.0165 5296 mrxsmb20 - ok
13:07:35.0196 5296 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:07:35.0196 5296 msahci - ok
13:07:35.0227 5296 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:07:35.0227 5296 msdsm - ok
13:07:35.0258 5296 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:07:35.0274 5296 MSDTC - ok
13:07:35.0289 5296 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:07:35.0289 5296 Msfs - ok
13:07:35.0305 5296 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:07:35.0305 5296 mshidkmdf - ok
13:07:35.0336 5296 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:07:35.0336 5296 msisadrv - ok
13:07:35.0367 5296 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:07:35.0367 5296 MSiSCSI - ok
13:07:35.0383 5296 msiserver - ok
13:07:35.0399 5296 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:07:35.0399 5296 MSKSSRV - ok
13:07:35.0414 5296 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:07:35.0430 5296 MSPCLOCK - ok
13:07:35.0445 5296 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:07:35.0445 5296 MSPQM - ok
13:07:35.0477 5296 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:07:35.0477 5296 MsRPC - ok
13:07:35.0492 5296 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:07:35.0492 5296 mssmbios - ok
13:07:35.0508 5296 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:07:35.0508 5296 MSTEE - ok
13:07:35.0539 5296 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:07:35.0555 5296 MTConfig - ok
13:07:35.0601 5296 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:07:35.0601 5296 Mup - ok
13:07:35.0664 5296 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:07:35.0664 5296 napagent - ok
13:07:35.0711 5296 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:07:35.0711 5296 NativeWifiP - ok
13:07:35.0757 5296 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:07:35.0773 5296 NDIS - ok
13:07:35.0804 5296 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:07:35.0804 5296 NdisCap - ok
13:07:35.0835 5296 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:07:35.0835 5296 NdisTapi - ok
13:07:35.0867 5296 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:07:35.0882 5296 Ndisuio - ok
13:07:35.0913 5296 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:07:35.0913 5296 NdisWan - ok
13:07:35.0945 5296 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:07:35.0945 5296 NDProxy - ok
13:07:35.0960 5296 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:07:35.0976 5296 NetBIOS - ok
13:07:36.0007 5296 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:07:36.0023 5296 NetBT - ok
13:07:36.0054 5296 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:07:36.0054 5296 Netlogon - ok
13:07:36.0101 5296 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:07:36.0101 5296 Netman - ok
13:07:36.0132 5296 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:07:36.0132 5296 netprofm - ok
13:07:36.0194 5296 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:07:36.0194 5296 NetTcpPortSharing - ok
13:07:36.0444 5296 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
13:07:36.0569 5296 NETwNs64 - ok
13:07:36.0662 5296 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:07:36.0662 5296 nfrd960 - ok
13:07:36.0693 5296 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:07:36.0693 5296 NlaSvc - ok
13:07:36.0709 5296 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:07:36.0725 5296 Npfs - ok
13:07:36.0771 5296 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:07:36.0771 5296 nsi - ok
13:07:36.0834 5296 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:07:36.0834 5296 nsiproxy - ok
13:07:37.0068 5296 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:07:37.0115 5296 Ntfs - ok
13:07:37.0177 5296 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:07:37.0177 5296 Null - ok
13:07:37.0224 5296 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
13:07:37.0224 5296 nusb3hub - ok
13:07:37.0255 5296 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:07:37.0255 5296 nusb3xhc - ok
13:07:37.0333 5296 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
13:07:37.0333 5296 NVHDA - ok
13:07:37.0551 5296 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:07:37.0598 5296 nvlddmkm - ok
13:07:37.0629 5296 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
13:07:37.0629 5296 nvpciflt - ok
13:07:37.0692 5296 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:07:37.0692 5296 nvraid - ok
13:07:37.0723 5296 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:07:37.0723 5296 nvstor - ok
13:07:37.0785 5296 NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
13:07:37.0801 5296 NVSvc - ok
13:07:37.0832 5296 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:07:37.0832 5296 nv_agp - ok
13:07:37.0863 5296 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:07:37.0863 5296 ohci1394 - ok
13:07:37.0926 5296 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:07:37.0941 5296 ose - ok
13:07:38.0066 5296 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:07:38.0144 5296 osppsvc - ok
13:07:38.0207 5296 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:07:38.0222 5296 p2pimsvc - ok
13:07:38.0253 5296 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:07:38.0253 5296 p2psvc - ok
13:07:38.0316 5296 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:07:38.0316 5296 Parport - ok
13:07:38.0331 5296 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:07:38.0331 5296 partmgr - ok
13:07:38.0363 5296 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:07:38.0363 5296 PcaSvc - ok
13:07:38.0363 5296 PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
13:07:38.0394 5296 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:07:38.0409 5296 pci - ok
13:07:38.0425 5296 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:07:38.0425 5296 pciide - ok
13:07:38.0456 5296 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:07:38.0456 5296 pcmcia - ok
13:07:38.0472 5296 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:07:38.0472 5296 pcw - ok
13:07:38.0503 5296 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:07:38.0519 5296 PEAUTH - ok
13:07:38.0550 5296 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:07:38.0550 5296 PerfHost - ok
13:07:38.0597 5296 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:07:38.0628 5296 pla - ok
13:07:38.0659 5296 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:07:38.0659 5296 PlugPlay - ok
13:07:38.0690 5296 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:07:38.0690 5296 PNRPAutoReg - ok
13:07:38.0706 5296 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:07:38.0706 5296 PNRPsvc - ok
13:07:38.0737 5296 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:07:38.0753 5296 PolicyAgent - ok
13:07:38.0784 5296 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:07:38.0784 5296 Power - ok
13:07:38.0831 5296 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:07:38.0831 5296 PptpMiniport - ok
13:07:38.0862 5296 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:07:38.0862 5296 Processor - ok
13:07:38.0893 5296 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
13:07:38.0893 5296 ProfSvc - ok
13:07:38.0940 5296 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:07:38.0940 5296 ProtectedStorage - ok
13:07:38.0971 5296 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:07:38.0971 5296 Psched - ok
13:07:39.0002 5296 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:07:39.0002 5296 PxHlpa64 - ok
13:07:39.0049 5296 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:07:39.0080 5296 ql2300 - ok
13:07:39.0096 5296 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:07:39.0096 5296 ql40xx - ok
13:07:39.0127 5296 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:07:39.0143 5296 QWAVE - ok
13:07:39.0158 5296 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:07:39.0158 5296 QWAVEdrv - ok
13:07:39.0189 5296 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:07:39.0189 5296 RasAcd - ok
13:07:39.0221 5296 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:07:39.0236 5296 RasAgileVpn - ok
13:07:39.0252 5296 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:07:39.0252 5296 RasAuto - ok
13:07:39.0267 5296 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:07:39.0267 5296 Rasl2tp - ok
13:07:39.0283 5296 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:07:39.0299 5296 RasMan - ok
13:07:39.0314 5296 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:07:39.0314 5296 RasPppoe - ok
13:07:39.0330 5296 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:07:39.0330 5296 RasSstp - ok
13:07:39.0377 5296 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:07:39.0377 5296 rdbss - ok
13:07:39.0392 5296 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:07:39.0392 5296 rdpbus - ok
13:07:39.0423 5296 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:07:39.0423 5296 RDPCDD - ok
13:07:39.0439 5296 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:07:39.0439 5296 RDPENCDD - ok
13:07:39.0455 5296 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:07:39.0470 5296 RDPREFMP - ok
13:07:39.0501 5296 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:07:39.0517 5296 RDPWD - ok
13:07:39.0533 5296 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:07:39.0548 5296 rdyboost - ok
13:07:39.0564 5296 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:07:39.0564 5296 RemoteAccess - ok
13:07:39.0595 5296 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:07:39.0611 5296 RemoteRegistry - ok
13:07:39.0626 5296 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:07:39.0626 5296 RFCOMM - ok
13:07:39.0642 5296 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:07:39.0657 5296 RpcEptMapper - ok
13:07:39.0673 5296 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:07:39.0673 5296 RpcLocator - ok
13:07:39.0704 5296 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
13:07:39.0720 5296 RpcSs - ok
13:07:39.0735 5296 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:07:39.0735 5296 rspndr - ok
13:07:39.0767 5296 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:07:39.0767 5296 RTL8167 - ok
13:07:39.0782 5296 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:07:39.0782 5296 SamSs - ok
13:07:39.0876 5296 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011b\WNt500x64\Sandra.sys
13:07:39.0876 5296 SANDRA - ok
13:07:39.0907 5296 SandraAgentSrv (a740f0412a3c994fb3bc1871b79e46cf) C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011b\RpcAgentSrv.exe
13:07:39.0923 5296 SandraAgentSrv - ok
13:07:39.0969 5296 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:07:39.0969 5296 sbp2port - ok
13:07:40.0047 5296 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:07:40.0063 5296 SBSDWSCService - ok
13:07:40.0094 5296 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:07:40.0110 5296 SCardSvr - ok
13:07:40.0125 5296 SCDEmu (b2f50286dc82b93c013e3fc57ba1a956) C:\Windows\system32\drivers\SCDEmu.sys
13:07:40.0125 5296 SCDEmu - ok
13:07:40.0157 5296 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:07:40.0157 5296 scfilter - ok
13:07:40.0203 5296 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:07:40.0219 5296 Schedule - ok
13:07:40.0250 5296 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:07:40.0250 5296 SCPolicySvc - ok
13:07:40.0266 5296 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:07:40.0266 5296 SDRSVC - ok
13:07:40.0297 5296 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:07:40.0297 5296 secdrv - ok
13:07:40.0313 5296 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:07:40.0313 5296 seclogon - ok
13:07:40.0328 5296 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
13:07:40.0328 5296 SENS - ok
13:07:40.0359 5296 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:07:40.0359 5296 SensrSvc - ok
13:07:40.0375 5296 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:07:40.0391 5296 Serenum - ok
13:07:40.0406 5296 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:07:40.0406 5296 Serial - ok
13:07:40.0437 5296 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:07:40.0437 5296 sermouse - ok
13:07:40.0453 5296 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:07:40.0453 5296 SessionEnv - ok
13:07:40.0484 5296 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:07:40.0484 5296 sffdisk - ok
13:07:40.0500 5296 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:07:40.0500 5296 sffp_mmc - ok
13:07:40.0531 5296 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:07:40.0531 5296 sffp_sd - ok
13:07:40.0547 5296 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:07:40.0547 5296 sfloppy - ok
13:07:40.0609 5296 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:07:40.0609 5296 Sftfs - ok
13:07:40.0718 5296 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:07:40.0734 5296 sftlist - ok
13:07:40.0781 5296 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:07:40.0781 5296 Sftplay - ok
13:07:40.0827 5296 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:07:40.0827 5296 Sftredir - ok
13:07:40.0890 5296 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:07:40.0890 5296 Sftvol - ok
13:07:40.0952 5296 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:07:40.0952 5296 sftvsa - ok
13:07:41.0015 5296 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:07:41.0015 5296 SharedAccess - ok
13:07:41.0061 5296 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:07:41.0077 5296 ShellHWDetection - ok
13:07:41.0108 5296 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:07:41.0108 5296 SiSRaid2 - ok
13:07:41.0139 5296 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:07:41.0139 5296 SiSRaid4 - ok
13:07:41.0171 5296 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:07:41.0171 5296 Smb - ok
13:07:41.0186 5296 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:07:41.0186 5296 SNMPTRAP - ok
13:07:41.0217 5296 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:07:41.0217 5296 spldr - ok
13:07:41.0233 5296 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:07:41.0249 5296 Spooler - ok
13:07:41.0311 5296 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:07:41.0389 5296 sppsvc - ok
13:07:41.0405 5296 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:07:41.0405 5296 sppuinotify - ok
13:07:41.0451 5296 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:07:41.0467 5296 srv - ok
13:07:41.0483 5296 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:07:41.0483 5296 srv2 - ok
13:07:41.0514 5296 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:07:41.0514 5296 srvnet - ok
13:07:41.0545 5296 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:07:41.0545 5296 SSDPSRV - ok
13:07:41.0561 5296 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:07:41.0561 5296 SstpSvc - ok
13:07:41.0592 5296 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
13:07:41.0592 5296 stdcfltn - ok
13:07:41.0623 5296 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:07:41.0623 5296 stexstor - ok
13:07:41.0670 5296 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:07:41.0685 5296 stisvc - ok
13:07:41.0701 5296 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:07:41.0701 5296 swenum - ok
13:07:41.0732 5296 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:07:41.0748 5296 swprv - ok
13:07:41.0795 5296 SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
13:07:41.0810 5296 SynTP - ok
13:07:41.0857 5296 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:07:41.0888 5296 SysMain - ok
13:07:41.0904 5296 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:07:41.0904 5296 TabletInputService - ok
13:07:41.0951 5296 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:07:41.0951 5296 TapiSrv - ok
13:07:41.0966 5296 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:07:41.0966 5296 TBS - ok
13:07:42.0044 5296 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:07:42.0044 5296 Tcpip - ok
13:07:42.0107 5296 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:07:42.0122 5296 TCPIP6 - ok
13:07:42.0169 5296 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:07:42.0169 5296 tcpipreg - ok
13:07:42.0200 5296 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:07:42.0200 5296 TDPIPE - ok
13:07:42.0247 5296 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:07:42.0247 5296 TDTCP - ok
13:07:42.0309 5296 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:07:42.0309 5296 tdx - ok
13:07:42.0419 5296 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
13:07:42.0419 5296 TermDD - ok
13:07:42.0465 5296 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:07:42.0481 5296 TermService - ok
13:07:42.0497 5296 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:07:42.0497 5296 Themes - ok
13:07:42.0528 5296 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:07:42.0528 5296 THREADORDER - ok
13:07:42.0559 5296 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:07:42.0559 5296 TrkWks - ok
13:07:42.0590 5296 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:07:42.0606 5296 TrustedInstaller - ok
13:07:42.0637 5296 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:07:42.0637 5296 tssecsrv - ok
13:07:42.0668 5296 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:07:42.0668 5296 TsUsbFlt - ok
13:07:42.0684 5296 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:07:42.0684 5296 TsUsbGD - ok
13:07:42.0715 5296 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:07:42.0715 5296 tunnel - ok
13:07:42.0793 5296 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:07:42.0793 5296 uagp35 - ok
13:07:42.0824 5296 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:07:42.0824 5296 udfs - ok
13:07:42.0855 5296 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:07:42.0855 5296 UI0Detect - ok
13:07:42.0871 5296 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:07:42.0871 5296 uliagpkx - ok
13:07:42.0902 5296 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:07:42.0902 5296 umbus - ok
13:07:42.0918 5296 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:07:42.0918 5296 UmPass - ok
13:07:42.0949 5296 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:07:42.0949 5296 upnphost - ok
13:07:43.0011 5296 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
13:07:43.0011 5296 USBAAPL64 - ok
13:07:43.0058 5296 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:07:43.0058 5296 usbccgp - ok
13:07:43.0074 5296 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:07:43.0089 5296 usbcir - ok
13:07:43.0105 5296 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:07:43.0105 5296 usbehci - ok
13:07:43.0136 5296 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:07:43.0136 5296 usbhub - ok
13:07:43.0152 5296 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:07:43.0167 5296 usbohci - ok
13:07:43.0199 5296 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:07:43.0199 5296 usbprint - ok
13:07:43.0230 5296 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:07:43.0230 5296 usbscan - ok
13:07:43.0277 5296 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:07:43.0277 5296 USBSTOR - ok
13:07:43.0308 5296 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:07:43.0308 5296 usbuhci - ok
13:07:43.0355 5296 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:07:43.0355 5296 usbvideo - ok
13:07:43.0386 5296 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:07:43.0386 5296 UxSms - ok
13:07:43.0433 5296 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:07:43.0433 5296 VaultSvc - ok
13:07:43.0464 5296 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:07:43.0464 5296 vdrvroot - ok
13:07:43.0479 5296 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:07:43.0495 5296 vds - ok
13:07:43.0511 5296 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:07:43.0511 5296 vga - ok
13:07:43.0542 5296 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:07:43.0542 5296 VgaSave - ok
13:07:43.0557 5296 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:07:43.0573 5296 vhdmp - ok
13:07:43.0589 5296 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:07:43.0589 5296 viaide - ok
13:07:43.0620 5296 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:07:43.0620 5296 volmgr - ok
13:07:43.0651 5296 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:07:43.0651 5296 volmgrx - ok
13:07:43.0667 5296 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:07:43.0682 5296 volsnap - ok
13:07:43.0698 5296 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:07:43.0698 5296 vsmraid - ok
13:07:43.0745 5296 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:07:43.0760 5296 VSS - ok
13:07:43.0776 5296 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:07:43.0776 5296 vwifibus - ok
13:07:43.0791 5296 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:07:43.0791 5296 vwififlt - ok
13:07:43.0823 5296 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:07:43.0823 5296 W32Time - ok
13:07:43.0854 5296 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:07:43.0854 5296 WacomPen - ok
13:07:43.0885 5296 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:07:43.0885 5296 WANARP - ok
13:07:43.0885 5296 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:07:43.0885 5296 Wanarpv6 - ok
13:07:43.0932 5296 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:07:43.0963 5296 WatAdminSvc - ok
13:07:44.0010 5296 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:07:44.0057 5296 wbengine - ok
13:07:44.0088 5296 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:07:44.0088 5296 WbioSrvc - ok
13:07:44.0119 5296 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:07:44.0119 5296 wcncsvc - ok
13:07:44.0135 5296 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:07:44.0135 5296 WcsPlugInService - ok
13:07:44.0150 5296 WcsPlugInService32 - ok
13:07:44.0181 5296 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:07:44.0181 5296 Wd - ok
13:07:44.0197 5296 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:07:44.0213 5296 Wdf01000 - ok
13:07:44.0228 5296 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:07:44.0228 5296 WdiServiceHost - ok
13:07:44.0228 5296 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:07:44.0228 5296 WdiSystemHost - ok
13:07:44.0259 5296 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:07:44.0259 5296 WebClient - ok
13:07:44.0275 5296 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:07:44.0291 5296 Wecsvc - ok
13:07:44.0291 5296 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:07:44.0306 5296 wercplsupport - ok
13:07:44.0322 5296 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:07:44.0322 5296 WerSvc - ok
13:07:44.0353 5296 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:07:44.0353 5296 WfpLwf - ok
13:07:44.0384 5296 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:07:44.0384 5296 WIMMount - ok
13:07:44.0400 5296 WinDefend - ok
13:07:44.0400 5296 WinHttpAutoProxySvc - ok
13:07:44.0447 5296 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:07:44.0447 5296 Winmgmt - ok
13:07:44.0509 5296 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:07:44.0540 5296 WinRM - ok
13:07:44.0587 5296 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:07:44.0587 5296 WinUsb - ok
13:07:44.0634 5296 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:07:44.0649 5296 Wlansvc - ok
13:07:44.0681 5296 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:07:44.0681 5296 WmiAcpi - ok
13:07:44.0696 5296 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:07:44.0696 5296 wmiApSrv - ok
13:07:44.0727 5296 WMPNetworkSvc - ok
13:07:44.0743 5296 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:07:44.0743 5296 WPCSvc - ok
13:07:44.0759 5296 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:07:44.0759 5296 WPDBusEnum - ok
13:07:44.0790 5296 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:07:44.0790 5296 ws2ifsl - ok
13:07:44.0805 5296 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
13:07:44.0805 5296 wscsvc - ok
13:07:44.0821 5296 WSearch - ok
13:07:44.0868 5296 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
13:07:44.0915 5296 wuauserv - ok
13:07:44.0946 5296 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:07:44.0946 5296 WudfPf - ok
13:07:44.0977 5296 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:44.0977 5296 WUDFRd - ok
13:07:44.0993 5296 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:07:44.0993 5296 wudfsvc - ok
13:07:45.0008 5296 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:07:45.0024 5296 WwanSvc - ok
13:07:45.0086 5296 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:07:45.0086 5296 YahooAUService - ok
13:07:45.0102 5296 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:07:45.0164 5296 \Device\Harddisk0\DR0 - ok
13:07:45.0507 5296 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
13:07:45.0507 5296 \Device\Harddisk1\DR1 - ok
13:07:45.0507 5296 Boot (0x1200) (9eb933a00278b294f6735760614a3528) \Device\Harddisk0\DR0\Partition0
13:07:45.0523 5296 \Device\Harddisk0\DR0\Partition0 - ok
13:07:45.0554 5296 Boot (0x1200) (1bf2cd7b74d4e49ede2ce17b47ce1c8e) \Device\Harddisk0\DR0\Partition1
13:07:45.0554 5296 \Device\Harddisk0\DR0\Partition1 - ok
13:07:45.0554 5296 Boot (0x1200) (0a34a466d28a1bf0096924f59b67a117) \Device\Harddisk1\DR1\Partition0
13:07:45.0554 5296 \Device\Harddisk1\DR1\Partition0 - ok
13:07:45.0554 5296 ============================================================
13:07:45.0554 5296 Scan finished
13:07:45.0554 5296 ============================================================
13:07:45.0554 5288 Detected object count: 0
13:07:45.0554 5288 Actual detected object count: 0
13:08:23.0930 3640 ============================================================
13:08:23.0930 3640 Scan started
13:08:23.0930 3640 Mode: Manual; SigCheck; TDLFS;
13:08:23.0930 3640 ============================================================
13:08:24.0585 3640 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:08:24.0663 3640 1394ohci - ok
13:08:24.0726 3640 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
13:08:24.0819 3640 Acceler - ok
13:08:24.0835 3640 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:08:24.0851 3640 ACPI - ok
13:08:24.0866 3640 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:08:24.0944 3640 AcpiPmi - ok
13:08:25.0022 3640 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:08:25.0038 3640 AdobeFlashPlayerUpdateSvc - ok
13:08:25.0053 3640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:08:25.0069 3640 adp94xx - ok
13:08:25.0100 3640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:08:25.0116 3640 adpahci - ok
13:08:25.0147 3640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:08:25.0147 3640 adpu320 - ok
13:08:25.0178 3640 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:08:25.0287 3640 AeLookupSvc - ok
13:08:25.0334 3640 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:08:25.0350 3640 AERTFilters - ok
13:08:25.0397 3640 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:08:25.0428 3640 AFD - ok
13:08:25.0459 3640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:08:25.0459 3640 agp440 - ok
13:08:25.0490 3640 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:08:25.0521 3640 ALG - ok
13:08:25.0537 3640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:08:25.0553 3640 aliide - ok
13:08:25.0584 3640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:08:25.0584 3640 amdide - ok
13:08:25.0615 3640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:08:25.0646 3640 AmdK8 - ok
13:08:25.0662 3640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:08:25.0677 3640 AmdPPM - ok
13:08:25.0724 3640 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:08:25.0724 3640 amdsata - ok
13:08:25.0771 3640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:08:25.0787 3640 amdsbs - ok
13:08:25.0896 3640 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:08:25.0896 3640 amdxata - ok
13:08:25.0927 3640 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:08:26.0083 3640 AppID - ok
13:08:26.0099 3640 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:08:26.0130 3640 AppIDSvc - ok
13:08:26.0145 3640 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:08:26.0177 3640 Appinfo - ok
13:08:26.0255 3640 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:08:26.0255 3640 Apple Mobile Device - ok
13:08:26.0301 3640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:08:26.0301 3640 arc - ok
13:08:26.0333 3640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:08:26.0333 3640 arcsas - ok
13:08:26.0348 3640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:08:26.0395 3640 AsyncMac - ok
13:08:26.0442 3640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:08:26.0442 3640 atapi - ok
13:08:26.0520 3640 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:08:26.0567 3640 AudioEndpointBuilder - ok
13:08:26.0582 3640 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:08:26.0613 3640 AudioSrv - ok
13:08:26.0691 3640 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:08:26.0723 3640 AxInstSV - ok
13:08:26.0754 3640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:08:26.0785 3640 b06bdrv - ok
13:08:26.0816 3640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:08:26.0847 3640 b57nd60a - ok
13:08:26.0879 3640 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:08:26.0894 3640 BDESVC - ok
13:08:26.0910 3640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:08:26.0957 3640 Beep - ok
13:08:26.0988 3640 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:08:27.0019 3640 BFE - ok
13:08:27.0066 3640 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
13:08:27.0113 3640 BITS - ok
13:08:27.0128 3640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:08:27.0144 3640 blbdrive - ok
13:08:27.0191 3640 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:08:27.0206 3640 Bonjour Service - ok
13:08:27.0237 3640 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:08:27.0269 3640 bowser - ok
13:08:27.0300 3640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:08:27.0300 3640 BrFiltLo - ok
13:08:27.0315 3640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:08:27.0331 3640 BrFiltUp - ok
13:08:27.0347 3640 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:08:27.0393 3640 BridgeMP - ok
13:08:27.0409 3640 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:08:27.0440 3640 Browser - ok
13:08:27.0471 3640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:08:27.0503 3640 Brserid - ok
13:08:27.0518 3640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:08:27.0534 3640 BrSerWdm - ok
13:08:27.0565 3640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:08:27.0581 3640 BrUsbMdm - ok
13:08:27.0596 3640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:08:27.0612 3640 BrUsbSer - ok
13:08:27.0659 3640 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:08:27.0690 3640 BthEnum - ok
13:08:27.0721 3640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:08:27.0737 3640 BTHMODEM - ok
13:08:27.0768 3640 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:08:27.0783 3640 BthPan - ok
13:08:27.0830 3640 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:08:27.0861 3640 BTHPORT - ok
13:08:27.0877 3640 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:08:27.0908 3640 bthserv - ok
13:08:27.0955 3640 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:08:27.0971 3640 BTHUSB - ok
13:08:28.0111 3640 catchme - ok
13:08:28.0158 3640 CbFs (d8466df7629a7acd2bed0cde206e5df9) C:\Windows\system32\drivers\cbfs.sys
13:08:28.0173 3640 CbFs - ok
13:08:28.0205 3640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:08:28.0220 3640 cdfs - ok
13:08:28.0251 3640 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:08:28.0267 3640 cdrom - ok
13:08:28.0298 3640 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:08:28.0345 3640 CertPropSvc - ok
13:08:28.0361 3640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:08:28.0376 3640 circlass - ok
13:08:28.0392 3640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:08:28.0407 3640 CLFS - ok
13:08:28.0470 3640 CLKMSVC10_9EC60124 (730bf325e4cc1e3935b81943ac6da216) C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
13:08:28.0470 3640 CLKMSVC10_9EC60124 - ok
13:08:28.0532 3640 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:08:28.0532 3640 clr_optimization_v2.0.50727_32 - ok
13:08:28.0563 3640 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:08:28.0579 3640 clr_optimization_v2.0.50727_64 - ok
13:08:28.0610 3640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:08:28.0626 3640 clr_optimization_v4.0.30319_32 - ok
13:08:28.0641 3640 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:08:28.0657 3640 clr_optimization_v4.0.30319_64 - ok
13:08:28.0704 3640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:08:28.0719 3640 CmBatt - ok
13:08:28.0766 3640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:08:28.0766 3640 cmdide - ok
13:08:28.0829 3640 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:08:28.0860 3640 CNG - ok
13:08:28.0876 3640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:08:28.0891 3640 Compbatt - ok
13:08:28.0907 3640 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:08:28.0938 3640 CompositeBus - ok
13:08:28.0954 3640 COMSysApp - ok
13:08:29.0047 3640 CrashPlanService (2ccc97e81ffb6263a038709d3d28dd48) C:\Program Files\CrashPlan\CrashPlanService.exe
13:08:29.0063 3640 CrashPlanService ( UnsignedFile.Multi.Generic ) - warning
13:08:29.0063 3640 CrashPlanService - detected UnsignedFile.Multi.Generic (1)
13:08:29.0094 3640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:08:29.0094 3640 crcdisk - ok
13:08:29.0141 3640 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
13:08:29.0172 3640 CryptSvc - ok
13:08:29.0203 3640 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
13:08:29.0203 3640 CtClsFlt - ok
13:08:29.0297 3640 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:08:29.0312 3640 cvhsvc - ok
13:08:29.0359 3640 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:08:29.0390 3640 DcomLaunch - ok
13:08:29.0422 3640 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:08:29.0453 3640 defragsvc - ok
13:08:29.0484 3640 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:08:29.0515 3640 DfsC - ok
13:08:29.0546 3640 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:08:29.0593 3640 Dhcp - ok
13:08:29.0609 3640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:08:29.0640 3640 discache - ok
13:08:29.0656 3640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:08:29.0671 3640 Disk - ok
13:08:29.0702 3640 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:08:29.0718 3640 Dnscache - ok
13:08:29.0749 3640 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:08:29.0796 3640 dot3svc - ok
13:08:29.0812 3640 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:08:29.0858 3640 DPS - ok
13:08:29.0890 3640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:08:29.0905 3640 drmkaud - ok
13:08:29.0952 3640 DUMeterSvc - ok
13:08:29.0983 3640 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:08:30.0014 3640 DXGKrnl - ok
13:08:30.0046 3640 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:08:30.0077 3640 EapHost - ok
13:08:30.0155 3640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:08:30.0217 3640 ebdrv - ok
13:08:30.0264 3640 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:08:30.0280 3640 EFS - ok
13:08:30.0326 3640 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:08:30.0358 3640 ehRecvr - ok
13:08:30.0373 3640 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:08:30.0373 3640 ehSched - ok
13:08:30.0420 3640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:08:30.0436 3640 elxstor - ok
13:08:30.0467 3640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:08:30.0482 3640 ErrDev - ok
13:08:30.0529 3640 esgiguard - ok
13:08:30.0576 3640 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:08:30.0607 3640 EventSystem - ok
13:08:30.0638 3640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:08:30.0670 3640 exfat - ok
13:08:30.0701 3640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:08:30.0732 3640 fastfat - ok
13:08:30.0763 3640 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:08:30.0794 3640 Fax - ok
13:08:30.0810 3640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:08:30.0826 3640 fdc - ok
13:08:30.0841 3640 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:08:30.0888 3640 fdPHost - ok
13:08:30.0904 3640 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:08:30.0935 3640 FDResPub - ok
13:08:30.0966 3640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:08:30.0982 3640 FileInfo - ok
13:08:30.0997 3640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:08:31.0028 3640 Filetrace - ok
13:08:31.0044 3640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:08:31.0060 3640 flpydisk - ok
13:08:31.0091 3640 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:08:31.0091 3640 FltMgr - ok
13:08:31.0138 3640 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:08:31.0153 3640 FontCache - ok
13:08:31.0200 3640 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:08:31.0216 3640 FontCache3.0.0.0 - ok
13:08:31.0231 3640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:08:31.0247 3640 FsDepends - ok
13:08:31.0278 3640 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:08:31.0294 3640 Fs_Rec - ok
13:08:31.0309 3640 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:08:31.0325 3640 fvevol - ok
13:08:31.0340 3640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:08:31.0356 3640 gagp30kx - ok
13:08:31.0387 3640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:08:31.0387 3640 GEARAspiWDM - ok
13:08:31.0434 3640 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:08:31.0465 3640 gpsvc - ok
13:08:31.0528 3640 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:08:31.0528 3640 gupdate - ok
13:08:31.0543 3640 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:08:31.0543 3640 gupdatem - ok
13:08:31.0590 3640 Hardlock (091582da724f54830012e3faaf2f1d1a) C:\Windows\system32\drivers\hardlock.sys
13:08:31.0606 3640 Hardlock ( UnsignedFile.Multi.Generic ) - warning
13:08:31.0606 3640 Hardlock - detected UnsignedFile.Multi.Generic (1)
13:08:31.0621 3640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:08:31.0637 3640 hcw85cir - ok
13:08:31.0652 3640 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:08:31.0668 3640 HDAudBus - ok
13:08:31.0684 3640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:08:31.0715 3640 HidBatt - ok
13:08:31.0730 3640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:08:31.0746 3640 HidBth - ok
13:08:31.0762 3640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:08:31.0777 3640 HidIr - ok
13:08:31.0793 3640 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:08:31.0824 3640 hidserv - ok
13:08:31.0855 3640 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:08:31.0855 3640 HidUsb - ok
13:08:31.0886 3640 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:08:31.0933 3640 hkmsvc - ok
13:08:31.0964 3640 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:08:31.0980 3640 HomeGroupListener - ok
13:08:32.0011 3640 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:08:32.0027 3640 HomeGroupProvider - ok
13:08:32.0058 3640 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:08:32.0058 3640 HpSAMD - ok
13:08:32.0105 3640 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:08:32.0152 3640 HTTP - ok
13:08:32.0167 3640 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:08:32.0167 3640 hwpolicy - ok
13:08:32.0198 3640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:08:32.0214 3640 i8042prt - ok
13:08:32.0261 3640 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
13:08:32.0261 3640 iaStor - ok
13:08:32.0308 3640 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:08:32.0323 3640 iaStorV - ok
13:08:32.0370 3640 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:08:32.0386 3640 idsvc - ok
13:08:32.0588 3640 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:08:32.0713 3640 igfx - ok
13:08:32.0744 3640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:08:32.0744 3640 iirsp - ok
13:08:32.0791 3640 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:08:32.0822 3640 IKEEXT - ok
13:08:32.0854 3640 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
13:08:32.0869 3640 Impcd - ok
13:08:32.0932 3640 InstallShield Licensing Service (05b276181079a4d24ec92db41a626097) C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
13:08:32.0947 3640 InstallShield Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:08:32.0947 3640 InstallShield Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:08:33.0010 3640 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys
13:08:33.0056 3640 IntcAzAudAddService - ok
13:08:33.0088 3640 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
13:08:33.0103 3640 IntcDAud - ok
13:08:33.0119 3640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:08:33.0134 3640 intelide - ok
13:08:33.0166 3640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:08:33.0181 3640 intelppm - ok
13:08:33.0212 3640 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:08:33.0244 3640 IPBusEnum - ok
13:08:33.0259 3640 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:08:33.0290 3640 IpFilterDriver - ok
13:08:33.0322 3640 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:08:33.0353 3640 iphlpsvc - ok
13:08:33.0368 3640 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:08:33.0400 3640 IPMIDRV - ok
13:08:33.0415 3640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:08:33.0446 3640 IPNAT - ok
13:08:33.0509 3640 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
13:08:33.0524 3640 iPod Service - ok
13:08:33.0540 3640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:08:33.0571 3640 IRENUM - ok
13:08:33.0587 3640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:08:33.0602 3640 isapnp - ok
13:08:33.0634 3640 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:08:33.0649 3640 iScsiPrt - ok
13:08:33.0696 3640 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
13:08:33.0696 3640 ivusb - ok
13:08:33.0727 3640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:08:33.0727 3640 kbdclass - ok
13:08:33.0758 3640 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:08:33.0774 3640 kbdhid - ok
13:08:33.0821 3640 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:33.0836 3640 KeyIso - ok
13:08:33.0836 3640 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:08:33.0852 3640 KSecDD - ok
13:08:33.0868 3640 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:08:33.0883 3640 KSecPkg - ok
13:08:33.0899 3640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:08:33.0930 3640 ksthunk - ok
13:08:33.0961 3640 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:08:34.0008 3640 KtmRm - ok
13:08:34.0024 3640 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
13:08:34.0055 3640 LanmanServer - ok
13:08:34.0086 3640 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:08:34.0133 3640 LanmanWorkstation - ok
13:08:34.0148 3640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:08:34.0180 3640 lltdio - ok
13:08:34.0195 3640 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:08:34.0226 3640 lltdsvc - ok
13:08:34.0242 3640 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:08:34.0273 3640 lmhosts - ok
13:08:34.0351 3640 LMIGuardianSvc (ad988709675d9e35a60b2616bef108e9) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
13:08:34.0367 3640 LMIGuardianSvc - ok
13:08:34.0382 3640 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
13:08:34.0382 3640 LMIInfo - ok
13:08:34.0398 3640 LMIMaint (bd043199fc0bf5f2810f54c8b374590b) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
13:08:34.0398 3640 LMIMaint - ok
13:08:34.0429 3640 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
13:08:34.0445 3640 lmimirr - ok
13:08:34.0476 3640 LMIRfsClientNP - ok
13:08:34.0507 3640 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
13:08:34.0523 3640 LMIRfsDriver - ok
13:08:34.0538 3640 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
13:08:34.0538 3640 LogMeIn - ok
13:08:34.0601 3640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:08:34.0601 3640 LSI_FC - ok
13:08:34.0632 3640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:08:34.0648 3640 LSI_SAS - ok
13:08:34.0679 3640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:08:34.0694 3640 LSI_SAS2 - ok
13:08:34.0726 3640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:08:34.0741 3640 LSI_SCSI - ok
13:08:34.0788 3640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:08:34.0819 3640 luafv - ok
13:08:34.0850 3640 MBAMProtector - ok
13:08:34.0913 3640 MBAMService (de199f3aa9c541a349af95a5c72a71af) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:08:34.0928 3640 MBAMService - ok
13:08:34.0960 3640 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:08:34.0975 3640 Mcx2Svc - ok
13:08:35.0022 3640 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:08:35.0022 3640 MDM - ok
13:08:35.0038 3640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:08:35.0053 3640 megasas - ok
13:08:35.0084 3640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:08:35.0084 3640 MegaSR - ok
13:08:35.0116 3640 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
13:08:35.0131 3640 MEIx64 - ok
13:08:35.0162 3640 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\6ED.tmp
13:08:35.0178 3640 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
13:08:35.0178 3640 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
13:08:35.0209 3640 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:08:35.0240 3640 MMCSS - ok
13:08:35.0272 3640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:08:35.0303 3640 Modem - ok
13:08:35.0318 3640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:08:35.0350 3640 monitor - ok
13:08:35.0350 3640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:08:35.0365 3640 mouclass - ok
13:08:35.0381 3640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:08:35.0396 3640 mouhid - ok
13:08:35.0412 3640 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:08:35.0428 3640 mountmgr - ok
13:08:35.0443 3640 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:08:35.0459 3640 mpio - ok
13:08:35.0490 3640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:08:35.0506 3640 mpsdrv - ok
13:08:35.0552 3640 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:08:35.0584 3640 MpsSvc - ok
13:08:35.0615 3640 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:08:35.0646 3640 MRxDAV - ok
13:08:35.0677 3640 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:08:35.0708 3640 mrxsmb - ok
13:08:35.0740 3640 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:08:35.0755 3640 mrxsmb10 - ok
13:08:35.0771 3640 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:08:35.0771 3640 mrxsmb20 - ok
13:08:35.0802 3640 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:08:35.0802 3640 msahci - ok
13:08:35.0833 3640 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:08:35.0833 3640 msdsm - ok
13:08:35.0880 3640 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:08:35.0896 3640 MSDTC - ok
13:08:35.0911 3640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:08:35.0942 3640 Msfs - ok
13:08:35.0958 3640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:08:36.0005 3640 mshidkmdf - ok
13:08:36.0036 3640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:08:36.0036 3640 msisadrv - ok
13:08:36.0067 3640 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:08:36.0098 3640 MSiSCSI - ok
13:08:36.0114 3640 msiserver - ok
13:08:36.0145 3640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:08:36.0176 3640 MSKSSRV - ok
13:08:36.0192 3640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:08:36.0223 3640 MSPCLOCK - ok
13:08:36.0270 3640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:08:36.0301 3640 MSPQM - ok
13:08:36.0332 3640 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:08:36.0332 3640 MsRPC - ok
13:08:36.0348 3640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:08:36.0364 3640 mssmbios - ok
13:08:36.0379 3640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:08:36.0426 3640 MSTEE - ok
13:08:36.0442 3640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:08:36.0442 3640 MTConfig - ok
13:08:36.0457 3640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:08:36.0473 3640 Mup - ok
13:08:36.0504 3640 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:08:36.0535 3640 napagent - ok
13:08:36.0566 3640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:08:36.0582 3640 NativeWifiP - ok
13:08:36.0629 3640 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:08:36.0644 3640 NDIS - ok
13:08:36.0660 3640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:08:36.0691 3640 NdisCap - ok
13:08:36.0707 3640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:08:36.0738 3640 NdisTapi - ok
13:08:36.0754 3640 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:08:36.0785 3640 Ndisuio - ok
13:08:36.0800 3640 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:08:36.0847 3640 NdisWan - ok
13:08:36.0863 3640 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:08:36.0894 3640 NDProxy - ok
13:08:36.0910 3640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:08:36.0941 3640 NetBIOS - ok
13:08:36.0972 3640 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:08:37.0003 3640 NetBT - ok
13:08:37.0034 3640 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:37.0050 3640 Netlogon - ok
13:08:37.0081 3640 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:08:37.0112 3640 Netman - ok
13:08:37.0144 3640 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:08:37.0175 3640 netprofm - ok
13:08:37.0222 3640 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:08:37.0237 3640 NetTcpPortSharing - ok
13:08:37.0378 3640 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
13:08:37.0456 3640 NETwNs64 - ok
13:08:37.0487 3640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:08:37.0502 3640 nfrd960 - ok
13:08:37.0534 3640 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:08:37.0565 3640 NlaSvc - ok
13:08:37.0580 3640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:08:37.0612 3640 Npfs - ok
13:08:37.0643 3640 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:08:37.0674 3640 nsi - ok
13:08:37.0690 3640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:08:37.0705 3640 nsiproxy - ok
13:08:37.0783 3640 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:08:37.0799 3640 Ntfs - ok
13:08:37.0830 3640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:08:37.0846 3640 Null - ok
13:08:37.0892 3640 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
13:08:37.0908 3640 nusb3hub - ok
13:08:37.0924 3640 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:08:37.0955 3640 nusb3xhc - ok
13:08:38.0002 3640 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
13:08:38.0017 3640 NVHDA - ok
13:08:38.0220 3640 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:08:38.0360 3640 nvlddmkm - ok
13:08:38.0392 3640 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
13:08:38.0392 3640 nvpciflt - ok
13:08:38.0438 3640 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:08:38.0438 3640 nvraid - ok
13:08:38.0470 3640 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:08:38.0470 3640 nvstor - ok
13:08:38.0516 3640 NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
13:08:38.0548 3640 NVSvc - ok
13:08:38.0579 3640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:08:38.0579 3640 nv_agp - ok
13:08:38.0594 3640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:08:38.0626 3640 ohci1394 - ok
13:08:38.0672 3640 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:08:38.0688 3640 ose - ok
13:08:38.0797 3640 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:08:38.0860 3640 osppsvc - ok
13:08:38.0891 3640 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:08:38.0922 3640 p2pimsvc - ok
13:08:38.0953 3640 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:08:38.0969 3640 p2psvc - ok
13:08:39.0000 3640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:08:39.0016 3640 Parport - ok
13:08:39.0031 3640 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:08:39.0031 3640 partmgr - ok
13:08:39.0047 3640 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:08:39.0078 3640 PcaSvc - ok
13:08:39.0078 3640 PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
13:08:39.0109 3640 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:08:39.0109 3640 pci - ok
13:08:39.0140 3640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:08:39.0140 3640 pciide - ok
13:08:39.0172 3640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:08:39.0172 3640 pcmcia - ok
13:08:39.0187 3640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:08:39.0203 3640 pcw - ok
13:08:39.0218 3640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:08:39.0265 3640 PEAUTH - ok
13:08:39.0296 3640 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:08:39.0328 3640 PerfHost - ok
13:08:39.0374 3640 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:08:39.0406 3640 pla - ok
13:08:39.0437 3640 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:08:39.0468 3640 PlugPlay - ok
13:08:39.0484 3640 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:08:39.0499 3640 PNRPAutoReg - ok
13:08:39.0515 3640 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:08:39.0530 3640 PNRPsvc - ok
13:08:39.0562 3640 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:08:39.0608 3640 PolicyAgent - ok
13:08:39.0640 3640 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:08:39.0671 3640 Power - ok
13:08:39.0718 3640 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:08:39.0749 3640 PptpMiniport - ok
13:08:39.0764 3640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:08:39.0796 3640 Processor - ok
13:08:39.0827 3640 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
13:08:39.0858 3640 ProfSvc - ok
13:08:39.0905 3640 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:39.0920 3640 ProtectedStorage - ok
13:08:39.0936 3640 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:08:39.0967 3640 Psched - ok
13:08:39.0998 3640 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:08:39.0998 3640 PxHlpa64 - ok
13:08:40.0045 3640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:08:40.0076 3640 ql2300 - ok
13:08:40.0108 3640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:08:40.0108 3640 ql40xx - ok
13:08:40.0139 3640 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:08:40.0154 3640 QWAVE - ok
13:08:40.0186 3640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:08:40.0201 3640 QWAVEdrv - ok
13:08:40.0217 3640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:08:40.0248 3640 RasAcd - ok
13:08:40.0295 3640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:08:40.0310 3640 RasAgileVpn - ok
13:08:40.0342 3640 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:08:40.0373 3640 RasAuto - ok
13:08:40.0404 3640 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:08:40.0435 3640 Rasl2tp - ok
13:08:40.0451 3640 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:08:40.0482 3640 RasMan - ok
13:08:40.0498 3640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:08:40.0529 3640 RasPppoe - ok
13:08:40.0560 3640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:08:40.0591 3640 RasSstp - ok
13:08:40.0622 3640 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:08:40.0638 3640 rdbss - ok
13:08:40.0669 3640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:08:40.0669 3640 rdpbus - ok
13:08:40.0700 3640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:08:40.0732 3640 RDPCDD - ok
13:08:40.0747 3640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:08:40.0778 3640 RDPENCDD - ok
13:08:40.0810 3640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:08:40.0825 3640 RDPREFMP - ok
13:08:40.0872 3640 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:08:40.0888 3640 RDPWD - ok
13:08:40.0919 3640 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:08:40.0919 3640 rdyboost - ok
13:08:40.0950 3640 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:08:40.0997 3640 RemoteAccess - ok
13:08:41.0012 3640 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:08:41.0059 3640 RemoteRegistry - ok
13:08:41.0075 3640 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:08:41.0090 3640 RFCOMM - ok
13:08:41.0106 3640 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:08:41.0184 3640 RpcEptMapper - ok
13:08:41.0200 3640 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:08:41.0200 3640 RpcLocator - ok
13:08:41.0246 3640 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
13:08:41.0278 3640 RpcSs - ok
13:08:41.0293 3640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:08:41.0324 3640 rspndr - ok
13:08:41.0356 3640 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:08:41.0371 3640 RTL8167 - ok
13:08:41.0418 3640 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:41.0418 3640 SamSs - ok
13:08:41.0480 3640 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011b\WNt500x64\Sandra.sys
13:08:41.0496 3640 SANDRA - ok
13:08:41.0512 3640 SandraAgentSrv (a740f0412a3c994fb3bc1871b79e46cf) C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011b\RpcAgentSrv.exe
13:08:41.0527 3640 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
13:08:41.0527 3640 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
13:08:41.0558 3640 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:08:41.0558 3640 sbp2port - ok
13:08:41.0621 3640 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:08:41.0636 3640 SBSDWSCService - ok
13:08:41.0668 3640 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:08:41.0699 3640 SCardSvr - ok
13:08:41.0730 3640 SCDEmu (b2f50286dc82b93c013e3fc57ba1a956) C:\Windows\system32\drivers\SCDEmu.sys
13:08:41.0730 3640 SCDEmu - ok
13:08:41.0746 3640 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:08:41.0792 3640 scfilter - ok
13:08:41.0824 3640 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:08:41.0870 3640 Schedule - ok
13:08:41.0886 3640 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:08:41.0917 3640 SCPolicySvc - ok
13:08:41.0933 3640 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:08:41.0948 3640 SDRSVC - ok
13:08:41.0948 3640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:08:41.0995 3640 secdrv - ok
13:08:42.0011 3640 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:08:42.0042 3640 seclogon - ok
13:08:42.0058 3640 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
13:08:42.0089 3640 SENS - ok
13:08:42.0136 3640 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:08:42.0182 3640 SensrSvc - ok
13:08:42.0229 3640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:08:42.0292 3640 Serenum - ok
13:08:42.0338 3640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:08:42.0370 3640 Serial - ok
13:08:42.0448 3640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:08:42.0463 3640 sermouse - ok
13:08:42.0526 3640 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:08:42.0572 3640 SessionEnv - ok
13:08:42.0635 3640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:08:42.0650 3640 sffdisk - ok
13:08:42.0666 3640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:08:42.0697 3640 sffp_mmc - ok
13:08:42.0713 3640 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:08:42.0728 3640 sffp_sd - ok
13:08:42.0760 3640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:08:42.0806 3640 sfloppy - ok
13:08:42.0853 3640 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:08:42.0869 3640 Sftfs - ok
13:08:42.0962 3640 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:08:42.0978 3640 sftlist - ok
13:08:43.0009 3640 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:08:43.0009 3640 Sftplay - ok
13:08:43.0025 3640 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:08:43.0040 3640 Sftredir - ok
13:08:43.0056 3640 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:08:43.0056 3640 Sftvol - ok
13:08:43.0103 3640 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:08:43.0103 3640 sftvsa - ok
13:08:43.0150 3640 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:08:43.0181 3640 SharedAccess - ok
13:08:43.0243 3640 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:08:43.0274 3640 ShellHWDetection - ok
13:08:43.0337 3640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:08:43.0399 3640 SiSRaid2 - ok
13:08:43.0446 3640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:08:43.0446 3640 SiSRaid4 - ok
13:08:43.0477 3640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:08:43.0540 3640 Smb - ok
13:08:43.0586 3640 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:08:43.0633 3640 SNMPTRAP - ok
13:08:43.0664 3640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:08:43.0680 3640 spldr - ok
13:08:43.0789 3640 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:08:43.0820 3640 Spooler - ok
13:08:44.0148 3640 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:08:44.0210 3640 sppsvc - ok
13:08:44.0257 3640 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:08:44.0273 3640 sppuinotify - ok
13:08:44.0382 3640 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:08:44.0429 3640 srv - ok
13:08:44.0507 3640 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:08:44.0554 3640 srv2 - ok
13:08:44.0585 3640 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:08:44.0600 3640 srvnet - ok
13:08:44.0694 3640 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:08:44.0741 3640 SSDPSRV - ok
13:08:44.0772 3640 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:08:44.0803 3640 SstpSvc - ok
13:08:44.0881 3640 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
13:08:44.0897 3640 stdcfltn - ok
13:08:44.0944 3640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:08:44.0959 3640 stexstor - ok
13:08:45.0022 3640 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:08:45.0037 3640 stisvc - ok
13:08:45.0068 3640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:08:45.0068 3640 swenum - ok
13:08:45.0162 3640 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:08:45.0193 3640 swprv - ok
13:08:45.0552 3640 SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
13:08:45.0583 3640 SynTP - ok
13:08:45.0973 3640 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:08:46.0036 3640 SysMain - ok
13:08:46.0067 3640 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:08:46.0098 3640 TabletInputService - ok
13:08:46.0160 3640 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:08:46.0316 3640 TapiSrv - ok
13:08:46.0379 3640 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:08:46.0410 3640 TBS - ok
13:08:46.0660 3640 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:08:46.0675 3640 Tcpip - ok
13:08:46.0909 3640 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:08:46.0940 3640 TCPIP6 - ok
13:08:47.0003 3640 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:08:47.0050 3640 tcpipreg - ok
13:08:47.0096 3640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:08:47.0112 3640 TDPIPE - ok
13:08:47.0143 3640 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:08:47.0174 3640 TDTCP - ok
13:08:47.0237 3640 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:08:47.0268 3640 tdx - ok
13:08:47.0299 3640 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
13:08:47.0315 3640 TermDD - ok
13:08:47.0471 3640 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:08:47.0518 3640 TermService - ok
13:08:47.0533 3640 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:08:47.0549 3640 Themes - ok
13:08:47.0611 3640 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:08:47.0627 3640 THREADORDER - ok
13:08:47.0705 3640 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:08:47.0752 3640 TrkWks - ok
13:08:47.0845 3640 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:08:47.0892 3640 TrustedInstaller - ok
13:08:47.0939 3640 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:08:47.0986 3640 tssecsrv - ok
13:08:48.0032 3640 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:08:48.0032 3640 TsUsbFlt - ok
13:08:48.0064 3640 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:08:48.0095 3640 TsUsbGD - ok
13:08:48.0142 3640 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:08:48.0204 3640 tunnel - ok
13:08:48.0235 3640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:08:48.0251 3640 uagp35 - ok
13:08:48.0344 3640 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:08:48.0391 3640 udfs - ok
13:08:48.0454 3640 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:08:48.0469 3640 UI0Detect - ok
13:08:48.0500 3640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:08:48.0516 3640 uliagpkx - ok
13:08:48.0547 3640 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:08:48.0578 3640 umbus - ok
13:08:48.0610 3640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:08:48.0610 3640 UmPass - ok
13:08:48.0750 3640 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:08:48.0797 3640 upnphost - ok
13:08:48.0844 3640 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
13:08:48.0875 3640 USBAAPL64 - ok
13:08:48.0953 3640 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:08:48.0953 3640 usbccgp - ok
13:08:49.0000 3640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:08:49.0015 3640 usbcir - ok
13:08:49.0093 3640 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:08:49.0124 3640 usbehci - ok
13:08:49.0280 3640 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:08:49.0312 3640 usbhub - ok
13:08:49.0468 3640 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:08:49.0499 3640 usbohci - ok
13:08:49.0670 3640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:08:49.0702 3640 usbprint - ok
13:08:49.0811 3640 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:08:49.0811 3640 usbscan - ok
13:08:49.0904 3640 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:08:49.0936 3640 USBSTOR - ok
13:08:50.0060 3640 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:08:50.0092 3640 usbuhci - ok
13:08:50.0310 3640 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:08:50.0326 3640 usbvideo - ok
13:08:50.0528 3640 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:08:50.0591 3640 UxSms - ok
13:08:50.0684 3640 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:08:50.0700 3640 VaultSvc - ok
13:08:50.0778 3640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:08:50.0794 3640 vdrvroot - ok
13:08:50.0918 3640 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:08:50.0965 3640 vds - ok
13:08:51.0074 3640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:08:51.0090 3640 vga - ok
13:08:51.0262 3640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:08:51.0308 3640 VgaSave - ok
13:08:51.0355 3640 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:08:51.0574 3640 vhdmp - ok
13:08:51.0620 3640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:08:51.0620 3640 viaide - ok
13:08:51.0667 3640 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:08:51.0667 3640 volmgr - ok
13:08:51.0761 3640 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:08:51.0776 3640 volmgrx - ok
13:08:51.0870 3640 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:08:51.0886 3640 volsnap - ok
13:08:51.0948 3640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:08:51.0948 3640 vsmraid - ok
13:08:52.0354 3640 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:08:52.0400 3640 VSS - ok
13:08:52.0432 3640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:08:52.0447 3640 vwifibus - ok
13:08:52.0478 3640 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:08:52.0494 3640 vwififlt - ok
13:08:52.0556 3640 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:08:52.0588 3640 W32Time - ok
13:08:52.0634 3640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:08:52.0650 3640 WacomPen - ok
13:08:52.0728 3640 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:08:52.0759 3640 WANARP - ok
13:08:52.0775 3640 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:08:52.0790 3640 Wanarpv6 - ok
13:08:52.0978 3640 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:08:52.0993 3640 WatAdminSvc - ok
13:08:53.0414 3640 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:08:53.0524 3640 wbengine - ok
13:08:53.0680 3640 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:08:53.0695 3640 WbioSrvc - ok
13:08:53.0867 3640 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:08:53.0898 3640 wcncsvc - ok
13:08:54.0038 3640 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:08:54.0054 3640 WcsPlugInService - ok
13:08:54.0101 3640 WcsPlugInService32 - ok
13:08:54.0241 3640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:08:54.0257 3640 Wd - ok
13:08:54.0413 3640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:08:54.0428 3640 Wdf01000 - ok
13:08:54.0538 3640 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:08:54.0584 3640 WdiServiceHost - ok
13:08:54.0584 3640 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:08:54.0600 3640 WdiSystemHost - ok
13:08:54.0772 3640 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:08:54.0803 3640 WebClient - ok
13:08:55.0021 3640 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:08:55.0068 3640 Wecsvc - ok
13:08:55.0255 3640 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:08:55.0286 3640 wercplsupport - ok
13:08:55.0396 3640 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:08:55.0442 3640 WerSvc - ok
13:08:55.0630 3640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:08:55.0645 3640 WfpLwf - ok
13:08:55.0848 3640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:08:55.0848 3640 WIMMount - ok
13:08:55.0895 3640 WinDefend - ok
13:08:55.0895 3640 WinHttpAutoProxySvc - ok
13:08:56.0035 3640 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:08:56.0066 3640 Winmgmt - ok
13:08:56.0472 3640 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:08:56.0519 3640 WinRM - ok
13:08:56.0628 3640 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:08:56.0628 3640 WinUsb - ok
13:08:56.0831 3640 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:08:56.0878 3640 Wlansvc - ok
13:08:57.0065 3640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:08:57.0096 3640 WmiAcpi - ok
13:08:57.0252 3640 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:08:57.0283 3640 wmiApSrv - ok
13:08:57.0346 3640 WMPNetworkSvc - ok
13:08:57.0502 3640 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:08:57.0517 3640 WPCSvc - ok
13:08:57.0720 3640 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:08:57.0736 3640 WPDBusEnum - ok
13:08:57.0923 3640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:08:57.0938 3640 ws2ifsl - ok
13:08:58.0110 3640 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
13:08:58.0141 3640 wscsvc - ok
13:08:58.0250 3640 WSearch - ok
13:08:58.0562 3640 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
13:08:58.0625 3640 wuauserv - ok
13:08:58.0812 3640 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:08:58.0874 3640 WudfPf - ok
13:08:58.0952 3640 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:08:58.0984 3640 WUDFRd - ok
13:08:59.0155 3640 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:08:59.0186 3640 wudfsvc - ok
13:08:59.0311 3640 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:08:59.0358 3640 WwanSvc - ok
13:08:59.0545 3640 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:08:59.0576 3640 YahooAUService - ok
13:08:59.0608 3640 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:08:59.0966 3640 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:08:59.0966 3640 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:09:00.0310 3640 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
13:09:00.0372 3640 \Device\Harddisk1\DR1 - ok
13:09:00.0388 3640 Boot (0x1200) (9eb933a00278b294f6735760614a3528) \Device\Harddisk0\DR0\Partition0
13:09:00.0388 3640 \Device\Harddisk0\DR0\Partition0 - ok
13:09:00.0419 3640 Boot (0x1200) (1bf2cd7b74d4e49ede2ce17b47ce1c8e) \Device\Harddisk0\DR0\Partition1
13:09:00.0419 3640 \Device\Harddisk0\DR0\Partition1 - ok
13:09:00.0450 3640 Boot (0x1200) (0a34a466d28a1bf0096924f59b67a117) \Device\Harddisk1\DR1\Partition0
13:09:00.0450 3640 \Device\Harddisk1\DR1\Partition0 - ok
13:09:00.0450 3640 ============================================================
13:09:00.0450 3640 Scan finished
13:09:00.0450 3640 ============================================================
13:09:00.0466 1072 Detected object count: 6
13:09:00.0466 1072 Actual detected object count: 6
13:09:19.0981 1072 CrashPlanService ( UnsignedFile.Multi.Generic ) - skipped by user
13:09:19.0981 1072 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:09:19.0981 1072 Hardlock ( UnsignedFile.Multi.Generic ) - skipped by user
13:09:19.0981 1072 Hardlock ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:09:19.0981 1072 InstallShield Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:09:19.0981 1072 InstallShield Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:09:19.0981 1072 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
13:09:19.0981 1072 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:09:19.0981 1072 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:09:19.0981 1072 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:09:19.0981 1072 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:09:19.0981 1072 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#8 8chip8

8chip8
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 22 April 2012 - 12:55 PM

aswmbr results


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 13:20:38
-----------------------------
13:20:38.036 OS Version: Windows x64 6.1.7601 Service Pack 1
13:20:38.036 Number of processors: 8 586 0x2A07
13:20:38.036 ComputerName: CHIPI7 UserName: test
13:20:41.905 Initialize success
13:21:18.738 AVAST engine defs: 12042200
13:21:48.004 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:21:48.004 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3
13:21:48.004 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
13:21:48.004 Disk 1 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
13:21:48.019 Disk 0 MBR read successfully
13:21:48.019 Disk 0 MBR scan
13:21:48.019 Disk 0 Windows 7 default MBR code
13:21:48.035 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 462937 MB offset 2048
13:21:48.066 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13992 MB offset 948097024
13:21:48.082 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 976771072
13:21:48.082 Disk 0 Partition 3 **INFECTED** MBR:Alureon-K [Rtk]
13:21:48.128 Disk 0 scanning C:\Windows\system32\drivers
13:21:58.097 Service scanning
13:22:14.602 Modules scanning
13:22:14.602 Disk 0 trace - called modules:
13:22:14.633 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
13:22:14.633 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007bcd790]
13:22:14.633 3 CLASSPNP.SYS[fffff880011cb43f] -> nt!IofCallDriver -> [0xfffffa8007bcc280]
13:22:14.648 5 stdcfltn.sys[fffff8800168cc52] -> nt!IofCallDriver -> [0xfffffa8007884e40]
13:22:14.648 7 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007883050]
13:22:18.190 AVAST engine scan C:\Windows
13:22:21.169 AVAST engine scan C:\Windows\system32
13:24:28.718 AVAST engine scan C:\Windows\system32\drivers
13:24:41.323 AVAST engine scan C:\Users\test
13:28:59.804 Disk 0 MBR has been saved successfully to "C:\Users\test\Desktop\MBR.dat"
13:28:59.804 The log file has been saved successfully to "C:\Users\test\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 13:36:08
-----------------------------
13:36:08.575 OS Version: Windows x64 6.1.7601 Service Pack 1
13:36:08.575 Number of processors: 8 586 0x2A07
13:36:08.575 ComputerName: CHIPI7 UserName: test
13:36:10.291 Initialize success
13:36:13.380 AVAST engine defs: 12042200
13:36:19.417 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:36:19.417 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3
13:36:19.417 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
13:36:19.417 Disk 1 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
13:36:19.542 Disk 0 MBR read successfully
13:36:19.542 Disk 0 MBR scan
13:36:19.557 Disk 0 Windows 7 default MBR code
13:36:19.557 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 462937 MB offset 2048
13:36:19.589 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13992 MB offset 948097024
13:36:19.604 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 976771072
13:36:19.604 Disk 0 Partition 3 **INFECTED** MBR:Alureon-K [Rtk]
13:36:19.651 Disk 0 scanning C:\Windows\system32\drivers
13:36:29.682 Service scanning
13:36:46.452 Modules scanning
13:36:46.452 Disk 0 trace - called modules:
13:36:46.483 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
13:36:46.483 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007bcd790]
13:36:46.483 3 CLASSPNP.SYS[fffff880011cb43f] -> nt!IofCallDriver -> [0xfffffa8007bcc280]
13:36:46.499 5 stdcfltn.sys[fffff8800168cc52] -> nt!IofCallDriver -> [0xfffffa8007884e40]
13:36:46.499 7 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007883050]
13:36:48.527 AVAST engine scan C:\Windows
13:36:52.333 AVAST engine scan C:\Windows\system32
13:39:10.674 AVAST engine scan C:\Windows\system32\drivers
13:39:23.091 AVAST engine scan C:\Users\test
13:54:10.413 AVAST engine scan C:\ProgramData
13:55:05.639 Scan finished successfully
13:55:16.964 Disk 0 MBR has been saved successfully to "C:\Users\test\Desktop\MBR.dat"
13:55:16.964 The log file has been saved successfully to "C:\Users\test\Desktop\aswMBR.txt"

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 22 April 2012 - 01:22 PM

Greetings

I need you to make a bootable usb and to make a screenshot for me - follow the instructions below to do this

How to create a bootable Puppy USB Drive

  • Download and save a copy of the latest Puppy ISO file
  • Download and save a copy of Unetbootin for Windows.
  • Insert an empty formatted USB drive into a USB port on the computer that's being used to create the bootable USB.
  • Launch Unetbootin ....
  • Ensure that Disk Image is selected.
  • Using the browse button ... browse to and select the Puppy ISO file.
  • Ensure that Type: is set to USB Drive and that the Drive: letter corresponds to the USB drive.
  • Click OK
Unetbootin will now copy the Puppy files to the USB and make it a bootable device.

Next

You need to change the boot order of the computer to boot from a USB drive ....

  • Read HERE for instructions how to do this.

Now boot into Puppylinux

when you get to the desktop Click on each of the drive items found in the bottom left corner to mount them (when mounted they will have a red cross next to them)

Next - Launch GParted which is found at Menu > System > GParted partition manager,
Click to select All Drives then click Okay
I need you to take a screenshot of the window that opens up - to do this follow these instructions

To take a screenshot in Puppy ....

With the GParted window open ...

  • Click menu > Graphic > mtPaint-snapshot screen capture
  • A small window will open ....

    • Click Capture Now
    • Click OK
  • The mtPaint program will open ....
    • Click File > Save
    • Double click on ../
    • Double click on mnt/
    • Double click on sdb1/
    • Set File Format to JPEG
    • Enter screenshot1 into the text box
    • Click OK

This will save a file screenshot1.jpeg into the USB drive, paste or attach this to your next post

Next

  • Click menu > shutdown > power off computer
  • If prompted to save the session click on No

Puppy will now close down.

remove the usb and save it - we will use it again - boot back into windows and send me the screen capture

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 8chip8

8chip8
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 22 April 2012 - 04:12 PM

Screenshot attached. sorry for delay - had to go buy a thumb drive

Attached Files



#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 22 April 2012 - 05:38 PM

Hello


I want you to boot back into GParted and right click on the partition that is hidden and select delete

boot back into windows and let me know how things are doing


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 8chip8

8chip8
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:36 PM

Posted 22 April 2012 - 06:38 PM

Followed your instructions. Everything seems to be fine now - can't thank you enough. Any recommendations for anti-virus/antimalware to prevent this from happening again? I had malware bytes running but it seemed to miss it.

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 22 April 2012 - 08:14 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 25 April 2012 - 12:03 AM

Hello


Just checking in on you as it has been a couple of days since I have heard from you.

Are you having any troubles or just need more time?




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:36 PM

Posted 27 April 2012 - 11:07 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users