Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?


  • This topic is locked This topic is locked
21 replies to this topic

#1 bigj123454321

bigj123454321

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 25 April 2012 - 03:12 PM

I have two partitions for my hard drive. One is windows xp which was recently infected with zero access rootkit and many others. I took care of that through these forums, but I suspect my Windows 7 partition is also infected. (I dual boot with these due to compatibility issues). Anyway, it is 64 bit so I didn't include GMER. Here is the DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Jared at 16:05:43 on 2012-04-25
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4029.2661 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Common Files\AOL\1293596288\ee\aolsoftware.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\NDP40-KB2600217-x64.exe
d:\86b545f205fb831e6cc13af9b7097c\Setup.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120213204555.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1293596288\ee\AOLSoftware.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
TCP: Interfaces\{2EBAFEF3-0D88-4F24-80BD-22619F77C216} : DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
TCP: Interfaces\{2EBAFEF3-0D88-4F24-80BD-22619F77C216}\05160716E6F637 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3C922F93-E1A3-46A1-8B11-9CCDC32B8D42} : DhcpNameServer = 192.168.0.1
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
BHO-X64: AOL Toolbar Loader - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120213204555.dll
BHO-X64: scriptproxy - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1293596288\ee\AOLSoftware.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\f7xp46ub.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-13 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-13 355440]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-13 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-2-13 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-2-13 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-02-14 14:04:00 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:06:15.82 ===============

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 26 April 2012 - 01:12 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 26 April 2012 - 01:51 AM

Here is the security log:
Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Adobe Flash Player 11.1.102.55
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox 10.0.2 Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````


here is the combofix log:
ComboFix 12-04-25.02 - Jared 04/26/2012 2:36.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4029.2830 [GMT -4:00]
Running from: c:\users\Jared\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-03-26 to 2012-04-26 )))))))))))))))))))))))))))))))
.
.
2012-04-26 06:41 . 2012-04-26 06:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-25 20:12 . 2012-03-06 06:43 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-25 20:12 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-25 20:12 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-25 20:11 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-25 20:11 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-25 20:11 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-25 20:11 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-25 20:11 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-25 20:11 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-25 20:11 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-19 04:13 . 2012-02-03 04:16 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-04-19 04:13 . 2012-02-10 06:18 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-04-19 04:13 . 2012-02-10 06:17 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-04-19 04:13 . 2012-02-10 06:17 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-04-19 04:13 . 2012-02-10 06:17 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-04-19 04:13 . 2012-02-10 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-04-19 04:13 . 2012-02-10 05:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-04-19 04:13 . 2012-02-10 05:41 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-04-19 04:13 . 2012-02-10 05:41 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-04-19 04:13 . 2012-02-10 05:41 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-04-19 04:13 . 2012-02-10 05:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-04-19 04:12 . 2012-01-25 06:27 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-19 04:12 . 2012-01-25 06:27 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-19 04:12 . 2012-01-25 06:20 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-19 04:12 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-04-19 04:12 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-04-19 04:12 . 2012-02-15 04:47 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-19 04:12 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-14 14:04 . 2011-05-19 17:43 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-06-29 400760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HostManager"="c:\program files (x86)\Common Files\AOL\1293596288\ee\AOLSoftware.exe" [2010-03-08 41800]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-19 54576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aol.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
FF - ProfilePath - c:\users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\f7xp46ub.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4216207827-2725350182-3401975650-1000\Software\SecuROM\License information*]
"datasecu"=hex:56,cf,a4,4b,4c,f8,c2,88,ad,ce,ce,e6,d1,60,31,cf,2c,75,27,72,e6,
5e,72,5c,18,dc,16,4a,81,33,33,1a,ee,a3,0f,15,e4,c2,64,ba,75,0a,c4,e3,5c,56,\
"rkeysecu"=hex:79,08,04,88,46,1b,a1,70,8f,79,1a,8c,e4,c5,96,3a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2012-04-26 02:47:43 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-26 06:47
.
Pre-Run: 7,614,529,536 bytes free
Post-Run: 8,036,122,624 bytes free
.
- - End Of File - - D2C3A120275867F4348CCA84379F22A2

#4 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 26 April 2012 - 01:53 AM

My computer is doing ok still. similar troubles, except the browser seems to be no longer redirecting

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 26 April 2012 - 06:24 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 26 April 2012 - 11:33 AM

Here is the TDSSKiller log:

12:20:36.0418 1204 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
12:20:36.0776 1204 ============================================================
12:20:36.0776 1204 Current date / time: 2012/04/26 12:20:36.0776
12:20:36.0776 1204 SystemInfo:
12:20:36.0776 1204
12:20:36.0776 1204 OS Version: 6.1.7600 ServicePack: 0.0
12:20:36.0776 1204 Product type: Workstation
12:20:36.0776 1204 ComputerName: STUDIO
12:20:36.0776 1204 UserName: Jared
12:20:36.0776 1204 Windows directory: C:\Windows
12:20:36.0776 1204 System windows directory: C:\Windows
12:20:36.0776 1204 Running under WOW64
12:20:36.0776 1204 Processor architecture: Intel x64
12:20:36.0776 1204 Number of processors: 2
12:20:36.0776 1204 Page size: 0x1000
12:20:36.0776 1204 Boot type: Normal boot
12:20:36.0776 1204 ============================================================
12:20:38.0180 1204 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:20:38.0180 1204 ============================================================
12:20:38.0180 1204 \Device\Harddisk0\DR0:
12:20:38.0180 1204 MBR partitions:
12:20:38.0196 1204 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F60BF, BlocksNum 0x44588EE
12:20:38.0196 1204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x464E9EC, BlocksNum 0x35D36255
12:20:38.0196 1204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3EC1, BlocksNum 0x1F21BF
12:20:38.0196 1204 ============================================================
12:20:38.0227 1204 C: <-> \Device\Harddisk0\DR0\Partition0
12:20:38.0290 1204 D: <-> \Device\Harddisk0\DR0\Partition1
12:20:38.0290 1204 ============================================================
12:20:38.0290 1204 Initialize success
12:20:38.0290 1204 ============================================================
12:20:56.0760 3676 ============================================================
12:20:56.0760 3676 Scan started
12:20:56.0760 3676 Mode: Manual;
12:20:56.0760 3676 ============================================================
12:20:58.0211 3676 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
12:20:58.0211 3676 1394ohci - ok
12:20:58.0242 3676 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
12:20:58.0242 3676 ACPI - ok
12:20:58.0258 3676 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
12:20:58.0273 3676 AcpiPmi - ok
12:20:58.0304 3676 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:20:58.0320 3676 adp94xx - ok
12:20:58.0351 3676 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:20:58.0351 3676 adpahci - ok
12:20:58.0367 3676 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:20:58.0382 3676 adpu320 - ok
12:20:58.0429 3676 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:20:58.0429 3676 AeLookupSvc - ok
12:20:58.0492 3676 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
12:20:58.0507 3676 AFD - ok
12:20:58.0523 3676 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
12:20:58.0523 3676 agp440 - ok
12:20:58.0554 3676 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:20:58.0554 3676 ALG - ok
12:20:58.0570 3676 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
12:20:58.0570 3676 aliide - ok
12:20:58.0570 3676 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
12:20:58.0570 3676 amdide - ok
12:20:58.0585 3676 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:20:58.0601 3676 AmdK8 - ok
12:20:58.0601 3676 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:20:58.0601 3676 AmdPPM - ok
12:20:58.0648 3676 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
12:20:58.0648 3676 amdsata - ok
12:20:58.0663 3676 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:20:58.0679 3676 amdsbs - ok
12:20:58.0679 3676 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
12:20:58.0679 3676 amdxata - ok
12:20:58.0788 3676 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:20:58.0788 3676 AOL ACS - ok
12:20:58.0819 3676 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
12:20:58.0819 3676 AppID - ok
12:20:58.0866 3676 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:20:58.0882 3676 AppIDSvc - ok
12:20:58.0897 3676 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
12:20:58.0897 3676 Appinfo - ok
12:20:58.0944 3676 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:20:58.0944 3676 Apple Mobile Device - ok
12:20:58.0975 3676 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:20:58.0975 3676 AppMgmt - ok
12:20:59.0006 3676 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:20:59.0006 3676 arc - ok
12:20:59.0022 3676 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:20:59.0022 3676 arcsas - ok
12:20:59.0069 3676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:20:59.0069 3676 AsyncMac - ok
12:20:59.0084 3676 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
12:20:59.0084 3676 atapi - ok
12:20:59.0131 3676 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:20:59.0147 3676 AudioEndpointBuilder - ok
12:20:59.0162 3676 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:20:59.0162 3676 AudioSrv - ok
12:20:59.0194 3676 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
12:20:59.0209 3676 AxInstSV - ok
12:20:59.0240 3676 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:20:59.0256 3676 b06bdrv - ok
12:20:59.0303 3676 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:20:59.0318 3676 b57nd60a - ok
12:20:59.0334 3676 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:20:59.0334 3676 BDESVC - ok
12:20:59.0350 3676 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:20:59.0350 3676 Beep - ok
12:20:59.0412 3676 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
12:20:59.0428 3676 BFE - ok
12:20:59.0474 3676 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
12:20:59.0521 3676 BITS - ok
12:20:59.0568 3676 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:20:59.0568 3676 blbdrive - ok
12:20:59.0646 3676 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
12:20:59.0662 3676 Bonjour Service - ok
12:20:59.0693 3676 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
12:20:59.0693 3676 bowser - ok
12:20:59.0724 3676 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:20:59.0724 3676 BrFiltLo - ok
12:20:59.0724 3676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:20:59.0724 3676 BrFiltUp - ok
12:20:59.0771 3676 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:20:59.0771 3676 BridgeMP - ok
12:20:59.0818 3676 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
12:20:59.0818 3676 Browser - ok
12:20:59.0864 3676 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:20:59.0864 3676 Brserid - ok
12:20:59.0880 3676 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:20:59.0880 3676 BrSerWdm - ok
12:20:59.0896 3676 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:20:59.0896 3676 BrUsbMdm - ok
12:20:59.0896 3676 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:20:59.0896 3676 BrUsbSer - ok
12:20:59.0911 3676 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:20:59.0911 3676 BTHMODEM - ok
12:20:59.0927 3676 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:20:59.0927 3676 bthserv - ok
12:20:59.0958 3676 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:20:59.0958 3676 cdfs - ok
12:20:59.0989 3676 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
12:20:59.0989 3676 cdrom - ok
12:21:00.0020 3676 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:21:00.0036 3676 CertPropSvc - ok
12:21:00.0052 3676 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:21:00.0052 3676 circlass - ok
12:21:00.0083 3676 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:21:00.0098 3676 CLFS - ok
12:21:00.0145 3676 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:21:00.0145 3676 clr_optimization_v2.0.50727_32 - ok
12:21:00.0176 3676 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:21:00.0176 3676 clr_optimization_v2.0.50727_64 - ok
12:21:00.0239 3676 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:21:00.0239 3676 clr_optimization_v4.0.30319_32 - ok
12:21:00.0270 3676 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:21:00.0270 3676 clr_optimization_v4.0.30319_64 - ok
12:21:00.0317 3676 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:21:00.0317 3676 CmBatt - ok
12:21:00.0332 3676 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
12:21:00.0332 3676 cmdide - ok
12:21:00.0379 3676 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
12:21:00.0395 3676 CNG - ok
12:21:00.0410 3676 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:21:00.0410 3676 Compbatt - ok
12:21:00.0426 3676 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:21:00.0426 3676 CompositeBus - ok
12:21:00.0442 3676 COMSysApp - ok
12:21:00.0457 3676 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:21:00.0457 3676 crcdisk - ok
12:21:00.0488 3676 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
12:21:00.0504 3676 CryptSvc - ok
12:21:00.0535 3676 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
12:21:00.0551 3676 CSC - ok
12:21:00.0613 3676 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
12:21:00.0629 3676 CscService - ok
12:21:00.0676 3676 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:21:00.0691 3676 DcomLaunch - ok
12:21:00.0722 3676 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:21:00.0722 3676 defragsvc - ok
12:21:00.0785 3676 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
12:21:00.0785 3676 DfsC - ok
12:21:00.0816 3676 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
12:21:00.0832 3676 Dhcp - ok
12:21:00.0847 3676 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:21:00.0847 3676 discache - ok
12:21:00.0878 3676 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:21:00.0878 3676 Disk - ok
12:21:00.0910 3676 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
12:21:00.0910 3676 Dnscache - ok
12:21:00.0941 3676 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
12:21:00.0956 3676 dot3svc - ok
12:21:01.0003 3676 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
12:21:01.0003 3676 Dot4 - ok
12:21:01.0019 3676 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:21:01.0034 3676 Dot4Print - ok
12:21:01.0050 3676 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
12:21:01.0050 3676 dot4usb - ok
12:21:01.0081 3676 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
12:21:01.0081 3676 DPS - ok
12:21:01.0112 3676 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:21:01.0112 3676 drmkaud - ok
12:21:01.0159 3676 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
12:21:01.0175 3676 DXGKrnl - ok
12:21:01.0206 3676 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:21:01.0206 3676 EapHost - ok
12:21:01.0502 3676 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:21:01.0565 3676 ebdrv - ok
12:21:01.0658 3676 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
12:21:01.0658 3676 EFS - ok
12:21:01.0705 3676 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
12:21:01.0721 3676 ehRecvr - ok
12:21:01.0752 3676 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:21:01.0752 3676 ehSched - ok
12:21:01.0799 3676 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:21:01.0814 3676 elxstor - ok
12:21:01.0814 3676 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
12:21:01.0814 3676 ErrDev - ok
12:21:01.0877 3676 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:21:01.0892 3676 EventSystem - ok
12:21:01.0908 3676 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:21:01.0924 3676 exfat - ok
12:21:01.0939 3676 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:21:01.0939 3676 fastfat - ok
12:21:02.0017 3676 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
12:21:02.0033 3676 Fax - ok
12:21:02.0033 3676 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:21:02.0033 3676 fdc - ok
12:21:02.0048 3676 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:21:02.0048 3676 fdPHost - ok
12:21:02.0080 3676 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:21:02.0080 3676 FDResPub - ok
12:21:02.0111 3676 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:21:02.0111 3676 FileInfo - ok
12:21:02.0111 3676 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:21:02.0111 3676 Filetrace - ok
12:21:02.0126 3676 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:21:02.0126 3676 flpydisk - ok
12:21:02.0173 3676 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
12:21:02.0173 3676 FltMgr - ok
12:21:02.0236 3676 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
12:21:02.0267 3676 FontCache - ok
12:21:02.0329 3676 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:21:02.0329 3676 FontCache3.0.0.0 - ok
12:21:02.0345 3676 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:21:02.0345 3676 FsDepends - ok
12:21:02.0376 3676 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
12:21:02.0376 3676 Fs_Rec - ok
12:21:02.0423 3676 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:21:02.0423 3676 fvevol - ok
12:21:02.0438 3676 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:21:02.0438 3676 gagp30kx - ok
12:21:02.0485 3676 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:21:02.0485 3676 GEARAspiWDM - ok
12:21:02.0548 3676 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
12:21:02.0563 3676 gpsvc - ok
12:21:02.0579 3676 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:21:02.0579 3676 hcw85cir - ok
12:21:02.0626 3676 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
12:21:02.0641 3676 HdAudAddService - ok
12:21:02.0657 3676 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:21:02.0672 3676 HDAudBus - ok
12:21:02.0672 3676 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:21:02.0688 3676 HidBatt - ok
12:21:02.0688 3676 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:21:02.0704 3676 HidBth - ok
12:21:02.0704 3676 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:21:02.0719 3676 HidIr - ok
12:21:02.0735 3676 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:21:02.0750 3676 hidserv - ok
12:21:02.0766 3676 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
12:21:02.0766 3676 HidUsb - ok
12:21:02.0782 3676 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
12:21:02.0797 3676 hkmsvc - ok
12:21:02.0813 3676 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
12:21:02.0813 3676 HomeGroupListener - ok
12:21:02.0844 3676 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
12:21:02.0860 3676 HomeGroupProvider - ok
12:21:02.0953 3676 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:21:02.0953 3676 hpqcxs08 - ok
12:21:02.0984 3676 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:21:02.0984 3676 hpqddsvc - ok
12:21:03.0000 3676 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
12:21:03.0000 3676 HpSAMD - ok
12:21:03.0062 3676 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:21:03.0094 3676 HPSLPSVC - ok
12:21:03.0140 3676 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
12:21:03.0172 3676 HTTP - ok
12:21:03.0187 3676 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
12:21:03.0203 3676 hwpolicy - ok
12:21:03.0234 3676 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:21:03.0234 3676 i8042prt - ok
12:21:03.0296 3676 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
12:21:03.0312 3676 iaStorV - ok
12:21:03.0406 3676 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:21:03.0452 3676 idsvc - ok
12:21:03.0842 3676 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:21:04.0030 3676 igfx - ok
12:21:04.0139 3676 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:21:04.0139 3676 iirsp - ok
12:21:04.0201 3676 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
12:21:04.0232 3676 IKEEXT - ok
12:21:04.0232 3676 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
12:21:04.0232 3676 intelide - ok
12:21:04.0264 3676 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:21:04.0264 3676 intelppm - ok
12:21:04.0279 3676 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:21:04.0279 3676 IPBusEnum - ok
12:21:04.0295 3676 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:21:04.0295 3676 IpFilterDriver - ok
12:21:04.0342 3676 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
12:21:04.0357 3676 iphlpsvc - ok
12:21:04.0357 3676 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:21:04.0373 3676 IPMIDRV - ok
12:21:04.0373 3676 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:21:04.0388 3676 IPNAT - ok
12:21:04.0482 3676 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
12:21:04.0482 3676 iPod Service - ok
12:21:04.0498 3676 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:21:04.0513 3676 IRENUM - ok
12:21:04.0529 3676 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
12:21:04.0529 3676 isapnp - ok
12:21:04.0560 3676 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
12:21:04.0560 3676 iScsiPrt - ok
12:21:04.0591 3676 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys
12:21:04.0607 3676 k57nd60a - ok
12:21:04.0622 3676 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:21:04.0622 3676 kbdclass - ok
12:21:04.0638 3676 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
12:21:04.0638 3676 kbdhid - ok
12:21:04.0669 3676 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:21:04.0669 3676 KeyIso - ok
12:21:04.0685 3676 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
12:21:04.0685 3676 KSecDD - ok
12:21:04.0716 3676 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
12:21:04.0716 3676 KSecPkg - ok
12:21:04.0732 3676 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:21:04.0732 3676 ksthunk - ok
12:21:04.0778 3676 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:21:04.0794 3676 KtmRm - ok
12:21:04.0856 3676 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
12:21:04.0856 3676 LanmanServer - ok
12:21:04.0903 3676 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
12:21:04.0903 3676 LanmanWorkstation - ok
12:21:04.0934 3676 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:21:04.0934 3676 lltdio - ok
12:21:04.0966 3676 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:21:04.0981 3676 lltdsvc - ok
12:21:04.0981 3676 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:21:04.0997 3676 lmhosts - ok
12:21:05.0028 3676 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:21:05.0028 3676 LSI_FC - ok
12:21:05.0059 3676 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:21:05.0059 3676 LSI_SAS - ok
12:21:05.0075 3676 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:21:05.0090 3676 LSI_SAS2 - ok
12:21:05.0106 3676 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:21:05.0106 3676 LSI_SCSI - ok
12:21:05.0122 3676 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:21:05.0122 3676 luafv - ok
12:21:05.0137 3676 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
12:21:05.0137 3676 Mcx2Svc - ok
12:21:05.0153 3676 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:21:05.0153 3676 megasas - ok
12:21:05.0200 3676 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:21:05.0200 3676 MegaSR - ok
12:21:05.0231 3676 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:21:05.0231 3676 MMCSS - ok
12:21:05.0246 3676 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:21:05.0246 3676 Modem - ok
12:21:05.0278 3676 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:21:05.0278 3676 monitor - ok
12:21:05.0293 3676 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:21:05.0293 3676 mouclass - ok
12:21:05.0309 3676 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:21:05.0324 3676 mouhid - ok
12:21:05.0340 3676 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
12:21:05.0340 3676 mountmgr - ok
12:21:05.0371 3676 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
12:21:05.0371 3676 mpio - ok
12:21:05.0387 3676 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:21:05.0387 3676 mpsdrv - ok
12:21:05.0434 3676 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
12:21:05.0449 3676 MpsSvc - ok
12:21:05.0465 3676 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
12:21:05.0465 3676 MRxDAV - ok
12:21:05.0512 3676 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:21:05.0512 3676 mrxsmb - ok
12:21:05.0543 3676 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:21:05.0558 3676 mrxsmb10 - ok
12:21:05.0574 3676 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:21:05.0574 3676 mrxsmb20 - ok
12:21:05.0590 3676 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
12:21:05.0590 3676 msahci - ok
12:21:05.0605 3676 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
12:21:05.0605 3676 msdsm - ok
12:21:05.0636 3676 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:21:05.0636 3676 MSDTC - ok
12:21:05.0652 3676 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:21:05.0652 3676 Msfs - ok
12:21:05.0668 3676 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:21:05.0683 3676 mshidkmdf - ok
12:21:05.0699 3676 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
12:21:05.0699 3676 msisadrv - ok
12:21:05.0730 3676 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:21:05.0730 3676 MSiSCSI - ok
12:21:05.0730 3676 msiserver - ok
12:21:05.0761 3676 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:21:05.0761 3676 MSKSSRV - ok
12:21:05.0761 3676 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:21:05.0761 3676 MSPCLOCK - ok
12:21:05.0777 3676 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:21:05.0777 3676 MSPQM - ok
12:21:05.0808 3676 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
12:21:05.0824 3676 MsRPC - ok
12:21:05.0839 3676 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:21:05.0839 3676 mssmbios - ok
12:21:05.0855 3676 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:21:05.0855 3676 MSTEE - ok
12:21:05.0870 3676 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:21:05.0870 3676 MTConfig - ok
12:21:05.0886 3676 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:21:05.0886 3676 Mup - ok
12:21:05.0917 3676 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
12:21:05.0933 3676 napagent - ok
12:21:05.0980 3676 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:21:05.0980 3676 NativeWifiP - ok
12:21:06.0089 3676 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
12:21:06.0089 3676 NDIS - ok
12:21:06.0104 3676 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:21:06.0120 3676 NdisCap - ok
12:21:06.0136 3676 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:21:06.0136 3676 NdisTapi - ok
12:21:06.0151 3676 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
12:21:06.0151 3676 Ndisuio - ok
12:21:06.0182 3676 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:21:06.0182 3676 NdisWan - ok
12:21:06.0198 3676 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
12:21:06.0214 3676 NDProxy - ok
12:21:06.0276 3676 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
12:21:06.0276 3676 Net Driver HPZ12 - ok
12:21:06.0292 3676 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:21:06.0292 3676 NetBIOS - ok
12:21:06.0307 3676 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
12:21:06.0323 3676 NetBT - ok
12:21:06.0354 3676 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:21:06.0354 3676 Netlogon - ok
12:21:06.0775 3676 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:21:06.0853 3676 Netman - ok
12:21:06.0900 3676 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:21:06.0900 3676 netprofm - ok
12:21:06.0978 3676 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:21:06.0978 3676 NetTcpPortSharing - ok
12:21:07.0196 3676 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
12:21:07.0306 3676 netw5v64 - ok
12:21:07.0430 3676 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:21:07.0430 3676 nfrd960 - ok
12:21:07.0477 3676 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
12:21:07.0493 3676 NlaSvc - ok
12:21:07.0493 3676 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:21:07.0508 3676 Npfs - ok
12:21:07.0524 3676 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:21:07.0524 3676 nsi - ok
12:21:07.0540 3676 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:21:07.0540 3676 nsiproxy - ok
12:21:07.0633 3676 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
12:21:07.0664 3676 Ntfs - ok
12:21:07.0711 3676 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:21:07.0711 3676 Null - ok
12:21:07.0742 3676 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
12:21:07.0758 3676 nvraid - ok
12:21:07.0774 3676 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
12:21:07.0774 3676 nvstor - ok
12:21:07.0805 3676 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
12:21:07.0805 3676 nv_agp - ok
12:21:07.0820 3676 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
12:21:07.0820 3676 ohci1394 - ok
12:21:07.0867 3676 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:21:07.0867 3676 ose - ok
12:21:07.0898 3676 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:21:07.0914 3676 p2pimsvc - ok
12:21:07.0945 3676 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:21:07.0961 3676 p2psvc - ok
12:21:07.0992 3676 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:21:07.0992 3676 Parport - ok
12:21:08.0008 3676 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
12:21:08.0008 3676 partmgr - ok
12:21:08.0023 3676 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:21:08.0039 3676 PcaSvc - ok
12:21:08.0054 3676 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
12:21:08.0070 3676 pci - ok
12:21:08.0086 3676 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
12:21:08.0086 3676 pciide - ok
12:21:08.0101 3676 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:21:08.0117 3676 pcmcia - ok
12:21:08.0132 3676 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:21:08.0132 3676 pcw - ok
12:21:08.0179 3676 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:21:08.0195 3676 PEAUTH - ok
12:21:08.0257 3676 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:21:08.0288 3676 PeerDistSvc - ok
12:21:08.0335 3676 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:21:08.0351 3676 PerfHost - ok
12:21:08.0460 3676 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
12:21:08.0491 3676 pla - ok
12:21:08.0538 3676 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
12:21:08.0554 3676 PlugPlay - ok
12:21:08.0600 3676 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
12:21:08.0600 3676 Pml Driver HPZ12 - ok
12:21:08.0616 3676 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:21:08.0632 3676 PNRPAutoReg - ok
12:21:08.0647 3676 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:21:08.0663 3676 PNRPsvc - ok
12:21:08.0694 3676 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
12:21:08.0710 3676 PolicyAgent - ok
12:21:08.0725 3676 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:21:08.0741 3676 Power - ok
12:21:08.0788 3676 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
12:21:08.0788 3676 PptpMiniport - ok
12:21:08.0819 3676 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:21:08.0819 3676 Processor - ok
12:21:08.0850 3676 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
12:21:08.0866 3676 ProfSvc - ok
12:21:08.0897 3676 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:21:08.0897 3676 ProtectedStorage - ok
12:21:08.0928 3676 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
12:21:08.0928 3676 Psched - ok
12:21:09.0006 3676 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:21:09.0037 3676 ql2300 - ok
12:21:09.0131 3676 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:21:09.0131 3676 ql40xx - ok
12:21:09.0193 3676 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:21:09.0209 3676 QWAVE - ok
12:21:09.0224 3676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:21:09.0224 3676 QWAVEdrv - ok
12:21:09.0224 3676 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:21:09.0224 3676 RasAcd - ok
12:21:09.0256 3676 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:21:09.0271 3676 RasAgileVpn - ok
12:21:09.0287 3676 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:21:09.0287 3676 RasAuto - ok
12:21:09.0318 3676 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:21:09.0318 3676 Rasl2tp - ok
12:21:09.0349 3676 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
12:21:09.0365 3676 RasMan - ok
12:21:09.0396 3676 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:21:09.0396 3676 RasPppoe - ok
12:21:09.0427 3676 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:21:09.0427 3676 RasSstp - ok
12:21:09.0474 3676 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
12:21:09.0474 3676 rdbss - ok
12:21:09.0490 3676 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:21:09.0505 3676 rdpbus - ok
12:21:09.0521 3676 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:21:09.0521 3676 RDPCDD - ok
12:21:09.0536 3676 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
12:21:09.0552 3676 RDPDR - ok
12:21:09.0583 3676 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:21:09.0583 3676 RDPENCDD - ok
12:21:09.0599 3676 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:21:09.0599 3676 RDPREFMP - ok
12:21:09.0630 3676 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
12:21:09.0646 3676 RDPWD - ok
12:21:09.0677 3676 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
12:21:09.0677 3676 rdyboost - ok
12:21:09.0708 3676 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:21:09.0708 3676 RemoteAccess - ok
12:21:09.0739 3676 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:21:09.0739 3676 RemoteRegistry - ok
12:21:09.0770 3676 rimmptsk (9c23519fc1fd331aaaedc145ab947293) C:\Windows\system32\DRIVERS\rimmpx64.sys
12:21:09.0770 3676 rimmptsk - ok
12:21:09.0817 3676 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
12:21:09.0817 3676 rimsptsk - ok
12:21:09.0833 3676 rismxdp (2a43f9e6dbde12bc0c104785c3b3f5df) C:\Windows\system32\DRIVERS\rixdpx64.sys
12:21:09.0848 3676 rismxdp - ok
12:21:09.0880 3676 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:21:09.0880 3676 RpcEptMapper - ok
12:21:09.0911 3676 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:21:09.0911 3676 RpcLocator - ok
12:21:09.0942 3676 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:21:09.0942 3676 RpcSs - ok
12:21:09.0989 3676 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:21:10.0004 3676 rspndr - ok
12:21:10.0020 3676 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
12:21:10.0020 3676 s3cap - ok
12:21:10.0036 3676 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:21:10.0036 3676 SamSs - ok
12:21:10.0051 3676 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
12:21:10.0051 3676 sbp2port - ok
12:21:10.0082 3676 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:21:10.0082 3676 SCardSvr - ok
12:21:10.0114 3676 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
12:21:10.0114 3676 scfilter - ok
12:21:10.0176 3676 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
12:21:10.0207 3676 Schedule - ok
12:21:10.0238 3676 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:21:10.0238 3676 SCPolicySvc - ok
12:21:10.0270 3676 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
12:21:10.0270 3676 sdbus - ok
12:21:10.0285 3676 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
12:21:10.0301 3676 SDRSVC - ok
12:21:10.0316 3676 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:21:10.0316 3676 secdrv - ok
12:21:10.0332 3676 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
12:21:10.0332 3676 seclogon - ok
12:21:10.0348 3676 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:21:10.0348 3676 SENS - ok
12:21:10.0379 3676 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:21:10.0379 3676 SensrSvc - ok
12:21:10.0394 3676 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:21:10.0394 3676 Serenum - ok
12:21:10.0410 3676 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:21:10.0410 3676 Serial - ok
12:21:10.0426 3676 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:21:10.0426 3676 sermouse - ok
12:21:10.0457 3676 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
12:21:10.0472 3676 SessionEnv - ok
12:21:10.0472 3676 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:21:10.0472 3676 sffdisk - ok
12:21:10.0472 3676 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:21:10.0472 3676 sffp_mmc - ok
12:21:10.0488 3676 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:21:10.0488 3676 sffp_sd - ok
12:21:10.0488 3676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:21:10.0488 3676 sfloppy - ok
12:21:10.0535 3676 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:21:10.0550 3676 SharedAccess - ok
12:21:10.0582 3676 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
12:21:10.0597 3676 ShellHWDetection - ok
12:21:10.0597 3676 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:21:10.0613 3676 SiSRaid2 - ok
12:21:10.0613 3676 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:21:10.0613 3676 SiSRaid4 - ok
12:21:10.0644 3676 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:21:10.0644 3676 Smb - ok
12:21:10.0691 3676 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:21:10.0691 3676 SNMPTRAP - ok
12:21:10.0706 3676 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:21:10.0706 3676 spldr - ok
12:21:10.0753 3676 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
12:21:10.0753 3676 Spooler - ok
12:21:10.0894 3676 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
12:21:10.0909 3676 sppsvc - ok
12:21:10.0987 3676 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:21:10.0987 3676 sppuinotify - ok
12:21:11.0050 3676 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
12:21:11.0065 3676 srv - ok
12:21:11.0096 3676 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
12:21:11.0112 3676 srv2 - ok
12:21:11.0143 3676 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
12:21:11.0143 3676 srvnet - ok
12:21:11.0190 3676 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:21:11.0190 3676 SSDPSRV - ok
12:21:11.0221 3676 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:21:11.0221 3676 SstpSvc - ok
12:21:11.0237 3676 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:21:11.0252 3676 stexstor - ok
12:21:11.0268 3676 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
12:21:11.0268 3676 StillCam - ok
12:21:11.0330 3676 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
12:21:11.0346 3676 stisvc - ok
12:21:11.0362 3676 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
12:21:11.0362 3676 storflt - ok
12:21:11.0377 3676 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
12:21:11.0377 3676 storvsc - ok
12:21:11.0377 3676 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:21:11.0377 3676 swenum - ok
12:21:11.0408 3676 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:21:11.0424 3676 swprv - ok
12:21:11.0502 3676 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
12:21:11.0549 3676 SysMain - ok
12:21:11.0627 3676 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
12:21:11.0642 3676 TabletInputService - ok
12:21:11.0658 3676 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
12:21:11.0674 3676 TapiSrv - ok
12:21:11.0705 3676 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:21:11.0705 3676 TBS - ok
12:21:12.0048 3676 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
12:21:12.0079 3676 Tcpip - ok
12:21:12.0204 3676 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
12:21:12.0204 3676 TCPIP6 - ok
12:21:12.0266 3676 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
12:21:12.0266 3676 tcpipreg - ok
12:21:12.0298 3676 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:21:12.0298 3676 TDPIPE - ok
12:21:12.0313 3676 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
12:21:12.0313 3676 TDTCP - ok
12:21:12.0344 3676 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
12:21:12.0344 3676 tdx - ok
12:21:12.0360 3676 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
12:21:12.0360 3676 TermDD - ok
12:21:12.0391 3676 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
12:21:12.0422 3676 TermService - ok
12:21:12.0422 3676 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:21:12.0438 3676 Themes - ok
12:21:12.0454 3676 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:21:12.0454 3676 THREADORDER - ok
12:21:12.0469 3676 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:21:12.0485 3676 TrkWks - ok
12:21:12.0532 3676 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
12:21:12.0532 3676 TrustedInstaller - ok
12:21:12.0547 3676 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:21:12.0547 3676 tssecsrv - ok
12:21:12.0594 3676 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
12:21:12.0594 3676 tunnel - ok
12:21:12.0625 3676 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:21:12.0625 3676 uagp35 - ok
12:21:12.0641 3676 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
12:21:12.0656 3676 udfs - ok
12:21:12.0688 3676 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:21:12.0688 3676 UI0Detect - ok
12:21:12.0703 3676 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
12:21:12.0703 3676 uliagpkx - ok
12:21:12.0734 3676 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
12:21:12.0734 3676 umbus - ok
12:21:12.0734 3676 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:21:12.0750 3676 UmPass - ok
12:21:12.0766 3676 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
12:21:12.0781 3676 UmRdpService - ok
12:21:12.0812 3676 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:21:12.0828 3676 upnphost - ok
12:21:12.0859 3676 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:21:12.0875 3676 USBAAPL64 - ok
12:21:12.0906 3676 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
12:21:12.0906 3676 usbaudio - ok
12:21:12.0922 3676 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
12:21:12.0937 3676 usbccgp - ok
12:21:12.0953 3676 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
12:21:12.0953 3676 usbcir - ok
12:21:12.0968 3676 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
12:21:12.0968 3676 usbehci - ok
12:21:13.0000 3676 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
12:21:13.0015 3676 usbhub - ok
12:21:13.0031 3676 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
12:21:13.0046 3676 usbohci - ok
12:21:13.0062 3676 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:21:13.0062 3676 usbprint - ok
12:21:13.0109 3676 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:21:13.0109 3676 usbscan - ok
12:21:13.0140 3676 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:21:13.0140 3676 USBSTOR - ok
12:21:13.0171 3676 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:21:13.0171 3676 usbuhci - ok
12:21:13.0202 3676 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
12:21:13.0202 3676 usbvideo - ok
12:21:13.0234 3676 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:21:13.0234 3676 UxSms - ok
12:21:13.0265 3676 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:21:13.0265 3676 VaultSvc - ok
12:21:13.0296 3676 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
12:21:13.0296 3676 vdrvroot - ok
12:21:13.0327 3676 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
12:21:13.0343 3676 vds - ok
12:21:13.0358 3676 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:21:13.0358 3676 vga - ok
12:21:13.0374 3676 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:21:13.0374 3676 VgaSave - ok
12:21:13.0405 3676 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
12:21:13.0421 3676 vhdmp - ok
12:21:13.0421 3676 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
12:21:13.0421 3676 viaide - ok
12:21:13.0436 3676 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
12:21:13.0436 3676 vmbus - ok
12:21:13.0452 3676 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
12:21:13.0452 3676 VMBusHID - ok
12:21:13.0468 3676 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
12:21:13.0468 3676 volmgr - ok
12:21:13.0499 3676 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
12:21:13.0514 3676 volmgrx - ok
12:21:13.0530 3676 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
12:21:13.0546 3676 volsnap - ok
12:21:13.0577 3676 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:21:13.0592 3676 vsmraid - ok
12:21:13.0670 3676 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
12:21:13.0717 3676 VSS - ok
12:21:13.0811 3676 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:21:13.0811 3676 vwifibus - ok
12:21:13.0826 3676 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:21:13.0842 3676 W32Time - ok
12:21:13.0858 3676 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:21:13.0858 3676 WacomPen - ok
12:21:13.0889 3676 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:21:13.0889 3676 WANARP - ok
12:21:13.0904 3676 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:21:13.0904 3676 Wanarpv6 - ok
12:21:13.0920 3676 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys
12:21:13.0920 3676 wanatw - ok
12:21:13.0998 3676 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:21:14.0045 3676 WatAdminSvc - ok
12:21:14.0107 3676 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
12:21:14.0154 3676 wbengine - ok
12:21:14.0248 3676 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:21:14.0263 3676 WbioSrvc - ok
12:21:14.0326 3676 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
12:21:14.0341 3676 wcncsvc - ok
12:21:14.0357 3676 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:21:14.0357 3676 WcsPlugInService - ok
12:21:14.0404 3676 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:21:14.0404 3676 Wd - ok
12:21:14.0450 3676 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:21:14.0466 3676 Wdf01000 - ok
12:21:14.0482 3676 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:21:14.0497 3676 WdiServiceHost - ok
12:21:14.0497 3676 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:21:14.0497 3676 WdiSystemHost - ok
12:21:14.0528 3676 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
12:21:14.0544 3676 WebClient - ok
12:21:14.0575 3676 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:21:14.0575 3676 Wecsvc - ok
12:21:14.0591 3676 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:21:14.0606 3676 wercplsupport - ok
12:21:14.0622 3676 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:21:14.0622 3676 WerSvc - ok
12:21:14.0653 3676 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:21:14.0653 3676 WfpLwf - ok
12:21:14.0669 3676 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:21:14.0669 3676 WIMMount - ok
12:21:14.0716 3676 WinDefend - ok
12:21:14.0731 3676 WinHttpAutoProxySvc - ok
12:21:14.0778 3676 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:21:14.0794 3676 Winmgmt - ok
12:21:14.0872 3676 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
12:21:14.0934 3676 WinRM - ok
12:21:15.0496 3676 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
12:21:15.0496 3676 WinUsb - ok
12:21:15.0870 3676 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:21:15.0901 3676 Wlansvc - ok
12:21:15.0964 3676 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:21:15.0964 3676 WmiAcpi - ok
12:21:16.0198 3676 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:21:16.0198 3676 wmiApSrv - ok
12:21:16.0307 3676 WMPNetworkSvc - ok
12:21:16.0354 3676 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:21:16.0369 3676 WPCSvc - ok
12:21:16.0432 3676 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
12:21:16.0447 3676 WPDBusEnum - ok
12:21:16.0494 3676 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:21:16.0494 3676 ws2ifsl - ok
12:21:16.0556 3676 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
12:21:16.0556 3676 wscsvc - ok
12:21:16.0556 3676 WSearch - ok
12:21:17.0836 3676 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
12:21:17.0914 3676 wuauserv - ok
12:21:18.0366 3676 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
12:21:18.0366 3676 WudfPf - ok
12:21:18.0444 3676 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:21:18.0444 3676 WUDFRd - ok
12:21:18.0506 3676 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
12:21:18.0522 3676 wudfsvc - ok
12:21:18.0694 3676 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:21:18.0709 3676 WwanSvc - ok
12:21:18.0740 3676 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:21:20.0160 3676 \Device\Harddisk0\DR0 - ok
12:21:20.0176 3676 Boot (0x1200) (85dd1a016374c66fc34a76fe4351c400) \Device\Harddisk0\DR0\Partition0
12:21:20.0191 3676 \Device\Harddisk0\DR0\Partition0 - ok
12:21:20.0207 3676 Boot (0x1200) (ab6863f4ab01bcef50d7597cec0f6824) \Device\Harddisk0\DR0\Partition1
12:21:20.0222 3676 \Device\Harddisk0\DR0\Partition1 - ok
12:21:20.0222 3676 Boot (0x1200) (5a651d68ff261a278b140abab9bb812b) \Device\Harddisk0\DR0\Partition2
12:21:20.0238 3676 \Device\Harddisk0\DR0\Partition2 - ok
12:21:20.0238 3676 ============================================================
12:21:20.0238 3676 Scan finished
12:21:20.0238 3676 ============================================================
12:21:20.0254 2404 Detected object count: 0
12:21:20.0254 2404 Actual detected object count: 0
12:22:59.0489 1844 ============================================================
12:22:59.0489 1844 Scan started
12:22:59.0489 1844 Mode: Manual;
12:22:59.0489 1844 ============================================================
12:22:59.0926 1844 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
12:22:59.0926 1844 1394ohci - ok
12:22:59.0957 1844 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
12:22:59.0972 1844 ACPI - ok
12:22:59.0972 1844 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
12:22:59.0972 1844 AcpiPmi - ok
12:23:00.0019 1844 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:23:00.0019 1844 adp94xx - ok
12:23:00.0035 1844 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:23:00.0035 1844 adpahci - ok
12:23:00.0050 1844 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:23:00.0050 1844 adpu320 - ok
12:23:00.0082 1844 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:23:00.0082 1844 AeLookupSvc - ok
12:23:00.0128 1844 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
12:23:00.0128 1844 AFD - ok
12:23:00.0144 1844 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
12:23:00.0144 1844 agp440 - ok
12:23:00.0160 1844 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:23:00.0160 1844 ALG - ok
12:23:00.0175 1844 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
12:23:00.0175 1844 aliide - ok
12:23:00.0175 1844 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
12:23:00.0175 1844 amdide - ok
12:23:00.0191 1844 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:23:00.0191 1844 AmdK8 - ok
12:23:00.0206 1844 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:23:00.0206 1844 AmdPPM - ok
12:23:00.0238 1844 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
12:23:00.0238 1844 amdsata - ok
12:23:00.0253 1844 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:23:00.0253 1844 amdsbs - ok
12:23:00.0269 1844 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
12:23:00.0269 1844 amdxata - ok
12:23:00.0347 1844 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:23:00.0347 1844 AOL ACS - ok
12:23:00.0362 1844 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
12:23:00.0362 1844 AppID - ok
12:23:00.0378 1844 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:23:00.0378 1844 AppIDSvc - ok
12:23:00.0394 1844 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
12:23:00.0394 1844 Appinfo - ok
12:23:00.0425 1844 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:23:00.0425 1844 Apple Mobile Device - ok
12:23:00.0456 1844 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:23:00.0456 1844 AppMgmt - ok
12:23:00.0472 1844 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:23:00.0472 1844 arc - ok
12:23:00.0487 1844 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:23:00.0487 1844 arcsas - ok
12:23:00.0487 1844 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:23:00.0487 1844 AsyncMac - ok
12:23:00.0503 1844 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
12:23:00.0503 1844 atapi - ok
12:23:00.0534 1844 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:23:00.0550 1844 AudioEndpointBuilder - ok
12:23:00.0550 1844 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:23:00.0565 1844 AudioSrv - ok
12:23:00.0581 1844 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
12:23:00.0581 1844 AxInstSV - ok
12:23:00.0612 1844 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:23:00.0612 1844 b06bdrv - ok
12:23:00.0643 1844 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:23:00.0643 1844 b57nd60a - ok
12:23:00.0659 1844 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:23:00.0659 1844 BDESVC - ok
12:23:00.0674 1844 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:23:00.0674 1844 Beep - ok
12:23:00.0721 1844 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
12:23:00.0721 1844 BFE - ok
12:23:00.0768 1844 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
12:23:00.0784 1844 BITS - ok
12:23:00.0830 1844 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:23:00.0830 1844 blbdrive - ok
12:23:00.0893 1844 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
12:23:00.0908 1844 Bonjour Service - ok
12:23:00.0940 1844 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
12:23:00.0940 1844 bowser - ok
12:23:00.0955 1844 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:23:00.0955 1844 BrFiltLo - ok
12:23:00.0955 1844 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:23:00.0955 1844 BrFiltUp - ok
12:23:00.0971 1844 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:23:00.0971 1844 BridgeMP - ok
12:23:00.0986 1844 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
12:23:00.0986 1844 Browser - ok
12:23:01.0018 1844 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:23:01.0018 1844 Brserid - ok
12:23:01.0033 1844 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:23:01.0033 1844 BrSerWdm - ok
12:23:01.0033 1844 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:23:01.0049 1844 BrUsbMdm - ok
12:23:01.0049 1844 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:23:01.0049 1844 BrUsbSer - ok
12:23:01.0064 1844 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:23:01.0064 1844 BTHMODEM - ok
12:23:01.0080 1844 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:23:01.0080 1844 bthserv - ok
12:23:01.0096 1844 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:23:01.0096 1844 cdfs - ok
12:23:01.0127 1844 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
12:23:01.0127 1844 cdrom - ok
12:23:01.0142 1844 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:23:01.0142 1844 CertPropSvc - ok
12:23:01.0158 1844 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:23:01.0158 1844 circlass - ok
12:23:01.0189 1844 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:23:01.0189 1844 CLFS - ok
12:23:01.0236 1844 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:23:01.0236 1844 clr_optimization_v2.0.50727_32 - ok
12:23:01.0267 1844 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:23:01.0267 1844 clr_optimization_v2.0.50727_64 - ok
12:23:01.0314 1844 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:23:01.0314 1844 clr_optimization_v4.0.30319_32 - ok
12:23:01.0345 1844 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:23:01.0345 1844 clr_optimization_v4.0.30319_64 - ok
12:23:01.0361 1844 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:23:01.0361 1844 CmBatt - ok
12:23:01.0376 1844 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
12:23:01.0376 1844 cmdide - ok
12:23:01.0408 1844 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
12:23:01.0408 1844 CNG - ok
12:23:01.0423 1844 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:23:01.0423 1844 Compbatt - ok
12:23:01.0423 1844 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:23:01.0423 1844 CompositeBus - ok
12:23:01.0439 1844 COMSysApp - ok
12:23:01.0454 1844 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:23:01.0454 1844 crcdisk - ok
12:23:01.0486 1844 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
12:23:01.0486 1844 CryptSvc - ok
12:23:01.0548 1844 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
12:23:01.0548 1844 CSC - ok
12:23:01.0610 1844 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
12:23:01.0610 1844 CscService - ok
12:23:01.0657 1844 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:23:01.0657 1844 DcomLaunch - ok
12:23:01.0688 1844 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:23:01.0688 1844 defragsvc - ok
12:23:01.0751 1844 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
12:23:01.0751 1844 DfsC - ok
12:23:01.0766 1844 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
12:23:01.0766 1844 Dhcp - ok
12:23:01.0798 1844 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:23:01.0798 1844 discache - ok
12:23:01.0813 1844 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:23:01.0813 1844 Disk - ok
12:23:01.0844 1844 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
12:23:01.0844 1844 Dnscache - ok
12:23:01.0860 1844 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
12:23:01.0876 1844 dot3svc - ok
12:23:01.0891 1844 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
12:23:01.0891 1844 Dot4 - ok
12:23:01.0922 1844 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:23:01.0922 1844 Dot4Print - ok
12:23:01.0938 1844 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
12:23:01.0938 1844 dot4usb - ok
12:23:01.0969 1844 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
12:23:01.0969 1844 DPS - ok
12:23:01.0985 1844 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:23:01.0985 1844 drmkaud - ok
12:23:02.0094 1844 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
12:23:02.0094 1844 DXGKrnl - ok
12:23:02.0125 1844 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:23:02.0125 1844 EapHost - ok
12:23:02.0281 1844 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:23:02.0297 1844 ebdrv - ok
12:23:02.0406 1844 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
12:23:02.0422 1844 EFS - ok
12:23:02.0468 1844 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
12:23:02.0484 1844 ehRecvr - ok
12:23:02.0500 1844 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:23:02.0500 1844 ehSched - ok
12:23:02.0546 1844 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:23:02.0546 1844 elxstor - ok
12:23:02.0562 1844 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
12:23:02.0562 1844 ErrDev - ok
12:23:02.0593 1844 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:23:02.0593 1844 EventSystem - ok
12:23:02.0624 1844 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:23:02.0624 1844 exfat - ok
12:23:02.0640 1844 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:23:02.0640 1844 fastfat - ok
12:23:02.0702 1844 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
12:23:02.0718 1844 Fax - ok
12:23:02.0718 1844 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:23:02.0718 1844 fdc - ok
12:23:02.0734 1844 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:23:02.0734 1844 fdPHost - ok
12:23:02.0749 1844 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:23:02.0749 1844 FDResPub - ok
12:23:02.0765 1844 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:23:02.0765 1844 FileInfo - ok
12:23:02.0780 1844 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:23:02.0780 1844 Filetrace - ok
12:23:02.0780 1844 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:23:02.0780 1844 flpydisk - ok
12:23:02.0796 1844 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
12:23:02.0812 1844 FltMgr - ok
12:23:02.0874 1844 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
12:23:02.0874 1844 FontCache - ok
12:23:02.0936 1844 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:23:02.0936 1844 FontCache3.0.0.0 - ok
12:23:02.0968 1844 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:23:02.0968 1844 FsDepends - ok
12:23:02.0983 1844 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
12:23:02.0983 1844 Fs_Rec - ok
12:23:03.0014 1844 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:23:03.0014 1844 fvevol - ok
12:23:03.0030 1844 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:23:03.0030 1844 gagp30kx - ok
12:23:03.0061 1844 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:23:03.0061 1844 GEARAspiWDM - ok
12:23:03.0124 1844 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
12:23:03.0124 1844 gpsvc - ok
12:23:03.0155 1844 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:23:03.0155 1844 hcw85cir - ok
12:23:03.0186 1844 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
12:23:03.0202 1844 HdAudAddService - ok
12:23:03.0217 1844 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:23:03.0217 1844 HDAudBus - ok
12:23:03.0217 1844 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:23:03.0217 1844 HidBatt - ok
12:23:03.0311 1844 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:23:03.0311 1844 HidBth - ok
12:23:03.0389 1844 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:23:03.0389 1844 HidIr - ok
12:23:03.0404 1844 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:23:03.0404 1844 hidserv - ok
12:23:03.0404 1844 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
12:23:03.0404 1844 HidUsb - ok
12:23:03.0436 1844 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
12:23:03.0436 1844 hkmsvc - ok
12:23:03.0467 1844 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
12:23:03.0467 1844 HomeGroupListener - ok
12:23:03.0514 1844 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
12:23:03.0514 1844 HomeGroupProvider - ok
12:23:03.0592 1844 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:23:03.0607 1844 hpqcxs08 - ok
12:23:03.0623 1844 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:23:03.0623 1844 hpqddsvc - ok
12:23:03.0638 1844 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
12:23:03.0638 1844 HpSAMD - ok
12:23:03.0716 1844 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:23:03.0716 1844 HPSLPSVC - ok
12:23:03.0763 1844 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
12:23:03.0763 1844 HTTP - ok
12:23:03.0779 1844 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
12:23:03.0779 1844 hwpolicy - ok
12:23:03.0794 1844 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:23:03.0794 1844 i8042prt - ok
12:23:03.0841 1844 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
12:23:03.0857 1844 iaStorV - ok
12:23:03.0950 1844 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:23:03.0950 1844 idsvc - ok
12:23:04.0403 1844 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:23:04.0465 1844 igfx - ok
12:23:04.0574 1844 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:23:04.0574 1844 iirsp - ok
12:23:04.0637 1844 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
12:23:04.0637 1844 IKEEXT - ok
12:23:04.0652 1844 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
12:23:04.0652 1844 intelide - ok
12:23:04.0668 1844 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:23:04.0668 1844 intelppm - ok
12:23:04.0684 1844 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:23:04.0684 1844 IPBusEnum - ok
12:23:04.0699 1844 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:23:04.0699 1844 IpFilterDriver - ok
12:23:04.0746 1844 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
12:23:04.0746 1844 iphlpsvc - ok
12:23:04.0762 1844 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:23:04.0762 1844 IPMIDRV - ok
12:23:04.0777 1844 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:23:04.0777 1844 IPNAT - ok
12:23:04.0855 1844 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
12:23:04.0871 1844 iPod Service - ok
12:23:04.0871 1844 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:23:04.0871 1844 IRENUM - ok
12:23:04.0871 1844 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
12:23:04.0871 1844 isapnp - ok
12:23:04.0902 1844 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
12:23:04.0902 1844 iScsiPrt - ok
12:23:04.0933 1844 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys
12:23:04.0933 1844 k57nd60a - ok
12:23:04.0949 1844 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:23:04.0949 1844 kbdclass - ok
12:23:04.0964 1844 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
12:23:04.0964 1844 kbdhid - ok
12:23:04.0996 1844 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:23:04.0996 1844 KeyIso - ok
12:23:05.0011 1844 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
12:23:05.0011 1844 KSecDD - ok
12:23:05.0011 1844 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
12:23:05.0027 1844 KSecPkg - ok
12:23:05.0027 1844 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:23:05.0027 1844 ksthunk - ok
12:23:05.0058 1844 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:23:05.0074 1844 KtmRm - ok
12:23:05.0105 1844 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
12:23:05.0105 1844 LanmanServer - ok
12:23:05.0136 1844 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
12:23:05.0136 1844 LanmanWorkstation - ok
12:23:05.0152 1844 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:23:05.0152 1844 lltdio - ok
12:23:05.0183 1844 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:23:05.0198 1844 lltdsvc - ok
12:23:05.0214 1844 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:23:05.0214 1844 lmhosts - ok
12:23:05.0230 1844 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:23:05.0230 1844 LSI_FC - ok
12:23:05.0245 1844 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:23:05.0245 1844 LSI_SAS - ok
12:23:05.0261 1844 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:23:05.0261 1844 LSI_SAS2 - ok
12:23:05.0276 1844 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:23:05.0276 1844 LSI_SCSI - ok
12:23:05.0292 1844 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:23:05.0292 1844 luafv - ok
12:23:05.0308 1844 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
12:23:05.0308 1844 Mcx2Svc - ok
12:23:05.0323 1844 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:23:05.0323 1844 megasas - ok
12:23:05.0354 1844 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:23:05.0354 1844 MegaSR - ok
12:23:05.0370 1844 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:23:05.0386 1844 MMCSS - ok
12:23:05.0401 1844 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:23:05.0401 1844 Modem - ok
12:23:05.0417 1844 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:23:05.0417 1844 monitor - ok
12:23:05.0417 1844 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:23:05.0417 1844 mouclass - ok
12:23:05.0432 1844 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:23:05.0432 1844 mouhid - ok
12:23:05.0464 1844 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
12:23:05.0464 1844 mountmgr - ok
12:23:05.0479 1844 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
12:23:05.0479 1844 mpio - ok
12:23:05.0495 1844 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:23:05.0495 1844 mpsdrv - ok
12:23:05.0542 1844 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
12:23:05.0542 1844 MpsSvc - ok
12:23:05.0557 1844 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
12:23:05.0557 1844 MRxDAV - ok
12:23:05.0604 1844 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:23:05.0604 1844 mrxsmb - ok
12:23:05.0635 1844 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:23:05.0635 1844 mrxsmb10 - ok
12:23:05.0666 1844 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:23:05.0666 1844 mrxsmb20 - ok
12:23:05.0666 1844 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
12:23:05.0666 1844 msahci - ok
12:23:05.0682 1844 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
12:23:05.0698 1844 msdsm - ok
12:23:05.0713 1844 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:23:05.0713 1844 MSDTC - ok
12:23:05.0729 1844 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:23:05.0729 1844 Msfs - ok
12:23:05.0744 1844 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:23:05.0744 1844 mshidkmdf - ok
12:23:05.0760 1844 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
12:23:05.0760 1844 msisadrv - ok
12:23:05.0776 1844 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:23:05.0776 1844 MSiSCSI - ok
12:23:05.0791 1844 msiserver - ok
12:23:05.0791 1844 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:23:05.0791 1844 MSKSSRV - ok
12:23:05.0807 1844 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:23:05.0807 1844 MSPCLOCK - ok
12:23:05.0807 1844 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:23:05.0807 1844 MSPQM - ok
12:23:05.0838 1844 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
12:23:05.0838 1844 MsRPC - ok
12:23:05.0854 1844 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:23:05.0854 1844 mssmbios - ok
12:23:05.0869 1844 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:23:05.0869 1844 MSTEE - ok
12:23:05.0869 1844 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:23:05.0869 1844 MTConfig - ok
12:23:05.0885 1844 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:23:05.0885 1844 Mup - ok
12:23:05.0916 1844 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
12:23:05.0932 1844 napagent - ok
12:23:05.0947 1844 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:23:05.0947 1844 NativeWifiP - ok
12:23:06.0056 1844 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
12:23:06.0056 1844 NDIS - ok
12:23:06.0088 1844 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:23:06.0088 1844 NdisCap - ok
12:23:06.0103 1844 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:23:06.0103 1844 NdisTapi - ok
12:23:06.0103 1844 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
12:23:06.0103 1844 Ndisuio - ok
12:23:06.0119 1844 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:23:06.0119 1844 NdisWan - ok
12:23:06.0134 1844 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
12:23:06.0134 1844 NDProxy - ok
12:23:06.0166 1844 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
12:23:06.0166 1844 Net Driver HPZ12 - ok
12:23:06.0166 1844 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:23:06.0166 1844 NetBIOS - ok
12:23:06.0197 1844 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
12:23:06.0197 1844 NetBT - ok
12:23:06.0212 1844 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:23:06.0212 1844 Netlogon - ok
12:23:06.0244 1844 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:23:06.0244 1844 Netman - ok
12:23:06.0275 1844 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:23:06.0290 1844 netprofm - ok
12:23:06.0337 1844 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:23:06.0337 1844 NetTcpPortSharing - ok
12:23:06.0587 1844 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
12:23:06.0618 1844 netw5v64 - ok
12:23:06.0744 1844 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:23:06.0744 1844 nfrd960 - ok
12:23:06.0775 1844 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
12:23:06.0775 1844 NlaSvc - ok
12:23:06.0791 1844 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:23:06.0791 1844 Npfs - ok
12:23:06.0791 1844 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:23:06.0806 1844 nsi - ok
12:23:06.0806 1844 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:23:06.0806 1844 nsiproxy - ok
12:23:06.0915 1844 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
12:23:06.0915 1844 Ntfs - ok
12:23:06.0978 1844 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:23:06.0978 1844 Null - ok
12:23:06.0993 1844 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
12:23:06.0993 1844 nvraid - ok
12:23:07.0009 1844 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
12:23:07.0009 1844 nvstor - ok
12:23:07.0025 1844 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
12:23:07.0025 1844 nv_agp - ok
12:23:07.0040 1844 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
12:23:07.0040 1844 ohci1394 - ok
12:23:07.0087 1844 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:23:07.0087 1844 ose - ok
12:23:07.0134 1844 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:23:07.0134 1844 p2pimsvc - ok
12:23:07.0181 1844 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:23:07.0196 1844 p2psvc - ok
12:23:07.0212 1844 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:23:07.0212 1844 Parport - ok
12:23:07.0227 1844 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
12:23:07.0227 1844 partmgr - ok
12:23:07.0243 1844 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:23:07.0259 1844 PcaSvc - ok
12:23:07.0274 1844 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
12:23:07.0274 1844 pci - ok
12:23:07.0290 1844 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
12:23:07.0290 1844 pciide - ok
12:23:07.0321 1844 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:23:07.0321 1844 pcmcia - ok
12:23:07.0337 1844 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:23:07.0337 1844 pcw - ok
12:23:07.0368 1844 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:23:07.0383 1844 PEAUTH - ok
12:23:07.0446 1844 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:23:07.0461 1844 PeerDistSvc - ok
12:23:07.0524 1844 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:23:07.0524 1844 PerfHost - ok
12:23:07.0649 1844 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
12:23:07.0649 1844 pla - ok
12:23:07.0695 1844 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
12:23:07.0695 1844 PlugPlay - ok
12:23:07.0727 1844 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
12:23:07.0727 1844 Pml Driver HPZ12 - ok
12:23:07.0742 1844 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:23:07.0742 1844 PNRPAutoReg - ok
12:23:07.0773 1844 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:23:07.0773 1844 PNRPsvc - ok
12:23:07.0820 1844 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
12:23:07.0820 1844 PolicyAgent - ok
12:23:07.0851 1844 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:23:07.0851 1844 Power - ok
12:23:07.0883 1844 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
12:23:07.0883 1844 PptpMiniport - ok
12:23:07.0898 1844 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:23:07.0898 1844 Processor - ok
12:23:07.0929 1844 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
12:23:07.0929 1844 ProfSvc - ok
12:23:07.0961 1844 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:23:07.0961 1844 ProtectedStorage - ok
12:23:07.0992 1844 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
12:23:07.0992 1844 Psched - ok
12:23:08.0070 1844 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:23:08.0070 1844 ql2300 - ok
12:23:08.0163 1844 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:23:08.0163 1844 ql40xx - ok
12:23:08.0195 1844 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:23:08.0195 1844 QWAVE - ok
12:23:08.0195 1844 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:23:08.0195 1844 QWAVEdrv - ok
12:23:08.0210 1844 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:23:08.0210 1844 RasAcd - ok
12:23:08.0226 1844 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:23:08.0226 1844 RasAgileVpn - ok
12:23:08.0241 1844 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:23:08.0241 1844 RasAuto - ok
12:23:08.0257 1844 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:23:08.0257 1844 Rasl2tp - ok
12:23:08.0288 1844 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
12:23:08.0288 1844 RasMan - ok
12:23:08.0304 1844 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:23:08.0304 1844 RasPppoe - ok
12:23:08.0319 1844 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:23:08.0319 1844 RasSstp - ok
12:23:08.0351 1844 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
12:23:08.0351 1844 rdbss - ok
12:23:08.0366 1844 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:23:08.0366 1844 rdpbus - ok
12:23:08.0382 1844 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:23:08.0382 1844 RDPCDD - ok
12:23:08.0413 1844 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
12:23:08.0413 1844 RDPDR - ok
12:23:08.0429 1844 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:23:08.0429 1844 RDPENCDD - ok
12:23:08.0444 1844 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:23:08.0444 1844 RDPREFMP - ok
12:23:08.0475 1844 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
12:23:08.0475 1844 RDPWD - ok
12:23:08.0507 1844 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
12:23:08.0507 1844 rdyboost - ok
12:23:08.0538 1844 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:23:08.0538 1844 RemoteAccess - ok
12:23:08.0553 1844 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:23:08.0553 1844 RemoteRegistry - ok
12:23:08.0585 1844 rimmptsk (9c23519fc1fd331aaaedc145ab947293) C:\Windows\system32\DRIVERS\rimmpx64.sys
12:23:08.0585 1844 rimmptsk - ok
12:23:08.0616 1844 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
12:23:08.0616 1844 rimsptsk - ok
12:23:08.0631 1844 rismxdp (2a43f9e6dbde12bc0c104785c3b3f5df) C:\Windows\system32\DRIVERS\rixdpx64.sys
12:23:08.0631 1844 rismxdp - ok
12:23:08.0647 1844 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:23:08.0647 1844 RpcEptMapper - ok
12:23:08.0678 1844 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:23:08.0678 1844 RpcLocator - ok
12:23:08.0725 1844 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:23:08.0725 1844 RpcSs - ok
12:23:08.0756 1844 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:23:08.0756 1844 rspndr - ok
12:23:08.0772 1844 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
12:23:08.0772 1844 s3cap - ok
12:23:08.0787 1844 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:23:08.0787 1844 SamSs - ok
12:23:08.0803 1844 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
12:23:08.0803 1844 sbp2port - ok
12:23:08.0834 1844 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:23:08.0834 1844 SCardSvr - ok
12:23:08.0850 1844 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
12:23:08.0850 1844 scfilter - ok
12:23:08.0912 1844 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
12:23:08.0928 1844 Schedule - ok
12:23:08.0959 1844 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:23:08.0959 1844 SCPolicySvc - ok
12:23:08.0975 1844 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
12:23:08.0975 1844 sdbus - ok
12:23:09.0006 1844 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
12:23:09.0006 1844 SDRSVC - ok
12:23:09.0006 1844 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:23:09.0006 1844 secdrv - ok
12:23:09.0021 1844 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
12:23:09.0021 1844 seclogon - ok
12:23:09.0053 1844 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:23:09.0053 1844 SENS - ok
12:23:09.0068 1844 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:23:09.0068 1844 SensrSvc - ok
12:23:09.0084 1844 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:23:09.0084 1844 Serenum - ok
12:23:09.0084 1844 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:23:09.0084 1844 Serial - ok
12:23:09.0099 1844 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:23:09.0099 1844 sermouse - ok
12:23:09.0131 1844 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
12:23:09.0131 1844 SessionEnv - ok
12:23:09.0146 1844 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:23:09.0146 1844 sffdisk - ok
12:23:09.0146 1844 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:23:09.0146 1844 sffp_mmc - ok
12:23:09.0146 1844 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:23:09.0162 1844 sffp_sd - ok
12:23:09.0162 1844 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:23:09.0162 1844 sfloppy - ok
12:23:09.0224 1844 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:23:09.0224 1844 SharedAccess - ok
12:23:09.0287 1844 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
12:23:09.0287 1844 ShellHWDetection - ok
12:23:09.0302 1844 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:23:09.0302 1844 SiSRaid2 - ok
12:23:09.0318 1844 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:23:09.0318 1844 SiSRaid4 - ok
12:23:09.0333 1844 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:23:09.0333 1844 Smb - ok
12:23:09.0365 1844 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:23:09.0365 1844 SNMPTRAP - ok
12:23:09.0380 1844 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:23:09.0380 1844 spldr - ok
12:23:09.0427 1844 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
12:23:09.0443 1844 Spooler - ok
12:23:09.0599 1844 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
12:23:09.0630 1844 sppsvc - ok
12:23:09.0723 1844 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:23:09.0723 1844 sppuinotify - ok
12:23:09.0770 1844 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
12:23:09.0770 1844 srv - ok
12:23:09.0801 1844 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
12:23:09.0801 1844 srv2 - ok
12:23:09.0833 1844 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
12:23:09.0848 1844 srvnet - ok
12:23:09.0864 1844 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:23:09.0864 1844 SSDPSRV - ok
12:23:09.0895 1844 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:23:09.0895 1844 SstpSvc - ok
12:23:09.0911 1844 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:23:09.0911 1844 stexstor - ok
12:23:09.0926 1844 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
12:23:09.0942 1844 StillCam - ok
12:23:09.0989 1844 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
12:23:09.0989 1844 stisvc - ok
12:23:10.0004 1844 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
12:23:10.0004 1844 storflt - ok
12:23:10.0020 1844 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
12:23:10.0020 1844 storvsc - ok
12:23:10.0020 1844 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:23:10.0020 1844 swenum - ok
12:23:10.0051 1844 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:23:10.0067 1844 swprv - ok
12:23:10.0145 1844 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
12:23:10.0160 1844 SysMain - ok
12:23:10.0269 1844 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
12:23:10.0269 1844 TabletInputService - ok
12:23:10.0301 1844 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
12:23:10.0301 1844 TapiSrv - ok
12:23:10.0316 1844 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:23:10.0316 1844 TBS - ok
12:23:10.0441 1844 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
12:23:10.0457 1844 Tcpip - ok
12:23:10.0581 1844 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
12:23:10.0597 1844 TCPIP6 - ok
12:23:10.0659 1844 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
12:23:10.0659 1844 tcpipreg - ok
12:23:10.0675 1844 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:23:10.0675 1844 TDPIPE - ok
12:23:10.0706 1844 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
12:23:10.0706 1844 TDTCP - ok
12:23:10.0706 1844 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
12:23:10.0722 1844 tdx - ok
12:23:10.0722 1844 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
12:23:10.0722 1844 TermDD - ok
12:23:10.0769 1844 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
12:23:10.0769 1844 TermService - ok
12:23:10.0784 1844 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:23:10.0784 1844 Themes - ok
12:23:10.0815 1844 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:23:10.0815 1844 THREADORDER - ok
12:23:10.0831 1844 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:23:10.0831 1844 TrkWks - ok
12:23:10.0878 1844 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
12:23:10.0878 1844 TrustedInstaller - ok
12:23:10.0893 1844 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:23:10.0893 1844 tssecsrv - ok
12:23:10.0925 1844 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
12:23:10.0925 1844 tunnel - ok
12:23:10.0925 1844 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:23:10.0925 1844 uagp35 - ok
12:23:10.0956 1844 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
12:23:10.0956 1844 udfs - ok
12:23:10.0971 1844 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:23:10.0987 1844 UI0Detect - ok
12:23:10.0987 1844 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
12:23:10.0987 1844 uliagpkx - ok
12:23:11.0003 1844 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
12:23:11.0003 1844 umbus - ok
12:23:11.0003 1844 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:23:11.0003 1844 UmPass - ok
12:23:11.0034 1844 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
12:23:11.0034 1844 UmRdpService - ok
12:23:11.0065 1844 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:23:11.0065 1844 upnphost - ok
12:23:11.0096 1844 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:23:11.0096 1844 USBAAPL64 - ok
12:23:11.0127 1844 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
12:23:11.0127 1844 usbaudio - ok
12:23:11.0159 1844 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
12:23:11.0159 1844 usbccgp - ok
12:23:11.0174 1844 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
12:23:11.0174 1844 usbcir - ok
12:23:11.0190 1844 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
12:23:11.0205 1844 usbehci - ok
12:23:11.0221 1844 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
12:23:11.0237 1844 usbhub - ok
12:23:11.0252 1844 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
12:23:11.0252 1844 usbohci - ok
12:23:11.0252 1844 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:23:11.0268 1844 usbprint - ok
12:23:11.0299 1844 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:23:11.0299 1844 usbscan - ok
12:23:11.0315 1844 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:23:11.0315 1844 USBSTOR - ok
12:23:11.0346 1844 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:23:11.0346 1844 usbuhci - ok
12:23:11.0377 1844 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
12:23:11.0377 1844 usbvideo - ok
12:23:11.0408 1844 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:23:11.0408 1844 UxSms - ok
12:23:11.0424 1844 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
12:23:11.0439 1844 VaultSvc - ok
12:23:11.0439 1844 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
12:23:11.0455 1844 vdrvroot - ok
12:23:11.0486 1844 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
12:23:11.0486 1844 vds - ok
12:23:11.0502 1844 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:23:11.0502 1844 vga - ok
12:23:11.0517 1844 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:23:11.0517 1844 VgaSave - ok
12:23:11.0549 1844 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
12:23:11.0549 1844 vhdmp - ok
12:23:11.0549 1844 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
12:23:11.0549 1844 viaide - ok
12:23:11.0564 1844 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
12:23:11.0564 1844 vmbus - ok
12:23:11.0580 1844 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
12:23:11.0580 1844 VMBusHID - ok
12:23:11.0595 1844 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
12:23:11.0595 1844 volmgr - ok
12:23:11.0627 1844 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
12:23:11.0627 1844 volmgrx - ok
12:23:11.0642 1844 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
12:23:11.0658 1844 volsnap - ok
12:23:11.0673 1844 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:23:11.0673 1844 vsmraid - ok
12:23:11.0751 1844 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
12:23:11.0767 1844 VSS - ok
12:23:11.0861 1844 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:23:11.0861 1844 vwifibus - ok
12:23:11.0892 1844 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:23:11.0892 1844 W32Time - ok
12:23:11.0907 1844 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:23:11.0907 1844 WacomPen - ok
12:23:11.0923 1844 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:23:11.0923 1844 WANARP - ok
12:23:11.0923 1844 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:23:11.0923 1844 Wanarpv6 - ok
12:23:11.0970 1844 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys
12:23:11.0970 1844 wanatw - ok
12:23:12.0048 1844 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:23:12.0063 1844 WatAdminSvc - ok
12:23:12.0141 1844 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
12:23:12.0141 1844 wbengine - ok
12:23:12.0251 1844 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:23:12.0251 1844 WbioSrvc - ok
12:23:12.0282 1844 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
12:23:12.0297 1844 wcncsvc - ok
12:23:12.0329 1844 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:23:12.0329 1844 WcsPlugInService - ok
12:23:12.0360 1844 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:23:12.0360 1844 Wd - ok
12:23:12.0391 1844 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:23:12.0407 1844 Wdf01000 - ok
12:23:12.0422 1844 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:23:12.0422 1844 WdiServiceHost - ok
12:23:12.0422 1844 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:23:12.0438 1844 WdiSystemHost - ok
12:23:12.0469 1844 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
12:23:12.0469 1844 WebClient - ok
12:23:12.0485 1844 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:23:12.0485 1844 Wecsvc - ok
12:23:12.0516 1844 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:23:12.0516 1844 wercplsupport - ok
12:23:12.0531 1844 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:23:12.0531 1844 WerSvc - ok
12:23:12.0531 1844 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:23:12.0531 1844 WfpLwf - ok
12:23:12.0547 1844 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:23:12.0547 1844 WIMMount - ok
12:23:12.0594 1844 WinDefend - ok
12:23:12.0594 1844 WinHttpAutoProxySvc - ok
12:23:12.0656 1844 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:23:12.0656 1844 Winmgmt - ok
12:23:12.0765 1844 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
12:23:12.0781 1844 WinRM - ok
12:23:12.0890 1844 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
12:23:12.0890 1844 WinUsb - ok
12:23:12.0937 1844 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:23:12.0953 1844 Wlansvc - ok
12:23:12.0968 1844 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:23:12.0968 1844 WmiAcpi - ok
12:23:13.0015 1844 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:23:13.0015 1844 wmiApSrv - ok
12:23:13.0046 1844 WMPNetworkSvc - ok
12:23:13.0062 1844 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:23:13.0062 1844 WPCSvc - ok
12:23:13.0093 1844 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
12:23:13.0093 1844 WPDBusEnum - ok
12:23:13.0109 1844 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:23:13.0109 1844 ws2ifsl - ok
12:23:13.0140 1844 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
12:23:13.0140 1844 wscsvc - ok
12:23:13.0140 1844 WSearch - ok
12:23:13.0249 1844 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
12:23:13.0265 1844 wuauserv - ok
12:23:13.0358 1844 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
12:23:13.0358 1844 WudfPf - ok
12:23:13.0374 1844 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:23:13.0374 1844 WUDFRd - ok
12:23:13.0389 1844 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
12:23:13.0389 1844 wudfsvc - ok
12:23:13.0421 1844 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:23:13.0421 1844 WwanSvc - ok
12:23:13.0436 1844 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:23:13.0655 1844 \Device\Harddisk0\DR0 - ok
12:23:13.0655 1844 Boot (0x1200) (85dd1a016374c66fc34a76fe4351c400) \Device\Harddisk0\DR0\Partition0
12:23:13.0655 1844 \Device\Harddisk0\DR0\Partition0 - ok
12:23:13.0670 1844 Boot (0x1200) (ab6863f4ab01bcef50d7597cec0f6824) \Device\Harddisk0\DR0\Partition1
12:23:13.0670 1844 \Device\Harddisk0\DR0\Partition1 - ok
12:23:13.0686 1844 Boot (0x1200) (5a651d68ff261a278b140abab9bb812b) \Device\Harddisk0\DR0\Partition2
12:23:13.0686 1844 \Device\Harddisk0\DR0\Partition2 - ok
12:23:13.0686 1844 ============================================================
12:23:13.0686 1844 Scan finished
12:23:13.0686 1844 ============================================================
12:23:13.0701 2904 Detected object count: 0
12:23:13.0701 2904 Actual detected object count: 0

Here is the other log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-26 12:24:03
-----------------------------
12:24:03.243 OS Version: Windows x64 6.1.7600
12:24:03.243 Number of processors: 2 586 0x170A
12:24:03.243 ComputerName: STUDIO UserName: Jared
12:24:04.631 Initialize success
12:24:56.823 AVAST engine defs: 12042600
12:26:15.198 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:26:15.198 Disk 0 Vendor: ST9500420ASG 0003SDM1 Size: 476940MB BusType: 3
12:26:15.244 Disk 0 MBR read successfully
12:26:15.260 Disk 0 MBR scan
12:26:15.260 Disk 0 Windows XP default MBR code
12:26:15.260 Disk 0 Partition - 00 05 Extended 475933 MB offset 2056320
12:26:15.276 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 996 MB offset 16065
12:26:15.291 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 34993 MB offset 2056383
12:26:15.291 Disk 0 Partition - 00 05 Extended 440940 MB offset 73722285
12:26:15.322 Disk 0 scanning C:\Windows\system32\drivers
12:26:22.436 Service scanning
12:26:37.506 Modules scanning
12:26:37.506 Disk 0 trace - called modules:
12:26:37.537 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
12:26:37.552 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c1c060]
12:26:37.552 3 CLASSPNP.SYS[fffff8800187243f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046ac060]
12:26:38.098 AVAST engine scan C:\Windows
12:26:39.736 AVAST engine scan C:\Windows\system32
12:29:04.490 AVAST engine scan C:\Windows\system32\drivers
12:29:12.368 AVAST engine scan C:\Users\Jared
12:29:47.780 AVAST engine scan C:\ProgramData
12:30:11.274 Scan finished successfully
12:30:23.161 Disk 0 MBR has been saved successfully to "C:\Users\Jared\Desktop\MBR.dat"
12:30:23.208 The log file has been saved successfully to "C:\Users\Jared\Desktop\aswMBR.txt"

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 26 April 2012 - 01:54 PM

Greetings bigj123454321

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.(let me know the problems you still have)

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 27 April 2012 - 01:19 AM

ComboFix 12-04-25.02 - Jared 04/27/2012 2:05.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4029.2725 [GMT -4:00]
Running from: c:\users\Jared\Desktop\ComboFix.exe
Command switches used :: c:\users\Jared\Desktop\CFscript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-27 to 2012-04-27 )))))))))))))))))))))))))))))))
.
.
2012-04-27 06:10 . 2012-04-27 06:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-27 06:00 . 2012-04-18 07:03 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BC85FB6-C9C4-4050-8A3C-F7D5182733C0}\mpengine.dll
2012-04-25 20:12 . 2012-03-06 06:43 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-25 20:12 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-25 20:12 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-25 20:11 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-25 20:11 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-25 20:11 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-25 20:11 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-25 20:11 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-25 20:11 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-25 20:11 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-19 04:13 . 2012-02-03 04:16 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-04-19 04:13 . 2012-02-10 06:18 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-04-19 04:13 . 2012-02-10 06:17 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-04-19 04:13 . 2012-02-10 06:17 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-04-19 04:13 . 2012-02-10 06:17 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-04-19 04:13 . 2012-02-10 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-04-19 04:13 . 2012-02-10 05:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-04-19 04:13 . 2012-02-10 05:41 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-04-19 04:13 . 2012-02-10 05:41 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-04-19 04:13 . 2012-02-10 05:41 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-04-19 04:13 . 2012-02-10 05:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-04-19 04:12 . 2012-01-25 06:27 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-19 04:12 . 2012-01-25 06:27 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-19 04:12 . 2012-01-25 06:20 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-19 04:12 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-04-19 04:12 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-04-19 04:12 . 2012-02-15 04:47 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-19 04:12 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 14:18 . 2010-12-27 00:33 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-14 14:04 . 2011-05-19 17:43 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-26_06.43.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-25 20:09 . 2012-02-28 05:38 67072 c:\windows\SysWOW64\mshtmled.dll
- 2012-02-17 19:39 . 2011-12-16 07:59 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2012-04-25 20:09 . 2012-02-28 05:35 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2012-02-17 19:39 . 2011-12-16 07:56 12800 c:\windows\SysWOW64\msfeedssync.exe
+ 2012-04-25 20:09 . 2012-02-28 05:38 64512 c:\windows\SysWOW64\msfeedsbs.dll
- 2012-02-17 19:39 . 2011-12-16 07:59 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2012-04-25 20:09 . 2012-02-28 05:40 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-02-17 19:39 . 2011-12-16 08:02 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-04-25 20:09 . 2012-02-28 05:38 44544 c:\windows\SysWOW64\licmgr10.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 44544 c:\windows\SysWOW64\licmgr10.dll
+ 2012-04-25 20:09 . 2012-02-28 05:38 48128 c:\windows\SysWOW64\jsproxy.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2010-12-27 00:28 . 2012-04-27 05:57 50014 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-27 05:57 36008 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-24 03:12 . 2012-04-27 05:57 12858 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4216207827-2725350182-3401975650-1000_UserData.bin
- 2012-02-17 19:39 . 2011-12-16 08:42 97280 c:\windows\system32\mshtmled.dll
+ 2012-04-25 20:09 . 2012-02-28 06:33 97280 c:\windows\system32\mshtmled.dll
- 2012-02-17 19:39 . 2011-12-16 08:38 12288 c:\windows\system32\msfeedssync.exe
+ 2012-04-25 20:09 . 2012-02-28 06:29 12288 c:\windows\system32\msfeedssync.exe
+ 2012-04-25 20:09 . 2012-02-28 06:33 82944 c:\windows\system32\msfeedsbs.dll
- 2012-02-17 19:39 . 2011-12-16 08:42 82944 c:\windows\system32\msfeedsbs.dll
- 2012-02-17 19:39 . 2011-12-16 08:45 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-04-25 20:09 . 2012-02-28 06:35 95232 c:\windows\system32\migration\WininetPlugin.dll
- 2012-02-17 19:39 . 2011-12-16 08:41 57856 c:\windows\system32\licmgr10.dll
+ 2012-04-25 20:09 . 2012-02-28 06:33 57856 c:\windows\system32\licmgr10.dll
+ 2012-04-25 20:09 . 2012-02-28 06:32 64512 c:\windows\system32\jsproxy.dll
- 2012-02-17 19:39 . 2011-12-16 08:41 64512 c:\windows\system32\jsproxy.dll
- 2010-12-24 03:07 . 2012-04-26 06:18 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-24 03:07 . 2012-04-27 05:55 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-24 03:07 . 2012-04-27 05:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-24 03:07 . 2012-04-26 06:18 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-26 06:18 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-27 05:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-27 00:28 . 2012-04-27 05:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-27 00:28 . 2012-04-26 06:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-04-27 05:55 71736 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-27 00:28 . 2012-04-27 05:55 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-27 00:28 . 2012-04-26 06:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-27 00:28 . 2012-04-27 05:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-27 00:28 . 2012-04-26 06:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-27 00:28 . 2012-04-26 06:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-27 00:28 . 2012-04-27 06:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-27 00:28 . 2012-04-27 06:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-27 00:28 . 2012-04-26 06:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-04-25 20:08 . 2012-04-25 20:08 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-04-25 20:06 . 2012-04-25 20:06 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-26 06:22 . 2012-04-27 06:00 4294 c:\windows\SoftwareDistribution\EventCache\{CCA4E618-1D83-4AF1-B70C-590AADEDFFF1}.bin
+ 2012-04-27 06:11 . 2012-04-27 06:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-26 06:42 . 2012-04-26 06:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-27 06:11 . 2012-04-27 06:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-26 06:42 . 2012-04-26 06:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-25 20:09 . 2012-02-28 05:40 981504 c:\windows\SysWOW64\wininet.dll
- 2012-02-17 19:39 . 2011-12-16 08:02 981504 c:\windows\SysWOW64\wininet.dll
- 2012-02-17 19:39 . 2011-12-16 08:02 132096 c:\windows\SysWOW64\url.dll
+ 2012-04-25 20:09 . 2012-02-28 05:40 132096 c:\windows\SysWOW64\url.dll
+ 2012-04-25 20:09 . 2012-02-28 05:38 606208 c:\windows\SysWOW64\mstime.dll
- 2012-02-17 19:39 . 2011-12-16 07:59 606208 c:\windows\SysWOW64\mstime.dll
- 2012-02-17 19:39 . 2011-12-16 07:59 599552 c:\windows\SysWOW64\msfeeds.dll
+ 2012-04-25 20:09 . 2012-02-28 05:38 599552 c:\windows\SysWOW64\msfeeds.dll
+ 2012-04-25 20:09 . 2012-02-28 05:37 176640 c:\windows\SysWOW64\ieui.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-04-25 20:09 . 2012-02-28 05:37 185856 c:\windows\SysWOW64\iepeers.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 185856 c:\windows\SysWOW64\iepeers.dll
+ 2012-04-25 20:09 . 2012-02-28 05:37 381440 c:\windows\SysWOW64\iedkcs32.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 381440 c:\windows\SysWOW64\iedkcs32.dll
+ 2012-04-25 20:09 . 2012-02-28 06:35 134144 c:\windows\system32\url.dll
- 2012-02-17 19:39 . 2011-12-16 08:45 134144 c:\windows\system32\url.dll
+ 2009-07-14 02:36 . 2012-04-27 05:59 624412 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-04-26 06:31 624412 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-27 05:59 106756 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-04-26 06:31 106756 c:\windows\system32\perfc009.dat
+ 2012-04-25 20:09 . 2012-02-28 06:33 703488 c:\windows\system32\msfeeds.dll
- 2012-02-17 19:39 . 2011-12-16 08:42 703488 c:\windows\system32\msfeeds.dll
+ 2012-04-25 20:09 . 2012-02-28 06:32 247808 c:\windows\system32\ieui.dll
- 2012-02-17 19:39 . 2011-12-16 08:40 247808 c:\windows\system32\ieui.dll
+ 2012-04-25 20:09 . 2012-02-28 06:32 256000 c:\windows\system32\iepeers.dll
- 2012-02-17 19:39 . 2011-12-16 08:40 256000 c:\windows\system32\iepeers.dll
- 2012-02-17 19:39 . 2011-12-16 08:40 445952 c:\windows\system32\iedkcs32.dll
+ 2012-04-25 20:09 . 2012-02-28 06:32 445952 c:\windows\system32\iedkcs32.dll
+ 2011-05-16 20:51 . 2012-04-27 06:10 407664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-05-16 20:51 . 2012-02-19 21:32 407664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-04-26 06:41 345624 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-27 06:10 345624 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-21 21:40 . 2012-01-21 21:40 616216 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2012-04-26 06:47 . 2012-01-26 23:32 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-01-21 21:40 . 2012-01-21 21:40 616216 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2012-04-26 06:47 . 2012-01-26 23:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-04-27 05:59 . 2012-04-27 05:59 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8fc959dd48e623429fd33ac26d5a3987\System.ServiceProcess.ni.dll
+ 2012-04-27 06:10 . 2012-04-27 06:10 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\b87a563306550ccc7b4c1ce20add9bc9\System.Messaging.ni.dll
+ 2012-04-27 05:59 . 2012-04-27 05:59 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\9d699149d11578703cdbb1f8f0beb250\System.Drawing.Design.ni.dll
+ 2012-04-27 06:10 . 2012-04-27 06:10 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\a6c691abd7da45090f336c6851261615\ehExtHost.ni.exe
+ 2012-04-27 05:56 . 2012-04-27 05:56 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8e47bcd69923f39c010b285d0681b795\System.ServiceProcess.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\1be4c83a69b84de9f4ecec33d797b181\System.Drawing.Design.ni.dll
+ 2012-04-26 06:47 . 2012-01-26 23:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-25 20:09 . 2012-02-28 05:40 1230336 c:\windows\SysWOW64\urlmon.dll
- 2012-02-17 19:39 . 2011-12-16 08:02 1230336 c:\windows\SysWOW64\urlmon.dll
+ 2012-04-25 20:09 . 2012-02-28 05:38 5998592 c:\windows\SysWOW64\mshtml.dll
+ 2012-04-25 20:09 . 2012-02-28 05:37 2072576 c:\windows\SysWOW64\iertutil.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 2072576 c:\windows\SysWOW64\iertutil.dll
+ 2012-04-25 20:09 . 2012-02-28 06:35 1197568 c:\windows\system32\wininet.dll
- 2012-02-17 19:39 . 2011-12-16 08:45 1197568 c:\windows\system32\wininet.dll
+ 2012-04-25 20:09 . 2012-02-28 06:35 1501184 c:\windows\system32\urlmon.dll
- 2012-02-17 19:39 . 2011-12-16 08:45 1501184 c:\windows\system32\urlmon.dll
- 2012-02-17 19:39 . 2011-12-16 08:42 1026560 c:\windows\system32\mstime.dll
+ 2012-04-25 20:09 . 2012-02-28 06:33 1026560 c:\windows\system32\mstime.dll
- 2012-02-17 19:39 . 2011-12-16 08:42 9335296 c:\windows\system32\mshtml.dll
+ 2012-04-25 20:09 . 2012-02-28 06:33 9335296 c:\windows\system32\mshtml.dll
+ 2012-04-25 20:09 . 2012-02-28 06:32 2458624 c:\windows\system32\iertutil.dll
- 2012-02-17 19:39 . 2011-12-16 08:40 2458624 c:\windows\system32\iertutil.dll
- 2009-07-14 04:45 . 2012-04-26 06:19 3606945 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-04-27 05:55 3606945 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-09-12 23:21 . 2012-04-27 06:10 4193011 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4216207827-2725350182-3401975650-1000-8192.dat
- 2012-04-25 20:08 . 2012-04-25 20:08 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-25 20:08 . 2012-04-25 20:08 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-26 16:17 . 2012-04-26 16:17 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-04-25 20:07 . 2012-04-25 20:07 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-01-22 14:20 . 2012-01-22 14:20 1707520 c:\windows\Installer\4d447.msp
+ 2012-04-26 16:18 . 2012-04-26 16:18 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02ea3ff3b5908b51da47e1aeb9e75b04\WindowsBase.ni.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 1665536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c02325260bdcecd695a87bbb24547df2\System.Drawing.ni.dll
+ 2012-04-27 05:59 . 2012-04-27 05:59 5955072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\02d0e93137aa36447586529ec398c3b8\System.Workflow.ComponentModel.ni.dll
+ 2012-04-27 05:59 . 2012-04-27 05:59 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\f3c77cdf88dd4be96cba3215b6a2aa91\System.Workflow.Activities.ni.dll
+ 2012-04-27 05:58 . 2012-04-27 05:58 1453568 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\3deb4c579d2fada70f29db210f93e1ff\System.Printing.ni.dll
+ 2012-04-27 05:57 . 2012-04-27 05:57 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\159e60648425189056c3b33fd56480cb\System.Drawing.ni.dll
+ 2012-04-27 05:57 . 2012-04-27 05:57 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\4e3937fb52ab0016ee02c2112dd10cce\System.Deployment.ni.dll
+ 2012-04-27 05:58 . 2012-04-27 05:58 3101696 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\5e82c91b944409725295de1c9397dae4\ReachFramework.ni.dll
+ 2012-04-27 05:58 . 2012-04-27 05:58 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\fdc1674689f1e385c65b8d0e00675b99\PresentationUI.ni.dll
+ 2012-04-27 06:10 . 2012-04-27 06:10 1516032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\7b6fd54375c044a435cf2935bc1c6d10\Microsoft.MediaCenter.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\61f7ccacec964069817d52f8216a678a\System.Workflow.ComponentModel.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b3de663a40ef712ccdc954e2486e281f\System.Workflow.Activities.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\cc75c875bd176329e5d982665379cc28\System.Printing.ni.dll
+ 2012-04-27 05:55 . 2012-04-27 05:55 1590784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
+ 2012-04-27 05:55 . 2012-04-27 05:55 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\2a66351025fa360231d46f9e2fe4bca4\System.Deployment.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 2147328 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\486a0c233b3aa834e8cca53ed355bf1c\ReachFramework.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\5a687af115662022c0b0ec29e419578c\PresentationUI.ni.dll
+ 2012-04-25 20:09 . 2012-02-28 05:37 10991104 c:\windows\SysWOW64\ieframe.dll
- 2012-02-17 19:39 . 2011-12-16 07:58 10991104 c:\windows\SysWOW64\ieframe.dll
- 2009-07-14 02:34 . 2012-04-26 06:41 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-04-27 06:10 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-04-25 20:09 . 2012-02-28 06:32 12372480 c:\windows\system32\ieframe.dll
- 2012-02-17 19:39 . 2011-12-16 08:40 12372480 c:\windows\system32\ieframe.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 13197312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0b36565a61f83137806e71b287d81042\System.Windows.Forms.ni.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7786f3e95a399a8b6691170ae2fe0e1c\PresentationFramework.ni.dll
+ 2012-04-26 16:18 . 2012-04-26 16:18 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\239eba799555dbe10760ee80c8c8df7c\PresentationCore.ni.dll
+ 2012-04-27 05:58 . 2012-04-27 05:58 17379328 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\1dbbc192e54135e0fc00ce666dccb45b\System.Windows.Forms.ni.dll
+ 2012-04-27 05:59 . 2012-04-27 05:59 15252992 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\ea1659dff27bf2f7f1d7d3866f701cf3\System.Web.ni.dll
+ 2012-04-27 05:59 . 2012-04-27 05:59 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\5b36bad9000fd97edb328c549dc0b867\System.Design.ni.dll
+ 2012-04-27 05:58 . 2012-04-27 05:58 19169792 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4d99f0619bdb56026ccee498646a2a35\PresentationFramework.ni.dll
+ 2012-04-27 05:57 . 2012-04-27 05:57 16513024 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\70f4960078e7f0bae24004a67498cc69\PresentationCore.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 12431360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 11824128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 10578432 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\32e388bb0eca49c66e437b2fdf164a51\System.Design.ni.dll
+ 2012-04-27 05:56 . 2012-04-27 05:56 14322688 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll
+ 2012-04-27 05:55 . 2012-04-27 05:55 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-06-29 400760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HostManager"="c:\program files (x86)\Common Files\AOL\1293596288\ee\AOLSoftware.exe" [2010-03-08 41800]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-19 54576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aol.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
FF - ProfilePath - c:\users\Jared\AppData\Roaming\Mozilla\Firefox\Profiles\f7xp46ub.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4216207827-2725350182-3401975650-1000\Software\SecuROM\License information*]
"datasecu"=hex:56,cf,a4,4b,4c,f8,c2,88,ad,ce,ce,e6,d1,60,31,cf,2c,75,27,72,e6,
5e,72,5c,18,dc,16,4a,81,33,33,1a,ee,a3,0f,15,e4,c2,64,ba,75,0a,c4,e3,5c,56,\
"rkeysecu"=hex:79,08,04,88,46,1b,a1,70,8f,79,1a,8c,e4,c5,96,3a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
.
**************************************************************************
.
Completion time: 2012-04-27 02:15:33 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-27 06:15
ComboFix2.txt 2012-04-26 06:47
.
Pre-Run: 8,277,975,040 bytes free
Post-Run: 8,343,076,864 bytes free
.
- - End Of File - - E8CFAB2165BA5C1C23F310A0D9991828


Pages load at normal speed again, and no redirects, much better

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 27 April 2012 - 02:19 AM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 27 April 2012 - 08:58 AM

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.0
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Software Update
BitTorrent
BufferChm
C4700
Coupon Printer for Windows
Destinations
DeviceDiscovery
Download Updater (AOL LLC)
EasyBCD 2.0
GPBaseService2
HP Photo Creations
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
MarketResearch
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft PhotoDraw 2000 V2
Microsoft VC9 runtime libraries
Mozilla Firefox 10.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PS_AIO_06_C4700_SW_Min
QuickTime
QuickTransfer

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 27 April 2012 - 12:18 PM

Hello


Is that the whole report - it looks like it was cut in half


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 27 April 2012 - 12:37 PM

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.0
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Software Update
BitTorrent
BufferChm
C4700
Coupon Printer for Windows
Destinations
DeviceDiscovery
Download Updater (AOL LLC)
EasyBCD 2.0
GPBaseService2
HP Photo Creations
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
MarketResearch
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft PhotoDraw 2000 V2
Microsoft VC9 runtime libraries
Mozilla Firefox 10.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PS_AIO_06_C4700_SW_Min
QuickTime
QuickTransfer
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Viewpoint Media Player
WebReg


Sorry about that

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 27 April 2012 - 01:01 PM

Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld


These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a job

Programs to remove

Adobe Reader 9.4.0
BitTorrent
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]
Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.


: Malwarebytes' Anti-Malware :

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 bigj123454321

bigj123454321
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 28 April 2012 - 03:04 PM

I left my computer at work so I won't be replying until tomorrow.

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:17 PM

Posted 28 April 2012 - 06:21 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users