Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with TDSS possibly


  • This topic is locked This topic is locked
21 replies to this topic

#1 Oleuanna

Oleuanna

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 24 May 2012 - 06:59 AM

Unable to click on tabs at times. Sudden disappearance of removal programs. Freezing. I notice that websites I go into all of a sudden turn up as adverts on other websites I go into. I have Windows 7 64. logs attached. Thank you.

Attached Files



BC AdBot (Login to Remove)

 


#2 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 26 May 2012 - 05:35 AM

Hi Oleuanna,

I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.
Regards,
M-K-D-B

#3 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 26 May 2012 - 11:17 AM

No problem chat soon :)

#4 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 26 May 2012 - 12:47 PM

Hi Oleuanna,


:welcome: to BleepingComputer.

My name is M-K-D-B and I'll help you with the cleanup of your computer.

Please be aware of the following:
  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you were doing and describe the problems you encountered as precisely as you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If you haven't answered within 3 days, I am assuming that you don't need help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all malware. Formatting is usually faster and always the safest way.
  • If you decide to clean your PC, work with us until a team member tells you that you are clean.
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.





Step 1
I would like you to answer the following questions as exactly as you can:
  • Which program(s) have you already run that detected the malware as TDSS?
  • Have you already run TDSS Killer and/or ComboFix? If so, I would like you to post the logfiles as well for further review. Thank you!





Step 2
Online Gaming Warning!

Online gaming sites are a security risk which can make your computer susceptible to a large number of malware infections, remote attacks, exposure of personal information, and identity theft. They can lead to other sites containing malware which you can inadvertently download without knowledge. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Gaming sites can put you at risk to fraud, phishing and theft of personal data. Even if the gaming site is a clean site, there is always the potential of some type of malware making its way there and then onto your system. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. In those cases, recovery is not possible and the only option is to reformat/reinstall the OS.

More specifically, I noticed you had WildTangent on your computer.
WildTangent Program Warning

Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including:
  • Operating System Version
  • CPU Type and Speed
  • Memory Amount
  • Video Card type and Driver Version
  • Sound Card type and Driver Version
  • DirectX Version
  • Location that the Web Driver was installed from
For that reason I would suggest you uninstalled it via add/remove.

Reboot after the uninstallation.<- Important.





Step 3
I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either AVG Internet Security 2012 or ZoneAlarm.





Step 4
Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.





Step 5
Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.




Step 6
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Skip is selected, then click Continue > Close to close the tool.
    Note: We don't want to fix anything here, but just get an overview of your computer!
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.07.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.





What you should post with your next answer:
  • an answer to my questions,
  • the logfile from DeFogger,
  • the logfile from aswMBR,
  • the logfile from TDSS Killer.

Regards,
M-K-D-B

#5 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 26 May 2012 - 03:31 PM

Answer 1a I ran TDSS and it found infections
b I did run TDSS and Combofix but I removed the logs and they were subsequently deleted

2 Wild Tangent seems to be connected with the HP games but have removed it nontheless

3 I have removed AVG

4 Defogger done

5 aswMBR pasted but continually gets stuck so I printed out where it stops anyway

6 TDSS pasted




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-26 21:05:03
-----------------------------
21:05:03.220 OS Version: Windows x64 6.1.7601 Service Pack 1
21:05:03.220 Number of processors: 4 586 0x2505
21:05:03.221 ComputerName: OLEUANNA-HP UserName: Oleuanna
21:05:07.880 Initialize success
21:05:17.182 AVAST engine defs: 12052601
21:05:20.438 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:05:20.441 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
21:05:20.460 Disk 0 MBR read successfully
21:05:20.463 Disk 0 MBR scan
21:05:20.519 Disk 0 Windows 7 default MBR code
21:05:20.534 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
21:05:20.554 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 701155 MB offset 409600
21:05:20.599 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13946 MB offset 1436375040
21:05:20.625 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 102 MB offset 1464936448
21:05:20.701 Disk 0 scanning C:\Windows\system32\drivers
21:05:41.041 Service scanning
21:06:32.607 Modules scanning
21:06:32.619 Disk 0 trace - called modules:
21:06:33.277 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:06:33.286 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80052b0060]
21:06:33.295 3 CLASSPNP.SYS[fffff88001e1743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ff2050]
21:06:35.266 AVAST engine scan C:\Windows
21:06:39.690 AVAST engine scan C:\Windows\system32
21:13:12.660 AVAST engine scan C:\Windows\system32\drivers
21:13:33.328 AVAST engine scan C:\Users\Oleuanna
21:26:48.370 Disk 0 MBR has been saved successfully to "C:\Users\Oleuanna\Desktop\MBR.dat"
21:26:48.389 The log file has been saved successfully to "C:\Users\Oleuanna\Desktop\aswMBR.txt"





20:44:44.0415 1944 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
20:44:44.0992 1944 ============================================================
20:44:44.0992 1944 Current date / time: 2012/05/26 20:44:44.0992
20:44:44.0992 1944 SystemInfo:
20:44:44.0992 1944
20:44:44.0992 1944 OS Version: 6.1.7601 ServicePack: 1.0
20:44:44.0992 1944 Product type: Workstation
20:44:44.0992 1944 ComputerName: OLEUANNA-HP
20:44:44.0992 1944 UserName: Oleuanna
20:44:44.0992 1944 Windows directory: C:\Windows
20:44:44.0992 1944 System windows directory: C:\Windows
20:44:44.0992 1944 Running under WOW64
20:44:44.0992 1944 Processor architecture: Intel x64
20:44:44.0992 1944 Number of processors: 4
20:44:44.0992 1944 Page size: 0x1000
20:44:44.0992 1944 Boot type: Safe boot with network
20:44:44.0992 1944 ============================================================
20:44:45.0523 1944 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:44:45.0523 1944 ============================================================
20:44:45.0523 1944 \Device\Harddisk0\DR0:
20:44:45.0523 1944 MBR partitions:
20:44:45.0523 1944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:44:45.0523 1944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55971800
20:44:45.0523 1944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x559D5800, BlocksNum 0x1B3D000
20:44:45.0523 1944 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
20:44:45.0523 1944 ============================================================
20:44:45.0632 1944 C: <-> \Device\Harddisk0\DR0\Partition1
20:44:45.0772 1944 D: <-> \Device\Harddisk0\DR0\Partition2
20:44:45.0772 1944 ============================================================
20:44:45.0772 1944 Initialize success
20:44:45.0772 1944 ============================================================
20:44:53.0838 2020 ============================================================
20:44:53.0838 2020 Scan started
20:44:53.0838 2020 Mode: Manual; SigCheck; TDLFS;
20:44:53.0838 2020 ============================================================
20:44:54.0540 2020 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:44:54.0680 2020 !SASCORE - ok
20:44:54.0930 2020 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:44:55.0039 2020 1394ohci - ok
20:44:55.0148 2020 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:44:55.0164 2020 ACPI - ok
20:44:55.0273 2020 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:44:55.0413 2020 AcpiPmi - ok
20:44:55.0569 2020 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:44:55.0585 2020 AdobeARMservice - ok
20:44:55.0741 2020 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:44:55.0756 2020 adp94xx - ok
20:44:55.0834 2020 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:44:55.0850 2020 adpahci - ok
20:44:55.0959 2020 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:44:55.0975 2020 adpu320 - ok
20:44:55.0990 2020 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:44:56.0380 2020 AeLookupSvc - ok
20:44:56.0490 2020 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:44:56.0599 2020 AFD - ok
20:44:56.0692 2020 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:44:56.0692 2020 agp440 - ok
20:44:56.0755 2020 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:44:56.0880 2020 ALG - ok
20:44:56.0958 2020 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:44:56.0973 2020 aliide - ok
20:44:56.0989 2020 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:44:57.0004 2020 amdide - ok
20:44:57.0082 2020 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:44:57.0129 2020 AmdK8 - ok
20:44:57.0160 2020 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:44:57.0192 2020 AmdPPM - ok
20:44:57.0254 2020 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:44:57.0270 2020 amdsata - ok
20:44:57.0316 2020 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:44:57.0332 2020 amdsbs - ok
20:44:57.0363 2020 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:44:57.0379 2020 amdxata - ok
20:44:57.0441 2020 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:44:57.0925 2020 AppID - ok
20:44:57.0940 2020 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:44:58.0034 2020 AppIDSvc - ok
20:44:58.0128 2020 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:44:58.0190 2020 Appinfo - ok
20:44:58.0315 2020 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:44:58.0330 2020 arc - ok
20:44:58.0362 2020 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:44:58.0362 2020 arcsas - ok
20:44:58.0471 2020 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:58.0533 2020 AsyncMac - ok
20:44:58.0627 2020 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:44:58.0627 2020 atapi - ok
20:44:58.0736 2020 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:58.0798 2020 AudioEndpointBuilder - ok
20:44:58.0798 2020 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:58.0845 2020 AudioSrv - ok
20:44:58.0923 2020 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:44:59.0064 2020 AxInstSV - ok
20:44:59.0173 2020 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:44:59.0251 2020 b06bdrv - ok
20:44:59.0329 2020 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:44:59.0422 2020 b57nd60a - ok
20:44:59.0594 2020 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:44:59.0656 2020 BCM43XX - ok
20:44:59.0734 2020 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:44:59.0797 2020 BDESVC - ok
20:44:59.0984 2020 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:45:00.0062 2020 Beep - ok
20:45:00.0156 2020 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:45:00.0218 2020 BFE - ok
20:45:00.0296 2020 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
20:45:00.0358 2020 BITS - ok
20:45:00.0483 2020 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
20:45:00.0530 2020 blbdrive - ok
20:45:00.0608 2020 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:45:00.0717 2020 bowser - ok
20:45:00.0811 2020 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:45:00.0904 2020 BrFiltLo - ok
20:45:00.0951 2020 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:45:00.0967 2020 BrFiltUp - ok
20:45:01.0216 2020 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
20:45:01.0310 2020 BridgeMP - ok
20:45:01.0357 2020 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:45:01.0435 2020 Browser - ok
20:45:01.0497 2020 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:45:01.0591 2020 Brserid - ok
20:45:01.0731 2020 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:45:01.0794 2020 BrSerWdm - ok
20:45:01.0903 2020 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:45:01.0950 2020 BrUsbMdm - ok
20:45:01.0996 2020 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:45:02.0090 2020 BrUsbSer - ok
20:45:02.0168 2020 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:45:02.0230 2020 BTHMODEM - ok
20:45:02.0324 2020 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:45:02.0386 2020 bthserv - ok
20:45:02.0418 2020 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:45:02.0464 2020 cdfs - ok
20:45:02.0589 2020 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:45:02.0636 2020 cdrom - ok
20:45:02.0745 2020 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:45:02.0839 2020 CertPropSvc - ok
20:45:02.0948 2020 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:45:02.0995 2020 circlass - ok
20:45:03.0042 2020 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:45:03.0057 2020 CLFS - ok
20:45:03.0135 2020 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:45:03.0135 2020 clr_optimization_v2.0.50727_32 - ok
20:45:03.0229 2020 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:45:03.0244 2020 clr_optimization_v2.0.50727_64 - ok
20:45:03.0416 2020 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:45:03.0416 2020 clr_optimization_v4.0.30319_32 - ok
20:45:03.0463 2020 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:45:03.0463 2020 clr_optimization_v4.0.30319_64 - ok
20:45:03.0556 2020 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
20:45:03.0853 2020 clwvd - ok
20:45:03.0915 2020 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:45:03.0962 2020 CmBatt - ok
20:45:04.0024 2020 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:45:04.0040 2020 cmdide - ok
20:45:04.0118 2020 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:45:04.0165 2020 CNG - ok
20:45:04.0274 2020 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:45:04.0290 2020 Compbatt - ok
20:45:04.0352 2020 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:45:04.0414 2020 CompositeBus - ok
20:45:04.0446 2020 COMSysApp - ok
20:45:04.0492 2020 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:45:04.0492 2020 crcdisk - ok
20:45:04.0586 2020 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:45:04.0664 2020 CryptSvc - ok
20:45:04.0758 2020 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:45:04.0851 2020 DcomLaunch - ok
20:45:04.0898 2020 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:45:04.0992 2020 defragsvc - ok
20:45:05.0054 2020 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:45:05.0132 2020 DfsC - ok
20:45:05.0226 2020 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:45:05.0319 2020 Dhcp - ok
20:45:05.0350 2020 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:45:05.0413 2020 discache - ok
20:45:05.0491 2020 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:45:05.0506 2020 Disk - ok
20:45:05.0569 2020 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:45:05.0631 2020 Dnscache - ok
20:45:05.0694 2020 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:45:05.0756 2020 dot3svc - ok
20:45:05.0803 2020 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:45:05.0896 2020 DPS - ok
20:45:05.0974 2020 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:45:06.0006 2020 drmkaud - ok
20:45:06.0130 2020 dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:45:06.0130 2020 dtsoftbus01 - ok
20:45:06.0208 2020 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:45:06.0240 2020 DXGKrnl - ok
20:45:06.0302 2020 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:45:06.0380 2020 EapHost - ok
20:45:06.0536 2020 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:45:06.0598 2020 ebdrv - ok
20:45:06.0723 2020 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:45:06.0801 2020 EFS - ok
20:45:06.0973 2020 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:45:07.0066 2020 ehRecvr - ok
20:45:07.0144 2020 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:45:07.0160 2020 ehSched - ok
20:45:07.0269 2020 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:45:07.0285 2020 elxstor - ok
20:45:07.0316 2020 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:45:07.0363 2020 ErrDev - ok
20:45:07.0519 2020 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:45:07.0612 2020 EventSystem - ok
20:45:07.0644 2020 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:45:07.0675 2020 exfat - ok
20:45:07.0831 2020 ezSharedSvc - ok
20:45:07.0862 2020 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:45:07.0971 2020 fastfat - ok
20:45:08.0080 2020 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:45:08.0174 2020 Fax - ok
20:45:08.0252 2020 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:45:08.0330 2020 fdc - ok
20:45:08.0424 2020 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:45:08.0486 2020 fdPHost - ok
20:45:08.0533 2020 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:45:08.0564 2020 FDResPub - ok
20:45:08.0626 2020 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:45:08.0626 2020 FileInfo - ok
20:45:08.0642 2020 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:45:08.0720 2020 Filetrace - ok
20:45:08.0938 2020 FileZilla Server (7e76eed28b8b8696b7f7ed5f757aa304) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
20:45:09.0048 2020 FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
20:45:09.0048 2020 FileZilla Server - detected UnsignedFile.Multi.Generic (1)
20:45:09.0282 2020 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:45:09.0313 2020 FLEXnet Licensing Service - ok
20:45:09.0500 2020 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:45:09.0516 2020 flpydisk - ok
20:45:09.0609 2020 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:45:09.0625 2020 FltMgr - ok
20:45:09.0703 2020 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:45:09.0781 2020 FontCache - ok
20:45:09.0828 2020 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:45:09.0843 2020 FontCache3.0.0.0 - ok
20:45:09.0937 2020 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:45:09.0952 2020 FsDepends - ok
20:45:09.0999 2020 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:45:10.0015 2020 Fs_Rec - ok
20:45:10.0186 2020 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:45:10.0202 2020 fvevol - ok
20:45:10.0296 2020 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:45:10.0296 2020 gagp30kx - ok
20:45:10.0452 2020 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:45:10.0530 2020 gpsvc - ok
20:45:10.0576 2020 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:45:10.0639 2020 hcw85cir - ok
20:45:10.0732 2020 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:45:10.0779 2020 HdAudAddService - ok
20:45:10.0842 2020 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:45:10.0873 2020 HDAudBus - ok
20:45:10.0951 2020 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:45:10.0951 2020 HECIx64 - ok
20:45:11.0013 2020 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:45:11.0076 2020 HidBatt - ok
20:45:11.0169 2020 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:45:11.0185 2020 HidBth - ok
20:45:11.0232 2020 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:45:11.0247 2020 HidIr - ok
20:45:11.0278 2020 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
20:45:11.0356 2020 hidserv - ok
20:45:11.0434 2020 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:45:11.0434 2020 HidUsb - ok
20:45:11.0481 2020 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:45:11.0575 2020 hkmsvc - ok
20:45:11.0653 2020 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:45:11.0824 2020 HomeGroupListener - ok
20:45:11.0934 2020 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:45:11.0965 2020 HomeGroupProvider - ok
20:45:12.0168 2020 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:45:12.0183 2020 HP Support Assistant Service - ok
20:45:12.0339 2020 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:45:12.0339 2020 HPClientSvc - ok
20:45:12.0495 2020 hpCMSrv (8f123d1fa65adecea0244c615ea95dfa) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
20:45:12.0526 2020 hpCMSrv - ok
20:45:12.0620 2020 HPDrvMntSvc.exe (d17f9e527f01770bd04a9223bc40ec22) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:45:12.0636 2020 HPDrvMntSvc.exe - ok
20:45:12.0698 2020 hpqwmiex (0955c23c041451fb4e7099d6b2cf1c06) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:45:12.0714 2020 hpqwmiex - ok
20:45:12.0916 2020 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:45:12.0916 2020 HpSAMD - ok
20:45:13.0119 2020 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:45:13.0119 2020 HPWMISVC - ok
20:45:13.0275 2020 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:45:13.0338 2020 HTTP - ok
20:45:13.0400 2020 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:45:13.0400 2020 hwpolicy - ok
20:45:13.0494 2020 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:45:13.0509 2020 i8042prt - ok
20:45:13.0587 2020 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
20:45:13.0603 2020 iaStor - ok
20:45:13.0821 2020 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:45:13.0821 2020 IAStorDataMgrSvc - ok
20:45:13.0977 2020 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:45:13.0993 2020 iaStorV - ok
20:45:14.0289 2020 IconMan_R (d22d82d74fd1b6c77e7556dbdc3ea9d2) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:45:14.0383 2020 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
20:45:14.0383 2020 IconMan_R - detected UnsignedFile.Multi.Generic (1)
20:45:14.0617 2020 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:45:14.0664 2020 idsvc - ok
20:45:15.0802 2020 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:45:16.0239 2020 igfx - ok
20:45:16.0473 2020 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:45:16.0489 2020 iirsp - ok
20:45:16.0582 2020 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:45:16.0645 2020 IKEEXT - ok
20:45:16.0832 2020 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
20:45:16.0894 2020 Impcd - ok
20:45:17.0066 2020 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:45:17.0082 2020 IntcDAud - ok
20:45:17.0113 2020 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:45:17.0113 2020 intelide - ok
20:45:17.0206 2020 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:45:17.0253 2020 intelppm - ok
20:45:17.0316 2020 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:45:17.0425 2020 IPBusEnum - ok
20:45:17.0472 2020 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:45:17.0503 2020 IpFilterDriver - ok
20:45:17.0581 2020 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:45:17.0643 2020 iphlpsvc - ok
20:45:17.0706 2020 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:45:17.0737 2020 IPMIDRV - ok
20:45:17.0799 2020 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:45:17.0862 2020 IPNAT - ok
20:45:17.0940 2020 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:45:17.0955 2020 IRENUM - ok
20:45:17.0986 2020 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:45:18.0002 2020 isapnp - ok
20:45:18.0049 2020 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:45:18.0049 2020 iScsiPrt - ok
20:45:18.0236 2020 ISWKL (1152f8beb568f2f72f1c5c32a1f4e529) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
20:45:18.0236 2020 ISWKL - ok
20:45:18.0517 2020 IswSvc (ef46ef3a790c42bba9b5afa2586448db) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
20:45:18.0626 2020 IswSvc - ok
20:45:18.0735 2020 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:45:18.0735 2020 kbdclass - ok
20:45:18.0829 2020 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:45:18.0907 2020 kbdhid - ok
20:45:18.0969 2020 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:45:18.0985 2020 KeyIso - ok
20:45:19.0172 2020 KL1 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
20:45:19.0188 2020 KL1 - ok
20:45:19.0344 2020 kl2 (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
20:45:19.0344 2020 kl2 - ok
20:45:19.0422 2020 KLIF (055790d38d7ec73aef03e4aa7f67ba03) C:\Windows\system32\DRIVERS\klif.sys
20:45:19.0437 2020 KLIF - ok
20:45:19.0468 2020 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:45:19.0468 2020 KSecDD - ok
20:45:19.0500 2020 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:45:19.0515 2020 KSecPkg - ok
20:45:19.0593 2020 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:45:19.0702 2020 ksthunk - ok
20:45:19.0734 2020 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:45:19.0796 2020 KtmRm - ok
20:45:19.0874 2020 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
20:45:19.0936 2020 LanmanServer - ok
20:45:20.0030 2020 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:45:20.0092 2020 LanmanWorkstation - ok
20:45:20.0155 2020 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:45:20.0202 2020 lltdio - ok
20:45:20.0326 2020 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:45:20.0404 2020 lltdsvc - ok
20:45:20.0420 2020 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:45:20.0467 2020 lmhosts - ok
20:45:20.0701 2020 LMS (0405f4bcd1c7a7b309f620fe0b5de5e6) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:45:20.0701 2020 LMS - ok
20:45:20.0763 2020 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:45:20.0779 2020 LSI_FC - ok
20:45:20.0826 2020 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:45:20.0826 2020 LSI_SAS - ok
20:45:20.0872 2020 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:45:20.0888 2020 LSI_SAS2 - ok
20:45:20.0950 2020 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:45:20.0966 2020 LSI_SCSI - ok
20:45:21.0028 2020 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:45:21.0091 2020 luafv - ok
20:45:21.0169 2020 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:45:21.0169 2020 MBAMProtector - ok
20:45:21.0294 2020 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:45:21.0340 2020 MBAMService - ok
20:45:21.0434 2020 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:45:21.0450 2020 Mcx2Svc - ok
20:45:21.0496 2020 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:45:21.0496 2020 megasas - ok
20:45:21.0559 2020 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:45:21.0574 2020 MegaSR - ok
20:45:21.0715 2020 Microsoft SharePoint Workspace Audit Service - ok
20:45:21.0824 2020 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:45:21.0886 2020 MMCSS - ok
20:45:21.0964 2020 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:45:22.0027 2020 Modem - ok
20:45:22.0105 2020 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:45:22.0152 2020 monitor - ok
20:45:22.0198 2020 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:45:22.0214 2020 mouclass - ok
20:45:22.0276 2020 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
20:45:22.0308 2020 mouhid - ok
20:45:22.0386 2020 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:45:22.0386 2020 mountmgr - ok
20:45:22.0495 2020 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:45:22.0495 2020 mpio - ok
20:45:22.0573 2020 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:45:22.0604 2020 mpsdrv - ok
20:45:22.0744 2020 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:45:22.0885 2020 MpsSvc - ok
20:45:22.0916 2020 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:45:22.0963 2020 MRxDAV - ok
20:45:23.0025 2020 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:45:23.0119 2020 mrxsmb - ok
20:45:23.0181 2020 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:45:23.0197 2020 mrxsmb10 - ok
20:45:23.0228 2020 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:45:23.0228 2020 mrxsmb20 - ok
20:45:23.0290 2020 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:45:23.0306 2020 msahci - ok
20:45:23.0368 2020 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:45:23.0384 2020 msdsm - ok
20:45:23.0446 2020 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:45:23.0478 2020 MSDTC - ok
20:45:23.0509 2020 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:45:23.0540 2020 Msfs - ok
20:45:23.0571 2020 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:45:23.0634 2020 mshidkmdf - ok
20:45:23.0665 2020 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:45:23.0665 2020 msisadrv - ok
20:45:23.0790 2020 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:45:23.0836 2020 MSiSCSI - ok
20:45:23.0836 2020 msiserver - ok
20:45:23.0914 2020 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:45:24.0055 2020 MSKSSRV - ok
20:45:24.0086 2020 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:45:24.0148 2020 MSPCLOCK - ok
20:45:24.0195 2020 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:45:24.0258 2020 MSPQM - ok
20:45:24.0351 2020 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:45:24.0367 2020 MsRPC - ok
20:45:24.0429 2020 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:45:24.0445 2020 mssmbios - ok
20:45:24.0570 2020 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:45:24.0632 2020 MSTEE - ok
20:45:24.0710 2020 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:45:24.0726 2020 MTConfig - ok
20:45:24.0772 2020 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:45:24.0772 2020 Mup - ok
20:45:24.0835 2020 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:45:24.0897 2020 napagent - ok
20:45:25.0038 2020 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:45:25.0084 2020 NativeWifiP - ok
20:45:25.0287 2020 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
20:45:25.0350 2020 NDIS - ok
20:45:25.0412 2020 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:45:25.0474 2020 NdisCap - ok
20:45:25.0537 2020 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:45:25.0584 2020 NdisTapi - ok
20:45:25.0615 2020 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:45:25.0662 2020 Ndisuio - ok
20:45:25.0708 2020 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:45:25.0802 2020 NdisWan - ok
20:45:25.0864 2020 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:45:25.0896 2020 NDProxy - ok
20:45:26.0005 2020 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:45:26.0067 2020 NetBIOS - ok
20:45:26.0145 2020 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:45:26.0192 2020 NetBT - ok
20:45:26.0223 2020 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:45:26.0223 2020 Netlogon - ok
20:45:26.0332 2020 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:45:26.0379 2020 Netman - ok
20:45:26.0442 2020 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:45:26.0520 2020 netprofm - ok
20:45:26.0660 2020 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys
20:45:26.0800 2020 netr28x - ok
20:45:27.0097 2020 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:45:27.0112 2020 NetTcpPortSharing - ok
20:45:27.0284 2020 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:45:27.0300 2020 nfrd960 - ok
20:45:27.0393 2020 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:45:27.0456 2020 NlaSvc - ok
20:45:27.0502 2020 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:45:27.0534 2020 Npfs - ok
20:45:27.0565 2020 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:45:27.0643 2020 nsi - ok
20:45:27.0674 2020 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:45:27.0736 2020 nsiproxy - ok
20:45:27.0877 2020 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:45:27.0924 2020 Ntfs - ok
20:45:28.0095 2020 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:45:28.0126 2020 Null - ok
20:45:28.0189 2020 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
20:45:28.0220 2020 NVENETFD - ok
20:45:28.0298 2020 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:45:28.0314 2020 nvraid - ok
20:45:28.0360 2020 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:45:28.0376 2020 nvstor - ok
20:45:28.0438 2020 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:45:28.0438 2020 nv_agp - ok
20:45:28.0485 2020 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:45:28.0501 2020 ohci1394 - ok
20:45:28.0735 2020 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:45:28.0750 2020 ose - ok
20:45:29.0250 2020 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:45:29.0390 2020 osppsvc - ok
20:45:29.0593 2020 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:45:29.0671 2020 p2pimsvc - ok
20:45:29.0764 2020 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:45:29.0780 2020 p2psvc - ok
20:45:29.0874 2020 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:45:29.0889 2020 Parport - ok
20:45:29.0952 2020 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:45:29.0967 2020 partmgr - ok
20:45:30.0045 2020 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:45:30.0076 2020 PcaSvc - ok
20:45:30.0139 2020 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:45:30.0154 2020 pci - ok
20:45:30.0217 2020 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:45:30.0232 2020 pciide - ok
20:45:30.0248 2020 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:45:30.0264 2020 pcmcia - ok
20:45:30.0357 2020 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:45:30.0357 2020 pcw - ok
20:45:30.0420 2020 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:45:30.0498 2020 PEAUTH - ok
20:45:30.0669 2020 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:45:30.0872 2020 PerfHost - ok
20:45:31.0012 2020 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:45:31.0090 2020 pla - ok
20:45:31.0215 2020 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:45:31.0278 2020 PlugPlay - ok
20:45:31.0309 2020 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:45:31.0340 2020 PNRPAutoReg - ok
20:45:31.0402 2020 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:45:31.0418 2020 PNRPsvc - ok
20:45:31.0480 2020 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:45:31.0574 2020 PolicyAgent - ok
20:45:31.0621 2020 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:45:31.0668 2020 Power - ok
20:45:31.0808 2020 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:45:31.0870 2020 PptpMiniport - ok
20:45:31.0933 2020 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:45:31.0964 2020 Processor - ok
20:45:32.0042 2020 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:45:32.0104 2020 ProfSvc - ok
20:45:32.0120 2020 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:45:32.0136 2020 ProtectedStorage - ok
20:45:32.0229 2020 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:45:32.0276 2020 Psched - ok
20:45:32.0463 2020 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:45:32.0494 2020 ql2300 - ok
20:45:32.0666 2020 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:45:32.0666 2020 ql40xx - ok
20:45:32.0744 2020 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:45:32.0760 2020 QWAVE - ok
20:45:32.0838 2020 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:45:32.0869 2020 QWAVEdrv - ok
20:45:32.0900 2020 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:45:32.0978 2020 RasAcd - ok
20:45:33.0040 2020 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:45:33.0087 2020 RasAgileVpn - ok
20:45:33.0165 2020 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:45:33.0243 2020 RasAuto - ok
20:45:33.0321 2020 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:45:33.0384 2020 Rasl2tp - ok
20:45:33.0446 2020 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:45:33.0477 2020 RasMan - ok
20:45:33.0555 2020 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:45:33.0696 2020 RasPppoe - ok
20:45:33.0774 2020 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:45:33.0836 2020 RasSstp - ok
20:45:33.0867 2020 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:45:33.0930 2020 rdbss - ok
20:45:33.0961 2020 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:45:34.0023 2020 rdpbus - ok
20:45:34.0039 2020 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:45:34.0086 2020 RDPCDD - ok
20:45:34.0101 2020 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:45:34.0164 2020 RDPENCDD - ok
20:45:34.0210 2020 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:45:34.0242 2020 RDPREFMP - ok
20:45:34.0351 2020 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:45:34.0429 2020 RDPWD - ok
20:45:34.0585 2020 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:45:34.0632 2020 rdyboost - ok
20:45:34.0678 2020 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:45:34.0725 2020 RemoteAccess - ok
20:45:34.0772 2020 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:45:34.0834 2020 RemoteRegistry - ok
20:45:34.0912 2020 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:45:34.0975 2020 RpcEptMapper - ok
20:45:35.0053 2020 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:45:35.0068 2020 RpcLocator - ok
20:45:35.0162 2020 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
20:45:35.0193 2020 RpcSs - ok
20:45:35.0287 2020 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
20:45:35.0302 2020 RSPCIESTOR - ok
20:45:35.0365 2020 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:45:35.0396 2020 rspndr - ok
20:45:35.0521 2020 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:45:35.0536 2020 RTL8167 - ok
20:45:35.0568 2020 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:45:35.0583 2020 SamSs - ok
20:45:35.0692 2020 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:45:35.0708 2020 SASDIFSV - ok
20:45:35.0786 2020 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:45:35.0786 2020 SASKUTIL - ok
20:45:35.0880 2020 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:45:35.0895 2020 sbp2port - ok
20:45:35.0973 2020 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:45:36.0020 2020 SCardSvr - ok
20:45:36.0036 2020 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:45:36.0114 2020 scfilter - ok
20:45:36.0192 2020 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:45:36.0254 2020 Schedule - ok
20:45:36.0301 2020 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:45:36.0348 2020 SCPolicySvc - ok
20:45:36.0457 2020 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
20:45:36.0488 2020 sdbus - ok
20:45:36.0550 2020 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:45:36.0613 2020 SDRSVC - ok
20:45:36.0644 2020 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:45:36.0706 2020 secdrv - ok
20:45:36.0738 2020 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:45:36.0784 2020 seclogon - ok
20:45:36.0847 2020 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
20:45:36.0909 2020 SENS - ok
20:45:37.0003 2020 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:45:37.0050 2020 SensrSvc - ok
20:45:37.0190 2020 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:45:37.0252 2020 Serenum - ok
20:45:37.0424 2020 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:45:37.0455 2020 Serial - ok
20:45:37.0486 2020 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:45:37.0533 2020 sermouse - ok
20:45:37.0642 2020 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:45:37.0705 2020 SessionEnv - ok
20:45:37.0736 2020 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:45:37.0736 2020 sffdisk - ok
20:45:37.0767 2020 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:45:37.0798 2020 sffp_mmc - ok
20:45:37.0861 2020 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:45:37.0923 2020 sffp_sd - ok
20:45:37.0970 2020 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:45:38.0001 2020 sfloppy - ok
20:45:38.0032 2020 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:45:38.0079 2020 SharedAccess - ok
20:45:38.0142 2020 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:45:38.0204 2020 ShellHWDetection - ok
20:45:38.0266 2020 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:45:38.0282 2020 SiSRaid2 - ok
20:45:38.0360 2020 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:45:38.0360 2020 SiSRaid4 - ok
20:45:38.0469 2020 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:45:38.0563 2020 Smb - ok
20:45:38.0578 2020 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:45:38.0610 2020 SNMPTRAP - ok
20:45:38.0672 2020 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:45:38.0672 2020 spldr - ok
20:45:38.0859 2020 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:45:38.0906 2020 Spooler - ok
20:45:39.0156 2020 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:45:39.0343 2020 sppsvc - ok
20:45:39.0468 2020 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:45:39.0499 2020 sppuinotify - ok
20:45:39.0639 2020 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:45:39.0702 2020 srv - ok
20:45:39.0780 2020 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:45:39.0858 2020 srv2 - ok
20:45:39.0967 2020 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:45:39.0982 2020 SrvHsfHDA - ok
20:45:40.0123 2020 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:45:40.0263 2020 SrvHsfV92 - ok
20:45:40.0482 2020 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:45:40.0497 2020 SrvHsfWinac - ok
20:45:40.0575 2020 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:45:40.0575 2020 srvnet - ok
20:45:40.0700 2020 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:45:40.0794 2020 SSDPSRV - ok
20:45:40.0825 2020 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:45:40.0856 2020 SstpSvc - ok
20:45:40.0981 2020 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
20:45:41.0090 2020 STacSV - ok
20:45:41.0152 2020 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:45:41.0152 2020 stexstor - ok
20:45:41.0293 2020 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
20:45:41.0308 2020 STHDA - ok
20:45:41.0402 2020 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:45:41.0433 2020 stisvc - ok
20:45:41.0511 2020 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:45:41.0511 2020 swenum - ok
20:45:41.0574 2020 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:45:41.0652 2020 swprv - ok
20:45:41.0730 2020 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
20:45:41.0730 2020 SynTP - ok
20:45:41.0901 2020 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:45:41.0979 2020 SysMain - ok
20:45:42.0151 2020 SystemExplorerHelpService (53e7ab72790294a27f06f4ef5af2e6ba) C:\Program Files (x86)\System Explorer\SystemExplorerService64.exe
20:45:42.0182 2020 SystemExplorerHelpService - ok
20:45:42.0322 2020 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:45:42.0400 2020 TabletInputService - ok
20:45:42.0432 2020 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:45:42.0541 2020 TapiSrv - ok
20:45:42.0588 2020 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:45:42.0619 2020 TBS - ok
20:45:42.0884 2020 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:45:42.0978 2020 Tcpip - ok
20:45:43.0274 2020 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:45:43.0321 2020 TCPIP6 - ok
20:45:43.0586 2020 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:45:43.0648 2020 tcpipreg - ok
20:45:43.0680 2020 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:45:43.0680 2020 TDPIPE - ok
20:45:43.0742 2020 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:45:43.0773 2020 TDTCP - ok
20:45:43.0804 2020 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:45:43.0836 2020 tdx - ok
20:45:43.0914 2020 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:45:43.0914 2020 TermDD - ok
20:45:43.0992 2020 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:45:44.0085 2020 TermService - ok
20:45:44.0148 2020 TfFsMon (fa5bfb71e561d279edae7e118435c1c9) C:\Windows\system32\drivers\TfFsMon.sys
20:45:44.0148 2020 TfFsMon - ok
20:45:44.0179 2020 TfNetMon (fa8400d74345ec4bf10e476ca0aaa2df) C:\Windows\system32\drivers\TfNetMon.sys
20:45:44.0179 2020 TfNetMon - ok
20:45:44.0257 2020 TfSysMon (f11aa1a704a4c027e5e8e0f355523834) C:\Windows\system32\drivers\TfSysMon.sys
20:45:44.0257 2020 TfSysMon - ok
20:45:44.0304 2020 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:45:44.0319 2020 Themes - ok
20:45:44.0366 2020 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:45:44.0413 2020 THREADORDER - ok
20:45:44.0600 2020 ThreatFire - ok
20:45:44.0662 2020 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:45:44.0740 2020 TrkWks - ok
20:45:44.0850 2020 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:45:44.0943 2020 TrustedInstaller - ok
20:45:44.0990 2020 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:45:45.0084 2020 tssecsrv - ok
20:45:45.0146 2020 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:45:45.0162 2020 TsUsbFlt - ok
20:45:45.0240 2020 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:45:45.0240 2020 TsUsbGD - ok
20:45:45.0349 2020 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:45:45.0396 2020 tunnel - ok
20:45:45.0427 2020 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:45:45.0442 2020 uagp35 - ok
20:45:45.0536 2020 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:45:45.0598 2020 udfs - ok
20:45:45.0645 2020 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:45:45.0661 2020 UI0Detect - ok
20:45:45.0723 2020 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:45:45.0739 2020 uliagpkx - ok
20:45:45.0848 2020 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:45:45.0895 2020 umbus - ok
20:45:46.0004 2020 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:45:46.0082 2020 UmPass - ok
20:45:46.0316 2020 UNS (6f895ca96552069b3d3ef5b4f6e90d3e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:45:46.0378 2020 UNS - ok
20:45:46.0503 2020 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:45:46.0581 2020 upnphost - ok
20:45:46.0690 2020 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:45:46.0753 2020 usbccgp - ok
20:45:46.0893 2020 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:45:46.0909 2020 usbcir - ok
20:45:46.0971 2020 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:45:47.0002 2020 usbehci - ok
20:45:47.0096 2020 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:45:47.0143 2020 usbhub - ok
20:45:47.0190 2020 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:45:47.0236 2020 usbohci - ok
20:45:47.0283 2020 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:45:47.0330 2020 usbprint - ok
20:45:47.0377 2020 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
20:45:47.0455 2020 USBSTOR - ok
20:45:47.0533 2020 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:45:47.0580 2020 usbuhci - ok
20:45:47.0689 2020 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
20:45:47.0704 2020 usbvideo - ok
20:45:47.0767 2020 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:45:47.0845 2020 UxSms - ok
20:45:47.0876 2020 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:45:47.0892 2020 VaultSvc - ok
20:45:48.0001 2020 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
20:45:48.0063 2020 VClone - ok
20:45:48.0157 2020 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:45:48.0172 2020 vdrvroot - ok
20:45:48.0266 2020 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:45:48.0328 2020 vds - ok
20:45:48.0422 2020 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:45:48.0438 2020 vga - ok
20:45:48.0484 2020 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:45:48.0578 2020 VgaSave - ok
20:45:48.0640 2020 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:45:48.0656 2020 vhdmp - ok
20:45:48.0687 2020 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:45:48.0703 2020 viaide - ok
20:45:48.0781 2020 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:45:48.0781 2020 volmgr - ok
20:45:48.0843 2020 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:45:48.0859 2020 volmgrx - ok
20:45:48.0921 2020 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:45:48.0937 2020 volsnap - ok
20:45:49.0030 2020 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
20:45:49.0046 2020 Vsdatant - ok
20:45:49.0233 2020 vsmon - ok
20:45:49.0311 2020 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:45:49.0327 2020 vsmraid - ok
20:45:49.0467 2020 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:45:49.0530 2020 VSS - ok
20:45:49.0717 2020 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:45:49.0764 2020 vwifibus - ok
20:45:49.0873 2020 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:45:49.0920 2020 vwififlt - ok
20:45:49.0982 2020 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:45:50.0013 2020 W32Time - ok
20:45:50.0138 2020 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:45:50.0169 2020 WacomPen - ok
20:45:50.0419 2020 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:45:50.0497 2020 WANARP - ok
20:45:50.0544 2020 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:45:50.0575 2020 Wanarpv6 - ok
20:45:50.0824 2020 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:45:50.0871 2020 WatAdminSvc - ok
20:45:50.0980 2020 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:45:51.0105 2020 wbengine - ok
20:45:51.0308 2020 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:45:51.0324 2020 WbioSrvc - ok
20:45:51.0386 2020 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:45:51.0495 2020 wcncsvc - ok
20:45:51.0542 2020 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:45:51.0558 2020 WcsPlugInService - ok
20:45:51.0620 2020 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:45:51.0636 2020 Wd - ok
20:45:51.0698 2020 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:45:51.0729 2020 Wdf01000 - ok
20:45:51.0760 2020 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:45:51.0932 2020 WdiServiceHost - ok
20:45:51.0932 2020 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:45:51.0963 2020 WdiSystemHost - ok
20:45:52.0010 2020 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:45:52.0057 2020 WebClient - ok
20:45:52.0088 2020 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:45:52.0135 2020 Wecsvc - ok
20:45:52.0166 2020 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:45:52.0213 2020 wercplsupport - ok
20:45:52.0244 2020 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:45:52.0306 2020 WerSvc - ok
20:45:52.0494 2020 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:45:52.0525 2020 WfpLwf - ok
20:45:52.0556 2020 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:45:52.0556 2020 WIMMount - ok
20:45:52.0603 2020 WinDefend - ok
20:45:52.0618 2020 WinHttpAutoProxySvc - ok
20:45:52.0696 2020 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:45:52.0759 2020 Winmgmt - ok
20:45:52.0884 2020 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:45:52.0993 2020 WinRM - ok
20:45:53.0274 2020 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:45:53.0352 2020 Wlansvc - ok
20:45:53.0492 2020 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:45:53.0508 2020 wlcrasvc - ok
20:45:53.0898 2020 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:45:54.0007 2020 wlidsvc - ok
20:45:54.0194 2020 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:45:54.0241 2020 WmiAcpi - ok
20:45:54.0319 2020 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:45:54.0366 2020 wmiApSrv - ok
20:45:54.0459 2020 WMPNetworkSvc - ok
20:45:54.0522 2020 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:45:54.0553 2020 WPCSvc - ok
20:45:54.0584 2020 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:45:54.0646 2020 WPDBusEnum - ok
20:45:54.0724 2020 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:45:54.0756 2020 ws2ifsl - ok
20:45:54.0880 2020 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
20:45:54.0912 2020 wscsvc - ok
20:45:54.0927 2020 WSearch - ok
20:45:55.0130 2020 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:45:55.0255 2020 wuauserv - ok
20:45:55.0489 2020 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:45:55.0551 2020 WudfPf - ok
20:45:55.0629 2020 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:45:55.0738 2020 WUDFRd - ok
20:45:55.0801 2020 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:45:55.0832 2020 wudfsvc - ok
20:45:55.0894 2020 WwanSvc (ce8cf9de9cbfdaa318bd04d8be3fcada) C:\Windows\System32\wwansvc.dll
20:45:55.0926 2020 WwanSvc - ok
20:45:56.0019 2020 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:45:56.0659 2020 \Device\Harddisk0\DR0 - ok
20:45:56.0674 2020 Boot (0x1200) (06ef56b23223d6e7a91e975afa0b71c2) \Device\Harddisk0\DR0\Partition0
20:45:56.0674 2020 \Device\Harddisk0\DR0\Partition0 - ok
20:45:56.0737 2020 Boot (0x1200) (e7295e41c77c932a36879e0793e1c7eb) \Device\Harddisk0\DR0\Partition1
20:45:56.0737 2020 \Device\Harddisk0\DR0\Partition1 - ok
20:45:56.0768 2020 Boot (0x1200) (ea3c68af2d193ee2ce2b80425bc5a637) \Device\Harddisk0\DR0\Partition2
20:45:56.0768 2020 \Device\Harddisk0\DR0\Partition2 - ok
20:45:56.0830 2020 Boot (0x1200) (d3ad097baa7eb9b4b9edf74b2320a3d2) \Device\Harddisk0\DR0\Partition3
20:45:56.0830 2020 \Device\Harddisk0\DR0\Partition3 - ok
20:45:56.0846 2020 ============================================================
20:45:56.0846 2020 Scan finished
20:45:56.0846 2020 ============================================================
20:45:56.0846 1544 Detected object count: 2
20:45:56.0846 1544 Actual detected object count: 2
20:46:06.0596 1544 FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:06.0596 1544 FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:06.0596 1544 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:06.0596 1544 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0571 1720 Deinitialize success

#6 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 28 May 2012 - 02:31 AM

Hi Oleuanna,



First of all, please right click and delete any copies of ComboFix that are still on your computer.
Now please follow these steps:



Step 1
  • Press the "windows key" + "R"
  • Copy and past the following into the box
C:\Qoobox\ComboFix-quarantined-files.txt
  • Click ok
  • Copy and paste the report into this topic for me to review





Step 2
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Please include the C:\ComboFix.txt in your next reply for further review.





Step 3
Please download Listparts64 to your desktop.
Run the tool, click Scan and post the log (Result.txt) it makes.





Step 4
I would like you to answer the following questions as exactly as you can:
  • Did you cure the TDSS infection with TDSS Killer?
  • In your first post you described problems like being unable to click on tabs, disappearance of removal programs and advertising on websites.
    Do you still have all these problems?





What you should post with your next answer:
  • ComboFix-quarantined-files.txt,
  • the logfile from ComboFix,
  • the logfile from ListPars,
  • an answer to my questions.

Regards,
M-K-D-B

#7 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 29 May 2012 - 08:37 AM

1. The command you gave me did not net any results

4. No TDSS did not cure any of the recurring problems.

step 2 & 3 are below

Cheers

ComboFix 12-05-28.05 - Oleuanna 29/05/2012 13:05:39.7.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3894.2415 [GMT 1:00]
Running from: c:\users\Oleuanna\Desktop\ComboFix.exe
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-29 )))))))))))))))))))))))))))))))
.
.
2012-05-29 12:59 . 2012-05-29 12:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-28 20:04 . 2012-05-28 20:04 -------- d-----w- c:\program files (x86)\Alarm Clock
2012-05-24 08:20 . 2012-05-24 08:20 -------- d-----w- c:\windows\maxdrive
2012-05-23 15:22 . 2012-05-23 15:22 -------- d-----w- c:\programdata\Office Genuine Advantage
2012-05-20 16:57 . 2012-05-20 16:57 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2012-05-20 02:05 . 2012-05-20 02:05 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-19 18:31 . 2012-05-20 06:28 -------- d-----w- c:\users\Oleuanna\AppData\Local\Adobe
2012-05-19 16:37 . 2012-05-26 18:20 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-05-19 13:59 . 2012-05-19 14:09 -------- d-----w- c:\users\Oleuanna\config
2012-05-19 13:59 . 2012-05-19 14:05 -------- d-----w- c:\users\Oleuanna\Reg
2012-05-19 13:52 . 2012-05-19 13:52 -------- d-----w- c:\program files (x86)\ESET
2012-05-19 11:20 . 2012-05-24 08:20 45 ----a-w- c:\windows\look.bat
2012-05-18 17:50 . 2012-05-18 17:50 -------- d-----w- c:\users\Oleuanna\AppData\Roaming\SUPERAntiSpyware.com
2012-05-18 17:49 . 2011-02-22 12:57 74824 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
2012-05-18 17:49 . 2011-02-22 12:57 41888 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
2012-05-18 17:49 . 2011-02-22 12:57 65072 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
2012-05-18 17:49 . 2012-05-27 19:56 -------- d-----w- c:\program files (x86)\ThreatFire
2012-05-18 17:49 . 2012-05-18 17:49 -------- d-----w- c:\programdata\PC Tools
2012-05-18 17:48 . 2012-05-18 17:50 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-05-18 17:48 . 2012-05-18 17:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-05-18 17:46 . 2012-05-19 07:23 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2012-05-16 18:24 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-16 18:24 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-16 18:24 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-16 18:24 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-16 18:24 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-16 18:24 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-16 18:23 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-16 18:22 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-16 18:22 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 18:22 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:10 . 2012-05-29 06:31 -------- d-----w- c:\users\Oleuanna\AppData\Roaming\vlc
2012-05-09 01:53 . 2012-05-09 01:57 -------- d-----w- c:\users\Oleuanna\AppData\Roaming\dvdcss
2012-05-09 01:09 . 2012-05-17 02:46 -------- d-----w- c:\program files (x86)\Tweet Adder 3
2012-05-06 12:30 . 2012-05-17 02:46 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2012-05-06 12:29 . 2012-01-09 17:59 11864 ----a-w- c:\windows\system32\drivers\kl2.sys
2012-05-06 12:29 . 2012-01-09 17:59 460888 ----a-w- c:\windows\system32\drivers\kl1.sys
2012-05-06 12:29 . 2012-05-17 02:51 -------- dc----w- c:\windows\system32\DRVSTORE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-17 06:53 . 2012-03-29 10:26 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-17 06:53 . 2011-10-19 19:31 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 14:56 . 2011-10-19 21:58 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-08 17:50 . 2012-03-08 17:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 17:37 . 2012-03-08 17:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-01 06:46 . 2012-04-12 20:05 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-12 20:05 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-12 20:05 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-12 20:05 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-12 20:05 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-12 20:05 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-12 20:05 5120 ----a-w- c:\windows\SysWow64\wmi.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-05-17 4787072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-06-14 103992]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2012-05-03 73360]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"ThreatFire"="c:\program files (x86)\ThreatFire\TFTray.exe" [2011-02-22 378128]
.
c:\users\Oleuanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableLockWorkstation"= 1 (0x1)
"DisableChangePassword"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 SystemExplorerHelpService;System Explorer Help Service;c:\program files (x86)\System Explorer\SystemExplorerService64.exe [2011-09-22 712520]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-05 227384]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-04-30 33672]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-04-30 827520]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 ThreatFire;ThreatFire;c:\program files (x86)\ThreatFire\TFService.exe service [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-07-23 2320920]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725012988-2077640657-2150448371-1000Core.job
- c:\users\Oleuanna\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-17 17:35]
.
2012-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725012988-2077640657-2150448371-1000UA.job
- c:\users\Oleuanna\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-17 17:35]
.
2012-05-04 c:\windows\Tasks\HPCeeScheduleForOleuanna.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Oleuanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Oleuanna\AppData\Roaming\Mozilla\Firefox\Profiles\vv1jfrgg.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bf9c707d8-2bb1-4067-b384-ec6dfaa4234b%7D&mid=fa90c72e2ca747d19f3afd6e9108f579-c7e924d4d4932d4c196775d34fbb46496a0f4512&ds=AVG&v=11.0.0.9&lang=en&pr=pr&d=2012-05-19%2017%3A37%3A25&sap=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100886
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 46ee89bc000000000000ccaf78148f98
FF - user.js: extensions.BabylonToolbar_i.hardId - 46ee89bc000000000000ccaf78148f98
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15323
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.179:40
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN24235331515168-1001&toolbarId=base&affiliateId=1603&Lan={dfltLng}&utid=46ee89bc000000000000ccaf78148f98&q=
FF - user.js: extensions.zonealarm.id - 46ee89bc000000000000ccaf78148f98
FF - user.js: extensions.zonealarm.instlDay - 15466
FF - user.js: extensions.zonealarm.vrsn - 1.5.23.8
FF - user.js: extensions.zonealarm.vrsni - 1.5.23.8
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.23.813:30
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1603
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN24235331515168-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-ISW - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ThreatFire]
"AlternateImagePath"=""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"=hex:51,66,7a,6c,4c,1d,38,12,e4,5d,c9,
95,2a,7d,e2,0a,c9,68,1a,24,db,64,f1,52
"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}"=hex:51,66,7a,6c,4c,1d,38,12,8b,c7,39,
ea,82,fe,a8,0b,f7,bf,ff,e1,a6,74,f5,13
"{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}"=hex:51,66,7a,6c,4c,1d,38,12,4a,94,5d,
df,2a,bb,93,08,e3,6a,3b,f5,24,5d,8e,ad
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,35,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{64182481-4F71-486B-A045-B233BD0DA8FC}"=hex:51,66,7a,6c,4c,1d,38,12,ef,27,0b,
60,43,01,05,0d,df,53,f1,73,b8,53,ec,e8
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}"=hex:51,66,7a,6c,4c,1d,38,12,ac,35,59,
8e,07,4b,42,08,c2,2b,0a,2c,b2,b0,92,f7
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{A876E312-7D08-401A-B7A6-FAFC5DC2F292}"=hex:51,66,7a,6c,4c,1d,38,12,7c,e0,65,
ac,3a,33,74,05,c8,b0,b9,bc,58,9c,b6,86
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D41289F2-69C6-417B-897E-C653D677CBAF}"=hex:51,66,7a,6c,4c,1d,38,12,9c,8a,01,
d0,f4,27,15,04,f6,68,85,13,d3,29,8f,bb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,32,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:da,b2,7f,06,ec,ab,cc,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\FileZilla Server\FileZilla Server.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\ThreatFire\TFService.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2012-05-29 14:20:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-29 13:20
.
Pre-Run: 403,521,019,904 bytes free
Post-Run: 408,281,751,552 bytes free
.
- - End Of File - - E4815695A3306D27B21A27A6753577C8




ListParts by Farbar Version: 12-03-2012 03
Ran by Oleuanna (administrator) on 29-05-2012 at 14:28:44
Windows 7 (X64)
Running From: C:\Users\Oleuanna\Downloads
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 62%
Total physical RAM: 3893.86 MB
Available physical RAM: 1457.98 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 4821.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:684.72 GB) (Free:380.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (RECOVERY) (Fixed) (Total:13.62 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (rael_pilates_27) (CDROM) (Total:3.16 GB) (Free:0 GB) UDF

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 684 GB 200 MB
Partition 3 Primary 13 GB 684 GB
Partition 4 Primary 102 MB 698 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 SYSTEM NTFS Partition 199 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 C NTFS Partition 684 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 D RECOVERY NTFS Partition 13 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 10 HP_TOOLS FAT32 Partition 102 MB Healthy

======================================================================================================

Windows Boot Manager
--------------------
identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
extendedinput Yes
default {158181c1-9a00-11db-8a1d-b11d19fd3102}
resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
displayorder {158181c1-9a00-11db-8a1d-b11d19fd3102}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {a1fc9130-32c9-11e1-8702-96ffc6caf6fb}

Windows Boot Loader
-------------------
identifier {158181c1-9a00-11db-8a1d-b11d19fd3102}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {a1fc9130-32c9-11e1-8702-96ffc6caf6fb}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
nx OptIn

Windows Boot Loader
-------------------
identifier {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ae5534e0-a924-466c-b836-758539a3ee3a}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ae5534e0-a924-466c-b836-758539a3ee3a}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes

Windows Boot Loader
-------------------
identifier {a1fc9130-32c9-11e1-8702-96ffc6caf6fb}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{a1fc9131-32c9-11e1-8702-96ffc6caf6fb}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{a1fc9131-32c9-11e1-8702-96ffc6caf6fb}
systemroot \windows
nx OptIn
winpe Yes
custom:46000010 Yes

Resume from Hibernate
---------------------
identifier {158181c0-9a00-11db-8a1d-b11d19fd3102}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {1afa9c49-16ab-4a5c-901b-212802da9460}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {b2721d73-1db4-4c62-bf78-c548a880142d}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
badmemoryaccess Yes

EMS Settings
------------
identifier {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
bootems Yes

Debugger Settings
-----------------
identifier {4636856e-540f-4170-a130-a84776f4c654}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {5189b25c-5558-4bf2-bca4-289b11bd29e2}

Global Settings
---------------
identifier {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
inherit {4636856e-540f-4170-a130-a84776f4c654}
{0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
{5189b25c-5558-4bf2-bca4-289b11bd29e2}

Boot Loader Settings
--------------------
identifier {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
{7ff607e0-4395-11db-b0de-0800200c9a66}

Hypervisor Settings
-------------------
identifier {7ff607e0-4395-11db-b0de-0800200c9a66}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {1afa9c49-16ab-4a5c-901b-212802da9460}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}

Device options
--------------
identifier {a1fc9131-32c9-11e1-8702-96ffc6caf6fb}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Setup Ramdisk Options
---------------------
identifier {ae5534e0-a924-466c-b836-758539a3ee3a}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi


****** End Of Log ******

#8 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 31 May 2012 - 02:45 AM

Hi Oleuanna,



Step 1
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.





Step 2
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Skip is selected, then click Continue > Close to close the tool.
    Note: We don't want to fix anything here, but just get an overview of your computer!
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.07.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.





Step 3
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]




Step 4
I would like you to answer the following questions as exactly as you can:
  • Which problems do you currently experience? Please describe those problems in more detail. Thank you!





What you should post with your next answer:
  • the logfile from aswMBR,
  • the logfile from TDSS Killer,
  • the logfile from FRST,
  • an answer to my question.

Regards,
M-K-D-B

#9 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 31 May 2012 - 07:12 AM

1,2,3, attached

4. The whole computer at times can be inaccessible, by this I mean the system freezes or applications I have opened freeze. For instance when it asks my permission to run a program after saying yes the screen will remain in a shadow, i will either have to reboot it or try the task manager which sometimes says that it is unable to open. The internet is sometimes unable to play back video and becomes sluggish. And recently it has blue screened followed by dumping, which is what happened when I used aswMBR, you will also notice that it got stuck scanning so I left it for 2 hours to see if it would continue but it didn't and just saved the file.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-31 10:26:10
-----------------------------
10:26:10.579 OS Version: Windows x64 6.1.7601 Service Pack 1
10:26:10.579 Number of processors: 4 586 0x2505
10:26:10.579 ComputerName: OLEUANNA-HP UserName: Oleuanna
10:26:16.601 Initialize success
10:26:25.368 AVAST engine defs: 12053100
10:26:27.178 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:26:27.178 Disk 0 Vendor: TOSHIBA_ GT00 Size: 715404MB BusType: 3
10:26:27.225 Disk 0 MBR read successfully
10:26:27.240 Disk 0 MBR scan
10:26:27.240 Disk 0 Windows 7 default MBR code
10:26:27.256 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
10:26:27.287 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 701155 MB offset 409600
10:26:27.615 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13946 MB offset 1436375040
10:26:27.880 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 102 MB offset 1464936448
10:26:27.958 Disk 0 scanning C:\Windows\system32\drivers
10:26:51.545 Service scanning
10:28:41.735 Modules scanning
10:28:41.735 Disk 0 trace - called modules:
10:28:42.266 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:28:42.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005245060]
10:28:42.281 3 CLASSPNP.SYS[fffff8800200143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fd6050]
10:28:46.899 AVAST engine scan C:\Windows
10:28:56.762 AVAST engine scan C:\Windows\system32
10:35:15.561 AVAST engine scan C:\Windows\system32\drivers
10:35:36.281 AVAST engine scan C:\Users\Oleuanna
12:10:21.364 Disk 0 MBR has been saved successfully to "C:\Users\Oleuanna\Desktop\MBR.dat"
12:10:21.406 The log file has been saved successfully to "C:\Users\Oleuanna\Desktop\aswMBR.txt"




12:10:47.0133 3420 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
12:10:47.0563 3420 ============================================================
12:10:47.0563 3420 Current date / time: 2012/05/31 12:10:47.0563
12:10:47.0563 3420 SystemInfo:
12:10:47.0564 3420
12:10:47.0564 3420 OS Version: 6.1.7601 ServicePack: 1.0
12:10:47.0564 3420 Product type: Workstation
12:10:47.0564 3420 ComputerName: OLEUANNA-HP
12:10:47.0565 3420 UserName: Oleuanna
12:10:47.0565 3420 Windows directory: C:\Windows
12:10:47.0565 3420 System windows directory: C:\Windows
12:10:47.0565 3420 Running under WOW64
12:10:47.0565 3420 Processor architecture: Intel x64
12:10:47.0565 3420 Number of processors: 4
12:10:47.0565 3420 Page size: 0x1000
12:10:47.0565 3420 Boot type: Normal boot
12:10:47.0565 3420 ============================================================
12:10:48.0584 3420 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:48.0740 3420 ============================================================
12:10:48.0740 3420 \Device\Harddisk0\DR0:
12:10:48.0741 3420 MBR partitions:
12:10:48.0741 3420 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:10:48.0741 3420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55971800
12:10:48.0741 3420 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x559D5800, BlocksNum 0x1B3D000
12:10:48.0741 3420 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
12:10:48.0741 3420 ============================================================
12:10:48.0898 3420 C: <-> \Device\Harddisk0\DR0\Partition1
12:10:48.0937 3420 D: <-> \Device\Harddisk0\DR0\Partition2
12:10:48.0938 3420 ============================================================
12:10:48.0938 3420 Initialize success
12:10:48.0938 3420 ============================================================
12:11:05.0533 5772 ============================================================
12:11:05.0533 5772 Scan started
12:11:05.0533 5772 Mode: Manual; SigCheck; TDLFS;
12:11:05.0533 5772 ============================================================
12:11:09.0742 5772 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:11:09.0866 5772 !SASCORE - ok
12:11:10.0104 5772 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:11:10.0245 5772 1394ohci - ok
12:11:10.0329 5772 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:11:10.0737 5772 ACPI - ok
12:11:10.0784 5772 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:11:10.0908 5772 AcpiPmi - ok
12:11:11.0051 5772 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:11:11.0081 5772 AdobeARMservice - ok
12:11:11.0195 5772 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
12:11:11.0232 5772 adp94xx - ok
12:11:11.0318 5772 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
12:11:11.0364 5772 adpahci - ok
12:11:11.0434 5772 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
12:11:11.0486 5772 adpu320 - ok
12:11:11.0518 5772 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:11:11.0659 5772 AeLookupSvc - ok
12:11:11.0720 5772 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:11:11.0823 5772 AFD - ok
12:11:11.0878 5772 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:11:11.0910 5772 agp440 - ok
12:11:11.0971 5772 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:11:12.0072 5772 ALG - ok
12:11:12.0119 5772 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:11:12.0138 5772 aliide - ok
12:11:12.0154 5772 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:11:12.0170 5772 amdide - ok
12:11:12.0226 5772 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
12:11:12.0288 5772 AmdK8 - ok
12:11:12.0325 5772 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
12:11:12.0380 5772 AmdPPM - ok
12:11:12.0434 5772 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:11:12.0453 5772 amdsata - ok
12:11:12.0486 5772 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
12:11:12.0516 5772 amdsbs - ok
12:11:12.0542 5772 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:11:12.0565 5772 amdxata - ok
12:11:12.0622 5772 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:11:12.0798 5772 AppID - ok
12:11:12.0857 5772 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:11:12.0943 5772 AppIDSvc - ok
12:11:12.0990 5772 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:11:13.0092 5772 Appinfo - ok
12:11:13.0150 5772 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
12:11:13.0181 5772 arc - ok
12:11:13.0201 5772 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
12:11:13.0221 5772 arcsas - ok
12:11:13.0265 5772 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:11:13.0350 5772 AsyncMac - ok
12:11:13.0396 5772 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:11:13.0412 5772 atapi - ok
12:11:13.0495 5772 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:11:13.0574 5772 AudioEndpointBuilder - ok
12:11:13.0580 5772 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:11:13.0631 5772 AudioSrv - ok
12:11:13.0672 5772 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:11:13.0802 5772 AxInstSV - ok
12:11:13.0874 5772 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
12:11:13.0976 5772 b06bdrv - ok
12:11:14.0051 5772 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:11:14.0130 5772 b57nd60a - ok
12:11:14.0231 5772 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:11:14.0299 5772 BCM43XX - ok
12:11:14.0338 5772 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:11:14.0396 5772 BDESVC - ok
12:11:14.0540 5772 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:11:14.0628 5772 Beep - ok
12:11:14.0727 5772 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:11:14.0829 5772 BFE - ok
12:11:14.0894 5772 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
12:11:15.0022 5772 BITS - ok
12:11:15.0077 5772 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
12:11:15.0127 5772 blbdrive - ok
12:11:15.0177 5772 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:11:15.0274 5772 bowser - ok
12:11:15.0332 5772 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
12:11:15.0386 5772 BrFiltLo - ok
12:11:15.0413 5772 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
12:11:15.0444 5772 BrFiltUp - ok
12:11:15.0513 5772 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:11:15.0599 5772 BridgeMP - ok
12:11:15.0664 5772 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:11:15.0757 5772 Browser - ok
12:11:15.0794 5772 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:11:15.0882 5772 Brserid - ok
12:11:15.0925 5772 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:11:15.0977 5772 BrSerWdm - ok
12:11:16.0011 5772 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:11:16.0058 5772 BrUsbMdm - ok
12:11:16.0079 5772 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:11:16.0119 5772 BrUsbSer - ok
12:11:16.0143 5772 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
12:11:16.0192 5772 BTHMODEM - ok
12:11:16.0220 5772 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:11:16.0300 5772 bthserv - ok
12:11:16.0336 5772 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:11:16.0413 5772 cdfs - ok
12:11:16.0462 5772 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:11:16.0512 5772 cdrom - ok
12:11:16.0555 5772 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:11:16.0637 5772 CertPropSvc - ok
12:11:16.0675 5772 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
12:11:16.0716 5772 circlass - ok
12:11:16.0753 5772 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:11:16.0776 5772 CLFS - ok
12:11:16.0855 5772 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:11:16.0901 5772 clr_optimization_v2.0.50727_32 - ok
12:11:16.0939 5772 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:11:16.0964 5772 clr_optimization_v2.0.50727_64 - ok
12:11:17.0032 5772 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:11:17.0067 5772 clr_optimization_v4.0.30319_32 - ok
12:11:17.0101 5772 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:11:17.0124 5772 clr_optimization_v4.0.30319_64 - ok
12:11:17.0175 5772 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
12:11:17.0258 5772 clwvd - ok
12:11:17.0300 5772 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
12:11:17.0357 5772 CmBatt - ok
12:11:17.0395 5772 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:11:17.0413 5772 cmdide - ok
12:11:17.0462 5772 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:11:17.0548 5772 CNG - ok
12:11:17.0600 5772 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
12:11:17.0616 5772 Compbatt - ok
12:11:17.0673 5772 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:11:17.0737 5772 CompositeBus - ok
12:11:17.0757 5772 COMSysApp - ok
12:11:17.0799 5772 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
12:11:17.0832 5772 crcdisk - ok
12:11:17.0884 5772 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:11:17.0976 5772 CryptSvc - ok
12:11:18.0048 5772 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:11:18.0138 5772 DcomLaunch - ok
12:11:18.0183 5772 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:11:18.0270 5772 defragsvc - ok
12:11:18.0316 5772 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:11:18.0385 5772 DfsC - ok
12:11:18.0470 5772 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:11:18.0583 5772 Dhcp - ok
12:11:18.0636 5772 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:11:18.0720 5772 discache - ok
12:11:18.0774 5772 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
12:11:18.0807 5772 Disk - ok
12:11:18.0870 5772 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:11:18.0955 5772 Dnscache - ok
12:11:18.0991 5772 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:11:19.0069 5772 dot3svc - ok
12:11:19.0099 5772 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:11:19.0166 5772 DPS - ok
12:11:19.0217 5772 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:11:19.0278 5772 drmkaud - ok
12:11:19.0338 5772 dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:11:19.0387 5772 dtsoftbus01 - ok
12:11:19.0450 5772 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:11:19.0491 5772 DXGKrnl - ok
12:11:19.0521 5772 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:11:19.0605 5772 EapHost - ok
12:11:19.0889 5772 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
12:11:19.0958 5772 ebdrv - ok
12:11:20.0096 5772 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:11:20.0171 5772 EFS - ok
12:11:20.0272 5772 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:11:20.0383 5772 ehRecvr - ok
12:11:20.0406 5772 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:11:20.0439 5772 ehSched - ok
12:11:20.0552 5772 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
12:11:20.0596 5772 elxstor - ok
12:11:20.0622 5772 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:11:20.0663 5772 ErrDev - ok
12:11:20.0723 5772 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:11:20.0810 5772 EventSystem - ok
12:11:20.0854 5772 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:11:20.0921 5772 exfat - ok
12:11:20.0956 5772 ezSharedSvc - ok
12:11:20.0987 5772 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:11:21.0061 5772 fastfat - ok
12:11:21.0136 5772 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:11:21.0242 5772 Fax - ok
12:11:21.0270 5772 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
12:11:21.0322 5772 fdc - ok
12:11:21.0358 5772 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:11:21.0435 5772 fdPHost - ok
12:11:21.0464 5772 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:11:21.0519 5772 FDResPub - ok
12:11:21.0565 5772 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:11:21.0581 5772 FileInfo - ok
12:11:21.0601 5772 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:11:21.0685 5772 Filetrace - ok
12:11:21.0833 5772 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:11:21.0883 5772 FLEXnet Licensing Service - ok
12:11:21.0905 5772 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
12:11:21.0926 5772 flpydisk - ok
12:11:21.0969 5772 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:11:21.0989 5772 FltMgr - ok
12:11:22.0061 5772 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:11:22.0162 5772 FontCache - ok
12:11:22.0210 5772 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:11:22.0244 5772 FontCache3.0.0.0 - ok
12:11:22.0279 5772 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:11:22.0296 5772 FsDepends - ok
12:11:22.0355 5772 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:11:22.0391 5772 Fs_Rec - ok
12:11:22.0449 5772 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:11:22.0478 5772 fvevol - ok
12:11:22.0535 5772 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
12:11:22.0558 5772 gagp30kx - ok
12:11:22.0649 5772 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:11:22.0719 5772 gpsvc - ok
12:11:22.0748 5772 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:11:22.0804 5772 hcw85cir - ok
12:11:22.0864 5772 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:11:22.0904 5772 HdAudAddService - ok
12:11:22.0967 5772 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:11:23.0021 5772 HDAudBus - ok
12:11:23.0092 5772 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:11:23.0114 5772 HECIx64 - ok
12:11:23.0147 5772 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
12:11:23.0187 5772 HidBatt - ok
12:11:23.0210 5772 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
12:11:23.0242 5772 HidBth - ok
12:11:23.0305 5772 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
12:11:23.0342 5772 HidIr - ok
12:11:23.0371 5772 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:11:23.0458 5772 hidserv - ok
12:11:23.0762 5772 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:11:23.0790 5772 HidUsb - ok
12:11:23.0858 5772 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:11:23.0934 5772 hkmsvc - ok
12:11:23.0978 5772 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:11:24.0057 5772 HomeGroupListener - ok
12:11:24.0095 5772 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:11:24.0151 5772 HomeGroupProvider - ok
12:11:24.0282 5772 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:11:24.0305 5772 HP Support Assistant Service - ok
12:11:24.0418 5772 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:11:24.0447 5772 HPClientSvc - ok
12:11:24.0641 5772 hpCMSrv (8f123d1fa65adecea0244c615ea95dfa) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
12:11:24.0721 5772 hpCMSrv - ok
12:11:24.0831 5772 HPDrvMntSvc.exe (d17f9e527f01770bd04a9223bc40ec22) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:11:24.0864 5772 HPDrvMntSvc.exe - ok
12:11:24.0945 5772 hpqwmiex (0955c23c041451fb4e7099d6b2cf1c06) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:11:25.0000 5772 hpqwmiex - ok
12:11:25.0169 5772 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:11:25.0190 5772 HpSAMD - ok
12:11:25.0278 5772 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
12:11:25.0314 5772 HPWMISVC - ok
12:11:25.0400 5772 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:11:25.0507 5772 HTTP - ok
12:11:25.0623 5772 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:11:25.0639 5772 hwpolicy - ok
12:11:25.0937 5772 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:11:25.0966 5772 i8042prt - ok
12:11:26.0061 5772 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
12:11:26.0083 5772 iaStor - ok
12:11:26.0590 5772 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:11:26.0603 5772 IAStorDataMgrSvc - ok
12:11:26.0723 5772 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:11:26.0767 5772 iaStorV - ok
12:11:26.0875 5772 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:11:26.0954 5772 idsvc - ok
12:11:27.0627 5772 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:11:28.0035 5772 igfx - ok
12:11:28.0188 5772 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
12:11:28.0229 5772 iirsp - ok
12:11:28.0294 5772 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:11:28.0393 5772 IKEEXT - ok
12:11:28.0456 5772 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
12:11:28.0528 5772 Impcd - ok
12:11:28.0556 5772 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
12:11:28.0601 5772 IntcDAud - ok
12:11:28.0620 5772 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:11:28.0637 5772 intelide - ok
12:11:28.0683 5772 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:11:28.0729 5772 intelppm - ok
12:11:28.0779 5772 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:11:28.0859 5772 IPBusEnum - ok
12:11:28.0899 5772 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:11:28.0947 5772 IpFilterDriver - ok
12:11:28.0990 5772 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:11:29.0064 5772 iphlpsvc - ok
12:11:29.0104 5772 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:11:29.0146 5772 IPMIDRV - ok
12:11:29.0195 5772 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:11:29.0274 5772 IPNAT - ok
12:11:29.0304 5772 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:11:29.0332 5772 IRENUM - ok
12:11:29.0358 5772 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:11:29.0373 5772 isapnp - ok
12:11:29.0409 5772 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:11:29.0431 5772 iScsiPrt - ok
12:11:29.0551 5772 ISWKL (1152f8beb568f2f72f1c5c32a1f4e529) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
12:11:29.0581 5772 ISWKL - ok
12:11:29.0743 5772 IswSvc (ef46ef3a790c42bba9b5afa2586448db) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
12:11:29.0822 5772 IswSvc - ok
12:11:29.0875 5772 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:11:29.0893 5772 kbdclass - ok
12:11:29.0936 5772 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:11:29.0977 5772 kbdhid - ok
12:11:30.0008 5772 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:30.0036 5772 KeyIso - ok
12:11:30.0123 5772 KL1 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
12:11:30.0147 5772 KL1 - ok
12:11:30.0164 5772 kl2 (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
12:11:30.0177 5772 kl2 - ok
12:11:30.0236 5772 KLIF (055790d38d7ec73aef03e4aa7f67ba03) C:\Windows\system32\DRIVERS\klif.sys
12:11:30.0264 5772 KLIF - ok
12:11:30.0285 5772 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:11:30.0310 5772 KSecDD - ok
12:11:30.0338 5772 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:11:30.0365 5772 KSecPkg - ok
12:11:30.0429 5772 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:11:30.0499 5772 ksthunk - ok
12:11:30.0531 5772 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:11:30.0602 5772 KtmRm - ok
12:11:30.0665 5772 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:11:30.0767 5772 LanmanServer - ok
12:11:30.0800 5772 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:11:30.0870 5772 LanmanWorkstation - ok
12:11:30.0927 5772 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:11:31.0001 5772 lltdio - ok
12:11:31.0062 5772 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:11:31.0132 5772 lltdsvc - ok
12:11:31.0159 5772 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:11:31.0206 5772 lmhosts - ok
12:11:31.0343 5772 LMS (0405f4bcd1c7a7b309f620fe0b5de5e6) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:11:31.0384 5772 LMS - ok
12:11:31.0445 5772 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
12:11:31.0481 5772 LSI_FC - ok
12:11:31.0518 5772 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
12:11:31.0540 5772 LSI_SAS - ok
12:11:31.0570 5772 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
12:11:31.0592 5772 LSI_SAS2 - ok
12:11:31.0640 5772 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
12:11:31.0664 5772 LSI_SCSI - ok
12:11:31.0680 5772 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:11:31.0755 5772 luafv - ok
12:11:31.0795 5772 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
12:11:31.0816 5772 MBAMProtector - ok
12:11:31.0892 5772 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:11:31.0924 5772 MBAMService - ok
12:11:31.0984 5772 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:11:32.0027 5772 Mcx2Svc - ok
12:11:32.0057 5772 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
12:11:32.0081 5772 megasas - ok
12:11:32.0156 5772 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
12:11:32.0190 5772 MegaSR - ok
12:11:32.0256 5772 Microsoft SharePoint Workspace Audit Service - ok
12:11:32.0290 5772 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:11:32.0373 5772 MMCSS - ok
12:11:32.0413 5772 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:11:32.0473 5772 Modem - ok
12:11:32.0526 5772 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:11:32.0577 5772 monitor - ok
12:11:32.0634 5772 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:11:32.0651 5772 mouclass - ok
12:11:32.0676 5772 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
12:11:32.0714 5772 mouhid - ok
12:11:32.0746 5772 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:11:32.0766 5772 mountmgr - ok
12:11:32.0803 5772 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:11:32.0825 5772 mpio - ok
12:11:32.0840 5772 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:11:32.0890 5772 mpsdrv - ok
12:11:32.0953 5772 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:11:33.0049 5772 MpsSvc - ok
12:11:33.0078 5772 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:11:33.0124 5772 MRxDAV - ok
12:11:33.0172 5772 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:11:33.0245 5772 mrxsmb - ok
12:11:33.0272 5772 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:11:33.0302 5772 mrxsmb10 - ok
12:11:33.0321 5772 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:11:33.0341 5772 mrxsmb20 - ok
12:11:33.0370 5772 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:11:33.0385 5772 msahci - ok
12:11:33.0419 5772 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:11:33.0438 5772 msdsm - ok
12:11:33.0461 5772 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:11:33.0507 5772 MSDTC - ok
12:11:33.0554 5772 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:11:33.0602 5772 Msfs - ok
12:11:33.0638 5772 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:11:33.0709 5772 mshidkmdf - ok
12:11:33.0747 5772 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:11:33.0768 5772 msisadrv - ok
12:11:33.0798 5772 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:11:33.0870 5772 MSiSCSI - ok
12:11:33.0873 5772 msiserver - ok
12:11:33.0909 5772 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:11:33.0973 5772 MSKSSRV - ok
12:11:34.0002 5772 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:11:34.0071 5772 MSPCLOCK - ok
12:11:34.0093 5772 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:11:34.0163 5772 MSPQM - ok
12:11:34.0203 5772 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:11:34.0226 5772 MsRPC - ok
12:11:34.0253 5772 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:11:34.0276 5772 mssmbios - ok
12:11:34.0308 5772 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:11:34.0383 5772 MSTEE - ok
12:11:34.0417 5772 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
12:11:34.0463 5772 MTConfig - ok
12:11:34.0514 5772 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:11:34.0534 5772 Mup - ok
12:11:34.0584 5772 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:11:34.0666 5772 napagent - ok
12:11:34.0726 5772 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:11:34.0783 5772 NativeWifiP - ok
12:11:34.0875 5772 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
12:11:34.0928 5772 NDIS - ok
12:11:34.0986 5772 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:11:35.0084 5772 NdisCap - ok
12:11:35.0119 5772 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:11:35.0171 5772 NdisTapi - ok
12:11:35.0189 5772 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:11:35.0262 5772 Ndisuio - ok
12:11:35.0302 5772 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:11:35.0378 5772 NdisWan - ok
12:11:35.0401 5772 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:11:35.0446 5772 NDProxy - ok
12:11:35.0487 5772 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:11:35.0548 5772 NetBIOS - ok
12:11:35.0577 5772 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:11:35.0628 5772 NetBT - ok
12:11:35.0653 5772 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:35.0673 5772 Netlogon - ok
12:11:35.0745 5772 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:11:35.0813 5772 Netman - ok
12:11:35.0853 5772 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:11:35.0940 5772 netprofm - ok
12:11:36.0061 5772 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys
12:11:36.0173 5772 netr28x - ok
12:11:36.0281 5772 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:11:36.0318 5772 NetTcpPortSharing - ok
12:11:36.0424 5772 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
12:11:36.0447 5772 nfrd960 - ok
12:11:36.0502 5772 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:11:36.0600 5772 NlaSvc - ok
12:11:36.0628 5772 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:11:36.0674 5772 Npfs - ok
12:11:36.0698 5772 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:11:36.0760 5772 nsi - ok
12:11:36.0780 5772 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:11:36.0851 5772 nsiproxy - ok
12:11:36.0964 5772 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:11:37.0035 5772 Ntfs - ok
12:11:37.0144 5772 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:11:37.0218 5772 Null - ok
12:11:37.0281 5772 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
12:11:37.0339 5772 NVENETFD - ok
12:11:37.0377 5772 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:11:37.0403 5772 nvraid - ok
12:11:37.0430 5772 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:11:37.0448 5772 nvstor - ok
12:11:37.0479 5772 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:11:37.0497 5772 nv_agp - ok
12:11:37.0526 5772 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:11:37.0552 5772 ohci1394 - ok
12:11:37.0655 5772 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:37.0690 5772 ose - ok
12:11:38.0112 5772 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:11:38.0350 5772 osppsvc - ok
12:11:38.0481 5772 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:11:38.0563 5772 p2pimsvc - ok
12:11:38.0604 5772 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:11:38.0634 5772 p2psvc - ok
12:11:38.0687 5772 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
12:11:38.0729 5772 Parport - ok
12:11:38.0768 5772 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:11:38.0794 5772 partmgr - ok
12:11:38.0826 5772 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:11:38.0880 5772 PcaSvc - ok
12:11:38.0921 5772 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:11:38.0951 5772 pci - ok
12:11:38.0984 5772 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:11:39.0001 5772 pciide - ok
12:11:39.0019 5772 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
12:11:39.0039 5772 pcmcia - ok
12:11:39.0053 5772 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:11:39.0070 5772 pcw - ok
12:11:39.0102 5772 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:11:39.0183 5772 PEAUTH - ok
12:11:39.0272 5772 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:11:39.0359 5772 PerfHost - ok
12:11:39.0448 5772 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:11:39.0573 5772 pla - ok
12:11:39.0631 5772 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:11:39.0720 5772 PlugPlay - ok
12:11:39.0738 5772 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:11:39.0800 5772 PNRPAutoReg - ok
12:11:39.0842 5772 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:11:39.0869 5772 PNRPsvc - ok
12:11:39.0905 5772 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:11:39.0977 5772 PolicyAgent - ok
12:11:40.0015 5772 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:11:40.0088 5772 Power - ok
12:11:40.0164 5772 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:11:40.0232 5772 PptpMiniport - ok
12:11:40.0269 5772 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
12:11:40.0305 5772 Processor - ok
12:11:40.0351 5772 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:11:40.0416 5772 ProfSvc - ok
12:11:40.0453 5772 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:40.0474 5772 ProtectedStorage - ok
12:11:40.0536 5772 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:11:40.0609 5772 Psched - ok
12:11:40.0688 5772 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
12:11:40.0735 5772 ql2300 - ok
12:11:40.0859 5772 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
12:11:40.0879 5772 ql40xx - ok
12:11:40.0919 5772 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:11:40.0951 5772 QWAVE - ok
12:11:40.0967 5772 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:11:41.0006 5772 QWAVEdrv - ok
12:11:41.0038 5772 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:11:41.0096 5772 RasAcd - ok
12:11:41.0146 5772 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:11:41.0200 5772 RasAgileVpn - ok
12:11:41.0227 5772 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:11:41.0300 5772 RasAuto - ok
12:11:41.0328 5772 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:11:41.0394 5772 Rasl2tp - ok
12:11:41.0428 5772 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:11:41.0478 5772 RasMan - ok
12:11:41.0555 5772 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:11:41.0625 5772 RasPppoe - ok
12:11:41.0667 5772 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:11:41.0760 5772 RasSstp - ok
12:11:41.0784 5772 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:11:41.0849 5772 rdbss - ok
12:11:41.0880 5772 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
12:11:41.0918 5772 rdpbus - ok
12:11:41.0953 5772 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:11:42.0038 5772 RDPCDD - ok
12:11:42.0059 5772 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:11:42.0129 5772 RDPENCDD - ok
12:11:42.0157 5772 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:11:42.0202 5772 RDPREFMP - ok
12:11:42.0264 5772 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:11:42.0395 5772 RDPWD - ok
12:11:42.0475 5772 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:11:42.0512 5772 rdyboost - ok
12:11:42.0588 5772 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:11:42.0658 5772 RemoteAccess - ok
12:11:42.0708 5772 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:11:42.0788 5772 RemoteRegistry - ok
12:11:42.0810 5772 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:11:42.0877 5772 RpcEptMapper - ok
12:11:42.0918 5772 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:11:42.0942 5772 RpcLocator - ok
12:11:42.0998 5772 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
12:11:43.0053 5772 RpcSs - ok
12:11:43.0123 5772 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
12:11:43.0156 5772 RSPCIESTOR - ok
12:11:43.0218 5772 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:11:43.0279 5772 rspndr - ok
12:11:43.0339 5772 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:11:43.0366 5772 RTL8167 - ok
12:11:43.0398 5772 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:43.0421 5772 SamSs - ok
12:11:43.0519 5772 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:11:43.0549 5772 SASDIFSV - ok
12:11:43.0597 5772 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:11:43.0624 5772 SASKUTIL - ok
12:11:43.0656 5772 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:11:43.0679 5772 sbp2port - ok
12:11:43.0724 5772 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:11:43.0777 5772 SCardSvr - ok
12:11:43.0801 5772 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:11:43.0863 5772 scfilter - ok
12:11:43.0942 5772 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:11:44.0032 5772 Schedule - ok
12:11:44.0080 5772 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:11:44.0128 5772 SCPolicySvc - ok
12:11:44.0182 5772 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
12:11:44.0231 5772 sdbus - ok
12:11:44.0271 5772 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:11:44.0343 5772 SDRSVC - ok
12:11:44.0390 5772 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:11:44.0470 5772 secdrv - ok
12:11:44.0510 5772 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:11:44.0558 5772 seclogon - ok
12:11:44.0588 5772 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:11:44.0663 5772 SENS - ok
12:11:44.0716 5772 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:11:44.0808 5772 SensrSvc - ok
12:11:44.0839 5772 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
12:11:44.0891 5772 Serenum - ok
12:11:44.0933 5772 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
12:11:44.0986 5772 Serial - ok
12:11:45.0015 5772 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
12:11:45.0055 5772 sermouse - ok
12:11:45.0109 5772 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:11:45.0185 5772 SessionEnv - ok
12:11:45.0217 5772 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:11:45.0267 5772 sffdisk - ok
12:11:45.0295 5772 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:11:45.0337 5772 sffp_mmc - ok
12:11:45.0365 5772 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:11:45.0416 5772 sffp_sd - ok
12:11:45.0443 5772 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
12:11:45.0492 5772 sfloppy - ok
12:11:45.0536 5772 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:11:45.0599 5772 SharedAccess - ok
12:11:45.0640 5772 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:11:45.0720 5772 ShellHWDetection - ok
12:11:45.0772 5772 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
12:11:45.0803 5772 SiSRaid2 - ok
12:11:45.0823 5772 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
12:11:45.0841 5772 SiSRaid4 - ok
12:11:45.0895 5772 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:11:45.0978 5772 Smb - ok
12:11:46.0033 5772 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:11:46.0075 5772 SNMPTRAP - ok
12:11:46.0108 5772 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:11:46.0126 5772 spldr - ok
12:11:46.0178 5772 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:11:46.0244 5772 Spooler - ok
12:11:46.0432 5772 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:11:46.0548 5772 sppsvc - ok
12:11:46.0679 5772 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:11:46.0745 5772 sppuinotify - ok
12:11:46.0796 5772 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:11:46.0865 5772 srv - ok
12:11:46.0900 5772 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:11:46.0953 5772 srv2 - ok
12:11:47.0020 5772 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
12:11:47.0060 5772 SrvHsfHDA - ok
12:11:47.0156 5772 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:11:47.0230 5772 SrvHsfV92 - ok
12:11:47.0396 5772 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
12:11:47.0439 5772 SrvHsfWinac - ok
12:11:47.0481 5772 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:11:47.0505 5772 srvnet - ok
12:11:47.0562 5772 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:11:47.0638 5772 SSDPSRV - ok
12:11:47.0663 5772 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:11:47.0714 5772 SstpSvc - ok
12:11:47.0825 5772 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
12:11:47.0914 5772 STacSV - ok
12:11:47.0934 5772 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
12:11:47.0951 5772 stexstor - ok
12:11:48.0046 5772 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
12:11:48.0092 5772 STHDA - ok
12:11:48.0181 5772 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:11:48.0232 5772 stisvc - ok
12:11:48.0262 5772 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:11:48.0285 5772 swenum - ok
12:11:48.0341 5772 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:11:48.0426 5772 swprv - ok
12:11:48.0491 5772 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
12:11:48.0543 5772 SynTP - ok
12:11:48.0644 5772 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:11:48.0750 5772 SysMain - ok
12:11:48.0883 5772 SystemExplorerHelpService (53e7ab72790294a27f06f4ef5af2e6ba) C:\Program Files (x86)\System Explorer\SystemExplorerService64.exe
12:11:48.0939 5772 SystemExplorerHelpService - ok
12:11:49.0035 5772 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:11:49.0110 5772 TabletInputService - ok
12:11:49.0144 5772 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:11:49.0220 5772 TapiSrv - ok
12:11:49.0249 5772 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:11:49.0298 5772 TBS - ok
12:11:49.0476 5772 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:11:49.0550 5772 Tcpip - ok
12:11:49.0800 5772 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:11:49.0850 5772 TCPIP6 - ok
12:11:49.0979 5772 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:11:50.0046 5772 tcpipreg - ok
12:11:50.0075 5772 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:11:50.0094 5772 TDPIPE - ok
12:11:50.0134 5772 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:11:50.0174 5772 TDTCP - ok
12:11:50.0203 5772 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:11:50.0251 5772 tdx - ok
12:11:50.0308 5772 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:11:50.0325 5772 TermDD - ok
12:11:50.0382 5772 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:11:50.0451 5772 TermService - ok
12:11:50.0496 5772 TfFsMon (fa5bfb71e561d279edae7e118435c1c9) C:\Windows\system32\drivers\TfFsMon.sys
12:11:50.0524 5772 TfFsMon - ok
12:11:50.0541 5772 TfNetMon (fa8400d74345ec4bf10e476ca0aaa2df) C:\Windows\system32\drivers\TfNetMon.sys
12:11:50.0560 5772 TfNetMon - ok
12:11:50.0610 5772 TfSysMon (f11aa1a704a4c027e5e8e0f355523834) C:\Windows\system32\drivers\TfSysMon.sys
12:11:50.0630 5772 TfSysMon - ok
12:11:50.0661 5772 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:11:50.0694 5772 Themes - ok
12:11:50.0714 5772 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:11:50.0761 5772 THREADORDER - ok
12:11:50.0881 5772 ThreatFire - ok
12:11:50.0924 5772 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:11:50.0996 5772 TrkWks - ok
12:11:51.0068 5772 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:11:51.0144 5772 TrustedInstaller - ok
12:11:51.0184 5772 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:11:51.0277 5772 tssecsrv - ok
12:11:51.0304 5772 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:11:51.0339 5772 TsUsbFlt - ok
12:11:51.0370 5772 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
12:11:51.0394 5772 TsUsbGD - ok
12:11:51.0466 5772 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:11:51.0553 5772 tunnel - ok
12:11:51.0587 5772 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
12:11:51.0603 5772 uagp35 - ok
12:11:51.0636 5772 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:11:51.0719 5772 udfs - ok
12:11:51.0765 5772 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:11:51.0791 5772 UI0Detect - ok
12:11:51.0826 5772 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:11:51.0846 5772 uliagpkx - ok
12:11:51.0893 5772 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
12:11:51.0939 5772 umbus - ok
12:11:51.0982 5772 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
12:11:52.0031 5772 UmPass - ok
12:11:52.0229 5772 UNS (6f895ca96552069b3d3ef5b4f6e90d3e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:11:52.0292 5772 UNS - ok
12:11:52.0426 5772 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:11:52.0520 5772 upnphost - ok
12:11:52.0605 5772 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:11:52.0672 5772 usbccgp - ok
12:11:52.0704 5772 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:11:52.0745 5772 usbcir - ok
12:11:52.0759 5772 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:11:52.0800 5772 usbehci - ok
12:11:52.0859 5772 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:11:52.0911 5772 usbhub - ok
12:11:52.0940 5772 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:11:52.0980 5772 usbohci - ok
12:11:53.0006 5772 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
12:11:53.0067 5772 usbprint - ok
12:11:53.0104 5772 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
12:11:53.0170 5772 USBSTOR - ok
12:11:53.0194 5772 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:11:53.0257 5772 usbuhci - ok
12:11:53.0308 5772 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
12:11:53.0332 5772 usbvideo - ok
12:11:53.0361 5772 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:11:53.0440 5772 UxSms - ok
12:11:53.0476 5772 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:53.0496 5772 VaultSvc - ok
12:11:53.0558 5772 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
12:11:53.0643 5772 VClone - ok
12:11:53.0673 5772 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:11:53.0703 5772 vdrvroot - ok
12:11:53.0748 5772 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:11:53.0856 5772 vds - ok
12:11:53.0903 5772 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:11:53.0931 5772 vga - ok
12:11:53.0944 5772 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:11:54.0015 5772 VgaSave - ok
12:11:54.0056 5772 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:11:54.0077 5772 vhdmp - ok
12:11:54.0092 5772 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:11:54.0107 5772 viaide - ok
12:11:54.0129 5772 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:11:54.0153 5772 volmgr - ok
12:11:54.0185 5772 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:11:54.0207 5772 volmgrx - ok
12:11:54.0247 5772 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:11:54.0281 5772 volsnap - ok
12:11:54.0349 5772 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
12:11:54.0405 5772 Vsdatant - ok
12:11:54.0492 5772 vsmon - ok
12:11:54.0554 5772 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
12:11:54.0589 5772 vsmraid - ok
12:11:54.0699 5772 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:11:54.0796 5772 VSS - ok
12:11:54.0925 5772 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:11:54.0982 5772 vwifibus - ok
12:11:55.0022 5772 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:11:55.0095 5772 vwififlt - ok
12:11:55.0145 5772 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:11:55.0217 5772 W32Time - ok
12:11:55.0253 5772 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
12:11:55.0299 5772 WacomPen - ok
12:11:55.0353 5772 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:11:55.0426 5772 WANARP - ok
12:11:55.0429 5772 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:11:55.0475 5772 Wanarpv6 - ok
12:11:55.0563 5772 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:11:55.0620 5772 WatAdminSvc - ok
12:11:55.0698 5772 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:11:55.0803 5772 wbengine - ok
12:11:55.0915 5772 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:11:55.0964 5772 WbioSrvc - ok
12:11:55.0998 5772 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:11:56.0060 5772 wcncsvc - ok
12:11:56.0090 5772 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:11:56.0129 5772 WcsPlugInService - ok
12:11:56.0180 5772 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
12:11:56.0202 5772 Wd - ok
12:11:56.0250 5772 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:11:56.0287 5772 Wdf01000 - ok
12:11:56.0311 5772 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:11:56.0407 5772 WdiServiceHost - ok
12:11:56.0411 5772 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:11:56.0441 5772 WdiSystemHost - ok
12:11:56.0487 5772 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:11:56.0534 5772 WebClient - ok
12:11:56.0570 5772 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:11:56.0663 5772 Wecsvc - ok
12:11:56.0693 5772 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:11:56.0742 5772 wercplsupport - ok
12:11:56.0799 5772 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:11:56.0884 5772 WerSvc - ok
12:11:56.0943 5772 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:11:57.0017 5772 WfpLwf - ok
12:11:57.0061 5772 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:11:57.0092 5772 WIMMount - ok
12:11:57.0141 5772 WinDefend - ok
12:11:57.0148 5772 WinHttpAutoProxySvc - ok
12:11:57.0207 5772 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:11:57.0304 5772 Winmgmt - ok
12:11:57.0426 5772 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:11:57.0527 5772 WinRM - ok
12:11:57.0722 5772 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:11:57.0788 5772 Wlansvc - ok
12:11:57.0877 5772 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:11:57.0908 5772 wlcrasvc - ok
12:11:58.0136 5772 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:11:58.0218 5772 wlidsvc - ok
12:11:58.0354 5772 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:11:58.0401 5772 WmiAcpi - ok
12:11:58.0449 5772 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:11:58.0499 5772 wmiApSrv - ok
12:11:58.0560 5772 WMPNetworkSvc - ok
12:11:58.0605 5772 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:11:58.0651 5772 WPCSvc - ok
12:11:58.0671 5772 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:11:58.0714 5772 WPDBusEnum - ok
12:11:58.0746 5772 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:11:58.0796 5772 ws2ifsl - ok
12:11:58.0817 5772 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
12:11:58.0864 5772 wscsvc - ok
12:11:58.0868 5772 WSearch - ok
12:11:59.0007 5772 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:11:59.0117 5772 wuauserv - ok
12:11:59.0260 5772 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:11:59.0352 5772 WudfPf - ok
12:11:59.0392 5772 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:11:59.0479 5772 WUDFRd - ok
12:11:59.0509 5772 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:11:59.0556 5772 wudfsvc - ok
12:11:59.0592 5772 WwanSvc (ce8cf9de9cbfdaa318bd04d8be3fcada) C:\Windows\System32\wwansvc.dll
12:11:59.0638 5772 WwanSvc - ok
12:11:59.0702 5772 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:12:00.0625 5772 \Device\Harddisk0\DR0 - ok
12:12:00.0633 5772 Boot (0x1200) (06ef56b23223d6e7a91e975afa0b71c2) \Device\Harddisk0\DR0\Partition0
12:12:00.0635 5772 \Device\Harddisk0\DR0\Partition0 - ok
12:12:00.0653 5772 Boot (0x1200) (e7295e41c77c932a36879e0793e1c7eb) \Device\Harddisk0\DR0\Partition1
12:12:00.0656 5772 \Device\Harddisk0\DR0\Partition1 - ok
12:12:00.0687 5772 Boot (0x1200) (ea3c68af2d193ee2ce2b80425bc5a637) \Device\Harddisk0\DR0\Partition2
12:12:00.0689 5772 \Device\Harddisk0\DR0\Partition2 - ok
12:12:00.0701 5772 Boot (0x1200) (d3ad097baa7eb9b4b9edf74b2320a3d2) \Device\Harddisk0\DR0\Partition3
12:12:00.0702 5772 \Device\Harddisk0\DR0\Partition3 - ok
12:12:00.0703 5772 ============================================================
12:12:00.0703 5772 Scan finished
12:12:00.0703 5772 ============================================================
12:12:00.0721 1296 Detected object count: 0
12:12:00.0721 1296 Actual detected object count: 0

#10 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 31 May 2012 - 07:13 AM

Scan result of Farbar Recovery Scan Tool Version: 29-05-2012 02
Ran by SYSTEM at 31-05-2012 12:54:30
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392472 2011-08-31] (Intel Corporation)
HKLM\...\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden" [1126528 2012-04-30] (Check Point Software Technologies)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73360 2012-05-03] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKU\Oleuanna\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4787072 2012-05-17] (SUPERAntiSpyware.com)
HKU\Oleuanna\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\Oleuanna\...\Policies\system: [DisableLockWorkstation] 1
HKU\Oleuanna\...\Policies\system: [DisableChangePassword] 1
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Startup: C:\Users\Oleuanna\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 ezSharedSvc; C:\Windows\SysWow64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [86072 2011-09-09] (Hewlett-Packard Company)
3 hpCMSrv; "C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe" [1098296 2011-06-14] (Hewlett-Packard Development Company L.P.)
2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [26680 2010-11-09] (Hewlett-Packard Development Company, L.P.)
2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [13336 2011-01-12] (Intel Corporation)
2 IswSvc; "C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe" [827520 2012-04-30] (Check Point Software Technologies)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\SystemExplorerService64.exe [712520 2011-09-22] (Mister Group)
2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe service [70928 2011-02-22] (PC Tools)
2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -service [2446872 2012-05-03] (Check Point Software Technologies LTD)

========================== Drivers (Whitelisted) =============

3 clwvd; C:\Windows\System32\Drivers\clwvd.sys [31088 2010-07-28] (CyberLink Corporation)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [271424 2011-11-29] (DT Soft Ltd)
2 ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33672 2012-04-30] (Check Point Software Technologies)
0 KL1; C:\Windows\System32\Drivers\KL1.sys [460888 2012-01-09] (Kaspersky Lab ZAO)
1 kl2; C:\Windows\System32\Drivers\kl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)
1 KLIF; C:\Windows\System32\Drivers\KLIF.sys [485680 2012-01-09] (Kaspersky Lab)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)
3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [335464 2011-02-15] (Realtek Semiconductor Corp.)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
0 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
3 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
0 TfSysMon; C:\Windows\System32\Drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
1 Vsdatant; C:\Windows\System32\Drivers\Vsdatant.sys [454232 2011-05-07] (Check Point Software Technologies LTD)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-05-31 12:54 - 2012-05-31 12:54 - 0000000 ____D C:\FRST
2012-05-31 03:25 - 2012-05-31 03:25 - 0127554 ____A C:\Users\Oleuanna\Desktop\TDSSKiller.2.7.37.0_31.05.2012_12.10.47_log.txt
2012-05-31 03:10 - 2012-05-31 03:25 - 0127636 ____A C:\TDSSKiller.2.7.37.0_31.05.2012_12.10.47_log.txt
2012-05-31 03:10 - 2012-05-31 03:10 - 0001923 ____A C:\Users\Oleuanna\Desktop\aswMBR.txt
2012-05-31 03:10 - 2012-05-31 03:10 - 0000512 ____A C:\Users\Oleuanna\Desktop\MBR.dat
2012-05-31 01:28 - 2012-05-31 02:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Microsoft Games
2012-05-31 01:24 - 2012-05-31 01:24 - 0270416 ____A C:\Windows\Minidump\053112-23384-01.dmp
2012-05-31 01:15 - 2012-05-31 01:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\Flood Light Games
2012-05-31 01:15 - 2012-05-31 01:15 - 0000000 ____D C:\Users\All Users\Flood Light Games
2012-05-31 01:11 - 2012-05-31 01:12 - 0127636 ____A C:\TDSSKiller.2.7.37.0_31.05.2012_10.11.23_log.txt
2012-05-31 01:00 - 2012-05-31 01:00 - 1395349 ____A C:\Users\Oleuanna\Downloads\FRST64.exe
2012-05-31 00:59 - 2012-05-31 01:00 - 0004206 ____A C:\TDSSKiller.2.7.37.0_31.05.2012_09.59.12_log.txt
2012-05-30 23:53 - 2012-05-30 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D7DD708D-6FA0-4E19-A698-9D620CFA1BE8}
2012-05-30 23:53 - 2012-05-30 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{462221EA-A72C-4F37-B5A6-783DC5DEE954}
2012-05-30 11:40 - 2012-05-30 11:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4E2ACE96-7CAE-4459-807A-E338964CFEEC}
2012-05-30 11:40 - 2012-05-30 11:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{49B3F27B-67F5-46E8-9AD1-38156DA50F52}
2012-05-30 07:06 - 2012-05-30 07:07 - 0127632 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_16.06.12_log.txt
2012-05-30 06:53 - 2012-05-30 06:55 - 0127658 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_15.53.54_log.txt
2012-05-30 06:28 - 2012-05-30 06:39 - 0130838 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_15.28.01_log.txt
2012-05-30 06:26 - 2012-05-30 06:26 - 0044962 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_15.26.01_log.txt
2012-05-30 05:40 - 2012-05-30 05:40 - 0000000 ____D C:\TDSSKiller_Quarantine
2012-05-30 05:39 - 2012-05-30 05:39 - 1730394 ____A C:\Users\Oleuanna\Desktop\bookmarks-2012-05-30.json
2012-05-30 05:39 - 2012-05-30 05:39 - 0887078 ____A C:\Users\Oleuanna\Desktop\bookmarks.html
2012-05-30 05:35 - 2012-05-30 05:40 - 0129552 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_14.35.40_log.txt
2012-05-30 05:35 - 2012-05-30 05:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\PrintMarketingPro
2012-05-30 05:34 - 2012-05-30 06:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\BookCoverPro
2012-05-29 23:39 - 2012-05-29 23:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A03CE94E-84B8-4490-B2CE-DAEFA6F43CF4}
2012-05-29 23:38 - 2012-05-29 23:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AAE97990-FC72-43B4-82E3-C1034A1A35F7}
2012-05-29 10:36 - 2012-04-04 09:47 - 0772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-29 10:29 - 2012-05-29 10:29 - 0892360 ____A (Oracle Corporation) C:\Users\Oleuanna\Downloads\jxpiinstall.exe
2012-05-29 05:23 - 2012-05-29 05:23 - 0000000 __SHD C:\$RECYCLE.BIN
2012-05-29 05:21 - 2012-05-29 05:21 - 0026454 ____A C:\ComboFix.txt
2012-05-29 04:03 - 2012-05-29 05:21 - 0000000 ____D C:\ComboFix
2012-05-29 03:38 - 2012-05-29 03:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{94873081-F434-47F2-B5AB-EC33F60AD09E}
2012-05-29 03:38 - 2012-05-29 03:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2374F351-0420-4047-BF59-60DCAA8D38F9}
2012-05-29 03:32 - 2011-06-25 22:45 - 0256000 ____A C:\Windows\PEV.exe
2012-05-29 03:32 - 2010-11-07 09:20 - 0208896 ____A C:\Windows\MBR.exe
2012-05-29 03:32 - 2009-04-19 20:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-05-29 03:32 - 2000-08-30 16:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-05-29 03:32 - 2000-08-30 16:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-05-29 03:32 - 2000-08-30 16:00 - 0098816 ____A C:\Windows\sed.exe
2012-05-29 03:32 - 2000-08-30 16:00 - 0080412 ____A C:\Windows\grep.exe
2012-05-29 03:32 - 2000-08-30 16:00 - 0068096 ____A C:\Windows\zip.exe
2012-05-29 03:31 - 2012-05-29 05:21 - 0000000 ____D C:\Qoobox
2012-05-29 03:28 - 2012-05-29 03:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{33C592A2-A77D-4D4B-A094-061604CF1506}
2012-05-29 03:28 - 2012-05-29 03:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{03E0E33E-F767-433B-B724-CA4A727ADF4D}
2012-05-28 13:50 - 2012-05-29 10:28 - 0000000 ____D C:\Users\Oleuanna\Downloads\PCtrial
2012-05-28 13:23 - 2012-05-28 13:24 - 8746221 ____A C:\Users\Oleuanna\Downloads\PCtrial.zip
2012-05-28 12:04 - 2012-05-28 12:04 - 0000000 ____D C:\Program Files (x86)\Alarm Clock
2012-05-28 12:02 - 2012-05-28 12:02 - 0729320 ____A (CNET Download.com) C:\Users\Oleuanna\Downloads\cbsi-3_2_5_39-10064069.exe
2012-05-28 11:24 - 2012-05-28 11:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{92897C87-FAA5-40B9-8848-D8727114BFA5}
2012-05-28 11:24 - 2012-05-28 11:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{589E1172-142D-4BD0-8F60-633B0E0F3C1A}
2012-05-28 10:57 - 2012-05-28 10:56 - 4530306 ____R (Swearware) C:\Users\Oleuanna\Desktop\ComboFix.exe
2012-05-28 10:51 - 2012-05-28 10:51 - 0802019 ____A C:\Users\Oleuanna\Downloads\ListParts64.exe
2012-05-28 07:49 - 2012-05-28 07:49 - 0004113 ____A C:\Users\Oleuanna\Downloads\flamingtext_22451608092698117.png
2012-05-28 05:33 - 2012-05-28 05:33 - 0546029 ____A C:\Users\Oleuanna\Downloads\gridspace.zip
2012-05-28 04:07 - 2012-05-28 04:07 - 0000000 ____D C:\Users\Oleuanna\Downloads\wordpress-3.3.2 (1)
2012-05-28 04:06 - 2012-05-28 04:07 - 4251083 ____A C:\Users\Oleuanna\Downloads\wordpress-3.3.2 (2).zip
2012-05-28 04:06 - 2012-05-28 04:06 - 4251083 ____A C:\Users\Oleuanna\Downloads\wordpress-3.3.2 (1).zip
2012-05-27 23:23 - 2012-05-27 23:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A41DA415-36E9-4FA2-BBC1-8C27AA64529B}
2012-05-27 23:23 - 2012-05-27 23:23 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D07D79A1-25C0-4545-AC02-5959EE435CF8}
2012-05-27 11:22 - 2012-05-27 11:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{78675929-9F84-44E8-8E00-E860F10F42F9}
2012-05-26 23:22 - 2012-05-26 23:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{02EE756D-1F2C-4863-8091-9732BF2A443C}
2012-05-26 23:21 - 2012-05-27 11:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4BCFE492-7534-4862-810E-0FAB25C4EB59}
2012-05-26 12:04 - 2012-05-26 12:04 - 4731392 ____A (AVAST Software) C:\Users\Oleuanna\Downloads\aswMBR.exe
2012-05-26 11:44 - 2012-05-26 11:46 - 0129504 ____A C:\TDSSKiller.2.7.37.0_26.05.2012_20.44.44_log.txt
2012-05-26 11:20 - 2012-05-26 11:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6C0A66F2-3A64-418E-B974-A1BD430DC7F5}
2012-05-26 11:20 - 2012-05-26 11:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0BE136F5-8143-42FD-981F-65C25E2DD8E9}
2012-05-26 11:10 - 2012-05-26 11:22 - 0129482 ____A C:\TDSSKiller.2.7.37.0_26.05.2012_20.10.52_log.txt
2012-05-26 11:06 - 2012-05-26 11:09 - 0129482 ____A C:\TDSSKiller.2.7.37.0_26.05.2012_20.06.32_log.txt
2012-05-26 10:30 - 2012-05-26 10:30 - 0000000 ____D C:\Users\Oleuanna\Downloads\tdsskiller(1)
2012-05-26 10:29 - 2012-05-26 10:29 - 2108352 ____A C:\Users\Oleuanna\Downloads\tdsskiller(1).zip
2012-05-26 10:05 - 2012-05-26 10:05 - 0050477 ____A C:\Users\Oleuanna\Downloads\Defogger(1).exe
2012-05-25 23:20 - 2012-05-25 23:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7475D8D4-C3AE-46B2-8176-45CF124D9F2D}
2012-05-25 23:19 - 2012-05-25 23:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E56B89AD-5445-40F6-A95D-0B65C1887D17}
2012-05-25 11:00 - 2012-05-25 11:00 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{26BF76A9-714B-4DAE-82E9-666F1A7A08D5}
2012-05-25 10:59 - 2012-05-25 10:59 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A87537B8-A391-4F9E-83C8-D8053D95A702}
2012-05-24 22:58 - 2012-05-24 22:59 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7AACB478-D9DC-48A5-ADAB-A802E99E128B}
2012-05-24 22:58 - 2012-05-24 22:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B54E57E6-54F8-4633-BB52-40CA5F88859A}
2012-05-24 19:01 - 2012-05-24 19:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AA3D50EA-CF80-40DF-80E1-71F04BAC37DB}
2012-05-24 07:30 - 2012-05-24 07:30 - 0270416 ____A C:\Windows\Minidump\052412-41636-01.dmp
2012-05-24 05:06 - 2012-05-24 05:06 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C3187C25-D77B-42A9-B4CA-1650F819FA3F}
2012-05-24 05:05 - 2012-05-24 05:06 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A9AD572C-984F-4A47-AD04-0821234059D4}
2012-05-24 03:33 - 2012-05-26 10:52 - 0000478 ____A C:\Users\Oleuanna\Downloads\defogger_disable.log
2012-05-24 03:30 - 2012-05-24 03:30 - 0302592 ____A C:\Users\Oleuanna\Downloads\6qientwi.exe
2012-05-24 03:29 - 2012-05-24 03:29 - 0607260 ____R (Swearware) C:\Users\Oleuanna\Downloads\dds.scr
2012-05-24 03:28 - 2012-05-24 03:28 - 0000000 ____A C:\Users\Oleuanna\defogger_reenable
2012-05-24 03:27 - 2012-05-24 03:27 - 0050477 ____A C:\Users\Oleuanna\Downloads\Defogger.exe
2012-05-24 03:12 - 2012-05-29 05:29 - 0008364 ____A C:\Users\Oleuanna\Downloads\Result.txt
2012-05-24 02:39 - 2012-05-24 02:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C5738382-61DF-4B99-92F2-89820DF6D76E}
2012-05-24 02:39 - 2012-05-24 02:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{27E30E11-A02D-47E3-BBD6-8B605CEF3B64}
2012-05-24 00:46 - 2012-05-24 00:50 - 0133558 ____A C:\TDSSKiller.2.7.37.0_24.05.2012_09.46.43_log.txt
2012-05-24 00:30 - 2012-05-24 00:30 - 0000000 ____D C:\Users\Oleuanna\Downloads\tdsskiller
2012-05-24 00:20 - 2012-05-24 00:20 - 0000000 ____D C:\Windows\maxdrive
2012-05-23 07:22 - 2012-05-23 07:22 - 0000000 ____D C:\Users\All Users\Office Genuine Advantage
2012-05-23 04:31 - 2012-05-23 04:31 - 2108352 ____A C:\Users\Oleuanna\Downloads\tdsskiller.zip
2012-05-23 00:14 - 2012-05-23 00:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D2D39CB5-D68C-4B50-AF4B-C8567EA57465}
2012-05-23 00:14 - 2012-05-23 00:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{66ACE035-9EF5-497C-B904-40E399B84B8D}
2012-05-22 23:16 - 2012-05-22 23:16 - 2126936 ____A (Kaspersky Lab ZAO) C:\Users\Oleuanna\Desktop\TDSSKiller.exe
2012-05-22 17:13 - 2012-05-22 17:13 - 0476664 ____A C:\Windows\Minidump\052312-44070-01.dmp
2012-05-22 11:54 - 2012-05-22 11:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E1155F6E-D1B8-465A-8EA8-A9889946FDBB}
2012-05-22 11:54 - 2012-05-22 11:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DC84058E-D681-4C83-85E1-2DE5D2334A9F}
2012-05-22 07:20 - 2012-05-22 07:20 - 0013755 ____A C:\Users\Oleuanna\Desktop\ABAB CDCD EFEF GG.docx
2012-05-21 23:53 - 2012-05-21 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C18F21EA-45A0-463A-B139-15A6E150E932}
2012-05-21 23:53 - 2012-05-21 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2E00738B-CB35-476F-8012-1BEF3FCE8A53}
2012-05-21 08:52 - 2012-05-21 08:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B8D1E8A7-7F56-4F01-ADE7-9FB12CE631EE}
2012-05-21 08:52 - 2012-05-21 08:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{39209CD8-B647-4FAA-913C-E66305565864}
2012-05-21 02:11 - 2012-05-21 02:11 - 0012683 ____A C:\Users\Oleuanna\Desktop\Obama African Land grab.docx
2012-05-20 20:51 - 2012-05-20 20:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AC25F6A2-77D5-478D-9541-A806D33CF76E}
2012-05-20 20:51 - 2012-05-20 20:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{76FF2869-4662-47DB-9D5D-13727D5D7EE4}
2012-05-20 12:03 - 2012-05-20 12:03 - 0032979 ____A C:\Users\Oleuanna\Downloads\gpp-category-slider.zip
2012-05-20 11:12 - 2012-05-20 11:12 - 0002671 ____A C:\Users\Oleuanna\Downloads\gpp-base-child-customizations.zip
2012-05-20 10:44 - 2012-05-20 10:44 - 0000000 ____D C:\Users\Oleuanna\Downloads\emporia
2012-05-20 10:34 - 2012-05-20 10:34 - 0776347 ____A C:\Users\Oleuanna\Downloads\emporia.zip
2012-05-20 10:34 - 2012-05-20 10:34 - 0485533 ____A C:\Users\Oleuanna\Downloads\base(1).zip
2012-05-20 09:23 - 2012-05-20 09:23 - 0012977 ____A C:\Users\Oleuanna\Desktop\ftp06.docx
2012-05-20 09:22 - 2012-05-20 09:22 - 0012972 ____A C:\Users\Oleuanna\Documents\ftp06.docx
2012-05-20 08:57 - 2012-05-20 08:57 - 0000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2012-05-20 08:56 - 2012-05-20 08:56 - 4518720 ____A (FileZilla Project) C:\Users\Oleuanna\Downloads\FileZilla_3.5.3_win32-setup.exe
2012-05-20 08:51 - 2012-05-20 08:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D220F6A3-0D6A-476D-B097-3EC212395A40}
2012-05-20 08:50 - 2012-05-20 08:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1321FADE-E4E3-4A84-8636-B27F63D5E13A}
2012-05-19 20:49 - 2012-05-19 20:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7FDAF351-964A-41C4-ABD0-435C1100CA05}
2012-05-19 20:49 - 2012-05-19 20:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{124120DB-5E1F-4F14-956B-F38A25472892}
2012-05-19 18:05 - 2012-05-19 18:05 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-19 10:31 - 2012-05-19 22:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Adobe
2012-05-19 10:00 - 2012-05-19 10:01 - 0000000 ____D C:\Users\Oleuanna\Downloads\wordpress-3.3.2
2012-05-19 09:53 - 2012-05-19 09:54 - 4251083 ____A C:\Users\Oleuanna\Downloads\wordpress-3.3.2.zip
2012-05-19 08:48 - 2012-05-19 08:48 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A9527F78-1808-49F2-B8DC-8A2C75AA5B5D}
2012-05-19 08:47 - 2012-05-19 08:48 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D15A26DF-B2F1-4511-8E6D-396A4AC825AF}
2012-05-19 08:17 - 2012-05-19 08:18 - 3878424 ____A (AVG Technologies) C:\Users\Oleuanna\Downloads\avg_free_stb_all_2012_2176_cnet.exe
2012-05-19 07:58 - 2012-05-19 07:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{718AB43D-F22E-470C-8BA5-F10A3EA9B044}
2012-05-19 07:51 - 2012-05-19 07:52 - 3878424 ____A (AVG Technologies) C:\Users\Oleuanna\Downloads\avg_isct_stb_all_2012_2176_free.exe
2012-05-19 07:49 - 2012-05-19 07:50 - 1287528 ____A (Microsoft Corporation) C:\Users\Oleuanna\Downloads\wlsetup-web.exe
2012-05-19 06:06 - 2012-05-19 06:06 - 0006866 ____A C:\Users\Oleuanna\tempfile.txt
2012-05-19 05:59 - 2012-05-19 06:05 - 0000000 ____D C:\Users\Oleuanna\Reg
2012-05-19 05:52 - 2012-05-19 05:52 - 0000000 ____D C:\Program Files (x86)\ESET
2012-05-19 05:42 - 2012-05-19 05:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D37CF2B9-089F-4CC9-841A-D066443C1B1B}
2012-05-19 05:42 - 2012-05-19 05:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9D1AF0F7-0CE6-4A7A-BCE5-DB69FFE66C8C}
2012-05-19 03:30 - 2012-05-19 03:30 - 0062660 ____A C:\Users\Oleuanna\Downloads\Extras.Txt
2012-05-19 03:20 - 2012-05-24 00:20 - 0000045 ____A C:\Windows\look.bat
2012-05-19 03:16 - 2012-05-19 05:35 - 85446496 ____A C:\Users\Oleuanna\Downloads\8aet2a9x.exe
2012-05-19 03:09 - 2012-05-31 01:00 - 0000000 ____D C:\Users\Oleuanna\Desktop\Ah
2012-05-19 03:00 - 2012-05-19 03:00 - 0050688 ____A (Atribune.org) C:\Users\Oleuanna\Downloads\ATF-Cleaner.exe
2012-05-19 00:38 - 2012-05-19 01:16 - 0000000 ____D C:\Windows\ERDNT
2012-05-18 23:18 - 2012-05-30 06:27 - 0000440 ____A C:\rkill.log
2012-05-18 23:17 - 2012-05-18 23:17 - 4731392 ____A (AVAST Software) C:\Users\Oleuanna\Desktop\aswMBR.exe
2012-05-18 12:47 - 2012-05-18 12:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D1399782-C3B3-4CE8-8F04-603A2C6E5DB6}
2012-05-18 12:46 - 2012-05-18 12:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C4017904-D3B1-4313-B595-B4EEA4A0FC9A}
2012-05-18 12:36 - 2012-05-18 12:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{457134EA-550D-4CFC-8482-50147A1C90D1}
2012-05-18 12:35 - 2012-05-18 12:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{757CBDDC-51DA-4D85-ACFE-993E4C48AABE}
2012-05-18 10:30 - 2012-05-18 11:23 - 0066106 ____A C:\Windows\System32\avgrep.txt
2012-05-18 09:50 - 2012-05-18 09:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\SUPERAntiSpyware.com
2012-05-18 09:49 - 2012-05-27 11:56 - 0000000 ____D C:\Program Files (x86)\ThreatFire
2012-05-18 09:49 - 2012-05-18 09:49 - 0000000 ____D C:\Users\All Users\PC Tools
2012-05-18 09:49 - 2011-02-22 04:57 - 0074824 ____A (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2012-05-18 09:49 - 2011-02-22 04:57 - 0065072 ____A (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2012-05-18 09:49 - 2011-02-22 04:57 - 0041888 ____A (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2012-05-18 09:48 - 2012-05-30 06:57 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-05-18 09:48 - 2012-05-18 09:48 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-05-18 09:46 - 2012-05-18 23:23 - 0000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2012-05-18 09:46 - 2012-05-18 09:46 - 0000000 ____D C:\Users\Oleuanna\Documents\Anti-Malware
2012-05-18 09:37 - 2012-05-30 05:47 - 0853435 ____A C:\Users\Oleuanna\AppData\Local\census.cache
2012-05-18 09:34 - 2012-05-30 05:47 - 0123406 ____A C:\Users\Oleuanna\AppData\Local\ars.cache
2012-05-18 08:45 - 2012-05-18 08:45 - 0000036 ____A C:\Users\Oleuanna\AppData\Local\housecall.guid.cache
2012-05-17 22:14 - 2012-05-17 22:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D6569093-B441-49A6-8619-6BBCB9956D3B}
2012-05-17 22:14 - 2012-05-17 22:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CB8E878F-292F-4C2A-8246-158C5D308506}
2012-05-17 10:13 - 2012-05-17 10:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CCF18849-14A0-43EF-9C49-5758CF7FF4E6}
2012-05-17 10:13 - 2012-05-17 10:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B2E603E4-E4C2-4761-B1A1-4F2B0C88EEB1}
2012-05-16 22:12 - 2012-05-16 22:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B2D6D209-7929-4ED3-BC2E-C56F419297EC}
2012-05-16 22:11 - 2012-05-16 22:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{858F8935-27B0-4524-8CB3-43FE7273F693}
2012-05-16 14:16 - 2012-05-16 22:55 - 0000000 ____D C:\Users\Oleuanna\Downloads\Sherlock Holmes - A Game of Shadows 2011 1080p BDRip H264 AAC - KiNGDOM
2012-05-16 10:24 - 2012-03-30 22:05 - 5559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-16 10:24 - 2012-03-30 20:39 - 3968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-16 10:24 - 2012-03-30 20:39 - 3913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-16 10:24 - 2012-03-30 19:10 - 3146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-16 10:24 - 2012-03-02 22:35 - 1544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-05-16 10:24 - 2012-03-02 21:31 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-05-16 10:23 - 2012-03-16 23:58 - 0075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-05-16 10:22 - 2012-03-30 03:35 - 1918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-05-16 10:11 - 2012-05-16 10:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{ACDDFABE-1AF2-48A3-AD3B-7DDD5198DACA}
2012-05-16 10:10 - 2012-05-16 10:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{132155FB-A326-4B03-8BB3-2B894C4D4FA9}
2012-05-16 09:09 - 2012-05-16 09:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9ECCD0D7-8660-4A33-A310-96F7121F3EFA}
2012-05-16 09:09 - 2012-05-16 09:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{420CBA72-BF52-4530-BC10-A40E9E13051E}
2012-05-16 08:57 - 2012-05-16 08:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D60486A1-1B12-40D5-AA9C-234FAF076085}
2012-05-15 21:13 - 2012-05-15 21:13 - 0270416 ____A C:\Windows\Minidump\051612-32214-01.dmp
2012-05-15 20:56 - 2012-05-15 20:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{85CA02C7-A58C-46E8-A816-F34027735DAF}
2012-05-15 20:55 - 2012-05-15 20:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B7E11335-0BD7-48F3-8322-84D85687CC0E}
2012-05-15 20:55 - 2012-05-15 20:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7D4EE7E5-7D77-44FC-9A8F-2C477A400C31}
2012-05-15 08:54 - 2012-05-15 08:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{07A14A03-1F52-4244-A282-03722FE47990}
2012-05-15 08:53 - 2012-05-15 08:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9A8E5F5A-D095-458F-8D1B-0707C74EC628}
2012-05-14 20:53 - 2012-05-14 20:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BA5A3CF8-B12E-47D3-A990-A773AFB0982B}
2012-05-14 20:52 - 2012-05-14 20:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7B786C4C-0351-4B89-8E2D-CCC674C187D6}
2012-05-14 07:57 - 2012-05-14 07:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D34B3085-59B1-4B45-BDC9-C5CB13B0BFCE}
2012-05-14 07:57 - 2012-05-14 07:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CFBCCFAE-271A-41F8-9346-2ADE9A2C96B3}
2012-05-14 04:14 - 2012-05-20 12:15 - 0000000 ____D C:\Users\Oleuanna\Desktop\Oleuanna.Ltd
2012-05-13 19:56 - 2012-05-13 19:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B8E70FE7-4D31-463C-BB76-3D44AA7E9ED1}
2012-05-13 19:56 - 2012-05-13 19:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{98BEE382-0C05-4822-882E-5E44A84D4D61}
2012-05-13 07:56 - 2012-05-13 07:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{137FE9A2-49D9-4312-88AD-203DFFF27F4D}
2012-05-13 07:55 - 2012-05-13 07:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8CFD3076-7677-4AD5-A32E-7EA39799BA80}
2012-05-12 19:55 - 2012-05-12 19:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8ED0D230-8F68-4DAC-BA9A-6F2EE881617E}
2012-05-12 19:54 - 2012-05-12 19:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{17D193B1-D973-4E81-B87E-AB3DC26CBE08}
2012-05-12 07:53 - 2012-05-12 07:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3BB5E882-2EAA-48EB-84CA-3E473B524912}
2012-05-12 07:53 - 2012-05-12 07:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4FE9F9F1-903A-41F6-821E-67158E7A119B}
2012-05-11 19:53 - 2012-05-11 19:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C09C6528-21BB-401A-9B54-F0BA5841E99A}
2012-05-11 19:52 - 2012-05-11 19:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B0A1D28F-9230-44C7-B9C1-4167F342A403}
2012-05-11 07:52 - 2012-05-11 07:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{627237DE-E7A3-486F-A584-433B5DD7EB1A}
2012-05-11 07:51 - 2012-05-11 07:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2375C3D6-690F-49E7-A10C-A066358C5080}
2012-05-11 06:15 - 2012-05-11 06:15 - 0143147 ____A C:\Users\Oleuanna\Desktop\Oleuanna__CV.pdf
2012-05-10 18:50 - 2012-05-10 18:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F214341C-290D-4838-B527-58F714EA17F1}
2012-05-10 18:50 - 2012-05-10 18:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{00580B0B-D67E-40DE-98F8-302BB9EFC393}
2012-05-10 18:44 - 2012-05-10 18:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BE6369C7-73ED-41FC-A84A-5ED333FA6FBB}
2012-05-10 18:43 - 2012-05-10 18:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4A131829-7088-4B21-974E-B74A1091FB69}
2012-05-10 17:10 - 2012-05-31 02:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\vlc
2012-05-10 16:44 - 2012-05-10 16:46 - 22259528 ____A C:\Users\Oleuanna\Downloads\vlc-2.0.1-win32.exe
2012-05-10 06:01 - 2012-05-10 06:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DC358AE2-7A8D-4E75-ADEF-AFFF3E00D014}
2012-05-10 06:01 - 2012-05-10 06:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{40DBEA70-8F2F-4E19-B45B-598B78CB5EC2}
2012-05-10 00:18 - 2012-05-10 00:18 - 0015103 ____A C:\Users\Oleuanna\Desktop\Waiting Timetable.docx
2012-05-09 14:22 - 2012-05-09 14:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0FCE8C90-61A1-4F8F-89C9-D9AE7DE6248E}
2012-05-09 14:21 - 2012-05-09 14:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9536E301-E6E6-4083-85C4-CD60325791D2}
2012-05-08 22:14 - 2012-05-08 22:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2A8323E5-9147-49AF-9022-C5EBBC4CBD94}
2012-05-08 22:13 - 2012-05-08 22:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B071EAA9-18BC-4DAD-BA1B-24D90AE7E511}
2012-05-08 18:24 - 2012-05-16 18:47 - 0000000 ____D C:\Program Files\WinZip
2012-05-08 17:53 - 2012-05-08 17:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\dvdcss
2012-05-08 17:09 - 2012-05-16 18:46 - 0000000 ____D C:\Program Files (x86)\Tweet Adder 3
2012-05-08 06:32 - 2012-05-08 06:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C3AB189B-5180-4A29-82CF-720BD880FE1D}
2012-05-08 06:32 - 2012-05-08 06:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{849B8963-7EC9-4946-88EC-7F055E979F4D}
2012-05-07 18:31 - 2012-05-07 18:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C439CBF6-8E6C-47B5-9DAF-CF293256EF9F}
2012-05-07 18:31 - 2012-05-07 18:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{987CFD5B-1BD5-4568-BB1B-32387B52EE98}
2012-05-07 06:30 - 2012-05-07 06:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{43470CC2-56DF-4B79-BC3D-AEFEF68E93A5}
2012-05-07 06:30 - 2012-05-07 06:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CB18392C-313F-4571-BFBB-AF89485CB88B}
2012-05-06 16:42 - 2012-05-06 16:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DDA7A1DE-CAA0-4BB1-A5C7-112096277E1B}
2012-05-06 16:41 - 2012-05-06 16:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3B942B70-74DB-41B5-833F-FA15FC17681D}
2012-05-06 16:41 - 2012-05-06 16:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DC8ABCC3-FC1C-414F-9907-B511991E0269}
2012-05-06 16:41 - 2012-05-06 16:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{62679261-3269-4BD3-B4BD-710FF92DC55B}
2012-05-06 12:42 - 2012-05-06 12:43 - 0498232 ____A C:\Windows\Minidump\050612-33181-01.dmp
2012-05-06 04:40 - 2012-05-06 04:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9F299D76-05DA-4821-8E6E-A55035DC51C1}
2012-05-06 04:40 - 2012-05-06 04:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{398990E7-7697-4543-9B7F-1A52BC613C0D}
2012-05-06 04:30 - 2012-05-16 18:46 - 0000000 ____D C:\Program Files (x86)\Check Point Software Technologies LTD
2012-05-06 04:29 - 2012-01-09 09:59 - 0485680 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys
2012-05-06 04:29 - 2012-01-09 09:59 - 0460888 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kl1.sys
2012-05-06 04:29 - 2012-01-09 09:59 - 0011864 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\kl2.sys
2012-05-05 15:43 - 2012-05-05 15:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B7A1F653-AAA8-48CC-8C45-A9727F7B671D}
2012-05-05 15:43 - 2012-05-05 15:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2CBD5D55-5263-486E-AC6D-BED83B3E07EE}
2012-05-05 03:42 - 2012-05-05 03:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{57413E44-F866-4193-A341-1C20D363E78D}
2012-05-05 03:42 - 2012-05-05 03:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7EF91371-10A1-4404-A1B1-670203606909}
2012-05-04 12:36 - 2012-05-04 12:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{ED276414-9E70-42DA-BEAF-1089E1D5FEC1}
2012-05-04 12:35 - 2012-05-04 12:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{31129FA7-E94E-47F5-9A34-3271076FB023}
2012-05-04 00:02 - 2012-05-04 00:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{76257DB2-01C7-4F9B-8212-EE219342E909}
2012-05-04 00:02 - 2012-05-04 00:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4716F5CF-0393-4F5B-915C-AD4299BD9C72}
2012-05-03 12:01 - 2012-05-03 12:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6DFC80C8-700B-4A03-875E-845405CC5B4A}
2012-05-03 12:01 - 2012-05-03 12:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0FD5585B-5655-4519-AA01-E889FCCB1C99}
2012-05-02 16:48 - 2012-05-03 04:38 - 0015368 ____A C:\Users\Oleuanna\Desktop\Roisin Budget.docx
2012-05-02 16:23 - 2012-05-02 16:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{989F3AE8-7563-452F-AF93-421DB9F7D6F5}
2012-05-02 16:23 - 2012-05-02 16:23 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E3067E04-4B42-4613-BA99-FF98607A1E72}
2012-05-02 03:14 - 2012-05-02 03:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{564A1FE5-2404-4C02-AC2C-52EBE1534322}
2012-05-02 03:14 - 2012-05-02 03:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4DAFC637-EC26-49EE-BA01-73CDBE4A769B}
2012-05-01 13:36 - 2012-05-01 13:37 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DAE274EE-5063-4B8F-A768-8649F3BF1E59}
2012-05-01 13:36 - 2012-05-01 13:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D2D5C300-7252-4763-AF83-C0D0C292C566}
2012-05-01 01:36 - 2012-05-01 01:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{FA5453BC-F340-4807-9D1B-0D1F47D4833C}
2012-05-01 01:36 - 2012-05-01 01:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{894F111F-3DFB-4F58-8DFB-9F6CDE3A51E3}

============ 3 Months Modified Files and Folders =============

2012-05-31 12:54 - 2012-05-31 12:54 - 0000000 ____D C:\FRST
2012-05-31 03:51 - 2011-12-30 00:46 - 1150091 ____A C:\Windows\WindowsUpdate.log
2012-05-31 03:51 - 2009-07-13 20:45 - 0032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-31 03:51 - 2009-07-13 20:45 - 0032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-31 03:48 - 2012-03-17 09:35 - 0000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725012988-2077640657-2150448371-1000UA.job
2012-05-31 03:48 - 2011-11-20 17:50 - 0000000 ___RD C:\Users\Oleuanna\Dropbox
2012-05-31 03:48 - 2011-11-20 17:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\Dropbox
2012-05-31 03:47 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-31 03:46 - 2011-12-30 01:06 - 3062255616 __ASH C:\hiberfil.sys
2012-05-31 03:46 - 2009-07-13 20:51 - 0077091 ____A C:\Windows\setupact.log
2012-05-31 03:25 - 2012-05-31 03:25 - 0127554 ____A C:\Users\Oleuanna\Desktop\TDSSKiller.2.7.37.0_31.05.2012_12.10.47_log.txt
2012-05-31 03:25 - 2012-05-31 03:10 - 0127636 ____A C:\TDSSKiller.2.7.37.0_31.05.2012_12.10.47_log.txt
2012-05-31 03:10 - 2012-05-31 03:10 - 0001923 ____A C:\Users\Oleuanna\Desktop\aswMBR.txt
2012-05-31 03:10 - 2012-05-31 03:10 - 0000512 ____A C:\Users\Oleuanna\Desktop\MBR.dat
2012-05-31 02:53 - 2012-05-10 17:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\vlc
2012-05-31 02:13 - 2012-05-31 01:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Microsoft Games
2012-05-31 01:24 - 2012-05-31 01:24 - 0270416 ____A C:\Windows\Minidump\053112-23384-01.dmp
2012-05-31 01:24 - 2011-11-26 19:14 - 538225391 ____A C:\Windows\MEMORY.DMP
2012-05-31 01:24 - 2011-11-26 19:14 - 0000000 ____D C:\Windows\Minidump
2012-05-31 01:21 - 2011-05-14 12:07 - 0000000 ____D C:\Program Files (x86)\Java
2012-05-31 01:15 - 2012-05-31 01:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\Flood Light Games
2012-05-31 01:15 - 2012-05-31 01:15 - 0000000 ____D C:\Users\All Users\Flood Light Games
2012-05-31 01:14 - 2011-05-14 11:53 - 0000000 ____D C:\Users\All Users\WildTangent
2012-05-31 01:12 - 2012-05-31 01:11 - 0127636 ____A C:\TDSSKiller.2.7.37.0_31.05.2012_10.11.23_log.txt
2012-05-31 01:00 - 2012-05-31 01:00 - 1395349 ____A C:\Users\Oleuanna\Downloads\FRST64.exe
2012-05-31 01:00 - 2012-05-31 00:59 - 0004206 ____A C:\TDSSKiller.2.7.37.0_31.05.2012_09.59.12_log.txt
2012-05-31 01:00 - 2012-05-19 03:09 - 0000000 ____D C:\Users\Oleuanna\Desktop\Ah
2012-05-30 23:53 - 2012-05-30 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D7DD708D-6FA0-4E19-A698-9D620CFA1BE8}
2012-05-30 23:53 - 2012-05-30 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{462221EA-A72C-4F37-B5A6-783DC5DEE954}
2012-05-30 23:53 - 2011-10-19 08:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Windows Live
2012-05-30 11:40 - 2012-05-30 11:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4E2ACE96-7CAE-4459-807A-E338964CFEEC}
2012-05-30 11:40 - 2012-05-30 11:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{49B3F27B-67F5-46E8-9AD1-38156DA50F52}
2012-05-30 08:48 - 2012-03-17 09:35 - 0000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725012988-2077640657-2150448371-1000Core.job
2012-05-30 08:00 - 2010-11-20 19:47 - 0323360 ____A C:\Windows\PFRO.log
2012-05-30 07:56 - 2012-04-27 20:13 - 3893160 ____A C:\Windows\ntbtlog.txt
2012-05-30 07:07 - 2012-05-30 07:06 - 0127632 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_16.06.12_log.txt
2012-05-30 06:57 - 2012-05-18 09:48 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-05-30 06:56 - 2012-05-30 05:34 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\BookCoverPro
2012-05-30 06:55 - 2012-05-30 06:53 - 0127658 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_15.53.54_log.txt
2012-05-30 06:39 - 2012-05-30 06:28 - 0130838 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_15.28.01_log.txt
2012-05-30 06:39 - 2012-03-13 07:33 - 0000000 ____D C:\Program Files (x86)\FileZilla Server
2012-05-30 06:27 - 2012-05-18 23:18 - 0000440 ____A C:\rkill.log
2012-05-30 06:26 - 2012-05-30 06:26 - 0044962 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_15.26.01_log.txt
2012-05-30 05:47 - 2012-05-18 09:37 - 0853435 ____A C:\Users\Oleuanna\AppData\Local\census.cache
2012-05-30 05:47 - 2012-05-18 09:34 - 0123406 ____A C:\Users\Oleuanna\AppData\Local\ars.cache
2012-05-30 05:40 - 2012-05-30 05:40 - 0000000 ____D C:\TDSSKiller_Quarantine
2012-05-30 05:40 - 2012-05-30 05:35 - 0129552 ____A C:\TDSSKiller.2.7.37.0_30.05.2012_14.35.40_log.txt
2012-05-30 05:39 - 2012-05-30 05:39 - 1730394 ____A C:\Users\Oleuanna\Desktop\bookmarks-2012-05-30.json
2012-05-30 05:39 - 2012-05-30 05:39 - 0887078 ____A C:\Users\Oleuanna\Desktop\bookmarks.html
2012-05-30 05:35 - 2012-05-30 05:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\PrintMarketingPro
2012-05-30 05:11 - 2012-03-13 01:02 - 0000000 ____D C:\Users\Oleuanna\Desktop\Books
2012-05-30 03:32 - 2011-11-09 05:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\TweetAdder3
2012-05-29 23:39 - 2012-05-29 23:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A03CE94E-84B8-4490-B2CE-DAEFA6F43CF4}
2012-05-29 23:39 - 2012-05-29 23:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AAE97990-FC72-43B4-82E3-C1034A1A35F7}
2012-05-29 11:20 - 2011-10-19 09:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Paint.NET
2012-05-29 10:36 - 2011-10-19 07:39 - 0000000 ____D C:\Users\Oleuanna\AppData\LocalLow
2012-05-29 10:29 - 2012-05-29 10:29 - 0892360 ____A (Oracle Corporation) C:\Users\Oleuanna\Downloads\jxpiinstall.exe
2012-05-29 10:28 - 2012-05-28 13:50 - 0000000 ____D C:\Users\Oleuanna\Downloads\PCtrial
2012-05-29 05:29 - 2012-05-24 03:12 - 0008364 ____A C:\Users\Oleuanna\Downloads\Result.txt
2012-05-29 05:23 - 2012-05-29 05:23 - 0000000 __SHD C:\$RECYCLE.BIN
2012-05-29 05:21 - 2012-05-29 05:21 - 0026454 ____A C:\ComboFix.txt
2012-05-29 05:21 - 2012-05-29 04:03 - 0000000 ____D C:\ComboFix
2012-05-29 05:21 - 2012-05-29 03:31 - 0000000 ____D C:\Qoobox
2012-05-29 05:08 - 2009-07-13 18:34 - 0000215 ____A C:\Windows\system.ini
2012-05-29 05:08 - 2009-07-13 18:34 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2012-05-29 03:38 - 2012-05-29 03:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{94873081-F434-47F2-B5AB-EC33F60AD09E}
2012-05-29 03:38 - 2012-05-29 03:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2374F351-0420-4047-BF59-60DCAA8D38F9}
2012-05-29 03:37 - 2009-07-13 21:08 - 0032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-29 03:28 - 2012-05-29 03:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{33C592A2-A77D-4D4B-A094-061604CF1506}
2012-05-29 03:28 - 2012-05-29 03:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{03E0E33E-F767-433B-B724-CA4A727ADF4D}
2012-05-28 13:24 - 2012-05-28 13:23 - 8746221 ____A C:\Users\Oleuanna\Downloads\PCtrial.zip
2012-05-28 12:04 - 2012-05-28 12:04 - 0000000 ____D C:\Program Files (x86)\Alarm Clock
2012-05-28 12:02 - 2012-05-28 12:02 - 0729320 ____A (CNET Download.com) C:\Users\Oleuanna\Downloads\cbsi-3_2_5_39-10064069.exe
2012-05-28 11:24 - 2012-05-28 11:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{92897C87-FAA5-40B9-8848-D8727114BFA5}
2012-05-28 11:24 - 2012-05-28 11:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{589E1172-142D-4BD0-8F60-633B0E0F3C1A}
2012-05-28 10:56 - 2012-05-28 10:57 - 4530306 ____R (Swearware) C:\Users\Oleuanna\Desktop\ComboFix.exe
2012-05-28 10:51 - 2012-05-28 10:51 - 0802019 ____A C:\Users\Oleuanna\Downloads\ListParts64.exe
2012-05-28 09:45 - 2012-03-15 03:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\FileZilla
2012-05-28 07:49 - 2012-05-28 07:49 - 0004113 ____A C:\Users\Oleuanna\Downloads\flamingtext_22451608092698117.png
2012-05-28 05:33 - 2012-05-28 05:33 - 0546029 ____A C:\Users\Oleuanna\Downloads\gridspace.zip
2012-05-28 04:07 - 2012-05-28 04:07 - 0000000 ____D C:\Users\Oleuanna\Downloads\wordpress-3.3.2 (1)
2012-05-28 04:07 - 2012-05-28 04:06 - 4251083 ____A C:\Users\Oleuanna\Downloads\wordpress-3.3.2 (2).zip
2012-05-28 04:06 - 2012-05-28 04:06 - 4251083 ____A C:\Users\Oleuanna\Downloads\wordpress-3.3.2 (1).zip
2012-05-27 23:24 - 2012-05-27 23:23 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A41DA415-36E9-4FA2-BBC1-8C27AA64529B}
2012-05-27 23:23 - 2012-05-27 23:23 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D07D79A1-25C0-4545-AC02-5959EE435CF8}
2012-05-27 11:56 - 2012-05-18 09:49 - 0000000 ____D C:\Program Files (x86)\ThreatFire
2012-05-27 11:22 - 2012-05-27 11:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{78675929-9F84-44E8-8E00-E860F10F42F9}
2012-05-27 11:22 - 2012-05-26 23:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4BCFE492-7534-4862-810E-0FAB25C4EB59}
2012-05-26 23:22 - 2012-05-26 23:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{02EE756D-1F2C-4863-8091-9732BF2A443C}
2012-05-26 12:04 - 2012-05-26 12:04 - 4731392 ____A (AVAST Software) C:\Users\Oleuanna\Downloads\aswMBR.exe
2012-05-26 12:00 - 2011-10-19 07:46 - 0110256 ____A C:\Users\Oleuanna\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-26 11:46 - 2012-05-26 11:44 - 0129504 ____A C:\TDSSKiller.2.7.37.0_26.05.2012_20.44.44_log.txt
2012-05-26 11:37 - 2009-07-13 20:45 - 4973864 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-26 11:22 - 2012-05-26 11:10 - 0129482 ____A C:\TDSSKiller.2.7.37.0_26.05.2012_20.10.52_log.txt
2012-05-26 11:21 - 2012-05-26 11:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6C0A66F2-3A64-418E-B974-A1BD430DC7F5}
2012-05-26 11:20 - 2012-05-26 11:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0BE136F5-8143-42FD-981F-65C25E2DD8E9}
2012-05-26 11:09 - 2012-05-26 11:06 - 0129482 ____A C:\TDSSKiller.2.7.37.0_26.05.2012_20.06.32_log.txt
2012-05-26 10:52 - 2012-05-24 03:33 - 0000478 ____A C:\Users\Oleuanna\Downloads\defogger_disable.log
2012-05-26 10:33 - 2011-10-19 13:52 - 0000000 ____D C:\Users\All Users\AVG2012
2012-05-26 10:30 - 2012-05-26 10:30 - 0000000 ____D C:\Users\Oleuanna\Downloads\tdsskiller(1)
2012-05-26 10:29 - 2012-05-26 10:29 - 2108352 ____A C:\Users\Oleuanna\Downloads\tdsskiller(1).zip
2012-05-26 10:25 - 2011-10-19 13:39 - 0000000 ____D C:\Users\All Users\MFAData
2012-05-26 10:05 - 2012-05-26 10:05 - 0050477 ____A C:\Users\Oleuanna\Downloads\Defogger(1).exe
2012-05-26 09:25 - 2011-10-30 12:35 - 0000000 ____D C:\Users\Oleuanna\Documents\Notes
2012-05-25 23:20 - 2012-05-25 23:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7475D8D4-C3AE-46B2-8176-45CF124D9F2D}
2012-05-25 23:20 - 2012-05-25 23:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E56B89AD-5445-40F6-A95D-0B65C1887D17}
2012-05-25 11:00 - 2012-05-25 11:00 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{26BF76A9-714B-4DAE-82E9-666F1A7A08D5}
2012-05-25 10:59 - 2012-05-25 10:59 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A87537B8-A391-4F9E-83C8-D8053D95A702}
2012-05-24 22:59 - 2012-05-24 22:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7AACB478-D9DC-48A5-ADAB-A802E99E128B}
2012-05-24 22:58 - 2012-05-24 22:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B54E57E6-54F8-4633-BB52-40CA5F88859A}
2012-05-24 19:01 - 2012-05-24 19:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AA3D50EA-CF80-40DF-80E1-71F04BAC37DB}
2012-05-24 07:30 - 2012-05-24 07:30 - 0270416 ____A C:\Windows\Minidump\052412-41636-01.dmp
2012-05-24 05:06 - 2012-05-24 05:06 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C3187C25-D77B-42A9-B4CA-1650F819FA3F}
2012-05-24 05:06 - 2012-05-24 05:05 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A9AD572C-984F-4A47-AD04-0821234059D4}
2012-05-24 03:30 - 2012-05-24 03:30 - 0302592 ____A C:\Users\Oleuanna\Downloads\6qientwi.exe
2012-05-24 03:29 - 2012-05-24 03:29 - 0607260 ____R (Swearware) C:\Users\Oleuanna\Downloads\dds.scr
2012-05-24 03:28 - 2012-05-24 03:28 - 0000000 ____A C:\Users\Oleuanna\defogger_reenable
2012-05-24 03:28 - 2011-10-19 08:41 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-05-24 03:28 - 2011-10-19 07:39 - 0000000 ____D C:\users\Oleuanna
2012-05-24 03:27 - 2012-05-24 03:27 - 0050477 ____A C:\Users\Oleuanna\Downloads\Defogger.exe
2012-05-24 02:39 - 2012-05-24 02:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C5738382-61DF-4B99-92F2-89820DF6D76E}
2012-05-24 02:39 - 2012-05-24 02:39 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{27E30E11-A02D-47E3-BBD6-8B605CEF3B64}
2012-05-24 00:50 - 2012-05-24 00:46 - 0133558 ____A C:\TDSSKiller.2.7.37.0_24.05.2012_09.46.43_log.txt
2012-05-24 00:30 - 2012-05-24 00:30 - 0000000 ____D C:\Users\Oleuanna\Downloads\tdsskiller
2012-05-24 00:20 - 2012-05-24 00:20 - 0000000 ____D C:\Windows\maxdrive
2012-05-24 00:20 - 2012-05-19 03:20 - 0000045 ____A C:\Windows\look.bat
2012-05-23 07:22 - 2012-05-23 07:22 - 0000000 ____D C:\Users\All Users\Office Genuine Advantage
2012-05-23 04:31 - 2012-05-23 04:31 - 2108352 ____A C:\Users\Oleuanna\Downloads\tdsskiller.zip
2012-05-23 00:15 - 2012-05-23 00:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D2D39CB5-D68C-4B50-AF4B-C8567EA57465}
2012-05-23 00:14 - 2012-05-23 00:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{66ACE035-9EF5-497C-B904-40E399B84B8D}
2012-05-22 23:16 - 2012-05-22 23:16 - 2126936 ____A (Kaspersky Lab ZAO) C:\Users\Oleuanna\Desktop\TDSSKiller.exe
2012-05-22 17:13 - 2012-05-22 17:13 - 0476664 ____A C:\Windows\Minidump\052312-44070-01.dmp
2012-05-22 11:54 - 2012-05-22 11:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E1155F6E-D1B8-465A-8EA8-A9889946FDBB}
2012-05-22 11:54 - 2012-05-22 11:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DC84058E-D681-4C83-85E1-2DE5D2334A9F}
2012-05-22 07:20 - 2012-05-22 07:20 - 0013755 ____A C:\Users\Oleuanna\Desktop\ABAB CDCD EFEF GG.docx
2012-05-21 23:53 - 2012-05-21 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C18F21EA-45A0-463A-B139-15A6E150E932}
2012-05-21 23:53 - 2012-05-21 23:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2E00738B-CB35-476F-8012-1BEF3FCE8A53}
2012-05-21 08:53 - 2012-05-21 08:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B8D1E8A7-7F56-4F01-ADE7-9FB12CE631EE}
2012-05-21 08:52 - 2012-05-21 08:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{39209CD8-B647-4FAA-913C-E66305565864}
2012-05-21 02:11 - 2012-05-21 02:11 - 0012683 ____A C:\Users\Oleuanna\Desktop\Obama African Land grab.docx
2012-05-20 20:52 - 2012-05-20 20:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AC25F6A2-77D5-478D-9541-A806D33CF76E}
2012-05-20 20:51 - 2012-05-20 20:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{76FF2869-4662-47DB-9D5D-13727D5D7EE4}
2012-05-20 12:15 - 2012-05-14 04:14 - 0000000 ____D C:\Users\Oleuanna\Desktop\Oleuanna.Ltd
2012-05-20 12:03 - 2012-05-20 12:03 - 0032979 ____A C:\Users\Oleuanna\Downloads\gpp-category-slider.zip
2012-05-20 11:12 - 2012-05-20 11:12 - 0002671 ____A C:\Users\Oleuanna\Downloads\gpp-base-child-customizations.zip
2012-05-20 10:44 - 2012-05-20 10:44 - 0000000 ____D C:\Users\Oleuanna\Downloads\emporia
2012-05-20 10:34 - 2012-05-20 10:34 - 0776347 ____A C:\Users\Oleuanna\Downloads\emporia.zip
2012-05-20 10:34 - 2012-05-20 10:34 - 0485533 ____A C:\Users\Oleuanna\Downloads\base(1).zip
2012-05-20 09:23 - 2012-05-20 09:23 - 0012977 ____A C:\Users\Oleuanna\Desktop\ftp06.docx
2012-05-20 09:22 - 2012-05-20 09:22 - 0012972 ____A C:\Users\Oleuanna\Documents\ftp06.docx
2012-05-20 08:57 - 2012-05-20 08:57 - 0000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2012-05-20 08:56 - 2012-05-20 08:56 - 4518720 ____A (FileZilla Project) C:\Users\Oleuanna\Downloads\FileZilla_3.5.3_win32-setup.exe
2012-05-20 08:51 - 2012-05-20 08:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D220F6A3-0D6A-476D-B097-3EC212395A40}
2012-05-20 08:51 - 2012-05-20 08:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1321FADE-E4E3-4A84-8636-B27F63D5E13A}
2012-05-20 06:38 - 2012-03-15 03:29 - 0000000 ____D C:\Users\Oleuanna\Documents\New folder
2012-05-19 23:14 - 2011-05-14 12:00 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-19 22:28 - 2012-05-19 10:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Adobe
2012-05-19 20:49 - 2012-05-19 20:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7FDAF351-964A-41C4-ABD0-435C1100CA05}
2012-05-19 20:49 - 2012-05-19 20:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{124120DB-5E1F-4F14-956B-F38A25472892}
2012-05-19 18:05 - 2012-05-19 18:05 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-19 10:01 - 2012-05-19 10:00 - 0000000 ____D C:\Users\Oleuanna\Downloads\wordpress-3.3.2
2012-05-19 09:54 - 2012-05-19 09:53 - 4251083 ____A C:\Users\Oleuanna\Downloads\wordpress-3.3.2.zip
2012-05-19 08:48 - 2012-05-19 08:48 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A9527F78-1808-49F2-B8DC-8A2C75AA5B5D}
2012-05-19 08:48 - 2012-05-19 08:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D15A26DF-B2F1-4511-8E6D-396A4AC825AF}
2012-05-19 08:18 - 2012-05-19 08:17 - 3878424 ____A (AVG Technologies) C:\Users\Oleuanna\Downloads\avg_free_stb_all_2012_2176_cnet.exe
2012-05-19 07:58 - 2012-05-19 07:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{718AB43D-F22E-470C-8BA5-F10A3EA9B044}
2012-05-19 07:57 - 2011-05-14 12:01 - 0000000 ____D C:\Program Files (x86)\Windows Live
2012-05-19 07:55 - 2011-05-14 12:00 - 0002114 ____A C:\Windows\DirectX.log
2012-05-19 07:52 - 2012-05-19 07:51 - 3878424 ____A (AVG Technologies) C:\Users\Oleuanna\Downloads\avg_isct_stb_all_2012_2176_free.exe
2012-05-19 07:50 - 2012-05-19 07:49 - 1287528 ____A (Microsoft Corporation) C:\Users\Oleuanna\Downloads\wlsetup-web.exe
2012-05-19 06:06 - 2012-05-19 06:06 - 0006866 ____A C:\Users\Oleuanna\tempfile.txt
2012-05-19 06:05 - 2012-05-19 05:59 - 0000000 ____D C:\Users\Oleuanna\Reg
2012-05-19 05:52 - 2012-05-19 05:52 - 0000000 ____D C:\Program Files (x86)\ESET
2012-05-19 05:42 - 2012-05-19 05:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D37CF2B9-089F-4CC9-841A-D066443C1B1B}
2012-05-19 05:42 - 2012-05-19 05:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9D1AF0F7-0CE6-4A7A-BCE5-DB69FFE66C8C}
2012-05-19 05:35 - 2012-05-19 03:16 - 85446496 ____A C:\Users\Oleuanna\Downloads\8aet2a9x.exe
2012-05-19 03:30 - 2012-05-19 03:30 - 0062660 ____A C:\Users\Oleuanna\Downloads\Extras.Txt
2012-05-19 03:00 - 2012-05-19 03:00 - 0050688 ____A (Atribune.org) C:\Users\Oleuanna\Downloads\ATF-Cleaner.exe
2012-05-19 01:45 - 2011-10-27 08:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\Skype
2012-05-19 01:45 - 2011-10-27 08:38 - 0000000 ____D C:\Users\All Users\Skype
2012-05-19 01:27 - 2009-07-13 19:20 - 0000000 __RHD C:\users\Default
2012-05-19 01:16 - 2012-05-19 00:38 - 0000000 ____D C:\Windows\ERDNT
2012-05-18 23:30 - 2012-03-12 03:46 - 0000000 ____D C:\Users\All Users\PopCap Games
2012-05-18 23:29 - 2011-10-20 10:34 - 0000000 ____D C:\Program Files (x86)\Acro Software
2012-05-18 23:25 - 2011-12-08 13:12 - 0000000 ____D C:\Program Files\Smart PDF Converter Pro
2012-05-18 23:23 - 2012-05-18 09:46 - 0000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2012-05-18 23:17 - 2012-05-18 23:17 - 4731392 ____A (AVAST Software) C:\Users\Oleuanna\Desktop\aswMBR.exe
2012-05-18 13:59 - 2011-11-05 05:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\CrashDumps
2012-05-18 12:47 - 2012-05-18 12:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D1399782-C3B3-4CE8-8F04-603A2C6E5DB6}
2012-05-18 12:47 - 2012-05-18 12:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C4017904-D3B1-4313-B595-B4EEA4A0FC9A}
2012-05-18 12:36 - 2012-05-18 12:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{457134EA-550D-4CFC-8482-50147A1C90D1}
2012-05-18 12:36 - 2012-05-18 12:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{757CBDDC-51DA-4D85-ACFE-993E4C48AABE}
2012-05-18 11:23 - 2012-05-18 10:30 - 0066106 ____A C:\Windows\System32\avgrep.txt
2012-05-18 10:59 - 2012-03-25 05:17 - 0000000 ____D C:\Program Files (x86)\System Security Guard
2012-05-18 09:50 - 2012-05-18 09:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\SUPERAntiSpyware.com
2012-05-18 09:49 - 2012-05-18 09:49 - 0000000 ____D C:\Users\All Users\PC Tools
2012-05-18 09:48 - 2012-05-18 09:48 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-05-18 09:46 - 2012-05-18 09:46 - 0000000 ____D C:\Users\Oleuanna\Documents\Anti-Malware
2012-05-18 08:45 - 2012-05-18 08:45 - 0000036 ____A C:\Users\Oleuanna\AppData\Local\housecall.guid.cache
2012-05-17 22:14 - 2012-05-17 22:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D6569093-B441-49A6-8619-6BBCB9956D3B}
2012-05-17 22:14 - 2012-05-17 22:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CB8E878F-292F-4C2A-8246-158C5D308506}
2012-05-17 10:13 - 2012-05-17 10:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CCF18849-14A0-43EF-9C49-5758CF7FF4E6}
2012-05-17 10:13 - 2012-05-17 10:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B2E603E4-E4C2-4761-B1A1-4F2B0C88EEB1}
2012-05-16 23:06 - 2011-10-19 12:39 - 0000000 ____D C:\Users\Oleuanna\Documents\Plans
2012-05-16 22:55 - 2012-05-16 14:16 - 0000000 ____D C:\Users\Oleuanna\Downloads\Sherlock Holmes - A Game of Shadows 2011 1080p BDRip H264 AAC - KiNGDOM
2012-05-16 22:53 - 2012-03-29 02:26 - 0419488 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-05-16 22:53 - 2011-10-19 11:31 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-05-16 22:12 - 2012-05-16 22:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B2D6D209-7929-4ED3-BC2E-C56F419297EC}
2012-05-16 22:12 - 2012-05-16 22:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{858F8935-27B0-4524-8CB3-43FE7273F693}
2012-05-16 18:52 - 2011-12-30 01:36 - 0000000 ___RD C:\Users\Public\Recorded TV
2012-05-16 18:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-05-16 18:47 - 2012-05-08 18:24 - 0000000 ____D C:\Program Files\WinZip
2012-05-16 18:46 - 2012-05-08 17:09 - 0000000 ____D C:\Program Files (x86)\Tweet Adder 3
2012-05-16 18:46 - 2012-05-06 04:30 - 0000000 ____D C:\Program Files (x86)\Check Point Software Technologies LTD
2012-05-16 14:09 - 2011-10-21 09:22 - 57848688 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-05-16 14:09 - 2011-10-19 09:42 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-05-16 14:05 - 2009-07-13 21:13 - 0732070 ____A C:\Windows\System32\PerfStringBackup.INI
2012-05-16 10:11 - 2012-05-16 10:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{ACDDFABE-1AF2-48A3-AD3B-7DDD5198DACA}
2012-05-16 10:10 - 2012-05-16 10:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{132155FB-A326-4B03-8BB3-2B894C4D4FA9}
2012-05-16 10:08 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-05-16 09:09 - 2012-05-16 09:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9ECCD0D7-8660-4A33-A310-96F7121F3EFA}
2012-05-16 09:09 - 2012-05-16 09:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{420CBA72-BF52-4530-BC10-A40E9E13051E}
2012-05-16 08:57 - 2012-05-16 08:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D60486A1-1B12-40D5-AA9C-234FAF076085}
2012-05-15 21:13 - 2012-05-15 21:13 - 0270416 ____A C:\Windows\Minidump\051612-32214-01.dmp
2012-05-15 20:56 - 2012-05-15 20:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{85CA02C7-A58C-46E8-A816-F34027735DAF}
2012-05-15 20:55 - 2012-05-15 20:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B7E11335-0BD7-48F3-8322-84D85687CC0E}
2012-05-15 20:55 - 2012-05-15 20:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7D4EE7E5-7D77-44FC-9A8F-2C477A400C31}
2012-05-15 08:54 - 2012-05-15 08:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{07A14A03-1F52-4244-A282-03722FE47990}
2012-05-15 08:54 - 2012-05-15 08:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9A8E5F5A-D095-458F-8D1B-0707C74EC628}
2012-05-14 20:53 - 2012-05-14 20:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BA5A3CF8-B12E-47D3-A990-A773AFB0982B}
2012-05-14 20:52 - 2012-05-14 20:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7B786C4C-0351-4B89-8E2D-CCC674C187D6}
2012-05-14 10:43 - 2012-03-15 02:59 - 0015219 ____A C:\Users\Oleuanna\Desktop\To do list.docx
2012-05-14 07:58 - 2012-05-14 07:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D34B3085-59B1-4B45-BDC9-C5CB13B0BFCE}
2012-05-14 07:57 - 2012-05-14 07:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CFBCCFAE-271A-41F8-9346-2ADE9A2C96B3}
2012-05-13 19:57 - 2012-05-13 19:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B8E70FE7-4D31-463C-BB76-3D44AA7E9ED1}
2012-05-13 19:56 - 2012-05-13 19:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{98BEE382-0C05-4822-882E-5E44A84D4D61}
2012-05-13 07:56 - 2012-05-13 07:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{137FE9A2-49D9-4312-88AD-203DFFF27F4D}
2012-05-13 07:56 - 2012-05-13 07:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8CFD3076-7677-4AD5-A32E-7EA39799BA80}
2012-05-12 19:55 - 2012-05-12 19:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8ED0D230-8F68-4DAC-BA9A-6F2EE881617E}
2012-05-12 19:54 - 2012-05-12 19:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{17D193B1-D973-4E81-B87E-AB3DC26CBE08}
2012-05-12 07:54 - 2012-05-12 07:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3BB5E882-2EAA-48EB-84CA-3E473B524912}
2012-05-12 07:53 - 2012-05-12 07:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4FE9F9F1-903A-41F6-821E-67158E7A119B}
2012-05-11 19:53 - 2012-05-11 19:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C09C6528-21BB-401A-9B54-F0BA5841E99A}
2012-05-11 19:53 - 2012-05-11 19:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B0A1D28F-9230-44C7-B9C1-4167F342A403}
2012-05-11 07:52 - 2012-05-11 07:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{627237DE-E7A3-486F-A584-433B5DD7EB1A}
2012-05-11 07:52 - 2012-05-11 07:51 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2375C3D6-690F-49E7-A10C-A066358C5080}
2012-05-11 06:15 - 2012-05-11 06:15 - 0143147 ____A C:\Users\Oleuanna\Desktop\Oleuanna__CV.pdf
2012-05-10 18:50 - 2012-05-10 18:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F214341C-290D-4838-B527-58F714EA17F1}
2012-05-10 18:50 - 2012-05-10 18:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{00580B0B-D67E-40DE-98F8-302BB9EFC393}
2012-05-10 18:44 - 2012-05-10 18:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BE6369C7-73ED-41FC-A84A-5ED333FA6FBB}
2012-05-10 18:44 - 2012-05-10 18:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4A131829-7088-4B21-974E-B74A1091FB69}
2012-05-10 16:46 - 2012-05-10 16:44 - 22259528 ____A C:\Users\Oleuanna\Downloads\vlc-2.0.1-win32.exe
2012-05-10 06:01 - 2012-05-10 06:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DC358AE2-7A8D-4E75-ADEF-AFFF3E00D014}
2012-05-10 06:01 - 2012-05-10 06:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{40DBEA70-8F2F-4E19-B45B-598B78CB5EC2}
2012-05-10 00:18 - 2012-05-10 00:18 - 0015103 ____A C:\Users\Oleuanna\Desktop\Waiting Timetable.docx
2012-05-09 23:06 - 2011-10-30 12:28 - 0000000 ____D C:\Users\Oleuanna\Documents\Youcam
2012-05-09 17:58 - 2011-11-29 17:52 - 0000000 ____D C:\Users\All Users\Rosetta Stone
2012-05-09 14:22 - 2012-05-09 14:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0FCE8C90-61A1-4F8F-89C9-D9AE7DE6248E}
2012-05-09 14:21 - 2012-05-09 14:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9536E301-E6E6-4083-85C4-CD60325791D2}
2012-05-08 22:14 - 2012-05-08 22:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2A8323E5-9147-49AF-9022-C5EBBC4CBD94}
2012-05-08 22:13 - 2012-05-08 22:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B071EAA9-18BC-4DAD-BA1B-24D90AE7E511}
2012-05-08 18:24 - 2012-01-04 02:10 - 0000000 ____D C:\Users\All Users\WinZip
2012-05-08 17:57 - 2012-05-08 17:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\dvdcss
2012-05-08 06:32 - 2012-05-08 06:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C3AB189B-5180-4A29-82CF-720BD880FE1D}
2012-05-08 06:32 - 2012-05-08 06:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{849B8963-7EC9-4946-88EC-7F055E979F4D}
2012-05-07 18:31 - 2012-05-07 18:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C439CBF6-8E6C-47B5-9DAF-CF293256EF9F}
2012-05-07 18:31 - 2012-05-07 18:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{987CFD5B-1BD5-4568-BB1B-32387B52EE98}
2012-05-07 16:38 - 2012-03-12 23:07 - 0000000 ____D C:\Users\Oleuanna\Desktop\Development
2012-05-07 06:31 - 2012-05-07 06:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{43470CC2-56DF-4B79-BC3D-AEFEF68E93A5}
2012-05-07 06:30 - 2012-05-07 06:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CB18392C-313F-4571-BFBB-AF89485CB88B}
2012-05-06 22:35 - 2012-01-12 09:44 - 0013601 ____A C:\Users\Oleuanna\Desktop\Membership and involvement goals.docx
2012-05-06 16:42 - 2012-05-06 16:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DDA7A1DE-CAA0-4BB1-A5C7-112096277E1B}
2012-05-06 16:42 - 2012-05-06 16:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3B942B70-74DB-41B5-833F-FA15FC17681D}
2012-05-06 16:41 - 2012-05-06 16:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DC8ABCC3-FC1C-414F-9907-B511991E0269}
2012-05-06 16:41 - 2012-05-06 16:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{62679261-3269-4BD3-B4BD-710FF92DC55B}
2012-05-06 12:43 - 2012-05-06 12:42 - 0498232 ____A C:\Windows\Minidump\050612-33181-01.dmp
2012-05-06 04:40 - 2012-05-06 04:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9F299D76-05DA-4821-8E6E-A55035DC51C1}
2012-05-06 04:40 - 2012-05-06 04:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{398990E7-7697-4543-9B7F-1A52BC613C0D}
2012-05-06 04:38 - 2011-11-12 05:13 - 0415915 ____A C:\Windows\System32\Drivers\vsconfig.xml
2012-05-06 04:30 - 2011-12-15 01:40 - 0000362 ____A C:\user.js
2012-05-05 15:44 - 2012-05-05 15:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B7A1F653-AAA8-48CC-8C45-A9727F7B671D}
2012-05-05 15:43 - 2012-05-05 15:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2CBD5D55-5263-486E-AC6D-BED83B3E07EE}
2012-05-05 03:43 - 2012-05-05 03:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{57413E44-F866-4193-A341-1C20D363E78D}
2012-05-05 03:42 - 2012-05-05 03:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7EF91371-10A1-4404-A1B1-670203606909}
2012-05-04 18:21 - 2012-02-23 20:18 - 0000000 ____D C:\Users\Oleuanna\Desktop\Blottr
2012-05-04 12:39 - 2012-01-28 14:48 - 0000344 ____A C:\Windows\Tasks\HPCeeScheduleForOleuanna.job
2012-05-04 12:36 - 2012-05-04 12:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{ED276414-9E70-42DA-BEAF-1089E1D5FEC1}
2012-05-04 12:36 - 2012-05-04 12:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{31129FA7-E94E-47F5-9A34-3271076FB023}
2012-05-04 00:02 - 2012-05-04 00:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{76257DB2-01C7-4F9B-8212-EE219342E909}
2012-05-04 00:02 - 2012-05-04 00:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4716F5CF-0393-4F5B-915C-AD4299BD9C72}
2012-05-03 21:42 - 2012-03-15 02:54 - 0000000 ____D C:\Users\Oleuanna\Desktop\Developer
2012-05-03 12:01 - 2012-05-03 12:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6DFC80C8-700B-4A03-875E-845405CC5B4A}
2012-05-03 12:01 - 2012-05-03 12:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0FD5585B-5655-4519-AA01-E889FCCB1C99}
2012-05-03 04:38 - 2012-05-02 16:48 - 0015368 ____A C:\Users\Oleuanna\Desktop\Roisin Budget.docx
2012-05-02 16:24 - 2012-05-02 16:23 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{989F3AE8-7563-452F-AF93-421DB9F7D6F5}
2012-05-02 16:23 - 2012-05-02 16:23 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E3067E04-4B42-4613-BA99-FF98607A1E72}
2012-05-02 03:14 - 2012-05-02 03:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{564A1FE5-2404-4C02-AC2C-52EBE1534322}
2012-05-02 03:14 - 2012-05-02 03:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4DAFC637-EC26-49EE-BA01-73CDBE4A769B}
2012-05-01 21:29 - 2012-01-08 12:53 - 0000000 ____D C:\Users\Oleuanna\Desktop\Philosophy
2012-05-01 20:51 - 2011-10-21 08:29 - 0000000 ____D C:\Users\Oleuanna\Documents\My Kindle Content
2012-05-01 13:37 - 2012-05-01 13:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DAE274EE-5063-4B8F-A768-8649F3BF1E59}
2012-05-01 13:36 - 2012-05-01 13:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D2D5C300-7252-4763-AF83-C0D0C292C566}
2012-05-01 01:36 - 2012-05-01 01:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{FA5453BC-F340-4807-9D1B-0D1F47D4833C}
2012-05-01 01:36 - 2012-05-01 01:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{894F111F-3DFB-4F58-8DFB-9F6CDE3A51E3}
2012-04-30 10:10 - 2012-04-30 10:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{813D8A2A-5F53-4855-BEE5-1712F4D9AE17}
2012-04-30 10:10 - 2012-04-30 10:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{939B0239-547F-4631-90E5-497F2BF7D813}
2012-04-29 22:09 - 2012-04-29 22:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D0A90E68-2331-48AF-A7B2-74130B98E4B6}
2012-04-29 22:08 - 2012-04-29 22:08 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{510A48A0-8F90-48CD-A76E-5408F37291D7}
2012-04-29 10:21 - 2012-04-25 22:19 - 2935316480 ____A C:\Users\Oleuanna\Downloads\MARX BROTHERS 1938-1946.iso
2012-04-29 08:58 - 2012-04-29 08:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6EDE0273-621F-4A8C-9D4E-058C4E5EE0F6}
2012-04-29 08:57 - 2012-04-29 08:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{661B8FF7-D57D-4190-976D-FF7941C6B984}
2012-04-28 20:57 - 2012-04-28 20:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B52E6305-F2BE-4476-9390-C76B367C5E85}
2012-04-28 20:57 - 2012-04-28 20:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A0DBC828-1DCF-4D98-8F3A-7858E6BA5974}
2012-04-28 20:57 - 2012-04-28 20:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C4CA05D9-52F5-4F2F-AAF5-62E8044DFF67}
2012-04-28 20:56 - 2012-04-28 08:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BF717364-20DA-46C6-A7E5-EF536C7C6124}
2012-04-28 08:55 - 2012-04-28 08:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{271B19D6-2E7A-4037-A172-546F264E43BE}
2012-04-27 20:51 - 2012-04-27 20:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{22FF3964-54D8-48C7-BDC1-15425D245519}
2012-04-27 20:50 - 2012-04-27 20:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D8EC8EF7-3508-452A-8B3E-65127BEC5757}
2012-04-27 20:15 - 2012-04-27 20:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\ElevatedDiagnostics
2012-04-27 19:56 - 2011-11-30 07:34 - 0000000 ____D C:\Users\Oleuanna\Desktop\Ultimate French (Living Language) Beginner-Intermediate, All CD's and ROMS
2012-04-27 08:49 - 2012-04-27 08:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{EE485388-C3BC-477C-BBE4-B9E4B7A85520}
2012-04-27 08:49 - 2012-04-27 08:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D3251457-5941-4C3C-BDB4-4F66D74BB6B5}
2012-04-27 05:31 - 2012-04-27 05:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F203185E-22A8-4F0C-8A9B-D1EF9E6D99BA}
2012-04-26 19:33 - 2012-04-26 19:33 - 0012886 ____A C:\Users\Oleuanna\Desktop\Blog directory.docx
2012-04-26 17:31 - 2012-04-26 17:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E058F634-5D12-4A2C-B092-8188840A9C41}
2012-04-26 17:31 - 2012-04-26 17:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0D676C31-8DD7-44A0-BE02-017B976E7D36}
2012-04-26 09:47 - 2012-04-26 09:47 - 0137319 ____A C:\Users\Oleuanna\Desktop\Shireen__CV.pdf
2012-04-26 09:45 - 2012-04-26 09:45 - 0000000 ____D C:\Users\Oleuanna\Downloads\Shireen__CV
2012-04-26 04:19 - 2012-04-26 04:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6A8C0EE5-9EC8-4A91-8A5E-97ACB687EF05}
2012-04-26 04:19 - 2012-04-26 04:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{48F3A116-ACDF-45D9-AFC2-A249608CA4AD}
2012-04-25 10:50 - 2012-04-25 10:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F469F454-A596-413E-AE90-60F3FDF656BD}
2012-04-25 10:50 - 2012-04-25 10:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0B2224AD-5918-4FF4-A212-4E893F5CA334}
2012-04-24 22:49 - 2012-04-24 22:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F22E58DE-E884-4176-B5D0-F1F0D9DA37A9}
2012-04-24 22:49 - 2012-04-24 22:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{EBD36158-FF20-4668-83FB-103E53A4AEEB}
2012-04-24 22:49 - 2012-04-24 22:49 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8A9C5CF4-68F9-4177-9536-41FAE89BFD30}
2012-04-24 22:49 - 2012-04-24 22:48 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{48E90CF5-DE3B-4B31-B5B4-DC159FBDA7EC}
2012-04-24 22:34 - 2011-12-02 19:30 - 0135168 ____A C:\Users\Oleuanna\Desktop\distance_learning_enrolment_form_eu1.doc
2012-04-24 21:29 - 2012-04-24 21:29 - 0000000 ____D C:\Users\All Users\Mozilla
2012-04-24 10:47 - 2012-04-24 10:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1E08657C-A75D-44C2-B635-42DCE0A302F2}
2012-04-24 10:47 - 2012-04-23 22:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{272D92DF-4823-4CB9-A41B-6EE6C3981556}
2012-04-23 22:46 - 2012-04-23 22:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9EF21056-6568-43D6-8CF9-F775F3CEA394}
2012-04-23 10:45 - 2012-04-23 10:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{752AE3A2-F53C-401B-9F3A-F6C8FB498B46}
2012-04-23 10:45 - 2012-04-23 10:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D23C1AE4-B5B9-44D9-9B09-7272C3CC4036}
2012-04-22 22:44 - 2012-04-22 22:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CBA15F35-6D3E-4012-B27D-A4DD27D4F2CE}
2012-04-22 22:43 - 2012-04-22 22:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B1032D46-DD85-4800-BD07-AAD05404E334}
2012-04-22 07:59 - 2012-04-22 07:59 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6419969D-D3F1-4E22-8C7A-37D6A4164527}
2012-04-22 07:59 - 2012-04-22 07:59 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2600F833-7404-462A-92D9-13565B17E4D2}
2012-04-21 19:15 - 2012-04-21 19:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{80E192DD-8009-47D7-AC23-8E377D5FAE1B}
2012-04-21 19:15 - 2012-04-21 19:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4739864E-6722-4ED7-B95B-8753C0FFDE83}
2012-04-21 19:14 - 2012-04-21 19:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F36C1371-41B1-4D97-AFBB-7907FCFFCB05}
2012-04-21 19:14 - 2012-04-21 07:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9C281CE2-9A58-4090-B175-DCA6F306E943}
2012-04-21 07:14 - 2012-04-21 07:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B04A367C-0B11-4AFF-8ED0-3ED434CE469A}
2012-04-21 01:15 - 2012-04-21 01:16 - 0019291 ____A C:\Users\Oleuanna\Downloads\agservices_tree.jpg
2012-04-20 19:13 - 2012-04-20 19:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{830FCA2D-2742-4DDD-8C0D-0E81A785ECE1}
2012-04-20 19:12 - 2012-04-20 19:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B5D23F3E-5943-4390-8341-E7896AB7537F}
2012-04-20 06:42 - 2012-04-20 06:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8F8D058C-F527-4E9F-AEC5-CA272B5A3EDB}
2012-04-20 06:42 - 2012-04-20 06:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6E00221C-ACCF-44CD-B943-11CA5372DBD9}
2012-04-19 06:05 - 2012-04-19 06:05 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{5F66BA95-06A9-495A-82DF-1C7C3FB62E7F}
2012-04-19 06:05 - 2012-04-19 06:04 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3BB53881-32C2-4A20-9DBD-C0387DCCD870}
2012-04-19 04:33 - 2012-04-19 04:33 - 0262144 ____A C:\Windows\Minidump\041912-42744-01.dmp
2012-04-18 18:04 - 2012-04-18 18:04 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{550C0C33-AEFB-4F61-85B5-338EBBD93080}
2012-04-18 18:04 - 2012-04-18 18:03 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7B5F56BF-2F5E-4962-AA68-C2E67CDAD9F0}
2012-04-18 06:02 - 2012-04-18 06:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{42F7852C-CEF5-491C-9D01-D563BB9A04F9}
2012-04-18 06:02 - 2012-04-18 06:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{41055702-CA73-414F-B3F3-22BC66FE8714}
2012-04-17 13:43 - 2012-04-17 13:43 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4F72C339-95F6-4421-8BCA-F148AD0A70CA}
2012-04-17 13:43 - 2012-04-17 13:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F142F353-A8F0-43B3-8197-D75FCCE70C75}
2012-04-17 01:41 - 2012-04-17 01:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E41267AA-FB36-4A60-883E-0978677195DB}
2012-04-17 01:41 - 2012-04-17 01:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9F56D043-6830-4AF0-A34A-3073AB9BBA9A}
2012-04-16 19:20 - 2012-04-16 19:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{36C75BAC-2DF5-4AA0-85B4-F57E5F00873F}
2012-04-16 07:20 - 2012-04-16 07:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{901B2A24-CD88-4CDE-AC39-FD62E266E3CA}
2012-04-16 07:20 - 2012-04-16 07:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{36DB0103-5186-4790-947D-B8F832FBCCF4}
2012-04-16 07:20 - 2012-04-16 07:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AD43A6F7-97B4-4F74-8BE2-2EF8630CC196}
2012-04-16 07:19 - 2012-04-16 07:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1875D099-9744-4243-806E-A96F31119066}
2012-04-15 19:19 - 2012-04-15 19:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3F279650-3409-4F09-B82E-E15DF7477934}
2012-04-15 19:18 - 2012-04-15 19:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7A10A380-168C-45FE-A909-9A8864479A24}
2012-04-15 07:17 - 2012-04-15 07:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9A584606-A53F-4A1A-824D-EA815174AA11}
2012-04-15 07:17 - 2012-04-15 07:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{20AF70FA-5EB9-4A75-9195-BB76CF95FF7F}
2012-04-14 19:16 - 2012-04-14 19:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4AC0678C-0EC9-433F-950E-3851173A902A}
2012-04-14 19:15 - 2012-04-14 19:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0C7E7811-82BB-4D70-92BF-D4ECACE1BC79}
2012-04-14 19:03 - 2012-04-14 19:03 - 0000000 ____D C:\Program Files (x86)\Veoh Networks
2012-04-14 07:03 - 2012-04-14 07:03 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{222CB5AA-BCA6-494D-B098-06E76938D584}
2012-04-14 07:03 - 2012-04-14 07:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E04CC354-F1A7-4BCF-B65C-98DBCA23F0D0}
2012-04-13 19:02 - 2012-04-13 19:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{45EA1D39-2E15-4F57-9A5C-38C0C0153607}
2012-04-13 19:02 - 2012-04-13 19:01 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1D6F5990-C90E-4EC9-914F-294A880B2F52}
2012-04-13 18:19 - 2012-04-13 18:19 - 0000000 ____D C:\Windows\en
2012-04-13 18:14 - 2011-05-14 12:01 - 0000000 ____D C:\Program Files\Windows Live
2012-04-13 18:09 - 2012-04-13 18:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{985FED24-4B46-402D-BC05-2A8D60F19AEB}
2012-04-13 18:09 - 2012-04-13 18:08 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4A8350E3-0B6A-4132-80D1-69BEE0F61F7D}
2012-04-13 17:45 - 2012-04-13 17:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BB5C97D3-D47B-478F-B0EC-109DFC4633CF}
2012-04-13 17:45 - 2012-04-13 17:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{23DEA85F-A0AE-499F-806D-1AEC9E1BB904}
2012-04-13 16:08 - 2012-04-13 16:08 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DA97E69C-59A5-48A8-A78D-594CE4DAAA10}
2012-04-13 16:08 - 2012-04-13 16:08 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C9E51634-5357-4130-A69A-8CDFAEA05F05}
2012-04-13 15:37 - 2012-04-13 15:37 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A9096262-567D-4ED9-B559-B01129DDBDCB}
2012-04-13 15:37 - 2012-04-13 15:37 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8E0CF941-1E51-471A-997A-1013FC9F1C19}
2012-04-13 13:09 - 2012-04-13 13:08 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9294CE67-E331-4E9F-BD77-54DCF40AE30B}
2012-04-13 13:08 - 2012-04-13 13:08 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E13C5A05-62B7-4396-B967-9DF2C71A8891}
2012-04-13 11:05 - 2012-04-13 11:04 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2C127462-B025-4510-8D94-F877187A778B}
2012-04-13 11:04 - 2012-04-13 11:04 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{29B9F463-9E63-4FDF-A13A-60538F71A626}
2012-04-13 08:53 - 2012-04-13 08:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D91204B0-3D1D-4548-8B19-BAB1867156BC}
2012-04-13 08:53 - 2012-04-13 08:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2018904F-5142-426C-BE33-F6C00FB77DD7}
2012-04-13 06:38 - 2012-04-13 06:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C6EAE63E-2FA3-4B52-8866-AFDC28037E89}
2012-04-13 06:37 - 2012-04-13 06:37 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{364D6BC5-A000-44A0-897C-EF33785CA7D7}
2012-04-13 05:30 - 2012-04-13 05:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A9742E76-9913-4739-B554-852C42BDA944}
2012-04-13 05:30 - 2012-04-13 05:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6B4D3B4E-C03B-4E69-BAF4-23660DD12029}
2012-04-13 05:25 - 2012-04-13 05:25 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8E2878FE-0FD4-4B6A-AC18-08B08E4310B2}
2012-04-13 05:25 - 2012-04-13 05:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C47D207D-34AB-4906-8F5C-D036C321CDD9}
2012-04-13 05:22 - 2011-12-04 10:10 - 0000000 ____D C:\Windows\pss
2012-04-13 05:22 - 2011-05-14 12:04 - 0000000 ____D C:\Users\All Users\Adobe
2012-04-13 05:22 - 2011-05-14 12:04 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-13 05:19 - 2012-04-13 05:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2776BB20-B33E-4C90-8DB2-6CB67F5C6AB8}
2012-04-13 05:17 - 2012-04-13 05:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{21309D21-8842-454E-8A1E-67C2718B5598}
2012-04-13 05:17 - 2012-04-13 05:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{68496D3D-6D83-4246-A200-DCF0C794FF24}
2012-04-13 04:22 - 2012-04-13 04:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C3ACC1CB-AC82-4EAA-95AA-659D8F971480}
2012-04-13 04:22 - 2012-04-13 04:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{690BA9F0-B97F-4EBA-B623-DB6554724F69}
2012-04-13 03:26 - 2012-04-13 03:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{30F99E5A-DD29-4879-95FF-E09049DEA2A1}
2012-04-12 15:39 - 2011-10-19 13:58 - 0000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2012-04-12 15:38 - 2011-10-19 13:58 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-12 15:21 - 2012-04-12 15:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{27D4BD39-52C6-4ED8-8994-70C2AE4E8A80}
2012-04-12 12:28 - 2012-04-12 12:28 - 0000000 ____D C:\Users\All Users\Synaptics
2012-04-12 12:15 - 2009-07-13 18:34 - 0000478 ____A C:\Windows\win.ini
2012-04-12 03:20 - 2012-04-12 03:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D98D1750-D880-4988-ADA2-46428960984D}
2012-04-11 15:20 - 2012-04-11 15:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2B63FAE2-991F-48B6-8A4D-272124394EB5}
2012-04-11 03:19 - 2012-04-11 03:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{28C332E1-ED8F-45B1-AF32-CAA1EA981797}
2012-04-10 21:01 - 2012-04-10 21:01 - 0074974 ____A C:\Users\Oleuanna\Downloads\feedburner_feedsmith_plugin_2.3 (1).zip
2012-04-10 20:59 - 2012-04-10 20:59 - 0074974 ____A C:\Users\Oleuanna\Downloads\feedburner_feedsmith_plugin_2.3.zip
2012-04-10 13:26 - 2012-04-10 13:26 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F0631027-3380-4AAD-A276-4FCC75437809}
2012-04-10 03:35 - 2011-10-20 10:34 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\CutePDF_Filler
2012-04-10 01:26 - 2012-04-10 01:26 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F9D95490-EDCA-41AF-BFCE-60E422703BB1}
2012-04-10 01:25 - 2012-04-10 01:25 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BC4FACC9-BDAF-4CBB-819B-80AA12DB8A33}
2012-04-09 15:20 - 2012-03-12 21:45 - 0000000 ____D C:\Users\Oleuanna\Documents\Fin
2012-04-09 06:03 - 2012-04-09 06:03 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3EBD4E4E-0280-4BFC-A6AB-46104F42A62A}
2012-04-09 06:03 - 2012-04-09 06:02 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{EF002522-9B4F-472A-97E2-DD9C15F6BF96}
2012-04-09 03:58 - 2012-04-09 03:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E0C7BEF8-D730-4A6C-9AC2-ED4D64B14979}
2012-04-09 03:55 - 2012-04-09 03:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DB6EB85C-1CC9-4A46-800A-91752F088E42}
2012-04-08 21:01 - 2012-03-30 13:39 - 0000000 ____D C:\Program Files (x86)\IDriveWindows
2012-04-08 21:00 - 2012-03-30 13:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\IDrive
2012-04-08 15:32 - 2012-04-08 15:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{971F4D67-3AAA-4ACE-867A-721BED663669}
2012-04-08 03:31 - 2012-04-08 03:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9D45BA38-B5E1-42C3-AB3E-E7D392A0E576}
2012-04-07 06:20 - 2012-04-07 06:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{593D9670-2944-46EB-BE6E-6D4304BC7B53}
2012-04-06 15:57 - 2012-04-06 15:57 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{942CDFB6-AB17-481A-BD0B-E49B23AA644F}
2012-04-06 03:57 - 2012-04-06 03:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0CBB3736-1E8C-41A0-9283-60867F55543F}
2012-04-05 15:56 - 2012-04-05 15:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{30B8E03A-7CFB-409C-A9E7-27A9493AE367}
2012-04-05 03:56 - 2012-04-05 03:56 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{54BC4A6E-AB81-45C1-947D-15B4FA10BC4E}
2012-04-04 15:55 - 2012-04-04 15:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7BA43140-DB82-40C3-B897-B1864B4F0B60}
2012-04-04 15:47 - 2012-04-04 15:47 - 0485533 ____A C:\Users\Oleuanna\Downloads\base.zip
2012-04-04 09:47 - 2012-05-29 10:36 - 0772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-04-04 09:47 - 2011-05-14 12:07 - 0687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-04-04 06:56 - 2011-10-19 13:58 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-04 06:28 - 2012-04-04 06:28 - 0262144 ____A C:\Windows\Minidump\040412-26847-01.dmp
2012-04-04 03:55 - 2012-04-04 03:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1F02C85A-7B72-40E8-8E46-EDB671859E08}
2012-04-03 15:55 - 2012-04-03 15:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4B76184C-C7F2-44D1-B92C-2E7B99079B5D}
2012-04-03 03:54 - 2012-04-03 03:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DDFABE85-5F83-4247-A06F-0908172F6048}
2012-04-03 03:54 - 2012-04-03 03:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{52589511-398C-40EB-ACE7-9E294616E06B}
2012-04-02 15:54 - 2012-04-02 15:54 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0B974987-863A-4109-8AB3-3502BF664BEC}
2012-04-02 03:53 - 2012-04-02 03:53 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3A091091-EDDB-4ACD-8E63-0DADD1EF1D20}
2012-04-02 03:46 - 2012-04-02 03:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3961B6AC-E988-47E2-8903-7C68DD2D22A6}
2012-04-01 15:46 - 2012-04-01 15:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E278F842-8D29-4818-8A9C-9CD3F81E6193}
2012-04-01 15:46 - 2012-04-01 15:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7CBC511B-5485-4085-A0EC-AE46DCE92782}
2012-04-01 04:03 - 2012-04-01 04:03 - 0000000 ____D C:\Users\Oleuanna\Documents\Adobe Scripts
2012-04-01 04:03 - 2011-10-19 07:50 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\Adobe
2012-04-01 03:45 - 2012-04-01 03:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9AD561F9-A817-474D-B810-8EE38259DAAA}
2012-03-31 15:45 - 2012-03-31 15:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{46EAD33E-6530-4802-AA92-FFBF27C75A4A}
2012-03-31 15:45 - 2012-03-31 15:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{297BB121-9741-4FED-AD6B-306A102C2B18}
2012-03-31 03:45 - 2012-03-31 03:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CED06E86-36FD-4102-9FBB-7172053DA65A}
2012-03-31 03:25 - 2012-03-31 03:25 - 0000000 ____D C:\IBWINTEMP
2012-03-30 22:05 - 2012-05-16 10:24 - 5559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-30 20:39 - 2012-05-16 10:24 - 3968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-30 20:39 - 2012-05-16 10:24 - 3913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-30 19:10 - 2012-05-16 10:24 - 3146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-30 17:01 - 2011-10-20 07:18 - 0000000 ____D C:\Users\Oleuanna\Documents\Writing
2012-03-30 15:44 - 2012-03-30 15:44 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{35788247-C781-4C1E-8D57-2C2D4F34D210}
2012-03-30 15:32 - 2012-03-30 15:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{67C604DB-19CB-444C-B176-1BE263F442B7}
2012-03-30 13:41 - 2012-03-30 13:41 - 0000000 ____D C:\Program Files (x86)\cygdrive
2012-03-30 13:40 - 2012-03-30 13:40 - 0000000 ____D C:\Windows\SysWOW64\IBCOMMON
2012-03-30 13:36 - 2012-03-30 13:36 - 9866152 ____A (Pro Softnet Corp ) C:\Users\Oleuanna\Downloads\IDriveWinSetup.exe
2012-03-30 03:35 - 2012-05-16 10:22 - 1918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-30 03:32 - 2012-03-30 03:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{98595C7F-FAFC-4CCE-AF8A-6D2F4EF5190F}
2012-03-30 02:47 - 2012-02-06 16:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\RssBandit
2012-03-29 15:31 - 2012-03-29 15:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{5330A1F4-1295-4878-9B25-11DEBFF062CC}
2012-03-29 03:31 - 2012-03-29 03:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{730CAD89-99DD-46AC-A364-337319CC53A8}
2012-03-29 02:26 - 2012-03-28 03:41 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2012-03-28 15:30 - 2012-03-28 15:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1BD2AA6B-5816-496B-9524-4E5CD51FA594}
2012-03-28 15:30 - 2012-03-28 15:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{131D2060-B6EC-47F6-B62E-92C860CDC0AE}
2012-03-28 05:29 - 2011-10-21 13:29 - 0000000 ____D C:\Users\Oleuanna\Documents\Roisin
2012-03-28 03:30 - 2012-03-28 03:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1F1B2E94-B83C-4111-B857-40766FA4DEC6}
2012-03-28 03:30 - 2012-03-28 03:29 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{49073467-1D1B-452B-87F3-06B93905792D}
2012-03-27 18:10 - 2012-03-27 15:48 - 1486932968 ____A C:\Users\Oleuanna\Downloads\Adobe Illustrator CS5.1.exe
2012-03-27 15:26 - 2012-03-27 15:26 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{50A4D3E3-91F6-4D45-9132-B1CD4A85E636}
2012-03-27 15:26 - 2012-03-27 15:26 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4261DB9E-22BA-418E-972C-7F90ED8CB6F1}
2012-03-27 15:26 - 2012-03-27 15:25 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{FAACF72F-7A05-47F0-90AC-02B79ED7053D}
2012-03-27 15:25 - 2012-03-27 15:25 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{259495AA-B0AF-415F-8C10-6A70C4801B65}
2012-03-27 03:25 - 2012-03-27 03:25 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CCD343D6-08C2-4BEB-AF90-7F7A9A80BE06}
2012-03-27 03:25 - 2012-03-27 03:24 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{544D358E-ADF0-4555-AB30-BF0732BC6011}
2012-03-27 03:20 - 2012-03-27 03:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{656970F9-D8CB-4C71-9BFE-5B8A4D93202A}
2012-03-26 21:11 - 2012-03-26 21:11 - 0262144 ____A C:\Windows\Minidump\032712-26114-01.dmp
2012-03-26 20:23 - 2011-11-12 04:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\CheckPoint
2012-03-26 20:20 - 2011-11-12 05:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Conduit
2012-03-26 15:20 - 2012-03-26 15:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{15B48B5B-CBA3-493C-A249-7B2E446923A5}
2012-03-26 15:20 - 2012-03-26 15:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0F29EFF5-0ADF-4529-A0E6-9B74D53890B4}
2012-03-26 03:19 - 2012-03-26 03:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DD54DC12-5954-4B27-91DC-48F7624053D7}
2012-03-26 03:19 - 2012-03-26 03:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{5D5EE0A3-995C-4B73-B069-F73957B00A67}
2012-03-26 03:19 - 2012-03-26 03:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{01A89523-0C1C-4AB9-8C4D-49FF9AA2B3C9}
2012-03-26 03:19 - 2012-03-26 03:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9123A494-F63C-4307-A08D-B8E6D539B7A1}
2012-03-25 19:41 - 2011-10-19 12:38 - 0000000 ____D C:\Users\Oleuanna\Documents\CV
2012-03-25 17:36 - 2012-03-25 17:36 - 0262144 ____A C:\Windows\Minidump\032612-38735-01.dmp
2012-03-25 15:18 - 2012-03-25 15:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4646F013-CF6F-4261-888D-B1D5E5201D64}
2012-03-25 15:18 - 2012-03-25 15:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{31F2D4AB-97C8-4064-A22F-3D44A431BFFE}
2012-03-25 15:18 - 2012-03-25 15:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4B319413-32ED-4761-A754-D6213E0AC092}
2012-03-25 15:17 - 2012-03-25 15:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{FD83EFA4-07E1-466C-9955-9ADC15D873B9}
2012-03-25 05:17 - 2012-03-25 05:17 - 0000000 ____D C:\Users\All Users\SystemSecurityGuard
2012-03-25 05:05 - 2012-03-19 08:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Spoon
2012-03-25 03:17 - 2012-03-25 03:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F9A67B1E-C86C-43CC-81C8-D3B03DEFB859}
2012-03-25 03:17 - 2012-03-25 03:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B0008AE6-5912-4C1D-BCF9-66659E29FD60}
2012-03-24 17:03 - 2012-03-24 17:03 - 0073852 ____A C:\Users\Oleuanna\Downloads\jquery-lightbox-for-native-galleries.zip
2012-03-24 15:16 - 2012-03-24 15:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{5F3D80FC-EFBB-4B0B-948A-708582B2F644}
2012-03-24 15:16 - 2012-03-24 15:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{09AD3B19-71DF-4194-9DC3-25B6A3000575}
2012-03-24 03:15 - 2012-03-24 03:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{79B406C2-64F4-4E53-A652-144E186F19F5}
2012-03-24 03:15 - 2012-03-23 15:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B0FEE44B-8190-45BA-AAF1-AB5D4E48992F}
2012-03-23 15:15 - 2012-03-23 15:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{936E252E-395F-4B92-BEAB-A8F848A39CDF}
2012-03-23 07:35 - 2012-03-15 03:33 - 0001612 ____A C:\Users\Oleuanna\Downloads\FileZilla-3.5.3.lnk
2012-03-23 07:34 - 2012-03-23 07:33 - 0003856 ____A C:\Users\Oleuanna\Downloads\phplIQfpuAM.jpg
2012-03-23 03:14 - 2012-03-23 03:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{986D4E2C-D7F9-4D00-8752-1AD9831997B0}
2012-03-23 03:14 - 2012-03-23 03:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1175E179-31E5-4473-9A58-E9553F332158}
2012-03-22 15:13 - 2012-03-22 15:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{823D31D6-56B7-4221-A9E2-BBE1B4B894A8}
2012-03-22 15:13 - 2012-03-22 15:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{09717E9D-58CD-4017-91E4-98D788834F73}
2012-03-22 03:24 - 2012-03-22 03:24 - 0072000 ____A C:\Users\Oleuanna\Downloads\oleuanna_co_uk_wp_20120322_517.sql.gz
2012-03-22 03:12 - 2012-03-22 03:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{CBE458F3-1F45-43B3-9D66-C72F661DC0CB}
2012-03-22 03:12 - 2012-03-22 03:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{442CA999-54CE-47D3-9BCB-D45E35100C97}
2012-03-21 15:12 - 2012-03-21 15:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9F0EEDD4-84BE-41EC-AB42-2F2A82EAD40A}
2012-03-21 15:11 - 2012-03-21 15:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{30F08D31-0C1D-4D2D-A73B-4F699908A6E6}
2012-03-21 03:11 - 2012-03-21 03:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BB17C330-DAD6-4107-9989-DFF254FFAAC6}
2012-03-21 03:10 - 2012-03-21 03:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BA0CA7E2-5419-433E-830E-40A1CA1B6800}
2012-03-20 17:37 - 2012-03-20 17:37 - 0305387 ____A C:\Users\Oleuanna\Downloads\option-tree(1).zip
2012-03-20 13:22 - 2012-03-20 13:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B28BB559-1415-45AE-82C1-A41974329D49}
2012-03-20 13:22 - 2012-03-20 13:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A4099987-7299-4B4F-AF20-732B2DF9D72F}
2012-03-20 13:22 - 2012-03-20 13:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{51359A02-6BAA-40C9-9990-F2BD36FB9940}
2012-03-20 13:21 - 2012-03-20 13:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{16375634-AAE2-4B5F-B7CF-76190E61903A}
2012-03-20 03:22 - 2011-11-04 10:23 - 0000000 ____D C:\Users\Oleuanna\Downloads\option-tree
2012-03-20 03:21 - 2012-03-20 03:21 - 0305387 ____A C:\Users\Oleuanna\Downloads\option-tree.zip
2012-03-20 01:21 - 2012-03-20 01:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8416FF81-970E-4A35-866E-824703ADA076}
2012-03-20 01:20 - 2012-03-20 01:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{FE1B3530-D363-466F-BA18-FC772EED910A}
2012-03-19 12:47 - 2012-03-19 12:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DE68C475-D179-48C2-B492-CBE8AF56EB05}
2012-03-19 12:47 - 2012-03-19 12:47 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{767F0D89-2793-44D6-A7FF-586226DF8DCF}
2012-03-19 09:35 - 2012-03-19 09:35 - 11948154 ____A C:\Users\Oleuanna\Downloads\oleuanna_co_uk_wp_20120309_141.sql
2012-03-19 08:52 - 2012-03-19 08:52 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Xenocode
2012-03-19 00:47 - 2012-03-19 00:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0B003347-481E-43F4-A993-F0D170D72D81}
2012-03-19 00:46 - 2012-03-19 00:46 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{15017FAD-21F5-4F2A-804E-AB873671FA0B}
2012-03-18 12:46 - 2012-03-18 12:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{36E5E3DA-2914-4D20-B2E4-37F043761F8D}
2012-03-18 12:45 - 2012-03-18 00:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{87FAE1F4-0239-4F79-96CA-0ACC0FCBFACE}
2012-03-18 09:58 - 2011-10-19 08:55 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Windows Live Writer
2012-03-18 00:45 - 2012-03-18 00:45 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D570255B-2D49-4550-9270-DF3C93E571F4}
2012-03-17 12:22 - 2012-03-17 12:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{87373B19-2655-42D1-876D-C1D745C46402}
2012-03-17 12:22 - 2012-03-17 12:22 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{573B096F-6D8C-4CE7-9F47-E41896836220}
2012-03-17 12:22 - 2012-03-17 12:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BB4502B9-5B02-43A7-98B1-CAE400E69E5C}
2012-03-17 12:21 - 2012-03-17 12:21 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C1B650D8-9715-4FB1-9FEC-29952CBA6595}
2012-03-17 09:35 - 2012-03-17 09:33 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Deployment
2012-03-17 09:35 - 2011-11-20 19:58 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Google
2012-03-17 09:33 - 2012-03-17 09:33 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Apps\2.0
2012-03-17 07:15 - 2011-10-19 07:40 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\VirtualStore
2012-03-17 07:14 - 2011-11-10 20:07 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Apple Computer
2012-03-17 07:14 - 2011-11-04 06:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\Apple Computer
2012-03-17 07:09 - 2012-03-17 07:09 - 0000000 ____D C:\Program Files (x86)\Safari
2012-03-17 00:20 - 2012-03-17 00:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8E16F910-CF73-411E-A27A-8F1C634B3ECB}
2012-03-17 00:20 - 2012-03-17 00:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{3B733614-8F53-4FA7-8F78-F35005831645}
2012-03-16 23:58 - 2012-05-16 10:23 - 0075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-03-16 11:24 - 2012-03-16 11:24 - 0081816 ____A C:\Users\Oleuanna\Downloads\gpp-workshops.zip
2012-03-16 11:22 - 2012-03-16 11:22 - 0010349 ____A C:\Users\Oleuanna\Downloads\gpp-base-hook-widgets.zip
2012-03-16 11:21 - 2012-03-16 11:21 - 0105485 ____A C:\Users\Oleuanna\Downloads\gpp-testimonials-widget.zip
2012-03-16 11:19 - 2012-03-16 11:19 - 0001108 ____A C:\Users\Oleuanna\Downloads\gpp-improve-image-quality.zip
2012-03-16 11:18 - 2012-03-16 11:18 - 0011703 ____A C:\Users\Oleuanna\Downloads\gpp-shortcodes.zip
2012-03-16 10:12 - 2012-03-16 10:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BB8ACDEA-612D-47D1-B5E1-E4D0FBADEFDD}
2012-03-16 10:12 - 2012-03-16 10:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D40156F2-9533-4A34-8AA0-4E4F2B2747A4}
2012-03-16 10:11 - 2012-03-16 10:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2B7F66CE-B4FA-4946-AB4A-AC7AE670D212}
2012-03-16 10:11 - 2012-03-16 10:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{27281111-ABCC-4031-957C-6639F65AEB3B}
2012-03-15 22:10 - 2012-03-15 22:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E744A178-F5BD-4ED6-8072-DE82DCB646DB}
2012-03-15 22:10 - 2012-03-15 22:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{53B6BFC7-75A3-4E06-801C-BEDC8A7F69F3}
2012-03-15 15:20 - 2012-03-15 15:20 - 2088082 ____A C:\Users\Oleuanna\Downloads\oleuanna.wordpress.2012-03-15.xml
2012-03-15 11:27 - 2012-03-15 11:27 - 0246120 ____A C:\Users\Oleuanna\Downloads\fullscreen(1).zip
2012-03-15 09:38 - 2012-03-15 09:38 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9D2EB7DE-53D5-4A0A-91EC-E7BEFD6834AA}
2012-03-15 09:38 - 2012-03-15 09:37 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AAB4E3E4-02AC-4FEF-BB52-87DF6E47E033}
2012-03-15 03:43 - 2012-01-19 10:19 - 0000000 ____D C:\Users\Oleuanna\Downloads\lang
2012-03-14 21:37 - 2012-03-14 21:37 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{95354A93-98D8-4C8B-A707-2ABEF01170A6}
2012-03-14 21:37 - 2012-03-14 21:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AC48C493-8DD8-4D3A-BCDC-8BE1BB7F62D9}
2012-03-14 09:36 - 2012-03-14 09:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A65290E5-7943-49C8-B77A-4BDAD618DCBB}
2012-03-14 09:36 - 2012-03-14 09:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{39196D06-7697-46FE-A9F3-B85E26158858}
2012-03-14 09:36 - 2012-03-14 09:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{35B823E6-AF07-4595-959F-80CAD7EE64C9}
2012-03-14 09:36 - 2012-03-14 09:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{5A4415DE-0069-464E-91FF-CC1B45014123}
2012-03-14 00:59 - 2012-03-14 00:54 - 74967408 ____A (Apple Inc.) C:\Users\Oleuanna\Downloads\iTunesSetup.exe
2012-03-13 21:35 - 2012-03-13 21:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{F3DEE4B7-BE67-4FF7-8EE3-CB6A58328351}
2012-03-13 21:35 - 2012-03-13 21:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{84F6D585-5C63-4799-9E7D-A4A04A12445A}
2012-03-13 09:34 - 2012-03-13 09:34 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BE3C6C8C-2C4B-4822-A3BF-7D120F820768}
2012-03-13 09:34 - 2012-03-13 09:34 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{BDB3985F-C1A8-4226-B91F-28920DB32005}
2012-03-13 09:34 - 2012-03-13 09:34 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6C20F616-FA4A-421F-9C0C-F23E0FB7133C}
2012-03-13 09:34 - 2012-03-12 21:33 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1EEE8CCF-5892-4F57-BCEB-5397667F5599}
2012-03-13 06:21 - 2012-03-13 06:21 - 0246120 ____A C:\Users\Oleuanna\Downloads\fullscreen.zip
2012-03-13 01:03 - 2011-10-19 12:24 - 0000000 ___AD C:\Users\Oleuanna\Documents\Research
2012-03-12 21:34 - 2012-03-12 21:33 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B33B223D-236B-4E4C-BE79-77C286BF09CD}
2012-03-12 09:33 - 2012-03-12 09:33 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{E11C178E-F8D5-4570-BBD2-3387F69E976E}
2012-03-12 09:33 - 2012-03-12 09:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2740DB47-37D5-4A3E-B4FD-833CC7525424}
2012-03-12 08:40 - 2012-03-12 08:39 - 0775768 ____A (Solid State Networks) C:\Users\Oleuanna\Downloads\install_flashplayer11x64_mssd_aih.exe
2012-03-11 21:32 - 2012-03-11 21:32 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{EF2328CF-4B56-4B19-B86C-CE94D9BCFBC6}
2012-03-11 21:32 - 2012-03-11 09:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1FA062DD-5784-4FE3-B612-8B94E7C6E8AB}
2012-03-11 09:31 - 2012-03-11 09:31 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DFDF399E-BCAD-4C3A-942C-3A6FBFB86CF8}
2012-03-10 21:31 - 2012-03-10 21:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C6764306-7E94-4445-BCAB-69F37F32A6EE}
2012-03-10 21:30 - 2012-03-10 21:30 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{2CBBABB5-1274-477C-A15E-C9A00B8EF9E1}
2012-03-10 04:20 - 2012-03-10 04:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B6F804D8-B9BA-4705-A3FD-C666A906F5EB}
2012-03-10 04:20 - 2012-03-10 04:20 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9734A3C6-7532-46E5-B97A-507700AE61DE}
2012-03-10 04:20 - 2012-03-10 04:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6053216E-31FC-4472-AB83-91166DC0E4BD}
2012-03-10 04:19 - 2012-03-10 04:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{42916E41-CE28-472D-98A4-ADFC3A9BC7B3}
2012-03-09 16:19 - 2012-03-09 16:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{8C96698B-4591-488B-87A8-0C8D71BEC2E3}
2012-03-09 16:19 - 2012-03-09 16:19 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4412834D-818A-4044-94C4-C2692FEEA3F0}
2012-03-09 16:19 - 2012-03-09 16:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D9EB76FD-E968-44F4-94CF-829B804F7BE8}
2012-03-09 16:18 - 2012-03-09 16:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9EDC32B6-C334-4CD9-89EB-0228EEB8DBAA}
2012-03-09 09:52 - 2011-05-14 12:05 - 0000000 ____D C:\Program Files (x86)\EasyBits For Kids
2012-03-09 09:42 - 2012-03-09 09:42 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\_MDLogs
2012-03-09 09:41 - 2012-03-07 04:28 - 0000000 ____D C:\Users\Oleuanna\AppData\Roaming\BitZipper
2012-03-09 04:18 - 2012-03-09 04:18 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B05BFB44-FD89-4573-8BAC-4BD25B487104}
2012-03-09 04:18 - 2012-03-09 04:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{228174CC-1C69-4EAC-A1C3-5C736321509F}
2012-03-09 01:42 - 2011-10-19 07:41 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\Hewlett-Packard
2012-03-08 16:17 - 2012-03-08 16:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{25D69FA0-86FD-4A60-A2A8-A0B22E889005}
2012-03-08 16:17 - 2012-03-08 16:17 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{0DED4CE9-B235-4FFE-A792-381594178EC5}
2012-03-08 09:50 - 2012-03-08 09:50 - 0049016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2012-03-08 09:37 - 2012-03-08 09:37 - 0302448 ____A (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2012-03-08 04:16 - 2012-03-08 04:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{FA324D3D-D68F-4B13-A2EF-9C67CBCA3A48}
2012-03-08 04:16 - 2012-03-08 04:16 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B20D313B-07FB-4ABF-962A-6A49EED44CD5}
2012-03-07 18:29 - 2012-03-07 18:29 - 0001809 ____A C:\Users\Oleuanna\Downloads\home.php
2012-03-07 16:48 - 2012-03-07 16:48 - 0030143 ____A C:\Users\Oleuanna\Downloads\icon.png
2012-03-07 16:48 - 2012-03-07 16:48 - 0007092 ____A C:\Users\Oleuanna\Downloads\functions.php
2012-03-07 16:48 - 2012-03-07 16:48 - 0003955 ____A C:\Users\Oleuanna\Downloads\header.php
2012-03-07 16:48 - 2012-03-07 16:48 - 0001167 ____A C:\Users\Oleuanna\Downloads\changelog.txt
2012-03-07 16:16 - 2012-03-07 16:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{34B8D4A3-8348-4771-9F09-17416CA79EDE}
2012-03-07 16:15 - 2012-03-07 16:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9BAEE2EE-B33A-4C5E-8E03-25615BA1F9FD}
2012-03-07 04:28 - 2012-03-07 04:28 - 0000000 ____D C:\Program Files (x86)\File Type Assistant
2012-03-07 04:21 - 2012-03-07 04:21 - 0621760 ____A (W3i, LLC) C:\Users\Oleuanna\Downloads\BitZipperH2010.v20120307.TrialSetupEn.exe
2012-03-07 04:15 - 2012-03-07 04:15 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{DF3B42F3-7C0F-48F4-B6EE-D14B9BC6DB8F}
2012-03-07 04:15 - 2012-03-07 04:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{D3DCFFFC-E223-411A-BB79-F293F0167EAE}
2012-03-06 16:14 - 2012-03-06 16:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{56A8E6DC-26CB-4525-AEC0-D4709EBA7FE6}
2012-03-06 16:14 - 2012-03-06 04:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{44273351-E97C-4CFF-9FEB-5B2206006293}
2012-03-06 04:14 - 2012-03-06 04:14 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{788FA6A8-9EEC-4144-A8B3-AFB38ABD3CD2}
2012-03-06 04:13 - 2012-03-06 04:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{9A3299C5-D926-4565-B33D-0DDE9891A04A}
2012-03-06 04:13 - 2012-03-06 04:13 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{1140ABAE-E8BE-4815-901A-B605602E8F8B}
2012-03-05 16:13 - 2012-03-05 16:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6E8AE76C-D564-49A2-B286-BF45D577ECFB}
2012-03-05 16:12 - 2012-03-05 16:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{30E0FFC4-A6E7-4AFD-948C-7CEF405F9F19}
2012-03-05 04:12 - 2012-03-05 04:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{B8D00811-46C8-47E9-9017-99E22483870E}
2012-03-05 04:12 - 2012-03-05 04:12 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{682FD995-D8CB-49FF-A7BD-0A04AEC3A6D4}
2012-03-05 04:12 - 2012-03-05 04:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{AC745D4F-A2A0-4764-AEDD-2A340A979EFC}
2012-03-05 04:11 - 2012-03-05 04:11 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{89703E85-DAC0-416E-A85F-351A0BA969DD}
2012-03-04 16:11 - 2012-03-04 16:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{316CCC82-0B12-44F3-AF87-B7D48664754E}
2012-03-04 16:10 - 2012-03-04 16:10 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{7A0989B4-C915-4019-AFAE-17FB0E6595BA}
2012-03-04 04:10 - 2012-03-04 04:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{A53B7EDE-EC98-4B6E-9E54-C73BD9901B7C}
2012-03-04 04:09 - 2012-03-04 04:09 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{6040F561-212F-4C8A-8174-B755DD38FC56}
2012-03-03 13:36 - 2012-03-03 13:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{C6FB3A12-E43A-4156-B8DF-BC4E637A1698}
2012-03-03 13:36 - 2012-03-03 13:36 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{425E3D39-D70D-481F-A197-B55320958E09}
2012-03-03 01:35 - 2012-03-03 01:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{76098887-1470-4FBA-8328-2B4F04D35222}
2012-03-03 01:35 - 2012-03-03 01:35 - 0000000 ____D C:\Users\Oleuanna\AppData\Local\{4E5A8D3E-3782-49EC-82F0-316D385B70EA}

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 18%
Total physical RAM: 3893.86 MB
Available physical RAM: 3174.77 MB
Total Pagefile: 3892.01 MB
Available Pagefile: 3162.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:684.72 GB) (Free:377.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:13.62 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive g: (rael_pilates_27) (CDROM) (Total:3.16 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:7.45 GB) (Free:1.78 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 0 B
Disk 1 Online 7633 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 684 GB 200 MB
Partition 3 Primary 13 GB 684 GB
Partition 4 Primary 102 MB 698 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 684 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E RECOVERY NTFS Partition 13 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 102 MB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 7633 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-05-07 12:16

======================= End Of Log ==========================

#11 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 02 June 2012 - 08:39 AM

Hi Oleuanna,


sorry for the delay!



Step 1
Please do the following. You will need a USB drive with no less than 64 mb of space.

  • Insert your USB drive.
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Download xPUD 0.9.2 iso, saving the file to your Desktop.
  • Download UNetbootin and save it to your Desktop as well.
  • Double click the unetbootin-windows-latest.exe that you just downloaded.
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will write files to your USB device and make it bootable
  • Once the files have been written to the device you will be prompted to reboot ~ do NOT reboot and instead just Exit the UNetbootin interface
  • Next, download dumpit and save it to the same flash drive where you installed xPUD.
  • Remove the USB and insert it in the ailing computer
  • Power on the computer and press F12 then choose to boot from the USB
  • After selecting a language and readying the system, a Welcome to xPUD screen will appear
  • Click the File tab
  • Expand mnt by clicking the plus sign to it's left
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Double click dumpit.
  • It will create some MBR copies on the USB drive.
  • When it completes press Enter to exit the Terminal window.
  • Remove the USB drive, then locate on it an mbr.zip file, and upload that here as an attachment please.
mbr.zip should be created on your flash drive, please attach it to your next reply.





Step 2
I would like you to answer the following questions as exactly as you can:
  • Do you know what the following exe file is?

    C:\Users\Oleuanna\Downloads\6qientwi.exe

    I assume that it is a GMER randomly named exe file. Can you confirm this?





What you should post with your next answer:
  • an attached mbr.zip,
  • an answer to my questions.

Regards,
M-K-D-B

#12 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 02 June 2012 - 02:44 PM

Hi ya

I seem to be unable to reboot from my USB it doesn't give me the option, any suggestions on how to set it up or an alternative?

As for the C:\Users\Oleuanna\Downloads\6qientwi.exe ... yes it is GMER

#13 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 04 June 2012 - 04:50 AM

Hi Oleuanna,



Step 1
Try this please. You will also need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next right click on dumpit, choose save under and download it to your USB
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • Click on sdb1 (sdb1 represents the USB drive).
  • Double click on the dumpit file.
  • A black window will pop-up and it will dump and zip the MBR to your USB drive.
  • Press Enter to exit the black window.
  • Click on HOME tab and choose Power Off to turn off xPUD.
  • Remove the USB drive and insert it back on your working computer.
  • Locate the mbr.zip file in your USB drive and attach it when you reply.





What you should post with your next answer:
  • an attached mbr.zip.

Regards,
M-K-D-B

#14 Oleuanna

Oleuanna
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:04:03 PM

Posted 06 June 2012 - 08:22 AM

Can you bear with me, my interent is down at the moment and am answreing you from the library. As soon as I get it up and running I shall reply please do not close the topic.

Thank you

O

#15 M-K-D-B

M-K-D-B

  • Malware Response Team
  • 1,598 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bavaria
  • Local time:11:03 PM

Posted 07 June 2012 - 02:39 AM

Hi Oleuanna,


thank you very much for your feedback.
Of course, I'll keep the topic open for you. :)
Regards,
M-K-D-B




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users