Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Click.get-answers-fast


  • This topic is locked This topic is locked
28 replies to this topic

#1 Jeremy T

Jeremy T

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 26 June 2012 - 09:44 PM

Windows 7 laptop

Infection began with the "Live Security Platinum" virus. I was able to remove that with MBAM. Once I got past that issue, I was able to access IE9 (should I downgrade to IE8?). I started with HJT, didn't work. Loaded SuperAS, got rid of one more trojan, but still click-get answers. On to trusty Bleeping Computer forum for help. Below are all the usual requested log files

1.) Hijack This log file
2.) Security Check log file - nothing that I saw
3.) TDSS Killer Log file - "clean"
4.) aswMBR log file - returned "**INFECTED** Win32:Sirefef-PL [Rtk]" in the Desktop.ini GAC_32 & GAC_64, plus a random AppData/Local file

1.) HIJACK THIS

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:25:21 PM, on 6/26/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Carson\Downloads\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost #[IPv6]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Core Temp.lnk = C:\Program Files\Core Temp\Core Temp.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{82AA4990-D44A-4373-9406-D5287BD44793}: NameServer = 68.87.68.166,68.87.74.166
O17 - HKLM\System\CCS\Services\Tcpip\..\{A65BDD01-2AE3-43FE-8030-0FB349D98409}: NameServer = 0.0.0.0
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CyberLink Product - 2010/09/16 01:55:06 (CLKMSVC10_C6F09094) - CyberLink - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11602 bytes


2.) SECURITY CHECK LOG FILE

Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Malwarebytes Anti-Malware version 1.61.0.1400
JavaFX 2.1.1
Java™ 6 Update 22
Java™ 7 Update 5
Adobe Reader X (10.1.3)
Mozilla Thunderbird 10.0.2 Thunderbird out of Date!
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````


3.) TDSS KILLER

22:33:48.0224 4668 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
22:33:48.0650 4668 ============================================================
22:33:48.0650 4668 Current date / time: 2012/06/26 22:33:48.0650
22:33:48.0650 4668 SystemInfo:
22:33:48.0650 4668
22:33:48.0650 4668 OS Version: 6.1.7601 ServicePack: 1.0
22:33:48.0650 4668 Product type: Workstation
22:33:48.0650 4668 ComputerName: CARSON
22:33:48.0651 4668 UserName: Carson
22:33:48.0651 4668 Windows directory: C:\Windows
22:33:48.0651 4668 System windows directory: C:\Windows
22:33:48.0651 4668 Running under WOW64
22:33:48.0651 4668 Processor architecture: Intel x64
22:33:48.0651 4668 Number of processors: 4
22:33:48.0651 4668 Page size: 0x1000
22:33:48.0651 4668 Boot type: Normal boot
22:33:48.0651 4668 ============================================================
22:33:49.0373 4668 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:49.0374 4668 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:49.0384 4668 ============================================================
22:33:49.0384 4668 \Device\Harddisk0\DR0:
22:33:49.0384 4668 MBR partitions:
22:33:49.0384 4668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:33:49.0384 4668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22991800
22:33:49.0384 4668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x229F5800, BlocksNum 0x2A05000
22:33:49.0384 4668 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
22:33:49.0384 4668 \Device\Harddisk1\DR1:
22:33:49.0384 4668 MBR partitions:
22:33:49.0384 4668 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
22:33:49.0384 4668 ============================================================
22:33:49.0400 4668 C: <-> \Device\Harddisk0\DR0\Partition1
22:33:49.0437 4668 D: <-> \Device\Harddisk1\DR1\Partition0
22:33:49.0481 4668 E: <-> \Device\Harddisk0\DR0\Partition2
22:33:49.0481 4668 ============================================================
22:33:49.0481 4668 Initialize success
22:33:49.0482 4668 ============================================================
22:33:53.0901 4052 ============================================================
22:33:53.0901 4052 Scan started
22:33:53.0901 4052 Mode: Manual;
22:33:53.0901 4052 ============================================================
22:33:56.0865 4052 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:33:56.0868 4052 !SASCORE - ok
22:33:57.0157 4052 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:33:57.0161 4052 1394ohci - ok
22:33:57.0293 4052 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
22:33:57.0293 4052 Accelerometer - ok
22:33:57.0370 4052 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:33:57.0374 4052 ACPI - ok
22:33:57.0418 4052 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:33:57.0419 4052 AcpiPmi - ok
22:33:57.0497 4052 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:33:57.0498 4052 AdobeARMservice - ok
22:33:57.0577 4052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:33:57.0585 4052 adp94xx - ok
22:33:57.0633 4052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:33:57.0639 4052 adpahci - ok
22:33:57.0691 4052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:33:57.0694 4052 adpu320 - ok
22:33:57.0740 4052 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:33:57.0741 4052 AeLookupSvc - ok
22:33:57.0843 4052 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
22:33:57.0845 4052 AESTFilters - ok
22:33:57.0956 4052 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:33:57.0964 4052 AFD - ok
22:33:58.0021 4052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:33:58.0022 4052 agp440 - ok
22:33:58.0067 4052 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:33:58.0069 4052 ALG - ok
22:33:58.0133 4052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:33:58.0134 4052 aliide - ok
22:33:58.0240 4052 ALSysIO - ok
22:33:58.0364 4052 AMD External Events Utility (48619a29f9c9c3cfeb66718dd03d8057) C:\Windows\system32\atiesrxx.exe
22:33:58.0368 4052 AMD External Events Utility - ok
22:33:58.0405 4052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:33:58.0406 4052 amdide - ok
22:33:58.0438 4052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:33:58.0440 4052 AmdK8 - ok
22:33:59.0227 4052 amdkmdag (06bf0785de714637eba9bb1084b28626) C:\Windows\system32\DRIVERS\atikmdag.sys
22:33:59.0390 4052 amdkmdag - ok
22:33:59.0516 4052 amdkmdap (2dec3274589ff6889ab05adceeb0f642) C:\Windows\system32\DRIVERS\atikmpag.sys
22:33:59.0519 4052 amdkmdap - ok
22:33:59.0546 4052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:33:59.0548 4052 AmdPPM - ok
22:33:59.0588 4052 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:33:59.0591 4052 amdsata - ok
22:33:59.0641 4052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:33:59.0644 4052 amdsbs - ok
22:33:59.0658 4052 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:33:59.0658 4052 amdxata - ok
22:33:59.0705 4052 AMPPAL (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys
22:33:59.0710 4052 AMPPAL - ok
22:33:59.0718 4052 AMPPALP (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys
22:33:59.0721 4052 AMPPALP - ok
22:33:59.0854 4052 AMPPALR3 (576134e43169810b560f0bb6fdee13f5) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
22:33:59.0872 4052 AMPPALR3 - ok
22:34:00.0031 4052 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:34:00.0032 4052 AppID - ok
22:34:00.0059 4052 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:34:00.0060 4052 AppIDSvc - ok
22:34:00.0112 4052 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:34:00.0114 4052 Appinfo - ok
22:34:00.0203 4052 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:34:00.0205 4052 Apple Mobile Device - ok
22:34:00.0249 4052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:34:00.0251 4052 arc - ok
22:34:00.0271 4052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:34:00.0273 4052 arcsas - ok
22:34:00.0413 4052 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:34:00.0414 4052 aspnet_state - ok
22:34:00.0455 4052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:34:00.0456 4052 AsyncMac - ok
22:34:00.0488 4052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:34:00.0489 4052 atapi - ok
22:34:00.0542 4052 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
22:34:00.0544 4052 AtiHdmiService - ok
22:34:00.0661 4052 atksgt (1fd0fa6618b31fad14385740d0f6c333) C:\Windows\system32\DRIVERS\atksgt.sys
22:34:00.0664 4052 atksgt - ok
22:34:00.0765 4052 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:34:00.0776 4052 AudioEndpointBuilder - ok
22:34:00.0787 4052 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:34:00.0793 4052 AudioSrv - ok
22:34:00.0859 4052 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:34:00.0861 4052 AxInstSV - ok
22:34:00.0936 4052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:34:00.0943 4052 b06bdrv - ok
22:34:00.0994 4052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:34:00.0998 4052 b57nd60a - ok
22:34:01.0038 4052 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:34:01.0040 4052 BDESVC - ok
22:34:01.0057 4052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:34:01.0058 4052 Beep - ok
22:34:01.0163 4052 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:34:01.0178 4052 BITS - ok
22:34:01.0213 4052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:34:01.0214 4052 blbdrive - ok
22:34:01.0302 4052 Bonjour Service (673cf4f6bb1fbe09331b526802fbb892) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
22:34:01.0307 4052 Bonjour Service - ok
22:34:01.0337 4052 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:34:01.0338 4052 bowser - ok
22:34:01.0360 4052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:34:01.0362 4052 BrFiltLo - ok
22:34:01.0379 4052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:34:01.0380 4052 BrFiltUp - ok
22:34:01.0438 4052 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:34:01.0441 4052 Browser - ok
22:34:01.0479 4052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:34:01.0484 4052 Brserid - ok
22:34:01.0516 4052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:34:01.0517 4052 BrSerWdm - ok
22:34:01.0532 4052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:34:01.0533 4052 BrUsbMdm - ok
22:34:01.0544 4052 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:34:01.0545 4052 BrUsbSer - ok
22:34:01.0562 4052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:34:01.0564 4052 BTHMODEM - ok
22:34:01.0613 4052 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:34:01.0615 4052 bthserv - ok
22:34:01.0706 4052 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
22:34:01.0709 4052 BTHSSecurityMgr - ok
22:34:01.0725 4052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:34:01.0727 4052 cdfs - ok
22:34:01.0773 4052 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
22:34:01.0775 4052 cdrom - ok
22:34:01.0834 4052 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:34:01.0836 4052 CertPropSvc - ok
22:34:01.0919 4052 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
22:34:01.0925 4052 CinemaNow Service - ok
22:34:01.0961 4052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:34:01.0962 4052 circlass - ok
22:34:02.0008 4052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:34:02.0013 4052 CLFS - ok
22:34:02.0090 4052 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
22:34:02.0094 4052 CLKMSVC10_C6F09094 - ok
22:34:02.0155 4052 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:34:02.0157 4052 clr_optimization_v2.0.50727_32 - ok
22:34:02.0201 4052 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:34:02.0203 4052 clr_optimization_v2.0.50727_64 - ok
22:34:02.0276 4052 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:34:02.0278 4052 clr_optimization_v4.0.30319_32 - ok
22:34:02.0312 4052 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:34:02.0315 4052 clr_optimization_v4.0.30319_64 - ok
22:34:02.0416 4052 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
22:34:02.0417 4052 clwvd - ok
22:34:02.0444 4052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:34:02.0445 4052 CmBatt - ok
22:34:02.0478 4052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:34:02.0479 4052 cmdide - ok
22:34:02.0546 4052 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:34:02.0552 4052 CNG - ok
22:34:02.0578 4052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:34:02.0579 4052 Compbatt - ok
22:34:02.0620 4052 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:34:02.0621 4052 CompositeBus - ok
22:34:02.0626 4052 COMSysApp - ok
22:34:02.0649 4052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:34:02.0650 4052 crcdisk - ok
22:34:02.0705 4052 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
22:34:02.0708 4052 CryptSvc - ok
22:34:02.0779 4052 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:34:02.0788 4052 DcomLaunch - ok
22:34:02.0826 4052 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:34:02.0831 4052 defragsvc - ok
22:34:02.0889 4052 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:34:02.0891 4052 DfsC - ok
22:34:02.0928 4052 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:34:02.0933 4052 Dhcp - ok
22:34:02.0958 4052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:34:02.0959 4052 discache - ok
22:34:03.0002 4052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:34:03.0003 4052 Disk - ok
22:34:03.0036 4052 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:34:03.0040 4052 Dnscache - ok
22:34:03.0097 4052 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:34:03.0101 4052 dot3svc - ok
22:34:03.0197 4052 DpHost (3e6b2753a09d46958f5d0df8e1b650ca) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
22:34:03.0204 4052 DpHost - ok
22:34:03.0261 4052 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:34:03.0264 4052 DPS - ok
22:34:03.0304 4052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:34:03.0305 4052 drmkaud - ok
22:34:03.0411 4052 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:34:03.0421 4052 DXGKrnl - ok
22:34:03.0449 4052 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:34:03.0451 4052 EapHost - ok
22:34:03.0655 4052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:34:03.0703 4052 ebdrv - ok
22:34:03.0810 4052 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:34:03.0813 4052 EFS - ok
22:34:03.0924 4052 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:34:03.0935 4052 ehRecvr - ok
22:34:03.0954 4052 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:34:03.0957 4052 ehSched - ok
22:34:04.0042 4052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:34:04.0051 4052 elxstor - ok
22:34:04.0082 4052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:34:04.0084 4052 ErrDev - ok
22:34:04.0139 4052 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:34:04.0146 4052 EventSystem - ok
22:34:04.0312 4052 EvtEng (e3a96d5ae6e5c7b5472011ba77353368) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:34:04.0348 4052 EvtEng - ok
22:34:04.0478 4052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:34:04.0482 4052 exfat - ok
22:34:04.0507 4052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:34:04.0510 4052 fastfat - ok
22:34:04.0606 4052 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:34:04.0617 4052 Fax - ok
22:34:04.0636 4052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:34:04.0637 4052 fdc - ok
22:34:04.0662 4052 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:34:04.0663 4052 fdPHost - ok
22:34:04.0678 4052 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:34:04.0680 4052 FDResPub - ok
22:34:04.0706 4052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:34:04.0708 4052 FileInfo - ok
22:34:04.0722 4052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:34:04.0724 4052 Filetrace - ok
22:34:04.0734 4052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:34:04.0735 4052 flpydisk - ok
22:34:04.0765 4052 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:34:04.0769 4052 FltMgr - ok
22:34:04.0861 4052 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:34:04.0879 4052 FontCache - ok
22:34:04.0977 4052 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:34:04.0978 4052 FontCache3.0.0.0 - ok
22:34:05.0015 4052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:34:05.0017 4052 FsDepends - ok
22:34:05.0078 4052 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:34:05.0079 4052 Fs_Rec - ok
22:34:05.0143 4052 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:34:05.0146 4052 fvevol - ok
22:34:05.0182 4052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:34:05.0184 4052 gagp30kx - ok
22:34:05.0223 4052 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:34:05.0224 4052 GEARAspiWDM - ok
22:34:05.0313 4052 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:34:05.0326 4052 gpsvc - ok
22:34:05.0481 4052 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:34:05.0483 4052 gupdate - ok
22:34:05.0502 4052 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:34:05.0504 4052 gupdatem - ok
22:34:05.0536 4052 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
22:34:05.0537 4052 hamachi - ok
22:34:05.0751 4052 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:34:05.0785 4052 Hamachi2Svc - ok
22:34:05.0901 4052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:34:05.0902 4052 hcw85cir - ok
22:34:05.0965 4052 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:34:05.0971 4052 HdAudAddService - ok
22:34:06.0018 4052 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:34:06.0020 4052 HDAudBus - ok
22:34:06.0060 4052 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:34:06.0061 4052 HECIx64 - ok
22:34:06.0073 4052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:34:06.0074 4052 HidBatt - ok
22:34:06.0096 4052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:34:06.0099 4052 HidBth - ok
22:34:06.0135 4052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:34:06.0136 4052 HidIr - ok
22:34:06.0155 4052 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:34:06.0157 4052 hidserv - ok
22:34:06.0176 4052 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:34:06.0177 4052 HidUsb - ok
22:34:06.0239 4052 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:34:06.0242 4052 hkmsvc - ok
22:34:06.0298 4052 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:34:06.0303 4052 HomeGroupListener - ok
22:34:06.0359 4052 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:34:06.0363 4052 HomeGroupProvider - ok
22:34:06.0423 4052 HP Health Check Service - ok
22:34:06.0500 4052 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
22:34:06.0502 4052 HP Wireless Assistant Service - ok
22:34:06.0565 4052 HPDrvMntSvc.exe (881f74074963cdad8c475d09dc3a0bb6) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
22:34:06.0567 4052 HPDrvMntSvc.exe - ok
22:34:06.0595 4052 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
22:34:06.0596 4052 hpdskflt - ok
22:34:06.0642 4052 hpqwmiex (fe51b163a618b1cbf015485d21c1bc68) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
22:34:06.0652 4052 hpqwmiex - ok
22:34:06.0698 4052 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:34:06.0700 4052 HpSAMD - ok
22:34:06.0738 4052 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
22:34:06.0740 4052 hpsrv - ok
22:34:06.0801 4052 HPWMISVC (5aa89e152634954e15e9db265c6a8557) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
22:34:06.0802 4052 HPWMISVC - ok
22:34:06.0895 4052 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:34:06.0908 4052 HTTP - ok
22:34:06.0969 4052 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:34:06.0969 4052 hwpolicy - ok
22:34:07.0016 4052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:34:07.0018 4052 i8042prt - ok
22:34:07.0075 4052 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
22:34:07.0081 4052 iaStor - ok
22:34:07.0130 4052 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:34:07.0137 4052 iaStorV - ok
22:34:07.0275 4052 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:34:07.0289 4052 idsvc - ok
22:34:07.0921 4052 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:34:08.0073 4052 igfx - ok
22:34:08.0211 4052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:34:08.0213 4052 iirsp - ok
22:34:08.0315 4052 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:34:08.0329 4052 IKEEXT - ok
22:34:08.0361 4052 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
22:34:08.0363 4052 Impcd - ok
22:34:08.0397 4052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:34:08.0399 4052 intelide - ok
22:34:09.0067 4052 intelkmd (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdpmd64.sys
22:34:09.0285 4052 intelkmd - ok
22:34:09.0403 4052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:34:09.0404 4052 intelppm - ok
22:34:09.0434 4052 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:34:09.0437 4052 IPBusEnum - ok
22:34:09.0491 4052 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:34:09.0493 4052 IpFilterDriver - ok
22:34:09.0530 4052 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:34:09.0532 4052 IPMIDRV - ok
22:34:09.0580 4052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:34:09.0582 4052 IPNAT - ok
22:34:09.0701 4052 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe
22:34:09.0715 4052 iPod Service - ok
22:34:09.0739 4052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:34:09.0740 4052 IRENUM - ok
22:34:09.0767 4052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:34:09.0769 4052 isapnp - ok
22:34:09.0812 4052 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:34:09.0816 4052 iScsiPrt - ok
22:34:09.0839 4052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:34:09.0840 4052 kbdclass - ok
22:34:09.0879 4052 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:34:09.0881 4052 kbdhid - ok
22:34:09.0919 4052 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:34:09.0921 4052 KeyIso - ok
22:34:09.0937 4052 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:34:09.0939 4052 KSecDD - ok
22:34:09.0958 4052 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:34:09.0961 4052 KSecPkg - ok
22:34:09.0980 4052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:34:09.0981 4052 ksthunk - ok
22:34:10.0035 4052 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:34:10.0042 4052 KtmRm - ok
22:34:10.0109 4052 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:34:10.0114 4052 LanmanServer - ok
22:34:10.0168 4052 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:34:10.0172 4052 LanmanWorkstation - ok
22:34:10.0236 4052 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
22:34:10.0237 4052 lirsgt - ok
22:34:10.0263 4052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:34:10.0264 4052 lltdio - ok
22:34:10.0296 4052 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:34:10.0302 4052 lltdsvc - ok
22:34:10.0333 4052 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:34:10.0335 4052 lmhosts - ok
22:34:10.0451 4052 LMS (6d515466ab8bfe61184092b635ae6eb4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:34:10.0456 4052 LMS - ok
22:34:10.0495 4052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:34:10.0498 4052 LSI_FC - ok
22:34:10.0535 4052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:34:10.0537 4052 LSI_SAS - ok
22:34:10.0562 4052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:34:10.0564 4052 LSI_SAS2 - ok
22:34:10.0584 4052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:34:10.0587 4052 LSI_SCSI - ok
22:34:10.0623 4052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:34:10.0625 4052 luafv - ok
22:34:10.0683 4052 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:34:10.0686 4052 Mcx2Svc - ok
22:34:10.0714 4052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:34:10.0715 4052 megasas - ok
22:34:10.0753 4052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:34:10.0758 4052 MegaSR - ok
22:34:10.0791 4052 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:34:10.0793 4052 MMCSS - ok
22:34:10.0807 4052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:34:10.0809 4052 Modem - ok
22:34:10.0830 4052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:34:10.0831 4052 monitor - ok
22:34:10.0862 4052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:34:10.0863 4052 mouclass - ok
22:34:10.0892 4052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:34:10.0893 4052 mouhid - ok
22:34:10.0946 4052 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:34:10.0948 4052 mountmgr - ok
22:34:11.0020 4052 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
22:34:11.0023 4052 MpFilter - ok
22:34:11.0056 4052 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:34:11.0059 4052 mpio - ok
22:34:11.0082 4052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:34:11.0084 4052 mpsdrv - ok
22:34:11.0137 4052 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:34:11.0140 4052 MRxDAV - ok
22:34:11.0172 4052 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:34:11.0175 4052 mrxsmb - ok
22:34:11.0239 4052 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:34:11.0244 4052 mrxsmb10 - ok
22:34:11.0265 4052 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:34:11.0267 4052 mrxsmb20 - ok
22:34:11.0294 4052 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:34:11.0295 4052 msahci - ok
22:34:11.0320 4052 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:34:11.0323 4052 msdsm - ok
22:34:11.0370 4052 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:34:11.0374 4052 MSDTC - ok
22:34:11.0397 4052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:34:11.0398 4052 Msfs - ok
22:34:11.0422 4052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:34:11.0423 4052 mshidkmdf - ok
22:34:11.0437 4052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:34:11.0437 4052 msisadrv - ok
22:34:11.0472 4052 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:34:11.0476 4052 MSiSCSI - ok
22:34:11.0481 4052 msiserver - ok
22:34:11.0512 4052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:34:11.0513 4052 MSKSSRV - ok
22:34:11.0529 4052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:34:11.0531 4052 MSPCLOCK - ok
22:34:11.0539 4052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:34:11.0541 4052 MSPQM - ok
22:34:11.0608 4052 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:34:11.0614 4052 MsRPC - ok
22:34:11.0634 4052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:34:11.0635 4052 mssmbios - ok
22:34:11.0655 4052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:34:11.0656 4052 MSTEE - ok
22:34:11.0672 4052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:34:11.0673 4052 MTConfig - ok
22:34:11.0699 4052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:34:11.0700 4052 Mup - ok
22:34:11.0774 4052 MyWiFiDHCPDNS (8f57db74bf5407a4cda6c8b005dc8dd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:34:11.0779 4052 MyWiFiDHCPDNS - ok
22:34:11.0850 4052 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:34:11.0859 4052 napagent - ok
22:34:11.0908 4052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:34:11.0913 4052 NativeWifiP - ok
22:34:11.0987 4052 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:34:12.0001 4052 NDIS - ok
22:34:12.0026 4052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:34:12.0028 4052 NdisCap - ok
22:34:12.0052 4052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:34:12.0054 4052 NdisTapi - ok
22:34:12.0102 4052 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:34:12.0104 4052 Ndisuio - ok
22:34:12.0165 4052 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:34:12.0168 4052 NdisWan - ok
22:34:12.0197 4052 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:34:12.0198 4052 NDProxy - ok
22:34:12.0232 4052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:34:12.0234 4052 NetBIOS - ok
22:34:12.0297 4052 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:34:12.0301 4052 NetBT - ok
22:34:12.0327 4052 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:34:12.0329 4052 Netlogon - ok
22:34:12.0377 4052 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:34:12.0384 4052 Netman - ok
22:34:12.0485 4052 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:34:12.0488 4052 NetMsmqActivator - ok
22:34:12.0508 4052 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:34:12.0510 4052 NetPipeActivator - ok
22:34:12.0552 4052 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:34:12.0560 4052 netprofm - ok
22:34:12.0568 4052 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:34:12.0569 4052 NetTcpActivator - ok
22:34:12.0575 4052 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:34:12.0577 4052 NetTcpPortSharing - ok
22:34:13.0054 4052 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
22:34:13.0160 4052 NETw5s64 - ok
22:34:13.0587 4052 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
22:34:13.0664 4052 netw5v64 - ok
22:34:14.0272 4052 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
22:34:14.0390 4052 NETwNs64 - ok
22:34:14.0523 4052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:34:14.0524 4052 nfrd960 - ok
22:34:14.0552 4052 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:34:14.0554 4052 NisDrv - ok
22:34:14.0646 4052 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
22:34:14.0651 4052 NisSrv - ok
22:34:14.0727 4052 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:34:14.0733 4052 NlaSvc - ok
22:34:14.0762 4052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:34:14.0764 4052 Npfs - ok
22:34:14.0791 4052 npggsvc - ok
22:34:14.0828 4052 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:34:14.0831 4052 nsi - ok
22:34:14.0851 4052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:34:14.0852 4052 nsiproxy - ok
22:34:14.0985 4052 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:34:15.0020 4052 Ntfs - ok
22:34:15.0128 4052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:34:15.0129 4052 Null - ok
22:34:15.0161 4052 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:34:15.0164 4052 nvraid - ok
22:34:15.0186 4052 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:34:15.0189 4052 nvstor - ok
22:34:15.0223 4052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:34:15.0225 4052 nv_agp - ok
22:34:15.0258 4052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:34:15.0260 4052 ohci1394 - ok
22:34:15.0338 4052 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:34:15.0339 4052 ose - ok
22:34:15.0384 4052 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:34:15.0390 4052 p2pimsvc - ok
22:34:15.0425 4052 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:34:15.0434 4052 p2psvc - ok
22:34:15.0460 4052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:34:15.0462 4052 Parport - ok
22:34:15.0519 4052 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:34:15.0521 4052 partmgr - ok
22:34:15.0538 4052 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:34:15.0542 4052 PcaSvc - ok
22:34:15.0579 4052 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:34:15.0582 4052 pci - ok
22:34:15.0604 4052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:34:15.0605 4052 pciide - ok
22:34:15.0630 4052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:34:15.0634 4052 pcmcia - ok
22:34:15.0666 4052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:34:15.0667 4052 pcw - ok
22:34:15.0715 4052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:34:15.0726 4052 PEAUTH - ok
22:34:15.0811 4052 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:34:15.0813 4052 PerfHost - ok
22:34:15.0996 4052 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:34:16.0018 4052 pla - ok
22:34:16.0085 4052 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:34:16.0093 4052 PlugPlay - ok
22:34:16.0115 4052 PnkBstrA - ok
22:34:16.0144 4052 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:34:16.0147 4052 PNRPAutoReg - ok
22:34:16.0176 4052 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:34:16.0181 4052 PNRPsvc - ok
22:34:16.0258 4052 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:34:16.0267 4052 PolicyAgent - ok
22:34:16.0305 4052 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:34:16.0310 4052 Power - ok
22:34:16.0392 4052 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:34:16.0395 4052 PptpMiniport - ok
22:34:16.0416 4052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:34:16.0417 4052 Processor - ok
22:34:16.0444 4052 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
22:34:16.0448 4052 ProfSvc - ok
22:34:16.0479 4052 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:34:16.0481 4052 ProtectedStorage - ok
22:34:16.0551 4052 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:34:16.0553 4052 Psched - ok
22:34:16.0667 4052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:34:16.0690 4052 ql2300 - ok
22:34:16.0804 4052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:34:16.0807 4052 ql40xx - ok
22:34:16.0847 4052 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:34:16.0852 4052 QWAVE - ok
22:34:16.0868 4052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:34:16.0869 4052 QWAVEdrv - ok
22:34:16.0882 4052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:34:16.0883 4052 RasAcd - ok
22:34:16.0919 4052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:34:16.0921 4052 RasAgileVpn - ok
22:34:16.0930 4052 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:34:16.0934 4052 RasAuto - ok
22:34:16.0989 4052 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:34:16.0992 4052 Rasl2tp - ok
22:34:17.0034 4052 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:34:17.0042 4052 RasMan - ok
22:34:17.0066 4052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:34:17.0068 4052 RasPppoe - ok
22:34:17.0088 4052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:34:17.0089 4052 RasSstp - ok
22:34:17.0154 4052 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:34:17.0159 4052 rdbss - ok
22:34:17.0175 4052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:34:17.0177 4052 rdpbus - ok
22:34:17.0196 4052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:34:17.0197 4052 RDPCDD - ok
22:34:17.0207 4052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:34:17.0209 4052 RDPENCDD - ok
22:34:17.0223 4052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:34:17.0225 4052 RDPREFMP - ok
22:34:17.0283 4052 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:34:17.0287 4052 RDPWD - ok
22:34:17.0358 4052 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:34:17.0361 4052 rdyboost - ok
22:34:17.0462 4052 RegSrvc (fd11c1287d38a46fb72353e14d50089c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:34:17.0476 4052 RegSrvc - ok
22:34:17.0514 4052 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:34:17.0517 4052 RemoteAccess - ok
22:34:17.0548 4052 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:34:17.0552 4052 RemoteRegistry - ok
22:34:17.0628 4052 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
22:34:17.0630 4052 Revoflt - ok
22:34:17.0658 4052 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:34:17.0662 4052 RpcEptMapper - ok
22:34:17.0677 4052 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:34:17.0679 4052 RpcLocator - ok
22:34:17.0748 4052 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:34:17.0755 4052 RpcSs - ok
22:34:17.0790 4052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:34:17.0792 4052 rspndr - ok
22:34:17.0831 4052 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
22:34:17.0835 4052 RSUSBSTOR - ok
22:34:17.0889 4052 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:34:17.0892 4052 RTL8167 - ok
22:34:17.0921 4052 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:34:17.0922 4052 SamSs - ok
22:34:18.0044 4052 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:34:18.0044 4052 SASDIFSV - ok
22:34:18.0059 4052 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:34:18.0059 4052 SASKUTIL - ok
22:34:18.0088 4052 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:34:18.0090 4052 sbp2port - ok
22:34:18.0126 4052 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:34:18.0130 4052 SCardSvr - ok
22:34:18.0169 4052 SCDEmu (d3022dba20029f1899b555298a5e95a3) C:\Windows\system32\drivers\SCDEmu.sys
22:34:18.0171 4052 SCDEmu - ok
22:34:18.0227 4052 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:34:18.0229 4052 scfilter - ok
22:34:18.0338 4052 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:34:18.0357 4052 Schedule - ok
22:34:18.0411 4052 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:34:18.0412 4052 SCPolicySvc - ok
22:34:18.0448 4052 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
22:34:18.0450 4052 sdbus - ok
22:34:18.0484 4052 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:34:18.0488 4052 SDRSVC - ok
22:34:18.0537 4052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:34:18.0538 4052 secdrv - ok
22:34:18.0564 4052 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:34:18.0567 4052 seclogon - ok
22:34:18.0619 4052 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:34:18.0622 4052 SENS - ok
22:34:18.0645 4052 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:34:18.0648 4052 SensrSvc - ok
22:34:18.0676 4052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:34:18.0677 4052 Serenum - ok
22:34:18.0696 4052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:34:18.0698 4052 Serial - ok
22:34:18.0734 4052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:34:18.0736 4052 sermouse - ok
22:34:18.0805 4052 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:34:18.0809 4052 SessionEnv - ok
22:34:18.0835 4052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:34:18.0836 4052 sffdisk - ok
22:34:18.0865 4052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:34:18.0867 4052 sffp_mmc - ok
22:34:18.0879 4052 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:34:18.0881 4052 sffp_sd - ok
22:34:18.0907 4052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:34:18.0908 4052 sfloppy - ok
22:34:18.0950 4052 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:34:18.0957 4052 ShellHWDetection - ok
22:34:18.0988 4052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:34:18.0990 4052 SiSRaid2 - ok
22:34:19.0017 4052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:34:19.0019 4052 SiSRaid4 - ok
22:34:19.0048 4052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:34:19.0050 4052 Smb - ok
22:34:19.0107 4052 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:34:19.0109 4052 SNMPTRAP - ok
22:34:19.0123 4052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:34:19.0124 4052 spldr - ok
22:34:19.0222 4052 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:34:19.0233 4052 Spooler - ok
22:34:19.0499 4052 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:34:19.0550 4052 sppsvc - ok
22:34:19.0646 4052 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:34:19.0650 4052 sppuinotify - ok
22:34:19.0703 4052 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:34:19.0710 4052 srv - ok
22:34:19.0742 4052 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:34:19.0747 4052 srv2 - ok
22:34:19.0787 4052 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:34:19.0792 4052 SrvHsfHDA - ok
22:34:19.0957 4052 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:34:19.0973 4052 SrvHsfV92 - ok
22:34:20.0222 4052 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:34:20.0238 4052 SrvHsfWinac - ok
22:34:20.0285 4052 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:34:20.0285 4052 srvnet - ok
22:34:20.0332 4052 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:34:20.0347 4052 SSDPSRV - ok
22:34:20.0363 4052 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:34:20.0363 4052 SstpSvc - ok
22:34:20.0441 4052 STacSV (463e33b1ea7af1e6eb87b66b831db41a) C:\Program Files\IDT\WDM\STacSV64.exe
22:34:20.0441 4052 STacSV - ok
22:34:20.0503 4052 Steam Client Service - ok
22:34:20.0566 4052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:34:20.0566 4052 stexstor - ok
22:34:20.0644 4052 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
22:34:20.0659 4052 STHDA - ok
22:34:20.0753 4052 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:34:20.0753 4052 stisvc - ok
22:34:20.0846 4052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:34:20.0846 4052 swenum - ok
22:34:20.0940 4052 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:34:20.0956 4052 swprv - ok
22:34:21.0143 4052 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
22:34:21.0158 4052 SynTP - ok
22:34:21.0377 4052 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:34:21.0408 4052 SysMain - ok
22:34:21.0486 4052 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:34:21.0502 4052 TabletInputService - ok
22:34:21.0533 4052 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:34:21.0533 4052 TapiSrv - ok
22:34:21.0564 4052 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:34:21.0564 4052 TBS - ok
22:34:21.0767 4052 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:34:21.0782 4052 Tcpip - ok
22:34:21.0976 4052 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:34:21.0986 4052 TCPIP6 - ok
22:34:22.0076 4052 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:34:22.0076 4052 tcpipreg - ok
22:34:22.0106 4052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:34:22.0106 4052 TDPIPE - ok
22:34:22.0156 4052 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:34:22.0156 4052 TDTCP - ok
22:34:22.0206 4052 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:34:22.0206 4052 tdx - ok
22:34:22.0236 4052 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:34:22.0236 4052 TermDD - ok
22:34:22.0287 4052 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:34:22.0303 4052 TermService - ok
22:34:22.0334 4052 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:34:22.0350 4052 Themes - ok
22:34:22.0396 4052 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:34:22.0396 4052 THREADORDER - ok
22:34:22.0459 4052 Toolbar Updater Service - ok
22:34:22.0490 4052 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:34:22.0506 4052 TrkWks - ok
22:34:22.0615 4052 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:34:22.0615 4052 TrustedInstaller - ok
22:34:22.0662 4052 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:34:22.0662 4052 tssecsrv - ok
22:34:22.0755 4052 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:34:22.0755 4052 TsUsbFlt - ok
22:34:22.0849 4052 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:34:22.0849 4052 tunnel - ok
22:34:22.0880 4052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:34:22.0880 4052 uagp35 - ok
22:34:22.0958 4052 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:34:22.0958 4052 udfs - ok
22:34:22.0989 4052 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:34:22.0989 4052 UI0Detect - ok
22:34:23.0036 4052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:34:23.0036 4052 uliagpkx - ok
22:34:23.0067 4052 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:34:23.0083 4052 umbus - ok
22:34:23.0098 4052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:34:23.0114 4052 UmPass - ok
22:34:23.0426 4052 UNS (0fadd949576a164b4e51e716f46b6c33) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:34:23.0457 4052 UNS - ok
22:34:23.0598 4052 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:34:23.0598 4052 upnphost - ok
22:34:23.0644 4052 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
22:34:23.0660 4052 USBAAPL64 - ok
22:34:23.0691 4052 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
22:34:23.0691 4052 usbaudio - ok
22:34:23.0722 4052 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:34:23.0738 4052 usbccgp - ok
22:34:23.0769 4052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:34:23.0769 4052 usbcir - ok
22:34:23.0800 4052 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:34:23.0816 4052 usbehci - ok
22:34:23.0847 4052 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:34:23.0863 4052 usbhub - ok
22:34:23.0894 4052 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:34:23.0894 4052 usbohci - ok
22:34:23.0925 4052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:34:23.0925 4052 usbprint - ok
22:34:23.0941 4052 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:34:23.0941 4052 USBSTOR - ok
22:34:23.0972 4052 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:34:23.0972 4052 usbuhci - ok
22:34:24.0019 4052 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
22:34:24.0019 4052 usbvideo - ok
22:34:24.0050 4052 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:34:24.0050 4052 UxSms - ok
22:34:24.0081 4052 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:34:24.0081 4052 VaultSvc - ok
22:34:24.0237 4052 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe
22:34:24.0284 4052 vcsFPService - ok
22:34:24.0424 4052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:34:24.0424 4052 vdrvroot - ok
22:34:24.0502 4052 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:34:24.0518 4052 vds - ok
22:34:24.0565 4052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:34:24.0565 4052 vga - ok
22:34:24.0580 4052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:34:24.0580 4052 VgaSave - ok
22:34:24.0643 4052 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:34:24.0658 4052 vhdmp - ok
22:34:24.0674 4052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:34:24.0674 4052 viaide - ok
22:34:24.0690 4052 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:34:24.0690 4052 volmgr - ok
22:34:24.0768 4052 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:34:24.0768 4052 volmgrx - ok
22:34:24.0799 4052 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:34:24.0799 4052 volsnap - ok
22:34:24.0846 4052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:34:24.0846 4052 vsmraid - ok
22:34:24.0986 4052 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:34:25.0017 4052 VSS - ok
22:34:25.0126 4052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:34:25.0126 4052 vwifibus - ok
22:34:25.0173 4052 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:34:25.0173 4052 vwififlt - ok
22:34:25.0189 4052 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:34:25.0189 4052 vwifimp - ok
22:34:25.0251 4052 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:34:25.0267 4052 W32Time - ok
22:34:25.0298 4052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:34:25.0298 4052 WacomPen - ok
22:34:25.0360 4052 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:34:25.0360 4052 WANARP - ok
22:34:25.0376 4052 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:34:25.0376 4052 Wanarpv6 - ok
22:34:25.0485 4052 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:34:25.0501 4052 WatAdminSvc - ok
22:34:25.0626 4052 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:34:25.0657 4052 wbengine - ok
22:34:25.0766 4052 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:34:25.0766 4052 WbioSrvc - ok
22:34:25.0844 4052 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:34:25.0860 4052 wcncsvc - ok
22:34:25.0875 4052 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:34:25.0875 4052 WcsPlugInService - ok
22:34:25.0922 4052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:34:25.0922 4052 Wd - ok
22:34:25.0984 4052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:34:26.0000 4052 Wdf01000 - ok
22:34:26.0016 4052 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:34:26.0016 4052 WdiServiceHost - ok
22:34:26.0031 4052 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:34:26.0031 4052 WdiSystemHost - ok
22:34:26.0062 4052 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
22:34:26.0062 4052 wdkmd - ok
22:34:26.0125 4052 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:34:26.0140 4052 WebClient - ok
22:34:26.0172 4052 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:34:26.0172 4052 Wecsvc - ok
22:34:26.0203 4052 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:34:26.0203 4052 wercplsupport - ok
22:34:26.0234 4052 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:34:26.0234 4052 WerSvc - ok
22:34:26.0265 4052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:34:26.0265 4052 WfpLwf - ok
22:34:26.0281 4052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:34:26.0281 4052 WIMMount - ok
22:34:26.0296 4052 WinHttpAutoProxySvc - ok
22:34:26.0374 4052 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:34:26.0374 4052 Winmgmt - ok
22:34:26.0562 4052 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:34:26.0593 4052 WinRM - ok
22:34:26.0764 4052 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
22:34:26.0764 4052 WinUSB - ok
22:34:26.0842 4052 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:34:26.0858 4052 Wlansvc - ok
22:34:27.0076 4052 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:34:27.0108 4052 wlidsvc - ok
22:34:27.0217 4052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:34:27.0217 4052 WmiAcpi - ok
22:34:27.0279 4052 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:34:27.0279 4052 wmiApSrv - ok
22:34:27.0310 4052 WMPNetworkSvc - ok
22:34:27.0326 4052 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:34:27.0342 4052 WPCSvc - ok
22:34:27.0388 4052 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:34:27.0404 4052 WPDBusEnum - ok
22:34:27.0420 4052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:34:27.0420 4052 ws2ifsl - ok
22:34:27.0420 4052 WSearch - ok
22:34:27.0607 4052 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:34:27.0654 4052 wuauserv - ok
22:34:27.0794 4052 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:34:27.0810 4052 WudfPf - ok
22:34:27.0856 4052 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:34:27.0856 4052 WUDFRd - ok
22:34:27.0919 4052 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:34:27.0919 4052 wudfsvc - ok
22:34:27.0966 4052 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:34:27.0966 4052 WwanSvc - ok
22:34:28.0012 4052 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
22:34:28.0028 4052 xusb21 - ok
22:34:28.0075 4052 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
22:34:28.0090 4052 yukonw7 - ok
22:34:28.0122 4052 MBR (0x1B8) (c9637362ff056720212791091350eb2c) \Device\Harddisk0\DR0
22:34:28.0371 4052 \Device\Harddisk0\DR0 - ok
22:34:28.0371 4052 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
22:34:28.0371 4052 \Device\Harddisk1\DR1 - ok
22:34:28.0371 4052 Boot (0x1200) (84caeb90f2be7fa66329267434a7a82e) \Device\Harddisk0\DR0\Partition0
22:34:28.0387 4052 \Device\Harddisk0\DR0\Partition0 - ok
22:34:28.0387 4052 Boot (0x1200) (9671e94dd6251453f9841a02e9a51f9b) \Device\Harddisk0\DR0\Partition1
22:34:28.0387 4052 \Device\Harddisk0\DR0\Partition1 - ok
22:34:28.0418 4052 Boot (0x1200) (62e5dba26e4d13843454937342ad9f24) \Device\Harddisk0\DR0\Partition2
22:34:28.0418 4052 \Device\Harddisk0\DR0\Partition2 - ok
22:34:28.0434 4052 Boot (0x1200) (a0eed724481bfce301aacea50a0bbcd0) \Device\Harddisk0\DR0\Partition3
22:34:28.0449 4052 \Device\Harddisk0\DR0\Partition3 - ok
22:34:28.0449 4052 Boot (0x1200) (08a8c8ba57e9c372d3bc8c378ff3026c) \Device\Harddisk1\DR1\Partition0
22:34:28.0449 4052 \Device\Harddisk1\DR1\Partition0 - ok
22:34:28.0449 4052 ============================================================
22:34:28.0449 4052 Scan finished
22:34:28.0449 4052 ============================================================
22:34:28.0465 3776 Detected object count: 0
22:34:28.0465 3776 Actual detected object count: 0

4.) aswMBR LOG FILE

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-26 21:36:54
-----------------------------
21:36:54.446 OS Version: Windows x64 6.1.7601 Service Pack 1
21:36:54.446 Number of processors: 4 586 0x2505
21:36:54.446 ComputerName: CARSON UserName: Carson
21:36:55.382 Initialize success
21:38:02.960 AVAST engine defs: 12062601
21:38:37.061 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:38:37.061 Disk 0 Vendor: Hitachi_ PC3O Size: 305245MB BusType: 3
21:38:37.077 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
21:38:37.077 Disk 1 Vendor: Hitachi_ PC3O Size: 305245MB BusType: 3
21:38:37.092 Disk 0 MBR read successfully
21:38:37.092 Disk 0 MBR scan
21:38:37.092 Disk 0 unknown MBR code
21:38:37.108 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
21:38:37.124 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 283427 MB offset 409600
21:38:37.155 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21514 MB offset 580868096
21:38:37.186 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
21:38:37.217 Disk 0 scanning C:\Windows\system32\drivers
21:38:48.838 Service scanning
21:39:20.382 Modules scanning
21:39:20.397 Disk 0 trace - called modules:
21:39:20.429 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
21:39:20.429 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008932060]
21:39:20.444 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa80087ae890]
21:39:20.444 5 hpdskflt.sys[fffff88001ba9189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80068b6050]
21:39:22.129 AVAST engine scan C:\Windows
21:39:24.282 AVAST engine scan C:\Windows\system32
21:41:32.358 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
21:41:34.526 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
21:43:04.585 AVAST engine scan C:\Windows\system32\drivers
21:43:18.048 AVAST engine scan C:\Users\Carson
21:45:13.644 File: C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\n **INFECTED** Win32:Sirefef-PL [Rtk]
21:57:47.691 AVAST engine scan C:\ProgramData
21:59:57.824 Scan finished successfully
22:05:06.723 Disk 0 MBR has been saved successfully to "C:\Users\Carson\Desktop\MBR.dat"
22:05:06.733 The log file has been saved successfully to "C:\Users\Carson\Desktop\aswMBR.txt"

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 27 June 2012 - 01:06 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 06:24 AM

Gringo,
Thank you for your help. Unfortunately my PC upped the ante last night. As I typing up my post, I thought I would run aswMBR again to see if it was clean. As it was running the computer went into sleep mode, I touched the touch pad to wake it up, ... system crash. When I attempted to restart the computer I got an error "LogonUI.exe - Corrupt file: The file or directory C:Windows\System32 is corrupt and unreadable. Please run the Chkdsk utility". I CANNOT login to Safe Mode. I can access a command prompt via the Recovery Manager, the weird thing is that the drive is "X:/.." instead of "C:/..." I booted to recover mode (OEM Partition), ran chckdesk - bad sector found at 6 percent mark (can't read, b/c window closes immediately after that appears). Next I ran Chkdsk via command prompt in the Recovery Manager - "no issues". Finally, I attempted to do System Restore to day before I got the virus, it failed.

Can help me get back to my desktop so that I can execute the directions above.

Thanks!

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 27 June 2012 - 07:25 AM

Hello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 08:10 AM

On it now

#6 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 08:20 AM

FRST Log file

Scan result of Farbar Recovery Scan Tool Version: 25-06-2012
Ran by SYSTEM at 27-06-2012 09:17:46
Running from I:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-17] (IDT, Inc.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [161304 2010-07-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2010-07-27] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [415256 2010-07-27] (Intel Corporation)
HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel® Corporation)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [rcuts] rundll32.exe "C:\Users\Carson\AppData\Roaming\rcuts.dll",AStartUp [x]
HKLM\...\Run: [scapi] "C:\Windows\System32\rundll32.exe" "C:\Users\Carson\AppData\Roaming\scapi.dll",EncodeBinaryData [399872 2012-06-26] (Analog Devices, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\Carson\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKU\Dad\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKU\Dad\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, [625416 2010-04-23] (DigitalPersona, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{82AA4990-D44A-4373-9406-D5287BD44793}: [NameServer]68.87.68.166,68.87.74.166
Tcpip\..\Interfaces\{A65BDD01-2AE3-43FE-8030-0FB349D98409}: [NameServer]0.0.0.0
Lsa: [Notification Packages] DPPassFilter
scecli
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Core Temp.lnk
ShortcutTarget: Core Temp.lnk -> C:\Program Files\Core Temp\Core Temp.exe ()

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [1166848 2011-08-31] (Intel Corporation)
2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-06-03] (Intel® Corporation)
4 CinemaNow Service; C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [400368 2010-06-12] (CinemaNow, Inc.)
2 CLKMSVC10_C6F09094; "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe" /svc [245232 2010-06-29] (CyberLink)
2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [445192 2010-04-23] (DigitalPersona, Inc.)
2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [2343816 2012-02-28] (LogMeIn Inc.)
2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-12-14] ()
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2533400 2010-04-30] (Intel Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [x]
4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [x]
4 Toolbar Updater Service; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [x]

========================== Drivers (Whitelisted) =============

3 AMPPAL; C:\Windows\System32\Drivers\AMPPAL.sys [299008 2011-08-08] (Windows ® Win 7 DDK provider)
3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [299008 2011-08-08] (Windows ® Win 7 DDK provider)
2 atksgt; C:\Windows\System32\Drivers\atksgt.sys [311968 2011-08-05] ()
3 clwvd; C:\Windows\System32\Drivers\clwvd.sys [32880 2010-06-24] (Windows ® Win 7 DDK provider)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
2 lirsgt; C:\Windows\System32\Drivers\lirsgt.sys [43168 2011-08-05] ()
3 Revoflt; C:\Windows\System32\Drivers\Revoflt.sys [31800 2009-12-30] (VS Revo Group)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 ALSysIO; \??\C:\Users\Carson\AppData\Local\Temp\ALSysIO64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-26 19:09 - 2012-06-26 19:09 - 00279568 ____A C:\Windows\Minidump\062612-35599-01.dmp
2012-06-26 19:08 - 2012-06-26 19:08 - 865125817 ____A C:\Windows\MEMORY.DMP
2012-06-26 18:35 - 2012-06-26 18:35 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-26 18:35 - 2012-05-04 15:29 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-06-26 18:35 - 2012-05-04 15:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-26 18:33 - 2012-06-26 18:33 - 00001981 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-06-26 18:32 - 2012-06-26 18:32 - 00000000 ____D C:\Users\All Users\McAfee
2012-06-26 18:07 - 2012-06-26 19:16 - 00003142 ____A C:\Windows\PFRO.log
2012-06-26 18:07 - 2012-06-26 18:07 - 00000056 ____A C:\Windows\setupact.log
2012-06-26 18:07 - 2012-06-26 18:07 - 00000000 ____A C:\Windows\setuperr.log
2012-06-26 18:05 - 2012-06-26 18:05 - 00002581 ____A C:\Users\Carson\Desktop\aswMBR.txt
2012-06-26 18:05 - 2012-06-26 18:05 - 00000512 ____A C:\Users\Carson\Desktop\MBR.dat
2012-06-26 17:59 - 2012-06-26 17:59 - 00001079 ____A C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Users\Carson\AppData\Local\VS Revo Group
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Program Files\VS Revo Group
2012-06-26 17:59 - 2009-12-30 07:21 - 00031800 ____A (VS Revo Group) C:\Windows\System32\Drivers\revoflt.sys
2012-06-26 17:57 - 2012-06-26 17:57 - 00001242 ____A C:\Users\Carson\Desktop\Install Revo Uninstaller.lnk
2012-06-26 17:36 - 2012-06-26 17:36 - 04731392 ____A (AVAST Software) C:\Users\Carson\Downloads\aswMBR.exe
2012-06-26 17:34 - 2012-06-26 17:34 - 02109990 ____A C:\Users\Carson\Downloads\tdsskiller.zip
2012-06-26 17:34 - 2012-06-25 17:19 - 02128984 ____A (Kaspersky Lab ZAO) C:\Users\Carson\Desktop\TDSSKiller.exe
2012-06-26 17:22 - 2012-06-26 17:22 - 00147963 ____A C:\Users\Carson\Downloads\hosts.zip
2012-06-26 17:14 - 2012-06-26 17:14 - 00881475 ____A C:\Users\Carson\Downloads\SecurityCheck.exe
2012-06-26 16:06 - 2012-06-26 23:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-06-26 16:06 - 2012-06-26 16:06 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\Carson\AppData\Roaming\SUPERAntiSpyware.com
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-06-26 16:05 - 2012-06-26 16:06 - 18073112 ____A (SUPERAntiSpyware.com) C:\Users\Carson\Downloads\SUPERAntiSpyware.exe
2012-06-26 16:02 - 2012-06-26 16:02 - 00002981 ____A C:\Users\Carson\Desktop\HiJackThis.lnk
2012-06-26 15:53 - 2012-06-26 15:53 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-26 11:30 - 2012-06-26 11:30 - 00278561 ____A C:\Users\Carson\Desktop\Minecraft.exe
2012-06-26 11:06 - 2012-06-26 23:27 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-26 10:34 - 2012-06-26 10:34 - 00399872 ____A (Analog Devices, Inc.) C:\Users\Carson\AppData\Roaming\scapi.dll
2012-06-26 10:33 - 2012-06-26 15:42 - 00000000 ____D C:\Users\All Users\B7E858860003F0C6000122E2B4EB2367
2012-06-26 10:33 - 2012-06-26 10:33 - 00043557 ____A C:\Users\Carson\Downloads\X-RayMod_v023_WithoutFly.zip
2012-06-26 10:31 - 2012-06-26 10:31 - 00022723 ____A C:\Users\Carson\Downloads\Tracer 1.2.5.zip
2012-06-25 15:57 - 2012-06-26 23:27 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.minecraft
2012-06-24 04:03 - 2012-06-24 04:03 - 00002965 ____A C:\Users\Dad\Desktop\HiJackThis.lnk
2012-06-24 04:03 - 2012-06-24 04:03 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2012-06-24 04:02 - 2012-06-24 04:02 - 01402880 ____A C:\Users\Dad\Downloads\HiJackThis.msi
2012-06-20 14:14 - 2012-06-26 23:27 - 00000000 ____D C:\Users\Carson\Desktop\Oblivion
2012-06-20 14:13 - 2012-06-20 14:13 - 00001978 ____A C:\Users\Carson\Desktop\Oblivion (CADESCOMPUTER) - Shortcut.lnk
2012-06-19 20:33 - 2012-06-19 20:33 - 00018939 ____A C:\Users\Dad\Desktop\hs_err_pid4768.log
2012-06-15 14:18 - 2012-06-15 14:18 - 00161552 ____A C:\Users\Carson\Downloads\OblivionReborn_0.6.10.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 01668612 ____A C:\Users\Carson\Downloads\obmm_1_1_12_full_installer-2097.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 00001378 ____A C:\Users\Carson\Desktop\Oblivion Mod Manager.lnk
2012-06-15 09:43 - 2012-06-15 09:43 - 01141166 ____A C:\Users\Carson\Downloads\OblivionOnline_045.rar
2012-06-15 09:42 - 2012-06-15 09:42 - 01628462 ____A C:\Users\Carson\Downloads\obse_0020.zip
2012-06-15 09:41 - 2012-06-15 09:41 - 00015732 ____A C:\Users\Carson\Downloads\ORHelperV1.5.zip
2012-06-15 09:40 - 2012-06-15 09:40 - 00070749 ____A C:\Users\Carson\Desktop\or_complete_v2.1.zip
2012-06-15 08:33 - 2012-06-25 15:52 - 00000023 ____A C:\Windows\BlendSettings.ini
2012-06-15 06:36 - 2012-06-15 06:36 - 00000221 ____A C:\Users\Carson\Desktop\The Elder Scrolls IV Oblivion.url
2012-06-15 06:32 - 2012-06-15 06:32 - 00161532 ____A C:\Users\Carson\Desktop\oblivionreborn_0.6.9.zip
2012-06-15 06:28 - 2012-06-15 06:28 - 01628462 ____A C:\Users\Carson\Desktop\obse_0020.zip
2012-06-14 21:45 - 2012-06-14 21:45 - 00000000 ____D C:\Users\Carson\AppData\Local\Oblivion
2012-06-13 23:00 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-13 23:00 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-13 23:00 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-13 23:00 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-13 23:00 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-13 23:00 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-13 23:00 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-13 23:00 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-13 23:00 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-13 23:00 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-13 23:00 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-13 23:00 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-13 23:00 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-13 23:00 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-13 14:51 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 14:51 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 14:51 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-12 21:38 - 2012-06-25 15:58 - 00000000 ____D C:\Users\Carson\Desktop\.minecraft
2012-06-12 20:19 - 2012-06-12 20:19 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5 (1).zip
2012-06-12 10:39 - 2012-06-12 10:39 - 00812439 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.zip
2012-06-12 10:38 - 2012-06-12 10:38 - 00087998 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.3.zip
2012-06-12 09:59 - 2012-06-12 10:00 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (2).rar
2012-06-11 20:48 - 2012-06-11 20:49 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (1).rar
2012-06-11 20:46 - 2012-06-11 20:53 - 00795293 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.2.6.131.zip
2012-06-11 20:43 - 2012-06-11 20:43 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (12).zip
2012-06-11 20:43 - 2012-06-11 20:43 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (9).zip
2012-06-11 20:04 - 2012-06-11 20:06 - 00000000 ____D C:\Minecraft_Backup
2012-06-11 20:00 - 2012-06-11 20:00 - 00196608 ____A (ICSharpCode.net) C:\Users\Carson\Downloads\ICSharpCode.SharpZipLib.dll
2012-06-11 19:58 - 2012-06-11 19:58 - 01169408 ____A C:\Users\Carson\Downloads\MoreCreeps and Weirdos Installer.exe
2012-06-11 19:54 - 2012-06-11 19:56 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58.rar
2012-06-10 20:07 - 2012-06-10 20:07 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows) (2).zip
2012-06-10 18:53 - 2012-06-10 18:58 - 40148963 ____A C:\Users\Carson\Desktop\Sphax PureBDCraft 256x.zip
2012-06-10 15:41 - 2012-06-10 15:41 - 04174278 ____A C:\Users\Carson\Downloads\SpiderQueen.zip
2012-06-08 20:41 - 2012-06-08 20:41 - 00072688 ____A C:\Users\Carson\Downloads\ObsidianTools1.2.4_4.0.zip
2012-06-08 16:15 - 2012-06-08 16:15 - 04543928 ____A C:\Users\Carson\Downloads\minecraft (4).zip
2012-06-07 08:21 - 2012-06-07 08:21 - 01043780 ____A C:\Users\Carson\Downloads\GuiAPI-0.14.2-1.2.5 (1).zip
2012-06-07 08:20 - 2012-06-07 08:21 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (11).zip
2012-06-06 20:45 - 2012-06-06 20:46 - 48533626 ____A C:\Users\Carson\Downloads\Aether with Toomanyitems (1).rar
2012-06-06 20:32 - 2012-06-06 20:32 - 00000688 ____A C:\Users\Carson\Downloads\minecrafterrortest.bat
2012-06-06 20:17 - 2012-06-06 20:17 - 00806144 ____A C:\Users\Carson\Downloads\SDK's Mods 1.2.3 v1 (1).zip
2012-06-06 19:56 - 2012-06-06 19:57 - 00691171 ____A C:\Users\Carson\Downloads\SDK's Guns 1.2.3 v1.zip
2012-06-05 18:34 - 2012-06-05 18:34 - 00009030 ____A C:\Users\Carson\Downloads\SessionStealer (1).jar
2012-06-05 16:35 - 2012-06-05 16:35 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5.zip
2012-06-05 12:56 - 2012-06-05 12:56 - 05542229 ____A C:\Users\Carson\Downloads\Assassins Creep.zip
2012-06-05 12:48 - 2012-06-05 12:48 - 01575269 ____A C:\Users\Carson\Desktop\mcpatcher-2.3.7.exe
2012-06-03 21:15 - 2012-06-03 21:15 - 03807728 ____A C:\Users\Carson\Downloads\minecraft.jar
2012-06-03 17:00 - 2012-06-03 17:00 - 00017150 ____A C:\Users\Carson\Downloads\hs_err_pid4936.log
2012-06-03 16:38 - 2012-06-04 11:12 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.techniclauncher
2012-06-03 16:23 - 2012-06-03 16:23 - 01588340 ____A C:\Users\Carson\Downloads\hackslashmine0.5.2.zip
2012-06-03 15:45 - 2012-06-03 15:45 - 19519083 ____A C:\Users\Carson\Downloads\JailBreak Adventure Map v2.0.zip
2012-06-01 18:41 - 2012-06-01 18:41 - 00000072 ____A C:\Users\Carson\Downloads\Ocarina Of Time.jsf
2012-06-01 18:21 - 2012-06-02 13:46 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2012-06-01 18:19 - 2012-06-01 18:20 - 26598570 ____A C:\Users\Carson\Downloads\Zelda - Ocarina of Time.zip
2012-06-01 18:18 - 2012-06-01 18:18 - 02080797 ____A (Project64 ) C:\Users\Carson\Downloads\project64_1.6.exe


============ 3 Months Modified Files and Folders =============

2012-06-27 09:18 - 2012-06-27 09:17 - 00000000 ____D C:\FRST
2012-06-26 23:30 - 2011-08-14 16:12 - 00000000 ____D C:\Users\All Users\Recovery
2012-06-26 23:27 - 2012-06-26 16:06 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-06-26 23:27 - 2012-06-26 11:06 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-26 23:27 - 2012-06-25 15:57 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.minecraft
2012-06-26 23:27 - 2012-06-20 14:14 - 00000000 ____D C:\Users\Carson\Desktop\Oblivion
2012-06-26 23:27 - 2011-12-01 16:17 - 00000000 ____D C:\Users\Dad\AppData\Local\LogMeIn Hamachi
2012-06-26 23:27 - 2011-07-07 10:21 - 00000000 ____D C:\Users\Carson\AppData\Local\LogMeIn Hamachi
2012-06-26 23:27 - 2011-01-01 06:37 - 00000000 ____D C:\Windows\Minidump
2012-06-26 23:27 - 2010-12-28 09:22 - 00000000 ____D C:\users\Dad
2012-06-26 23:27 - 2010-12-24 21:19 - 00000000 ____D C:\Program Files (x86)\Steam
2012-06-26 23:27 - 2010-11-05 07:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-26 23:27 - 2010-10-18 09:23 - 00000000 ____D C:\users\Carson
2012-06-26 23:27 - 2010-09-16 01:07 - 00000000 ____D C:\Users\All Users\CinemaNow
2012-06-26 23:27 - 2010-07-19 22:28 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-06-26 19:16 - 2012-06-26 18:07 - 00003142 ____A C:\Windows\PFRO.log
2012-06-26 19:09 - 2012-06-26 19:09 - 00279568 ____A C:\Windows\Minidump\062612-35599-01.dmp
2012-06-26 19:08 - 2012-06-26 19:08 - 865125817 ____A C:\Windows\MEMORY.DMP
2012-06-26 18:51 - 2012-03-24 09:41 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-26 18:48 - 2011-03-12 07:58 - 00000000 ____D C:\Users\Carson\AppData\Roaming\Skype
2012-06-26 18:35 - 2012-06-26 18:35 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-26 18:34 - 2010-11-29 07:41 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-26 18:34 - 2010-11-29 07:41 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-26 18:34 - 2010-07-20 00:48 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-26 18:33 - 2012-06-26 18:33 - 00001981 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-06-26 18:33 - 2010-07-19 23:22 - 00000000 ____D C:\Users\All Users\Adobe
2012-06-26 18:33 - 2010-07-19 23:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-26 18:32 - 2012-06-26 18:32 - 00000000 ____D C:\Users\All Users\McAfee
2012-06-26 18:32 - 2011-06-13 11:26 - 00000000 ____D C:\Users\Carson\AppData\Local\Adobe
2012-06-26 18:14 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-26 18:14 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-26 18:10 - 2010-09-16 00:46 - 02012928 ____A C:\Windows\WindowsUpdate.log
2012-06-26 18:07 - 2012-06-26 18:07 - 00000056 ____A C:\Windows\setupact.log
2012-06-26 18:07 - 2012-06-26 18:07 - 00000000 ____A C:\Windows\setuperr.log
2012-06-26 18:07 - 2012-03-24 09:41 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-26 18:07 - 2010-12-31 10:16 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2012-06-26 18:07 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-26 18:05 - 2012-06-26 18:05 - 00002581 ____A C:\Users\Carson\Desktop\aswMBR.txt
2012-06-26 18:05 - 2012-06-26 18:05 - 00000512 ____A C:\Users\Carson\Desktop\MBR.dat
2012-06-26 17:59 - 2012-06-26 17:59 - 00001079 ____A C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Users\Carson\AppData\Local\VS Revo Group
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Program Files\VS Revo Group
2012-06-26 17:57 - 2012-06-26 17:57 - 00001242 ____A C:\Users\Carson\Desktop\Install Revo Uninstaller.lnk
2012-06-26 17:36 - 2012-06-26 17:36 - 04731392 ____A (AVAST Software) C:\Users\Carson\Downloads\aswMBR.exe
2012-06-26 17:34 - 2012-06-26 17:34 - 02109990 ____A C:\Users\Carson\Downloads\tdsskiller.zip
2012-06-26 17:22 - 2012-06-26 17:22 - 00147963 ____A C:\Users\Carson\Downloads\hosts.zip
2012-06-26 17:14 - 2012-06-26 17:14 - 00881475 ____A C:\Users\Carson\Downloads\SecurityCheck.exe
2012-06-26 16:06 - 2012-06-26 16:06 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\Carson\AppData\Roaming\SUPERAntiSpyware.com
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-06-26 16:06 - 2012-06-26 16:05 - 18073112 ____A (SUPERAntiSpyware.com) C:\Users\Carson\Downloads\SUPERAntiSpyware.exe
2012-06-26 16:02 - 2012-06-26 16:02 - 00002981 ____A C:\Users\Carson\Desktop\HiJackThis.lnk
2012-06-26 15:53 - 2012-06-26 15:53 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-26 15:53 - 2011-09-05 06:19 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-26 15:42 - 2012-06-26 10:33 - 00000000 ____D C:\Users\All Users\B7E858860003F0C6000122E2B4EB2367
2012-06-26 11:30 - 2012-06-26 11:30 - 00278561 ____A C:\Users\Carson\Desktop\Minecraft.exe
2012-06-26 10:34 - 2012-06-26 10:34 - 00399872 ____A (Analog Devices, Inc.) C:\Users\Carson\AppData\Roaming\scapi.dll
2012-06-26 10:33 - 2012-06-26 10:33 - 00043557 ____A C:\Users\Carson\Downloads\X-RayMod_v023_WithoutFly.zip
2012-06-26 10:31 - 2012-06-26 10:31 - 00022723 ____A C:\Users\Carson\Downloads\Tracer 1.2.5.zip
2012-06-26 09:22 - 2012-02-06 15:37 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-25 17:19 - 2012-06-26 17:34 - 02128984 ____A (Kaspersky Lab ZAO) C:\Users\Carson\Desktop\TDSSKiller.exe
2012-06-25 15:58 - 2012-06-12 21:38 - 00000000 ____D C:\Users\Carson\Desktop\.minecraft
2012-06-25 15:55 - 2010-10-18 09:24 - 00000000 ____D C:\Users\Carson\AppData\Roaming\DigitalPersona
2012-06-25 15:52 - 2012-06-15 08:33 - 00000023 ____A C:\Windows\BlendSettings.ini
2012-06-25 11:06 - 2012-01-19 10:35 - 00000000 ____D C:\Users\Carson\AppData\Roaming\Mozilla
2012-06-24 18:29 - 2012-03-05 19:13 - 00000000 ____D C:\Users\Dad\AppData\Roaming\Skype
2012-06-24 04:08 - 2011-05-29 14:43 - 00000000 ____D C:\Program Files (x86)\ConduitEngine
2012-06-24 04:08 - 2011-05-29 14:43 - 00000000 ____D C:\Program Files (x86)\BitTorrentBar
2012-06-24 04:03 - 2012-06-24 04:03 - 00002965 ____A C:\Users\Dad\Desktop\HiJackThis.lnk
2012-06-24 04:03 - 2012-06-24 04:03 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2012-06-24 04:02 - 2012-06-24 04:02 - 01402880 ____A C:\Users\Dad\Downloads\HiJackThis.msi
2012-06-20 14:13 - 2012-06-20 14:13 - 00001978 ____A C:\Users\Carson\Desktop\Oblivion (CADESCOMPUTER) - Shortcut.lnk
2012-06-19 20:33 - 2012-06-19 20:33 - 00018939 ____A C:\Users\Dad\Desktop\hs_err_pid4768.log
2012-06-15 14:18 - 2012-06-15 14:18 - 00161552 ____A C:\Users\Carson\Downloads\OblivionReborn_0.6.10.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 01668612 ____A C:\Users\Carson\Downloads\obmm_1_1_12_full_installer-2097.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 00001378 ____A C:\Users\Carson\Desktop\Oblivion Mod Manager.lnk
2012-06-15 09:43 - 2012-06-15 09:43 - 01141166 ____A C:\Users\Carson\Downloads\OblivionOnline_045.rar
2012-06-15 09:42 - 2012-06-15 09:42 - 01628462 ____A C:\Users\Carson\Downloads\obse_0020.zip
2012-06-15 09:41 - 2012-06-15 09:41 - 00015732 ____A C:\Users\Carson\Downloads\ORHelperV1.5.zip
2012-06-15 09:40 - 2012-06-15 09:40 - 00070749 ____A C:\Users\Carson\Desktop\or_complete_v2.1.zip
2012-06-15 09:38 - 2011-10-22 13:30 - 00000000 ____D C:\Program Files (x86)\Notepad++
2012-06-15 06:36 - 2012-06-15 06:36 - 00000221 ____A C:\Users\Carson\Desktop\The Elder Scrolls IV Oblivion.url
2012-06-15 06:32 - 2012-06-15 06:32 - 00161532 ____A C:\Users\Carson\Desktop\oblivionreborn_0.6.9.zip
2012-06-15 06:28 - 2012-06-15 06:28 - 01628462 ____A C:\Users\Carson\Desktop\obse_0020.zip
2012-06-14 21:45 - 2012-06-14 21:45 - 00000000 ____D C:\Users\Carson\AppData\Local\Oblivion
2012-06-14 21:45 - 2010-11-29 08:44 - 00000000 ____D C:\Users\Carson\Documents\My Games
2012-06-12 20:19 - 2012-06-12 20:19 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5 (1).zip
2012-06-12 10:39 - 2012-06-12 10:39 - 00812439 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.zip
2012-06-12 10:38 - 2012-06-12 10:38 - 00087998 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.3.zip
2012-06-12 10:00 - 2012-06-12 09:59 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (2).rar
2012-06-11 20:53 - 2012-06-11 20:46 - 00795293 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.2.6.131.zip
2012-06-11 20:49 - 2012-06-11 20:48 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (1).rar
2012-06-11 20:43 - 2012-06-11 20:43 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (12).zip
2012-06-11 20:43 - 2012-06-11 20:43 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (9).zip
2012-06-11 20:06 - 2012-06-11 20:04 - 00000000 ____D C:\Minecraft_Backup
2012-06-11 20:00 - 2012-06-11 20:00 - 00196608 ____A (ICSharpCode.net) C:\Users\Carson\Downloads\ICSharpCode.SharpZipLib.dll
2012-06-11 19:58 - 2012-06-11 19:58 - 01169408 ____A C:\Users\Carson\Downloads\MoreCreeps and Weirdos Installer.exe
2012-06-11 19:56 - 2012-06-11 19:54 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58.rar
2012-06-10 20:10 - 2012-02-07 14:33 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.Nitrous
2012-06-10 20:07 - 2012-06-10 20:07 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows) (2).zip
2012-06-10 18:58 - 2012-06-10 18:53 - 40148963 ____A C:\Users\Carson\Desktop\Sphax PureBDCraft 256x.zip
2012-06-10 15:41 - 2012-06-10 15:41 - 04174278 ____A C:\Users\Carson\Downloads\SpiderQueen.zip
2012-06-10 13:19 - 2011-11-30 17:11 - 00000000 ____D C:\Users\Carson\AppData\Local\Paint.NET
2012-06-08 20:41 - 2012-06-08 20:41 - 00072688 ____A C:\Users\Carson\Downloads\ObsidianTools1.2.4_4.0.zip
2012-06-08 16:15 - 2012-06-08 16:15 - 04543928 ____A C:\Users\Carson\Downloads\minecraft (4).zip
2012-06-07 08:21 - 2012-06-07 08:21 - 01043780 ____A C:\Users\Carson\Downloads\GuiAPI-0.14.2-1.2.5 (1).zip
2012-06-07 08:21 - 2012-06-07 08:20 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (11).zip
2012-06-06 20:46 - 2012-06-06 20:45 - 48533626 ____A C:\Users\Carson\Downloads\Aether with Toomanyitems (1).rar
2012-06-06 20:32 - 2012-06-06 20:32 - 00000688 ____A C:\Users\Carson\Downloads\minecrafterrortest.bat
2012-06-06 20:17 - 2012-06-06 20:17 - 00806144 ____A C:\Users\Carson\Downloads\SDK's Mods 1.2.3 v1 (1).zip
2012-06-06 19:57 - 2012-06-06 19:56 - 00691171 ____A C:\Users\Carson\Downloads\SDK's Guns 1.2.3 v1.zip
2012-06-05 18:34 - 2012-06-05 18:34 - 00009030 ____A C:\Users\Carson\Downloads\SessionStealer (1).jar
2012-06-05 16:35 - 2012-06-05 16:35 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5.zip
2012-06-05 12:56 - 2012-06-05 12:56 - 05542229 ____A C:\Users\Carson\Downloads\Assassins Creep.zip
2012-06-05 12:48 - 2012-06-05 12:48 - 01575269 ____A C:\Users\Carson\Desktop\mcpatcher-2.3.7.exe
2012-06-04 11:12 - 2012-06-03 16:38 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.techniclauncher
2012-06-03 21:47 - 2012-02-04 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2012-06-03 21:15 - 2012-06-03 21:15 - 03807728 ____A C:\Users\Carson\Downloads\minecraft.jar
2012-06-03 17:00 - 2012-06-03 17:00 - 00017150 ____A C:\Users\Carson\Downloads\hs_err_pid4936.log
2012-06-03 16:23 - 2012-06-03 16:23 - 01588340 ____A C:\Users\Carson\Downloads\hackslashmine0.5.2.zip
2012-06-03 15:45 - 2012-06-03 15:45 - 19519083 ____A C:\Users\Carson\Downloads\JailBreak Adventure Map v2.0.zip
2012-06-02 13:46 - 2012-06-01 18:21 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2012-06-01 18:41 - 2012-06-01 18:41 - 00000072 ____A C:\Users\Carson\Downloads\Ocarina Of Time.jsf
2012-06-01 18:20 - 2012-06-01 18:19 - 26598570 ____A C:\Users\Carson\Downloads\Zelda - Ocarina of Time.zip
2012-06-01 18:18 - 2012-06-01 18:18 - 02080797 ____A (Project64 ) C:\Users\Carson\Downloads\project64_1.6.exe
2012-05-25 12:29 - 2012-05-25 12:29 - 00009030 ____A C:\Users\Carson\Downloads\SessionStealer.jar
2012-05-25 12:28 - 2012-05-25 12:28 - 00000000 ____D C:\Users\Carson\.sessionstealer
2012-05-25 11:42 - 2012-05-25 11:42 - 01043780 ____A C:\Users\Carson\Downloads\GuiAPI-0.14.2-1.2.5.zip
2012-05-25 11:40 - 2012-05-25 11:40 - 00540020 ____A C:\Users\Carson\Downloads\MinecraftForge-3.1.3.105-Client (1).zip
2012-05-22 13:12 - 2012-05-22 13:12 - 00151579 ____A C:\Users\Carson\Downloads\kenshiromod_1.2.4.zip
2012-05-22 09:08 - 2012-05-22 09:08 - 00255674 ____A C:\Users\Carson\Downloads\OptiFine_1.2.5_HD_S_B1.zip
2012-05-22 09:05 - 2012-05-22 09:05 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows) (1).zip
2012-05-22 06:15 - 2012-05-22 06:15 - 00540020 ____A C:\Users\Carson\Downloads\MinecraftForge-3.1.3.105-Client.zip
2012-05-22 05:53 - 2012-05-22 05:53 - 00999771 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2 (1).jar
2012-05-21 17:32 - 2012-05-21 17:31 - 48533626 ____A C:\Users\Carson\Downloads\Aether with Toomanyitems.rar
2012-05-21 16:51 - 2012-05-21 16:50 - 08929228 ____A C:\Users\Carson\Downloads\Sky Bliss.rar
2012-05-19 20:33 - 2012-05-19 20:33 - 00000950 ____A C:\Users\Carson\Desktop\Core Temp.lnk
2012-05-19 17:09 - 2009-07-13 21:08 - 00032536 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-17 15:11 - 2012-06-13 23:00 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-17 14:48 - 2012-06-13 23:00 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-17 14:45 - 2012-06-13 23:00 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-17 14:36 - 2012-06-13 23:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-17 14:35 - 2012-06-13 23:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-17 14:35 - 2012-06-13 23:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-17 14:33 - 2012-06-13 23:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-17 14:31 - 2012-06-13 23:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-17 14:29 - 2012-06-13 23:00 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-17 14:29 - 2012-06-13 23:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-05-17 14:27 - 2012-06-13 23:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-17 14:25 - 2012-06-13 23:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-17 14:24 - 2012-06-13 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-17 14:20 - 2012-06-13 23:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-17 08:52 - 2012-05-17 08:52 - 00000000 ____D C:\Users\Carson\Documents\Diablo III
2012-05-17 08:52 - 2012-05-17 08:03 - 00000000 ____D C:\Program Files (x86)\Diablo III
2012-05-17 08:45 - 2012-05-17 08:03 - 00001151 ____A C:\Users\Public\Desktop\Diablo III.lnk
2012-05-17 08:45 - 2012-05-17 08:03 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-05-17 08:00 - 2012-05-17 08:00 - 00000000 ____D C:\Users\All Users\Battle.net
2012-05-10 06:37 - 2012-05-10 06:37 - 00000000 ____D C:\Users\Dad\AppData\Roaming\Apple Computer
2012-05-09 14:06 - 2012-05-09 14:06 - 00848056 ____A C:\Users\Carson\Downloads\Zombie-Hunt_1-2-5.zip
2012-05-09 14:03 - 2012-05-09 14:03 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (8).zip
2012-05-08 16:55 - 2010-07-20 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-08 12:19 - 2012-05-08 12:19 - 00540020 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.1.3.105 (1).zip
2012-05-08 12:13 - 2012-05-08 12:13 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0 (3).zip
2012-05-08 12:11 - 2012-05-08 12:11 - 00180717 ____A C:\Users\Carson\Downloads\[1.2.5] Battlegear - 2.6.1.zip
2012-05-08 10:57 - 2012-05-08 10:57 - 00000000 ____D C:\Users\Carson\.swt
2012-05-06 11:05 - 2012-05-06 11:05 - 00999771 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.jar
2012-05-04 15:29 - 2012-06-26 18:35 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-04 15:29 - 2012-06-26 18:35 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-05-04 02:03 - 2012-06-13 14:51 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-13 14:51 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-03 13:21 - 2012-05-03 13:21 - 00007354 ____A C:\Users\Carson\Downloads\Recipe Book (1).zip
2012-05-03 12:20 - 2012-05-03 12:20 - 03279197 ____A C:\Users\Carson\Downloads\Industrial-Craft 1.2.5.zip
2012-05-03 12:10 - 2012-05-03 12:10 - 00540020 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.1.3.105.zip
2012-05-03 12:06 - 2012-05-03 12:06 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (10).zip
2012-05-03 12:03 - 2012-05-03 12:03 - 02680016 ____A C:\Users\Carson\Downloads\industrialcraft-2-client_1.95.jar
2012-04-30 17:40 - 2011-03-03 16:33 - 00001945 ____A C:\Windows\epplauncher.mif
2012-04-30 17:40 - 2011-03-03 16:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-04-30 17:39 - 2012-04-30 17:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-04-30 17:39 - 2010-11-29 08:11 - 00810176 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-04-28 10:23 - 2012-04-28 10:22 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4 (3).zip
2012-04-28 10:22 - 2012-04-28 10:22 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4 (2).zip
2012-04-28 10:17 - 2012-04-28 10:16 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4 (1).zip
2012-04-28 10:06 - 2012-04-28 10:06 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4.zip
2012-04-28 10:06 - 2012-04-28 10:06 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (7).zip
2012-04-28 10:05 - 2012-04-28 10:05 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (9).zip
2012-04-27 19:55 - 2012-06-13 14:51 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 14:32 - 2012-04-21 15:30 - 00000000 ____D C:\Users\Carson\AppData\Local\dxhr
2012-04-21 15:29 - 2012-04-21 15:29 - 00000000 ____D C:\Users\Carson\AppData\Local\28050
2012-04-20 13:39 - 2012-04-20 13:39 - 00003294 ____A C:\Users\Carson\Downloads\Timber! (1.2.4).zip
2012-04-19 11:46 - 2012-03-20 09:34 - 00000000 ____D C:\Users\Carson\Pearson
2012-04-18 13:48 - 2012-04-18 13:48 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (8).zip
2012-04-18 13:45 - 2012-04-18 13:45 - 00510337 ____A C:\Users\Carson\Downloads\MinecraftForge-3.0.1.84-Client.zip
2012-04-14 20:40 - 2012-04-14 20:40 - 00000222 ____A C:\Users\Carson\Desktop\Microsoft Flight.url
2012-04-14 10:48 - 2012-04-14 10:48 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (7).zip
2012-04-14 10:48 - 2012-04-14 10:48 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (6).zip
2012-04-14 10:47 - 2012-04-14 10:47 - 00238532 ____A C:\Users\Carson\Downloads\[1.2.5]ReiMinimap_v3.0_04.zip
2012-04-14 10:47 - 2012-04-14 10:47 - 00238532 ____A C:\Users\Carson\Downloads\[1.2.5]ReiMinimap_v3.0_04 (1).zip
2012-04-14 10:46 - 2012-04-14 10:46 - 00052843 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_07_1.2.5 (1).zip
2012-04-13 16:00 - 2012-04-13 16:00 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0 (2).zip
2012-04-13 15:59 - 2012-04-13 15:59 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (6).zip
2012-04-13 15:58 - 2012-04-13 15:58 - 00652491 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Smart Moving 7.6 (2).zip
2012-04-13 15:58 - 2012-04-13 15:58 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (5).zip
2012-04-13 15:47 - 2012-04-13 15:47 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows).zip
2012-04-12 16:25 - 2012-04-12 16:25 - 00000220 ____A C:\Users\Carson\Desktop\Killing Floor.url
2012-04-11 13:48 - 2012-04-11 13:48 - 01488305 ____A C:\Users\Carson\Downloads\mcpatcher-2.3.5_01.exe
2012-04-11 11:53 - 2012-04-11 11:53 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0 (1).zip
2012-04-11 11:52 - 2012-04-11 11:52 - 00652491 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Smart Moving 7.6 (1).zip
2012-04-11 11:51 - 2012-04-11 11:51 - 00052843 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_07_1.2.5.zip
2012-04-11 11:49 - 2012-04-11 11:49 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (4).zip
2012-04-11 11:39 - 2012-04-11 11:39 - 00050852 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_10_1.2.5.zip
2012-04-11 11:35 - 2012-04-11 11:35 - 00806144 ____A C:\Users\Carson\Downloads\SDK's Mods 1.2.3 v1.zip
2012-04-11 11:32 - 2012-04-11 11:32 - 00026472 ____A C:\Users\Carson\Downloads\ModLoaderMP 1.2.5 v1.zip
2012-04-10 15:55 - 2012-04-10 15:55 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0.zip
2012-04-10 15:52 - 2012-04-10 15:52 - 00652491 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Smart Moving 7.6.zip
2012-04-04 11:56 - 2010-11-05 07:19 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-03-30 03:35 - 2012-05-08 10:50 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

ZeroAccess:
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\n
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\00000004.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\201d3dde
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\55490ac4
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\00000004.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\00000008.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\000000cb.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000000.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000032.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000064.@

ZeroAccess:
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\@
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\n
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 13%
Total physical RAM: 5941.86 MB
Available physical RAM: 5139.46 MB
Total Pagefile: 5940.01 MB
Available Pagefile: 5127.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:276.78 GB) (Free:58.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (RECOVERY) (Fixed) (Total:21.01 GB) (Free:3.06 GB) NTFS
4 Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: (D3C1.0.0) (CDROM) (Total:7.6 GB) (Free:0 GB) UDF
6 Drive i: (KINGSTON) (Removable) (Total:7.26 GB) (Free:7.26 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (DATA) (Fixed) (Total:298.09 GB) (Free:297.99 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 298 GB 0 B
Disk 2 Online 7441 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 298 GB 1024 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y DATA NTFS Partition 298 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 276 GB 200 MB
Partition 3 Primary 21 GB 276 GB
Partition 4 Primary 103 MB 297 GB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D SYSTEM NTFS Partition 199 MB Healthy

======================================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 276 GB Healthy

======================================================================================================

Disk: 1
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F RECOVERY NTFS Partition 21 GB Healthy

======================================================================================================

Disk: 1
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 G HP_TOOLS FAT32 Partition 103 MB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7437 MB 4032 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I KINGSTON FAT32 Removable 7437 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2011-05-04 20:24

======================= End Of Log ==========================

#7 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 09:55 AM

Woohoo! I got Windows to load. I just ran the "Startup Repair" from the System Recovery Options. Chkdsk repaired a bad sector. Restarted and it loaded. I cannot start MSE, so I assume there is still an infection lingering. I disabled the drive emulation. Now what?

#8 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 11:26 AM

Here is the new FRST log after I turned off the drive emulation

Scan result of Farbar Recovery Scan Tool Version: 25-06-2012
Ran by SYSTEM at 27-06-2012 12:24:00
Running from I:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-17] (IDT, Inc.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [161304 2010-07-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2010-07-27] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [415256 2010-07-27] (Intel Corporation)
HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel® Corporation)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [rcuts] rundll32.exe "C:\Users\Carson\AppData\Roaming\rcuts.dll",AStartUp [x]
HKLM\...\Run: [scapi] "C:\Windows\System32\rundll32.exe" "C:\Users\Carson\AppData\Roaming\scapi.dll",EncodeBinaryData [399872 2012-06-26] (Analog Devices, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\Carson\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17344176 2012-06-05] (Skype Technologies S.A.)
HKU\Dad\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKU\Dad\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17344176 2012-06-05] (Skype Technologies S.A.)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [x]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, [625416 2010-04-23] (DigitalPersona, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{82AA4990-D44A-4373-9406-D5287BD44793}: [NameServer]68.87.68.166,68.87.74.166
Tcpip\..\Interfaces\{A65BDD01-2AE3-43FE-8030-0FB349D98409}: [NameServer]0.0.0.0
Lsa: [Notification Packages] DPPassFilter
scecli
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Core Temp.lnk
ShortcutTarget: Core Temp.lnk -> C:\Program Files\Core Temp\Core Temp.exe ()

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [1166848 2011-08-31] (Intel Corporation)
2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-06-03] (Intel® Corporation)
4 CinemaNow Service; C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [400368 2010-06-12] (CinemaNow, Inc.)
2 CLKMSVC10_C6F09094; "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe" /svc [245232 2010-06-29] (CyberLink)
2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [445192 2010-04-23] (DigitalPersona, Inc.)
2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [2343816 2012-02-28] (LogMeIn Inc.)
2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-12-14] ()
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2533400 2010-04-30] (Intel Corporation)
4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [x]
4 Toolbar Updater Service; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [x]

========================== Drivers (Whitelisted) =============

3 AMPPAL; C:\Windows\System32\Drivers\AMPPAL.sys [299008 2011-08-08] (Windows ® Win 7 DDK provider)
3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [299008 2011-08-08] (Windows ® Win 7 DDK provider)
2 atksgt; C:\Windows\System32\Drivers\atksgt.sys [311968 2011-08-05] ()
3 clwvd; C:\Windows\System32\Drivers\clwvd.sys [32880 2010-06-24] (Windows ® Win 7 DDK provider)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
2 lirsgt; C:\Windows\System32\Drivers\lirsgt.sys [43168 2011-08-05] ()
3 Revoflt; C:\Windows\System32\Drivers\Revoflt.sys [31800 2009-12-30] (VS Revo Group)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 ALSysIO; \??\C:\Users\Carson\AppData\Local\Temp\ALSysIO64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-27 07:57 - 2012-06-27 07:57 - 00027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys
2012-06-27 07:52 - 2012-06-27 07:52 - 04623766 ____A C:\Users\Carson\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-06-27 07:50 - 2012-06-27 07:56 - 141138699 ____A C:\Users\Carson\Desktop\EmsisoftEmergencyKit.zip
2012-06-27 07:50 - 2012-06-27 07:50 - 01012656 ____A C:\Users\Carson\Desktop\iExplore.exe
2012-06-27 07:45 - 2012-06-27 07:45 - 00000331 ____A C:\Start_.cmd
2012-06-27 07:45 - 2012-06-27 07:45 - 00000000 ____D C:\ComboFix
2012-06-27 07:44 - 2012-06-27 07:45 - 00000000 ___SD C:\32788R22FWJFW
2012-06-27 07:44 - 2012-06-27 07:45 - 00000000 ____D C:\Qoobox
2012-06-27 07:44 - 2012-06-27 07:44 - 00000000 ____D C:\Windows\erdnt
2012-06-27 07:37 - 2012-06-27 07:37 - 00448512 ____A (OldTimer Tools) C:\Users\Carson\Desktop\TFC.exe
2012-06-27 07:37 - 2012-06-27 07:37 - 00002581 ____A C:\Users\Carson\Desktop\aswMBR.txt
2012-06-27 07:37 - 2012-06-27 07:37 - 00000512 ____A C:\Users\Carson\Desktop\MBR.dat
2012-06-27 06:52 - 2012-06-27 06:52 - 04569121 ____R (Swearware) C:\Users\Carson\Desktop\ComboFix.exe
2012-06-27 06:48 - 2012-05-04 03:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-06-27 06:48 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-06-27 06:48 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-27 06:48 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-27 06:48 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-27 06:48 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-27 06:48 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-27 06:48 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-27 06:48 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-27 06:48 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-27 06:48 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-27 06:48 - 2012-01-04 02:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-27 06:48 - 2012-01-04 02:44 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-06-27 06:48 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-27 06:48 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-06-27 06:48 - 2011-12-29 22:26 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-06-27 06:48 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-06-27 06:47 - 2012-06-27 06:47 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-06-27 06:40 - 2012-06-27 06:40 - 00000361 ____A C:\rkill.log
2012-06-26 19:09 - 2012-06-26 19:09 - 00279568 ____A C:\Windows\Minidump\062612-35599-01.dmp
2012-06-26 19:08 - 2012-06-26 19:08 - 865125817 ____A C:\Windows\MEMORY.DMP
2012-06-26 18:35 - 2012-06-26 18:35 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-26 18:35 - 2012-05-04 15:29 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-06-26 18:35 - 2012-05-04 15:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-26 18:32 - 2012-06-26 18:32 - 00000000 ____D C:\Users\All Users\McAfee
2012-06-26 18:07 - 2012-06-27 08:21 - 00000336 ____A C:\Windows\setupact.log
2012-06-26 18:07 - 2012-06-27 07:42 - 00003626 ____A C:\Windows\PFRO.log
2012-06-26 18:07 - 2012-06-26 18:07 - 00000000 ____A C:\Windows\setuperr.log
2012-06-26 17:59 - 2012-06-26 17:59 - 00001079 ____A C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Users\Carson\AppData\Local\VS Revo Group
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Program Files\VS Revo Group
2012-06-26 17:59 - 2009-12-30 07:21 - 00031800 ____A (VS Revo Group) C:\Windows\System32\Drivers\revoflt.sys
2012-06-26 17:36 - 2012-06-26 17:36 - 04731392 ____A (AVAST Software) C:\Users\Carson\Desktop\aswMBR.exe
2012-06-26 17:34 - 2012-06-26 17:34 - 02109990 ____A C:\Users\Carson\Downloads\tdsskiller.zip
2012-06-26 17:34 - 2012-06-25 17:19 - 02128984 ____A (Kaspersky Lab ZAO) C:\Users\Carson\Desktop\TDSSKiller.exe
2012-06-26 17:22 - 2012-06-26 17:22 - 00147963 ____A C:\Users\Carson\Downloads\hosts.zip
2012-06-26 17:14 - 2012-06-26 17:14 - 00881475 ____A C:\Users\Carson\Desktop\SecurityCheck.exe
2012-06-26 16:06 - 2012-06-26 23:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-06-26 16:06 - 2012-06-26 16:06 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\Carson\AppData\Roaming\SUPERAntiSpyware.com
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-06-26 16:05 - 2012-06-26 16:06 - 18073112 ____A (SUPERAntiSpyware.com) C:\Users\Carson\Downloads\SUPERAntiSpyware.exe
2012-06-26 16:02 - 2012-06-26 16:02 - 00002981 ____A C:\Users\Carson\Desktop\HiJackThis.lnk
2012-06-26 15:53 - 2012-06-26 23:27 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-26 15:53 - 2012-06-26 15:53 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-26 11:30 - 2012-06-26 11:30 - 00278561 ____A C:\Users\Carson\Desktop\Minecraft.exe
2012-06-26 11:06 - 2012-06-26 23:27 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-26 10:34 - 2012-06-26 10:34 - 00399872 ____A (Analog Devices, Inc.) C:\Users\Carson\AppData\Roaming\scapi.dll
2012-06-26 10:33 - 2012-06-26 15:42 - 00000000 ____D C:\Users\All Users\B7E858860003F0C6000122E2B4EB2367
2012-06-26 10:33 - 2012-06-26 10:33 - 00043557 ____A C:\Users\Carson\Downloads\X-RayMod_v023_WithoutFly.zip
2012-06-26 10:31 - 2012-06-26 10:31 - 00022723 ____A C:\Users\Carson\Downloads\Tracer 1.2.5.zip
2012-06-25 15:57 - 2012-06-26 23:27 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.minecraft
2012-06-24 04:03 - 2012-06-24 04:03 - 00002965 ____A C:\Users\Dad\Desktop\HiJackThis.lnk
2012-06-24 04:03 - 2012-06-24 04:03 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2012-06-24 04:02 - 2012-06-24 04:02 - 01402880 ____A C:\Users\Dad\Downloads\HiJackThis.msi
2012-06-22 12:34 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-22 12:34 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-22 12:34 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-22 12:34 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-22 12:33 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-22 12:33 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-22 12:33 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-22 12:33 - 2012-06-02 11:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-22 12:33 - 2012-06-02 11:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-20 14:14 - 2012-06-26 23:27 - 00000000 ____D C:\Users\Carson\Desktop\Oblivion
2012-06-20 14:13 - 2012-06-20 14:13 - 00001978 ____A C:\Users\Carson\Desktop\Oblivion (CADESCOMPUTER) - Shortcut.lnk
2012-06-19 20:33 - 2012-06-19 20:33 - 00018939 ____A C:\Users\Dad\Desktop\hs_err_pid4768.log
2012-06-15 14:18 - 2012-06-15 14:18 - 00161552 ____A C:\Users\Carson\Downloads\OblivionReborn_0.6.10.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 01668612 ____A C:\Users\Carson\Downloads\obmm_1_1_12_full_installer-2097.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 00001378 ____A C:\Users\Carson\Desktop\Oblivion Mod Manager.lnk
2012-06-15 09:43 - 2012-06-15 09:43 - 01141166 ____A C:\Users\Carson\Downloads\OblivionOnline_045.rar
2012-06-15 09:42 - 2012-06-15 09:42 - 01628462 ____A C:\Users\Carson\Downloads\obse_0020.zip
2012-06-15 09:41 - 2012-06-15 09:41 - 00015732 ____A C:\Users\Carson\Downloads\ORHelperV1.5.zip
2012-06-15 09:40 - 2012-06-15 09:40 - 00070749 ____A C:\Users\Carson\Desktop\or_complete_v2.1.zip
2012-06-15 08:33 - 2012-06-25 15:52 - 00000023 ____A C:\Windows\BlendSettings.ini
2012-06-15 06:36 - 2012-06-15 06:36 - 00000221 ____A C:\Users\Carson\Desktop\The Elder Scrolls IV Oblivion.url
2012-06-15 06:32 - 2012-06-15 06:32 - 00161532 ____A C:\Users\Carson\Desktop\oblivionreborn_0.6.9.zip
2012-06-15 06:28 - 2012-06-15 06:28 - 01628462 ____A C:\Users\Carson\Desktop\obse_0020.zip
2012-06-14 21:45 - 2012-06-14 21:45 - 00000000 ____D C:\Users\Carson\AppData\Local\Oblivion
2012-06-13 23:00 - 2012-05-17 18:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-13 23:00 - 2012-05-17 18:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-13 23:00 - 2012-05-17 18:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-13 23:00 - 2012-05-17 17:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-13 23:00 - 2012-05-17 17:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-13 23:00 - 2012-05-17 17:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-13 23:00 - 2012-05-17 17:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-13 23:00 - 2012-05-17 17:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-13 23:00 - 2012-05-17 17:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-13 23:00 - 2012-05-17 17:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-13 23:00 - 2012-05-17 17:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-13 23:00 - 2012-05-17 17:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-13 23:00 - 2012-05-17 17:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-13 23:00 - 2012-05-17 17:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-13 23:00 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-13 23:00 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-13 23:00 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-13 23:00 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-13 23:00 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-13 23:00 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-13 23:00 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-13 23:00 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-13 23:00 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-13 23:00 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-13 23:00 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-13 23:00 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-13 23:00 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-13 23:00 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-13 14:51 - 2012-05-14 17:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 14:51 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-13 14:51 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 14:51 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 14:51 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 14:51 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-13 14:51 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-13 14:51 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-12 21:38 - 2012-06-25 15:58 - 00000000 ____D C:\Users\Carson\Desktop\.minecraft
2012-06-12 20:19 - 2012-06-12 20:19 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5 (1).zip
2012-06-12 10:39 - 2012-06-12 10:39 - 00812439 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.zip
2012-06-12 10:38 - 2012-06-12 10:38 - 00087998 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.3.zip
2012-06-12 09:59 - 2012-06-12 10:00 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (2).rar
2012-06-11 20:48 - 2012-06-11 20:49 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (1).rar
2012-06-11 20:46 - 2012-06-11 20:53 - 00795293 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.2.6.131.zip
2012-06-11 20:43 - 2012-06-11 20:43 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (12).zip
2012-06-11 20:43 - 2012-06-11 20:43 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (9).zip
2012-06-11 20:04 - 2012-06-11 20:06 - 00000000 ____D C:\Minecraft_Backup
2012-06-11 20:00 - 2012-06-11 20:00 - 00196608 ____A (ICSharpCode.net) C:\Users\Carson\Downloads\ICSharpCode.SharpZipLib.dll
2012-06-11 19:58 - 2012-06-11 19:58 - 01169408 ____A C:\Users\Carson\Downloads\MoreCreeps and Weirdos Installer.exe
2012-06-11 19:54 - 2012-06-11 19:56 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58.rar
2012-06-10 20:07 - 2012-06-10 20:07 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows) (2).zip
2012-06-10 18:53 - 2012-06-10 18:58 - 40148963 ____A C:\Users\Carson\Desktop\Sphax PureBDCraft 256x.zip
2012-06-10 15:41 - 2012-06-10 15:41 - 04174278 ____A C:\Users\Carson\Downloads\SpiderQueen.zip
2012-06-08 20:41 - 2012-06-08 20:41 - 00072688 ____A C:\Users\Carson\Downloads\ObsidianTools1.2.4_4.0.zip
2012-06-08 16:15 - 2012-06-08 16:15 - 04543928 ____A C:\Users\Carson\Downloads\minecraft (4).zip
2012-06-07 08:21 - 2012-06-07 08:21 - 01043780 ____A C:\Users\Carson\Downloads\GuiAPI-0.14.2-1.2.5 (1).zip
2012-06-07 08:20 - 2012-06-07 08:21 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (11).zip
2012-06-06 20:45 - 2012-06-06 20:46 - 48533626 ____A C:\Users\Carson\Downloads\Aether with Toomanyitems (1).rar
2012-06-06 20:32 - 2012-06-06 20:32 - 00000688 ____A C:\Users\Carson\Downloads\minecrafterrortest.bat
2012-06-06 20:17 - 2012-06-06 20:17 - 00806144 ____A C:\Users\Carson\Downloads\SDK's Mods 1.2.3 v1 (1).zip
2012-06-06 19:56 - 2012-06-06 19:57 - 00691171 ____A C:\Users\Carson\Downloads\SDK's Guns 1.2.3 v1.zip
2012-06-05 18:34 - 2012-06-05 18:34 - 00009030 ____A C:\Users\Carson\Downloads\SessionStealer (1).jar
2012-06-05 16:35 - 2012-06-05 16:35 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5.zip
2012-06-05 12:56 - 2012-06-05 12:56 - 05542229 ____A C:\Users\Carson\Downloads\Assassins Creep.zip
2012-06-05 12:48 - 2012-06-05 12:48 - 01575269 ____A C:\Users\Carson\Desktop\mcpatcher-2.3.7.exe
2012-06-03 21:15 - 2012-06-03 21:15 - 03807728 ____A C:\Users\Carson\Downloads\minecraft.jar
2012-06-03 17:00 - 2012-06-03 17:00 - 00017150 ____A C:\Users\Carson\Downloads\hs_err_pid4936.log
2012-06-03 16:38 - 2012-06-04 11:12 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.techniclauncher
2012-06-03 16:23 - 2012-06-03 16:23 - 01588340 ____A C:\Users\Carson\Downloads\hackslashmine0.5.2.zip
2012-06-03 15:45 - 2012-06-03 15:45 - 19519083 ____A C:\Users\Carson\Downloads\JailBreak Adventure Map v2.0.zip
2012-06-01 18:41 - 2012-06-01 18:41 - 00000072 ____A C:\Users\Carson\Downloads\Ocarina Of Time.jsf
2012-06-01 18:21 - 2012-06-02 13:46 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2012-06-01 18:19 - 2012-06-01 18:20 - 26598570 ____A C:\Users\Carson\Downloads\Zelda - Ocarina of Time.zip
2012-06-01 18:18 - 2012-06-01 18:18 - 02080797 ____A (Project64 ) C:\Users\Carson\Downloads\project64_1.6.exe


============ 3 Months Modified Files and Folders =============

2012-06-27 12:24 - 2012-06-27 09:17 - 00000000 ____D C:\FRST
2012-06-27 09:26 - 2011-08-14 16:12 - 00000000 ____D C:\Users\All Users\Recovery
2012-06-27 08:21 - 2012-06-26 18:07 - 00000336 ____A C:\Windows\setupact.log
2012-06-27 08:21 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-27 08:18 - 2010-09-16 00:46 - 01114583 ____A C:\Windows\WindowsUpdate.log
2012-06-27 08:09 - 2011-03-12 07:58 - 00000000 ____D C:\Users\Carson\AppData\Roaming\Skype
2012-06-27 08:05 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-27 08:05 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-27 07:58 - 2012-03-24 09:41 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-27 07:57 - 2012-06-27 07:57 - 00027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys
2012-06-27 07:56 - 2012-06-27 07:50 - 141138699 ____A C:\Users\Carson\Desktop\EmsisoftEmergencyKit.zip
2012-06-27 07:52 - 2012-06-27 07:52 - 04623766 ____A C:\Users\Carson\Desktop\tweaking.com_windows_repair_aio_setup.exe
2012-06-27 07:51 - 2012-03-24 09:41 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-27 07:50 - 2012-06-27 07:50 - 01012656 ____A C:\Users\Carson\Desktop\iExplore.exe
2012-06-27 07:45 - 2012-06-27 07:45 - 00000331 ____A C:\Start_.cmd
2012-06-27 07:45 - 2012-06-27 07:45 - 00000000 ____D C:\ComboFix
2012-06-27 07:45 - 2012-06-27 07:44 - 00000000 ___SD C:\32788R22FWJFW
2012-06-27 07:45 - 2012-06-27 07:44 - 00000000 ____D C:\Qoobox
2012-06-27 07:44 - 2012-06-27 07:44 - 00000000 ____D C:\Windows\erdnt
2012-06-27 07:42 - 2012-06-26 18:07 - 00003626 ____A C:\Windows\PFRO.log
2012-06-27 07:37 - 2012-06-27 07:37 - 00448512 ____A (OldTimer Tools) C:\Users\Carson\Desktop\TFC.exe
2012-06-27 07:37 - 2012-06-27 07:37 - 00002581 ____A C:\Users\Carson\Desktop\aswMBR.txt
2012-06-27 07:37 - 2012-06-27 07:37 - 00000512 ____A C:\Users\Carson\Desktop\MBR.dat
2012-06-27 07:12 - 2012-02-04 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2012-06-27 06:52 - 2012-06-27 06:52 - 04569121 ____R (Swearware) C:\Users\Carson\Desktop\ComboFix.exe
2012-06-27 06:52 - 2010-11-29 08:11 - 00790242 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-27 06:52 - 2009-07-13 21:13 - 00790242 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-27 06:47 - 2012-06-27 06:47 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-06-27 06:47 - 2010-07-19 23:21 - 00000000 ____D C:\Users\All Users\Skype
2012-06-27 06:46 - 2011-03-12 07:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-06-27 06:40 - 2012-06-27 06:40 - 00000361 ____A C:\rkill.log
2012-06-26 23:27 - 2012-06-26 16:06 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-06-26 23:27 - 2012-06-26 15:53 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-26 23:27 - 2012-06-26 11:06 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-26 23:27 - 2012-06-25 15:57 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.minecraft
2012-06-26 23:27 - 2012-06-20 14:14 - 00000000 ____D C:\Users\Carson\Desktop\Oblivion
2012-06-26 23:27 - 2011-12-01 16:17 - 00000000 ____D C:\Users\Dad\AppData\Local\LogMeIn Hamachi
2012-06-26 23:27 - 2011-07-07 10:21 - 00000000 ____D C:\Users\Carson\AppData\Local\LogMeIn Hamachi
2012-06-26 23:27 - 2011-01-01 06:37 - 00000000 ____D C:\Windows\Minidump
2012-06-26 23:27 - 2010-12-28 09:22 - 00000000 ____D C:\users\Dad
2012-06-26 23:27 - 2010-12-24 21:19 - 00000000 ____D C:\Program Files (x86)\Steam
2012-06-26 23:27 - 2010-11-05 07:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-26 23:27 - 2010-10-18 09:23 - 00000000 ____D C:\users\Carson
2012-06-26 23:27 - 2010-09-16 01:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2012-06-26 23:27 - 2010-09-16 01:07 - 00000000 ____D C:\Users\All Users\CinemaNow
2012-06-26 23:27 - 2010-07-19 22:28 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-06-26 23:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-06-26 19:09 - 2012-06-26 19:09 - 00279568 ____A C:\Windows\Minidump\062612-35599-01.dmp
2012-06-26 19:08 - 2012-06-26 19:08 - 865125817 ____A C:\Windows\MEMORY.DMP
2012-06-26 18:35 - 2012-06-26 18:35 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-26 18:34 - 2010-11-29 07:41 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-26 18:34 - 2010-11-29 07:41 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-26 18:34 - 2010-07-20 00:48 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-26 18:33 - 2010-07-19 23:22 - 00000000 ____D C:\Users\All Users\Adobe
2012-06-26 18:33 - 2010-07-19 23:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-26 18:32 - 2012-06-26 18:32 - 00000000 ____D C:\Users\All Users\McAfee
2012-06-26 18:32 - 2011-06-13 11:26 - 00000000 ____D C:\Users\Carson\AppData\Local\Adobe
2012-06-26 18:07 - 2012-06-26 18:07 - 00000000 ____A C:\Windows\setuperr.log
2012-06-26 18:07 - 2010-12-31 10:16 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2012-06-26 17:59 - 2012-06-26 17:59 - 00001079 ____A C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Users\Carson\AppData\Local\VS Revo Group
2012-06-26 17:59 - 2012-06-26 17:59 - 00000000 ____D C:\Program Files\VS Revo Group
2012-06-26 17:36 - 2012-06-26 17:36 - 04731392 ____A (AVAST Software) C:\Users\Carson\Desktop\aswMBR.exe
2012-06-26 17:34 - 2012-06-26 17:34 - 02109990 ____A C:\Users\Carson\Downloads\tdsskiller.zip
2012-06-26 17:22 - 2012-06-26 17:22 - 00147963 ____A C:\Users\Carson\Downloads\hosts.zip
2012-06-26 17:14 - 2012-06-26 17:14 - 00881475 ____A C:\Users\Carson\Desktop\SecurityCheck.exe
2012-06-26 16:06 - 2012-06-26 16:06 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\Carson\AppData\Roaming\SUPERAntiSpyware.com
2012-06-26 16:06 - 2012-06-26 16:06 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-06-26 16:06 - 2012-06-26 16:05 - 18073112 ____A (SUPERAntiSpyware.com) C:\Users\Carson\Downloads\SUPERAntiSpyware.exe
2012-06-26 16:02 - 2012-06-26 16:02 - 00002981 ____A C:\Users\Carson\Desktop\HiJackThis.lnk
2012-06-26 15:53 - 2012-06-26 15:53 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-26 15:53 - 2011-09-05 06:19 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-26 15:42 - 2012-06-26 10:33 - 00000000 ____D C:\Users\All Users\B7E858860003F0C6000122E2B4EB2367
2012-06-26 11:30 - 2012-06-26 11:30 - 00278561 ____A C:\Users\Carson\Desktop\Minecraft.exe
2012-06-26 10:34 - 2012-06-26 10:34 - 00399872 ____A (Analog Devices, Inc.) C:\Users\Carson\AppData\Roaming\scapi.dll
2012-06-26 10:33 - 2012-06-26 10:33 - 00043557 ____A C:\Users\Carson\Downloads\X-RayMod_v023_WithoutFly.zip
2012-06-26 10:31 - 2012-06-26 10:31 - 00022723 ____A C:\Users\Carson\Downloads\Tracer 1.2.5.zip
2012-06-26 09:22 - 2012-02-06 15:37 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-25 17:19 - 2012-06-26 17:34 - 02128984 ____A (Kaspersky Lab ZAO) C:\Users\Carson\Desktop\TDSSKiller.exe
2012-06-25 15:58 - 2012-06-12 21:38 - 00000000 ____D C:\Users\Carson\Desktop\.minecraft
2012-06-25 15:55 - 2010-10-18 09:24 - 00000000 ____D C:\Users\Carson\AppData\Roaming\DigitalPersona
2012-06-25 15:52 - 2012-06-15 08:33 - 00000023 ____A C:\Windows\BlendSettings.ini
2012-06-25 11:06 - 2012-01-19 10:35 - 00000000 ____D C:\Users\Carson\AppData\Roaming\Mozilla
2012-06-24 18:29 - 2012-03-05 19:13 - 00000000 ____D C:\Users\Dad\AppData\Roaming\Skype
2012-06-24 04:08 - 2011-05-29 14:43 - 00000000 ____D C:\Program Files (x86)\ConduitEngine
2012-06-24 04:08 - 2011-05-29 14:43 - 00000000 ____D C:\Program Files (x86)\BitTorrentBar
2012-06-24 04:03 - 2012-06-24 04:03 - 00002965 ____A C:\Users\Dad\Desktop\HiJackThis.lnk
2012-06-24 04:03 - 2012-06-24 04:03 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2012-06-24 04:02 - 2012-06-24 04:02 - 01402880 ____A C:\Users\Dad\Downloads\HiJackThis.msi
2012-06-20 14:13 - 2012-06-20 14:13 - 00001978 ____A C:\Users\Carson\Desktop\Oblivion (CADESCOMPUTER) - Shortcut.lnk
2012-06-19 20:33 - 2012-06-19 20:33 - 00018939 ____A C:\Users\Dad\Desktop\hs_err_pid4768.log
2012-06-15 14:18 - 2012-06-15 14:18 - 00161552 ____A C:\Users\Carson\Downloads\OblivionReborn_0.6.10.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 01668612 ____A C:\Users\Carson\Downloads\obmm_1_1_12_full_installer-2097.zip
2012-06-15 14:08 - 2012-06-15 14:08 - 00001378 ____A C:\Users\Carson\Desktop\Oblivion Mod Manager.lnk
2012-06-15 09:43 - 2012-06-15 09:43 - 01141166 ____A C:\Users\Carson\Downloads\OblivionOnline_045.rar
2012-06-15 09:42 - 2012-06-15 09:42 - 01628462 ____A C:\Users\Carson\Downloads\obse_0020.zip
2012-06-15 09:41 - 2012-06-15 09:41 - 00015732 ____A C:\Users\Carson\Downloads\ORHelperV1.5.zip
2012-06-15 09:40 - 2012-06-15 09:40 - 00070749 ____A C:\Users\Carson\Desktop\or_complete_v2.1.zip
2012-06-15 09:38 - 2011-10-22 13:30 - 00000000 ____D C:\Program Files (x86)\Notepad++
2012-06-15 06:36 - 2012-06-15 06:36 - 00000221 ____A C:\Users\Carson\Desktop\The Elder Scrolls IV Oblivion.url
2012-06-15 06:32 - 2012-06-15 06:32 - 00161532 ____A C:\Users\Carson\Desktop\oblivionreborn_0.6.9.zip
2012-06-15 06:28 - 2012-06-15 06:28 - 01628462 ____A C:\Users\Carson\Desktop\obse_0020.zip
2012-06-14 21:45 - 2012-06-14 21:45 - 00000000 ____D C:\Users\Carson\AppData\Local\Oblivion
2012-06-14 21:45 - 2010-11-29 08:44 - 00000000 ____D C:\Users\Carson\Documents\My Games
2012-06-13 23:27 - 2009-07-13 20:45 - 00296344 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-13 23:05 - 2010-12-24 21:39 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-12 20:19 - 2012-06-12 20:19 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5 (1).zip
2012-06-12 10:39 - 2012-06-12 10:39 - 00812439 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.zip
2012-06-12 10:38 - 2012-06-12 10:38 - 00087998 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.3.zip
2012-06-12 10:00 - 2012-06-12 09:59 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (2).rar
2012-06-11 20:53 - 2012-06-11 20:46 - 00795293 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.2.6.131.zip
2012-06-11 20:49 - 2012-06-11 20:48 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58 (1).rar
2012-06-11 20:43 - 2012-06-11 20:43 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (12).zip
2012-06-11 20:43 - 2012-06-11 20:43 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (9).zip
2012-06-11 20:06 - 2012-06-11 20:04 - 00000000 ____D C:\Minecraft_Backup
2012-06-11 20:00 - 2012-06-11 20:00 - 00196608 ____A (ICSharpCode.net) C:\Users\Carson\Downloads\ICSharpCode.SharpZipLib.dll
2012-06-11 19:58 - 2012-06-11 19:58 - 01169408 ____A C:\Users\Carson\Downloads\MoreCreeps and Weirdos Installer.exe
2012-06-11 19:56 - 2012-06-11 19:54 - 53222363 ____A C:\Users\Carson\Downloads\MoreCreepsv2.58.rar
2012-06-10 20:10 - 2012-02-07 14:33 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.Nitrous
2012-06-10 20:07 - 2012-06-10 20:07 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows) (2).zip
2012-06-10 18:58 - 2012-06-10 18:53 - 40148963 ____A C:\Users\Carson\Desktop\Sphax PureBDCraft 256x.zip
2012-06-10 15:41 - 2012-06-10 15:41 - 04174278 ____A C:\Users\Carson\Downloads\SpiderQueen.zip
2012-06-10 13:19 - 2011-11-30 17:11 - 00000000 ____D C:\Users\Carson\AppData\Local\Paint.NET
2012-06-08 20:41 - 2012-06-08 20:41 - 00072688 ____A C:\Users\Carson\Downloads\ObsidianTools1.2.4_4.0.zip
2012-06-08 16:15 - 2012-06-08 16:15 - 04543928 ____A C:\Users\Carson\Downloads\minecraft (4).zip
2012-06-07 08:21 - 2012-06-07 08:21 - 01043780 ____A C:\Users\Carson\Downloads\GuiAPI-0.14.2-1.2.5 (1).zip
2012-06-07 08:21 - 2012-06-07 08:20 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (11).zip
2012-06-06 20:46 - 2012-06-06 20:45 - 48533626 ____A C:\Users\Carson\Downloads\Aether with Toomanyitems (1).rar
2012-06-06 20:32 - 2012-06-06 20:32 - 00000688 ____A C:\Users\Carson\Downloads\minecrafterrortest.bat
2012-06-06 20:17 - 2012-06-06 20:17 - 00806144 ____A C:\Users\Carson\Downloads\SDK's Mods 1.2.3 v1 (1).zip
2012-06-06 19:57 - 2012-06-06 19:56 - 00691171 ____A C:\Users\Carson\Downloads\SDK's Guns 1.2.3 v1.zip
2012-06-05 18:34 - 2012-06-05 18:34 - 00009030 ____A C:\Users\Carson\Downloads\SessionStealer (1).jar
2012-06-05 16:35 - 2012-06-05 16:35 - 00051131 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_13_1.2.5.zip
2012-06-05 12:56 - 2012-06-05 12:56 - 05542229 ____A C:\Users\Carson\Downloads\Assassins Creep.zip
2012-06-05 12:48 - 2012-06-05 12:48 - 01575269 ____A C:\Users\Carson\Desktop\mcpatcher-2.3.7.exe
2012-06-04 11:12 - 2012-06-03 16:38 - 00000000 ____D C:\Users\Carson\AppData\Roaming\.techniclauncher
2012-06-03 21:15 - 2012-06-03 21:15 - 03807728 ____A C:\Users\Carson\Downloads\minecraft.jar
2012-06-03 17:00 - 2012-06-03 17:00 - 00017150 ____A C:\Users\Carson\Downloads\hs_err_pid4936.log
2012-06-03 16:23 - 2012-06-03 16:23 - 01588340 ____A C:\Users\Carson\Downloads\hackslashmine0.5.2.zip
2012-06-03 15:45 - 2012-06-03 15:45 - 19519083 ____A C:\Users\Carson\Downloads\JailBreak Adventure Map v2.0.zip
2012-06-02 14:19 - 2012-06-22 12:34 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-22 12:34 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-22 12:34 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-22 12:33 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-22 12:33 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-22 12:34 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-22 12:33 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 13:46 - 2012-06-01 18:21 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2012-06-02 11:19 - 2012-06-22 12:33 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-22 12:33 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 18:41 - 2012-06-01 18:41 - 00000072 ____A C:\Users\Carson\Downloads\Ocarina Of Time.jsf
2012-06-01 18:20 - 2012-06-01 18:19 - 26598570 ____A C:\Users\Carson\Downloads\Zelda - Ocarina of Time.zip
2012-06-01 18:18 - 2012-06-01 18:18 - 02080797 ____A (Project64 ) C:\Users\Carson\Downloads\project64_1.6.exe
2012-05-25 12:29 - 2012-05-25 12:29 - 00009030 ____A C:\Users\Carson\Downloads\SessionStealer.jar
2012-05-25 12:28 - 2012-05-25 12:28 - 00000000 ____D C:\Users\Carson\.sessionstealer
2012-05-25 11:42 - 2012-05-25 11:42 - 01043780 ____A C:\Users\Carson\Downloads\GuiAPI-0.14.2-1.2.5.zip
2012-05-25 11:40 - 2012-05-25 11:40 - 00540020 ____A C:\Users\Carson\Downloads\MinecraftForge-3.1.3.105-Client (1).zip
2012-05-22 13:12 - 2012-05-22 13:12 - 00151579 ____A C:\Users\Carson\Downloads\kenshiromod_1.2.4.zip
2012-05-22 09:08 - 2012-05-22 09:08 - 00255674 ____A C:\Users\Carson\Downloads\OptiFine_1.2.5_HD_S_B1.zip
2012-05-22 09:05 - 2012-05-22 09:05 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows) (1).zip
2012-05-22 06:15 - 2012-05-22 06:15 - 00540020 ____A C:\Users\Carson\Downloads\MinecraftForge-3.1.3.105-Client.zip
2012-05-22 05:53 - 2012-05-22 05:53 - 00999771 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2 (1).jar
2012-05-21 17:32 - 2012-05-21 17:31 - 48533626 ____A C:\Users\Carson\Downloads\Aether with Toomanyitems.rar
2012-05-21 16:51 - 2012-05-21 16:50 - 08929228 ____A C:\Users\Carson\Downloads\Sky Bliss.rar
2012-05-19 20:33 - 2012-05-19 20:33 - 00000950 ____A C:\Users\Carson\Desktop\Core Temp.lnk
2012-05-19 17:09 - 2009-07-13 21:08 - 00032536 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-17 18:47 - 2012-06-13 23:00 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-17 18:16 - 2012-06-13 23:00 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-17 18:06 - 2012-06-13 23:00 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-17 17:59 - 2012-06-13 23:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-17 17:59 - 2012-06-13 23:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-17 17:58 - 2012-06-13 23:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-17 17:58 - 2012-06-13 23:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-17 17:56 - 2012-06-13 23:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-17 17:55 - 2012-06-13 23:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-17 17:55 - 2012-06-13 23:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-17 17:54 - 2012-06-13 23:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-17 17:51 - 2012-06-13 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-17 17:51 - 2012-06-13 23:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-17 17:47 - 2012-06-13 23:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-17 15:11 - 2012-06-13 23:00 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-17 14:48 - 2012-06-13 23:00 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-17 14:45 - 2012-06-13 23:00 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-17 14:36 - 2012-06-13 23:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-17 14:35 - 2012-06-13 23:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-17 14:35 - 2012-06-13 23:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-17 14:33 - 2012-06-13 23:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-17 14:31 - 2012-06-13 23:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-17 14:29 - 2012-06-13 23:00 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-17 14:29 - 2012-06-13 23:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-05-17 14:27 - 2012-06-13 23:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-17 14:25 - 2012-06-13 23:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-17 14:24 - 2012-06-13 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-17 14:20 - 2012-06-13 23:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-17 08:52 - 2012-05-17 08:52 - 00000000 ____D C:\Users\Carson\Documents\Diablo III
2012-05-17 08:52 - 2012-05-17 08:03 - 00000000 ____D C:\Program Files (x86)\Diablo III
2012-05-17 08:45 - 2012-05-17 08:03 - 00001151 ____A C:\Users\Public\Desktop\Diablo III.lnk
2012-05-17 08:45 - 2012-05-17 08:03 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-05-17 08:00 - 2012-05-17 08:00 - 00000000 ____D C:\Users\All Users\Battle.net
2012-05-14 17:32 - 2012-06-13 14:51 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-10 06:37 - 2012-05-10 06:37 - 00000000 ____D C:\Users\Dad\AppData\Roaming\Apple Computer
2012-05-09 14:06 - 2012-05-09 14:06 - 00848056 ____A C:\Users\Carson\Downloads\Zombie-Hunt_1-2-5.zip
2012-05-09 14:03 - 2012-05-09 14:03 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (8).zip
2012-05-08 16:55 - 2010-07-20 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-08 12:19 - 2012-05-08 12:19 - 00540020 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.1.3.105 (1).zip
2012-05-08 12:13 - 2012-05-08 12:13 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0 (3).zip
2012-05-08 12:11 - 2012-05-08 12:11 - 00180717 ____A C:\Users\Carson\Downloads\[1.2.5] Battlegear - 2.6.1.zip
2012-05-08 10:57 - 2012-05-08 10:57 - 00000000 ____D C:\Users\Carson\.swt
2012-05-06 11:05 - 2012-05-06 11:05 - 00999771 ____A C:\Users\Carson\Downloads\SinglePlayerCommands-MC1.2.5_V3.2.2.jar
2012-05-04 15:29 - 2012-06-26 18:35 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-04 15:29 - 2012-06-26 18:35 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-05-04 03:06 - 2012-06-13 14:51 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 03:00 - 2012-06-27 06:48 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-05-04 02:03 - 2012-06-13 14:51 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-13 14:51 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-04 01:59 - 2012-06-27 06:48 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-05-03 13:21 - 2012-05-03 13:21 - 00007354 ____A C:\Users\Carson\Downloads\Recipe Book (1).zip
2012-05-03 12:20 - 2012-05-03 12:20 - 03279197 ____A C:\Users\Carson\Downloads\Industrial-Craft 1.2.5.zip
2012-05-03 12:10 - 2012-05-03 12:10 - 00540020 ____A C:\Users\Carson\Downloads\minecraftforge-client-3.1.3.105.zip
2012-05-03 12:06 - 2012-05-03 12:06 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (10).zip
2012-05-03 12:03 - 2012-05-03 12:03 - 02680016 ____A C:\Users\Carson\Downloads\industrialcraft-2-client_1.95.jar
2012-04-30 21:40 - 2012-06-27 06:48 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-30 17:40 - 2011-03-03 16:33 - 00001945 ____A C:\Windows\epplauncher.mif
2012-04-30 17:40 - 2011-03-03 16:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-04-30 17:39 - 2012-04-30 17:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-04-28 10:23 - 2012-04-28 10:22 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4 (3).zip
2012-04-28 10:22 - 2012-04-28 10:22 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4 (2).zip
2012-04-28 10:17 - 2012-04-28 10:16 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4 (1).zip
2012-04-28 10:06 - 2012-04-28 10:06 - 04174278 ____A C:\Users\Carson\Downloads\www.olgh.net_The_Spider_Queen_5.4.zip
2012-04-28 10:06 - 2012-04-28 10:06 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (7).zip
2012-04-28 10:05 - 2012-04-28 10:05 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (9).zip
2012-04-27 19:55 - 2012-06-13 14:51 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 21:41 - 2012-06-13 14:51 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-13 14:51 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-13 14:51 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-25 14:32 - 2012-04-21 15:30 - 00000000 ____D C:\Users\Carson\AppData\Local\dxhr
2012-04-23 21:37 - 2012-06-27 06:48 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-27 06:48 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-27 06:48 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-27 06:48 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-27 06:48 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-27 06:48 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-21 15:29 - 2012-04-21 15:29 - 00000000 ____D C:\Users\Carson\AppData\Local\28050
2012-04-20 13:39 - 2012-04-20 13:39 - 00003294 ____A C:\Users\Carson\Downloads\Timber! (1.2.4).zip
2012-04-19 11:46 - 2012-03-20 09:34 - 00000000 ____D C:\Users\Carson\Pearson
2012-04-18 13:48 - 2012-04-18 13:48 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (8).zip
2012-04-18 13:45 - 2012-04-18 13:45 - 00510337 ____A C:\Users\Carson\Downloads\MinecraftForge-3.0.1.84-Client.zip
2012-04-14 20:40 - 2012-04-14 20:40 - 00000222 ____A C:\Users\Carson\Desktop\Microsoft Flight.url
2012-04-14 10:48 - 2012-04-14 10:48 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (7).zip
2012-04-14 10:48 - 2012-04-14 10:48 - 00046737 ____A C:\Users\Carson\Downloads\AudioMod (6).zip
2012-04-14 10:47 - 2012-04-14 10:47 - 00238532 ____A C:\Users\Carson\Downloads\[1.2.5]ReiMinimap_v3.0_04.zip
2012-04-14 10:47 - 2012-04-14 10:47 - 00238532 ____A C:\Users\Carson\Downloads\[1.2.5]ReiMinimap_v3.0_04 (1).zip
2012-04-14 10:46 - 2012-04-14 10:46 - 00052843 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_07_1.2.5 (1).zip
2012-04-13 16:00 - 2012-04-13 16:00 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0 (2).zip
2012-04-13 15:59 - 2012-04-13 15:59 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (6).zip
2012-04-13 15:58 - 2012-04-13 15:58 - 00652491 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Smart Moving 7.6 (2).zip
2012-04-13 15:58 - 2012-04-13 15:58 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (5).zip
2012-04-13 15:47 - 2012-04-13 15:47 - 06905480 ____A C:\Users\Carson\Downloads\Sonic Ethers Unbelievable Shaders v08 1.2.4 and 1.2.5 (Windows).zip
2012-04-12 16:25 - 2012-04-12 16:25 - 00000220 ____A C:\Users\Carson\Desktop\Killing Floor.url
2012-04-11 13:48 - 2012-04-11 13:48 - 01488305 ____A C:\Users\Carson\Downloads\mcpatcher-2.3.5_01.exe
2012-04-11 11:53 - 2012-04-11 11:53 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0 (1).zip
2012-04-11 11:52 - 2012-04-11 11:52 - 00652491 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Smart Moving 7.6 (1).zip
2012-04-11 11:51 - 2012-04-11 11:51 - 00052843 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_07_1.2.5.zip
2012-04-11 11:49 - 2012-04-11 11:49 - 00103347 ____A C:\Users\Carson\Downloads\ModLoader (4).zip
2012-04-11 11:39 - 2012-04-11 11:39 - 00050852 ____A C:\Users\Carson\Downloads\TooManyItems2012_04_10_1.2.5.zip
2012-04-11 11:35 - 2012-04-11 11:35 - 00806144 ____A C:\Users\Carson\Downloads\SDK's Mods 1.2.3 v1.zip
2012-04-11 11:32 - 2012-04-11 11:32 - 00026472 ____A C:\Users\Carson\Downloads\ModLoaderMP 1.2.5 v1.zip
2012-04-10 15:55 - 2012-04-10 15:55 - 00083757 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Player API client 1.0.zip
2012-04-10 15:52 - 2012-04-10 15:52 - 00652491 ____A C:\Users\Carson\Downloads\MC 1.2.5 - Smart Moving 7.6.zip
2012-04-07 04:31 - 2012-06-27 06:48 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-04-07 03:26 - 2012-06-27 06:48 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-04-04 11:56 - 2010-11-05 07:19 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-03-30 03:35 - 2012-05-08 10:50 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

ZeroAccess:
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\00000004.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\00000004.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\00000008.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\000000cb.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000000.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000032.@
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000064.@

ZeroAccess:
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\@
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\n
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 13%
Total physical RAM: 5941.86 MB
Available physical RAM: 5145.17 MB
Total Pagefile: 5940.01 MB
Available Pagefile: 5135.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:276.78 GB) (Free:66.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (RECOVERY) (Fixed) (Total:21.01 GB) (Free:3.06 GB) NTFS
4 Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
6 Drive i: (KINGSTON) (Removable) (Total:7.26 GB) (Free:7.25 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (DATA) (Fixed) (Total:298.09 GB) (Free:297.99 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 298 GB 0 B
Disk 2 Online 7441 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 298 GB 1024 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y DATA NTFS Partition 298 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 276 GB 200 MB
Partition 3 Primary 21 GB 276 GB
Partition 4 Primary 103 MB 297 GB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D SYSTEM NTFS Partition 199 MB Healthy

======================================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 276 GB Healthy

======================================================================================================

Disk: 1
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F RECOVERY NTFS Partition 21 GB Healthy

======================================================================================================

Disk: 1
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 G HP_TOOLS FAT32 Partition 103 MB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7437 MB 4032 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I KINGSTON FAT32 Removable 7437 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2011-05-04 20:24

======================= End Of Log ==========================

#9 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 11:40 AM

ran search "services.exe" on farbar

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

#10 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 12:02 PM

Created the following script and ran it in Farbar as fixlist.txt

Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}


Resulting Fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 25-06-2012
Ran by SYSTEM at 2012-06-27 12:48:42 Run:1
Running from I:\

==============================================

C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe
C:\Windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1} moved successfully.
C:\Users\Carson\AppData\Local\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1} moved successfully.

==== End of Fixlog ====

#11 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 02:00 PM

Ran ComboFix next. Had to run twice b/c it froze when attempting to create log. Here is the log from round 2. Also reran aswMBR. It was clean YAY! Log is below ComboFix

ComboFix 12-06-27.01 - Carson 06/27/2012 14:35:26.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5942.3982 [GMT -4:00]
Running from: c:\users\Carson\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\users\Carson\AppData\Roaming\scapi.dll
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\00000004.@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\201d3dde
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\L\55490ac4
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\n
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\00000004.@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\00000008.@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\000000cb.@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000000.@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000032.@
c:\windows\Installer\{9130e9fb-2f96-dc46-5f2b-1b817a456ea1}\U\80000064.@
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Toolbar Updater Service
.
.
((((((((((((((((((((((((( Files Created from 2012-05-27 to 2012-06-27 )))))))))))))))))))))))))))))))
.
.
2012-06-27 18:43 . 2012-06-27 18:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-27 18:43 . 2012-06-27 18:43 -------- d-----w- c:\users\Dad\AppData\Local\temp
2012-06-27 17:25 . 2012-06-27 17:25 -------- d-----w- c:\program files (x86)\ESET
2012-06-27 17:17 . 2012-06-27 20:24 -------- d-----w- C:\FRST
2012-06-27 15:57 . 2012-06-27 15:57 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys
2012-06-27 14:46 . 2012-06-27 14:46 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-06-27 02:36 . 2012-06-27 02:36 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-27 02:35 . 2012-06-27 02:35 -------- d-----w- c:\program files (x86)\Oracle
2012-06-27 02:35 . 2012-05-04 23:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-27 02:32 . 2012-06-27 02:32 -------- d-----w- c:\programdata\McAfee
2012-06-27 01:59 . 2012-06-27 01:59 -------- d-----w- c:\users\Carson\AppData\Local\VS Revo Group
2012-06-27 01:59 . 2009-12-30 15:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-06-27 01:59 . 2012-06-27 01:59 -------- d-----w- c:\program files\VS Revo Group
2012-06-27 00:06 . 2012-06-27 00:06 -------- d-----w- c:\users\Carson\AppData\Roaming\SUPERAntiSpyware.com
2012-06-27 00:06 . 2012-06-27 07:27 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-27 00:06 . 2012-06-27 00:06 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-27 00:02 . 2012-06-27 00:02 388096 ----a-r- c:\users\Carson\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-26 23:53 . 2012-06-26 23:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-26 23:53 . 2012-06-27 07:27 -------- d-----w- c:\windows\system32\Macromed
2012-06-26 19:06 . 2012-06-27 07:27 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-06-26 18:33 . 2012-06-26 23:42 -------- d-----w- c:\programdata\B7E858860003F0C6000122E2B4EB2367
2012-06-26 18:33 . 2012-06-26 23:42 -------- d-----w- c:\program files (x86)\Common Files\Common
2012-06-25 23:57 . 2012-06-27 07:27 -------- d-----w- c:\users\Carson\AppData\Roaming\.minecraft
2012-06-24 12:03 . 2012-06-24 12:03 388096 ----a-r- c:\users\Dad\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-24 12:03 . 2012-06-24 12:03 -------- d-----w- c:\program files (x86)\Trend Micro
2012-06-22 20:34 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 20:34 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 20:34 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 20:34 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 20:33 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 20:33 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 20:33 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 20:33 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 20:33 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-15 05:45 . 2012-06-15 05:45 -------- d-----w- c:\users\Carson\AppData\Local\Oblivion
2012-06-13 22:51 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 22:51 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 22:51 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 22:51 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 22:51 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 22:51 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 22:51 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 22:51 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-12 04:04 . 2012-06-12 04:06 -------- d-----w- C:\Minecraft_Backup
2012-06-04 00:38 . 2012-06-04 19:12 -------- d-----w- c:\users\Carson\AppData\Roaming\.techniclauncher
2012-06-02 02:21 . 2012-06-02 02:21 40960 ----a-r- c:\users\Carson\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2012-06-02 02:21 . 2012-06-02 02:21 40960 ----a-r- c:\users\Carson\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2012-06-02 02:21 . 2012-06-02 21:46 -------- d-----w- c:\program files (x86)\Project64 1.6
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-26 23:53 . 2011-09-05 14:19 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-20 13:06 . 2012-05-20 13:06 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-04-04 19:56 . 2010-11-05 15:19 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-30 11:35 . 2012-05-08 18:50 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-26 343168]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Core Temp.lnk - c:\program files\Core Temp\Core Temp.exe [2012-5-20 848336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 CLKMSVC10_C6F09094;CyberLink Product - 2010/09/16 01:55;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-06-30 245232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 136176]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 340240]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-03-18 7680512]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-01-11 232992]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-05 346144]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-05 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-09 203264]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-31 1166848]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-06-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-30 27192]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-23 2192176]
S3 ALSysIO;ALSysIO;c:\users\Carson\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-09 7767552]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-09 279040]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-06-25 32880]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-05-01 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-07-28 10610400]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-08-03 8604672]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-04-16 39832]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
*Deregistered* - CLKMDRV10_C6F09094
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 17:40]
.
2012-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 17:40]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-949637273-4050807006-2386870474-1001Core.job
- c:\users\Carson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-18 17:40]
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-949637273-4050807006-2386870474-1001UA.job
- c:\users\Carson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-18 17:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120]
"scapi"="c:\windows\System32\rundll32.exe" [2009-07-14 45568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.youtube.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{82AA4990-D44A-4373-9406-D5287BD44793}: NameServer = 68.87.68.166,68.87.74.166
TCP: Interfaces\{A65BDD01-2AE3-43FE-8030-0FB349D98409}: NameServer = 0.0.0.0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-rcuts - c:\users\Carson\AppData\Roaming\rcuts.dll
HKLM-Run-combofix - c:\combofix\CF15172.3XE
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-949637273-4050807006-2386870474-1001\Software\SecuROM\License information*]
"datasecu"=hex:45,12,fa,c8,04,6b,ce,44,ea,98,a2,5e,90,81,5c,be,8a,8c,91,4c,39,
61,50,3e,b1,21,af,83,9a,df,93,61,2d,da,9a,d0,36,60,2b,66,ce,2c,57,d2,c7,55,\
"rkeysecu"=hex:09,a3,06,f9,bd,c4,28,46,ff,cb,ef,99,4d,4a,78,2a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\DigitalPersona\Bin\DPAgent.exe
c:\program files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2012-06-27 14:54:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-27 18:54
.
Pre-Run: 70,877,945,856 bytes free
Post-Run: 70,744,875,008 bytes free
.
- - End Of File - - 7C313ED41AD96C8F42A35AEAB30B8588


aswMBR log POST clean up

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-27 14:13:34
-----------------------------
14:13:34.672 OS Version: Windows x64 6.1.7601 Service Pack 1
14:13:34.672 Number of processors: 4 586 0x2505
14:13:34.672 ComputerName: CARSON UserName: Carson
14:13:35.717 Initialize success
14:15:55.768 AVAST engine defs: 12062700
14:16:00.323 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:16:00.323 Disk 0 Vendor: Hitachi_ PC3O Size: 305245MB BusType: 3
14:16:00.323 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
14:16:00.339 Disk 1 Vendor: Hitachi_ PC3O Size: 305245MB BusType: 3
14:16:00.355 Disk 0 MBR read successfully
14:16:00.355 Disk 0 MBR scan
14:16:00.355 Disk 0 unknown MBR code
14:16:00.370 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
14:16:00.386 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 283427 MB offset 409600
14:16:00.417 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 21514 MB offset 580868096
14:16:00.433 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
14:16:00.464 Disk 0 scanning C:\Windows\system32\drivers
14:16:11.602 Service scanning
14:16:46.419 Modules scanning
14:16:46.434 Disk 0 trace - called modules:
14:16:46.466 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
14:16:46.466 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008946060]
14:16:46.481 3 CLASSPNP.SYS[fffff88001d8143f] -> nt!IofCallDriver -> [0xfffffa8006a4e960]
14:16:46.497 5 hpdskflt.sys[fffff88001d28189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80068b6050]
14:16:48.572 AVAST engine scan C:\Windows
14:16:51.255 AVAST engine scan C:\Windows\system32
14:20:23.855 AVAST engine scan C:\Windows\system32\drivers
14:20:36.740 AVAST engine scan C:\Users\Carson
14:27:52.496 AVAST engine scan C:\ProgramData
14:29:17.797 Scan finished successfully
14:29:34.568 Disk 0 MBR has been saved successfully to "C:\Users\Carson\Desktop\MBR.dat"
14:29:34.568 The log file has been saved successfully to "C:\Users\Carson\Desktop\aswMBR.txt"
14:30:30.857 Disk 0 MBR has been saved successfully to "C:\Users\Carson\Desktop\MBR.dat"
14:30:30.857 The log file has been saved successfully to "C:\Users\Carson\Desktop\aswMBR2.txt"

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 27 June 2012 - 02:08 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 02:26 PM

tdssKiller - No Issues - Log file

15:23:34.0125 4928 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
15:23:34.0500 4928 ============================================================
15:23:34.0500 4928 Current date / time: 2012/06/27 15:23:34.0500
15:23:34.0500 4928 SystemInfo:
15:23:34.0500 4928
15:23:34.0500 4928 OS Version: 6.1.7601 ServicePack: 1.0
15:23:34.0500 4928 Product type: Workstation
15:23:34.0500 4928 ComputerName: CARSON
15:23:34.0500 4928 UserName: Carson
15:23:34.0500 4928 Windows directory: C:\Windows
15:23:34.0500 4928 System windows directory: C:\Windows
15:23:34.0500 4928 Running under WOW64
15:23:34.0500 4928 Processor architecture: Intel x64
15:23:34.0500 4928 Number of processors: 4
15:23:34.0500 4928 Page size: 0x1000
15:23:34.0500 4928 Boot type: Normal boot
15:23:34.0500 4928 ============================================================
15:23:37.0776 4928 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:37.0776 4928 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:38.0025 4928 ============================================================
15:23:38.0025 4928 \Device\Harddisk0\DR0:
15:23:38.0025 4928 MBR partitions:
15:23:38.0025 4928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:23:38.0025 4928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22991800
15:23:38.0025 4928 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x229F5800, BlocksNum 0x2A05000
15:23:38.0025 4928 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
15:23:38.0025 4928 \Device\Harddisk1\DR1:
15:23:38.0025 4928 MBR partitions:
15:23:38.0025 4928 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
15:23:38.0025 4928 ============================================================
15:23:38.0041 4928 C: <-> \Device\Harddisk0\DR0\Partition1
15:23:38.0088 4928 D: <-> \Device\Harddisk1\DR1\Partition0
15:23:38.0134 4928 E: <-> \Device\Harddisk0\DR0\Partition2
15:23:38.0134 4928 ============================================================
15:23:38.0134 4928 Initialize success
15:23:38.0134 4928 ============================================================
15:23:50.0958 2384 ============================================================
15:23:50.0958 2384 Scan started
15:23:50.0958 2384 Mode: Manual; TDLFS;
15:23:50.0958 2384 ============================================================
15:23:51.0675 2384 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:23:51.0675 2384 !SASCORE - ok
15:23:52.0237 2384 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:23:52.0237 2384 1394ohci - ok
15:23:52.0284 2384 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
15:23:52.0284 2384 Accelerometer - ok
15:23:52.0393 2384 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:23:52.0393 2384 ACPI - ok
15:23:52.0455 2384 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:23:52.0455 2384 AcpiPmi - ok
15:23:52.0564 2384 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:23:52.0564 2384 AdobeARMservice - ok
15:23:52.0642 2384 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:23:52.0642 2384 adp94xx - ok
15:23:52.0705 2384 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:23:52.0705 2384 adpahci - ok
15:23:52.0752 2384 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:23:52.0752 2384 adpu320 - ok
15:23:52.0830 2384 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:23:52.0830 2384 AeLookupSvc - ok
15:23:52.0923 2384 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:23:53.0001 2384 AESTFilters - ok
15:23:53.0079 2384 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:23:53.0095 2384 AFD - ok
15:23:53.0173 2384 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:23:53.0173 2384 agp440 - ok
15:23:53.0235 2384 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:23:53.0235 2384 ALG - ok
15:23:53.0298 2384 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:23:53.0298 2384 aliide - ok
15:23:53.0734 2384 ALSysIO - ok
15:23:53.0812 2384 AMD External Events Utility (48619a29f9c9c3cfeb66718dd03d8057) C:\Windows\system32\atiesrxx.exe
15:23:53.0812 2384 AMD External Events Utility - ok
15:23:53.0828 2384 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:23:53.0828 2384 amdide - ok
15:23:53.0890 2384 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:23:53.0890 2384 AmdK8 - ok
15:23:54.0358 2384 amdkmdag (06bf0785de714637eba9bb1084b28626) C:\Windows\system32\DRIVERS\atikmdag.sys
15:23:54.0436 2384 amdkmdag - ok
15:23:54.0764 2384 amdkmdap (2dec3274589ff6889ab05adceeb0f642) C:\Windows\system32\DRIVERS\atikmpag.sys
15:23:54.0764 2384 amdkmdap - ok
15:23:54.0826 2384 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:23:54.0826 2384 AmdPPM - ok
15:23:54.0889 2384 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:23:54.0889 2384 amdsata - ok
15:23:54.0936 2384 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:23:54.0936 2384 amdsbs - ok
15:23:54.0951 2384 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:23:54.0951 2384 amdxata - ok
15:23:55.0029 2384 AMPPAL (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys
15:23:55.0029 2384 AMPPAL - ok
15:23:55.0045 2384 AMPPALP (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys
15:23:55.0045 2384 AMPPALP - ok
15:23:55.0201 2384 AMPPALR3 (576134e43169810b560f0bb6fdee13f5) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:23:55.0216 2384 AMPPALR3 - ok
15:23:55.0591 2384 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:23:55.0591 2384 AppID - ok
15:23:55.0653 2384 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:23:55.0653 2384 AppIDSvc - ok
15:23:55.0716 2384 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:23:55.0716 2384 Appinfo - ok
15:23:55.0825 2384 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:23:55.0825 2384 Apple Mobile Device - ok
15:23:55.0903 2384 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:23:55.0903 2384 arc - ok
15:23:55.0934 2384 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:23:55.0934 2384 arcsas - ok
15:23:56.0074 2384 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:23:56.0074 2384 aspnet_state - ok
15:23:56.0121 2384 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:23:56.0121 2384 AsyncMac - ok
15:23:56.0184 2384 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:23:56.0184 2384 atapi - ok
15:23:56.0262 2384 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
15:23:56.0262 2384 AtiHdmiService - ok
15:23:56.0355 2384 atksgt (1fd0fa6618b31fad14385740d0f6c333) C:\Windows\system32\DRIVERS\atksgt.sys
15:23:56.0371 2384 atksgt - ok
15:23:56.0464 2384 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:23:56.0464 2384 AudioEndpointBuilder - ok
15:23:56.0480 2384 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:23:56.0480 2384 AudioSrv - ok
15:23:56.0542 2384 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:23:56.0542 2384 AxInstSV - ok
15:23:56.0636 2384 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:23:56.0636 2384 b06bdrv - ok
15:23:56.0683 2384 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:23:56.0698 2384 b57nd60a - ok
15:23:56.0730 2384 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:23:56.0730 2384 BDESVC - ok
15:23:56.0776 2384 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:23:56.0776 2384 Beep - ok
15:23:56.0870 2384 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:23:56.0870 2384 BFE - ok
15:23:57.0010 2384 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:23:57.0010 2384 BITS - ok
15:23:57.0104 2384 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:23:57.0120 2384 blbdrive - ok
15:23:57.0213 2384 Bonjour Service (673cf4f6bb1fbe09331b526802fbb892) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
15:23:57.0213 2384 Bonjour Service - ok
15:23:57.0291 2384 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:23:57.0291 2384 bowser - ok
15:23:57.0338 2384 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:23:57.0338 2384 BrFiltLo - ok
15:23:57.0369 2384 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:23:57.0369 2384 BrFiltUp - ok
15:23:57.0432 2384 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:23:57.0432 2384 BridgeMP - ok
15:23:57.0494 2384 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:23:57.0494 2384 Browser - ok
15:23:57.0541 2384 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:23:57.0541 2384 Brserid - ok
15:23:57.0556 2384 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:23:57.0572 2384 BrSerWdm - ok
15:23:57.0588 2384 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:23:57.0588 2384 BrUsbMdm - ok
15:23:57.0603 2384 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:23:57.0603 2384 BrUsbSer - ok
15:23:57.0619 2384 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:23:57.0619 2384 BTHMODEM - ok
15:23:57.0681 2384 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:23:57.0681 2384 bthserv - ok
15:23:57.0790 2384 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:23:57.0790 2384 BTHSSecurityMgr - ok
15:23:57.0837 2384 catchme - ok
15:23:57.0868 2384 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:23:57.0868 2384 cdfs - ok
15:23:57.0900 2384 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:23:57.0900 2384 cdrom - ok
15:23:57.0978 2384 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:23:57.0978 2384 CertPropSvc - ok
15:23:58.0071 2384 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
15:23:58.0087 2384 CinemaNow Service - ok
15:23:58.0134 2384 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:23:58.0134 2384 circlass - ok
15:23:58.0196 2384 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:23:58.0196 2384 CLFS - ok
15:23:58.0290 2384 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
15:23:58.0305 2384 CLKMSVC10_C6F09094 - ok
15:23:58.0368 2384 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:23:58.0368 2384 clr_optimization_v2.0.50727_32 - ok
15:23:58.0414 2384 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:23:58.0414 2384 clr_optimization_v2.0.50727_64 - ok
15:23:58.0508 2384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:23:58.0524 2384 clr_optimization_v4.0.30319_32 - ok
15:23:58.0539 2384 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:23:58.0539 2384 clr_optimization_v4.0.30319_64 - ok
15:23:58.0882 2384 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
15:23:58.0882 2384 clwvd - ok
15:23:58.0929 2384 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:23:58.0929 2384 CmBatt - ok
15:23:58.0945 2384 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:23:58.0945 2384 cmdide - ok
15:23:59.0023 2384 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:23:59.0023 2384 CNG - ok
15:23:59.0085 2384 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:23:59.0085 2384 Compbatt - ok
15:23:59.0148 2384 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:23:59.0148 2384 CompositeBus - ok
15:23:59.0163 2384 COMSysApp - ok
15:23:59.0194 2384 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:23:59.0194 2384 crcdisk - ok
15:23:59.0257 2384 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:23:59.0257 2384 CryptSvc - ok
15:23:59.0319 2384 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:23:59.0335 2384 DcomLaunch - ok
15:23:59.0366 2384 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:23:59.0366 2384 defragsvc - ok
15:23:59.0413 2384 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:23:59.0428 2384 DfsC - ok
15:23:59.0491 2384 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:23:59.0491 2384 Dhcp - ok
15:23:59.0538 2384 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:23:59.0538 2384 discache - ok
15:23:59.0600 2384 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:23:59.0600 2384 Disk - ok
15:23:59.0631 2384 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:23:59.0631 2384 Dnscache - ok
15:23:59.0694 2384 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:23:59.0694 2384 dot3svc - ok
15:23:59.0803 2384 DpHost (3e6b2753a09d46958f5d0df8e1b650ca) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
15:23:59.0803 2384 DpHost - ok
15:23:59.0865 2384 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:23:59.0865 2384 DPS - ok
15:23:59.0912 2384 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:23:59.0912 2384 drmkaud - ok
15:23:59.0990 2384 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:24:00.0006 2384 DXGKrnl - ok
15:24:00.0037 2384 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:24:00.0037 2384 EapHost - ok
15:24:00.0240 2384 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:24:00.0286 2384 ebdrv - ok
15:24:00.0598 2384 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:24:00.0598 2384 EFS - ok
15:24:00.0723 2384 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:24:00.0786 2384 ehRecvr - ok
15:24:00.0801 2384 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:24:00.0848 2384 ehSched - ok
15:24:00.0942 2384 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:24:00.0942 2384 elxstor - ok
15:24:00.0973 2384 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:24:00.0973 2384 ErrDev - ok
15:24:01.0051 2384 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:24:01.0051 2384 EventSystem - ok
15:24:01.0207 2384 EvtEng (e3a96d5ae6e5c7b5472011ba77353368) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:24:01.0222 2384 EvtEng - ok
15:24:01.0566 2384 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:24:01.0566 2384 exfat - ok
15:24:01.0581 2384 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:24:01.0597 2384 fastfat - ok
15:24:01.0690 2384 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:24:01.0690 2384 Fax - ok
15:24:01.0737 2384 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:24:01.0737 2384 fdc - ok
15:24:01.0784 2384 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:24:01.0784 2384 fdPHost - ok
15:24:01.0800 2384 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:24:01.0800 2384 FDResPub - ok
15:24:01.0862 2384 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:24:01.0862 2384 FileInfo - ok
15:24:01.0878 2384 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:24:01.0878 2384 Filetrace - ok
15:24:01.0878 2384 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:24:01.0878 2384 flpydisk - ok
15:24:01.0940 2384 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:24:01.0956 2384 FltMgr - ok
15:24:02.0065 2384 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:24:02.0080 2384 FontCache - ok
15:24:02.0158 2384 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:24:02.0158 2384 FontCache3.0.0.0 - ok
15:24:02.0190 2384 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:24:02.0190 2384 FsDepends - ok
15:24:02.0236 2384 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:24:02.0236 2384 Fs_Rec - ok
15:24:02.0314 2384 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:24:02.0314 2384 fvevol - ok
15:24:02.0361 2384 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:24:02.0361 2384 gagp30kx - ok
15:24:02.0408 2384 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:24:02.0408 2384 GEARAspiWDM - ok
15:24:02.0486 2384 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:24:02.0502 2384 gpsvc - ok
15:24:02.0642 2384 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:24:02.0642 2384 gupdate - ok
15:24:02.0689 2384 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:24:02.0689 2384 gupdatem - ok
15:24:02.0736 2384 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
15:24:02.0736 2384 hamachi - ok
15:24:03.0001 2384 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:24:03.0016 2384 Hamachi2Svc - ok
15:24:03.0344 2384 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:24:03.0344 2384 hcw85cir - ok
15:24:03.0422 2384 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:24:03.0438 2384 HdAudAddService - ok
15:24:03.0500 2384 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:24:03.0500 2384 HDAudBus - ok
15:24:03.0562 2384 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:24:03.0562 2384 HECIx64 - ok
15:24:03.0578 2384 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:24:03.0578 2384 HidBatt - ok
15:24:03.0594 2384 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:24:03.0594 2384 HidBth - ok
15:24:03.0640 2384 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:24:03.0640 2384 HidIr - ok
15:24:03.0656 2384 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:24:03.0672 2384 hidserv - ok
15:24:03.0703 2384 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:24:03.0703 2384 HidUsb - ok
15:24:03.0765 2384 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:24:03.0765 2384 hkmsvc - ok
15:24:03.0828 2384 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:24:03.0828 2384 HomeGroupListener - ok
15:24:03.0874 2384 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:24:03.0890 2384 HomeGroupProvider - ok
15:24:03.0968 2384 HP Health Check Service - ok
15:24:04.0062 2384 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
15:24:04.0062 2384 HP Wireless Assistant Service - ok
15:24:04.0124 2384 HPDrvMntSvc.exe (881f74074963cdad8c475d09dc3a0bb6) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:24:04.0124 2384 HPDrvMntSvc.exe - ok
15:24:04.0155 2384 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
15:24:04.0155 2384 hpdskflt - ok
15:24:04.0202 2384 hpqwmiex (fe51b163a618b1cbf015485d21c1bc68) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:24:04.0218 2384 hpqwmiex - ok
15:24:04.0280 2384 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:24:04.0280 2384 HpSAMD - ok
15:24:04.0343 2384 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
15:24:04.0343 2384 hpsrv - ok
15:24:04.0405 2384 HPWMISVC (5aa89e152634954e15e9db265c6a8557) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
15:24:04.0405 2384 HPWMISVC - ok
15:24:04.0499 2384 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:24:04.0514 2384 HTTP - ok
15:24:04.0545 2384 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:24:04.0545 2384 hwpolicy - ok
15:24:04.0608 2384 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:24:04.0623 2384 i8042prt - ok
15:24:04.0670 2384 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
15:24:04.0670 2384 iaStor - ok
15:24:04.0748 2384 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:24:04.0748 2384 iaStorV - ok
15:24:04.0873 2384 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:24:04.0889 2384 idsvc - ok
15:24:05.0965 2384 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:24:06.0152 2384 igfx - ok
15:24:06.0511 2384 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:24:06.0511 2384 iirsp - ok
15:24:06.0605 2384 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:24:06.0620 2384 IKEEXT - ok
15:24:06.0683 2384 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
15:24:06.0683 2384 Impcd - ok
15:24:06.0745 2384 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:24:06.0745 2384 intelide - ok
15:24:07.0478 2384 intelkmd (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdpmd64.sys
15:24:07.0572 2384 intelkmd - ok
15:24:07.0931 2384 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:24:07.0931 2384 intelppm - ok
15:24:07.0993 2384 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:24:07.0993 2384 IPBusEnum - ok
15:24:08.0040 2384 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:24:08.0040 2384 IpFilterDriver - ok
15:24:08.0133 2384 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:24:08.0133 2384 iphlpsvc - ok
15:24:08.0165 2384 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:24:08.0165 2384 IPMIDRV - ok
15:24:08.0227 2384 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:24:08.0227 2384 IPNAT - ok
15:24:08.0352 2384 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe
15:24:08.0352 2384 iPod Service - ok
15:24:08.0399 2384 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:24:08.0399 2384 IRENUM - ok
15:24:08.0430 2384 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:24:08.0430 2384 isapnp - ok
15:24:08.0461 2384 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:24:08.0461 2384 iScsiPrt - ok
15:24:08.0508 2384 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:24:08.0508 2384 kbdclass - ok
15:24:08.0555 2384 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:24:08.0570 2384 kbdhid - ok
15:24:08.0617 2384 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:08.0617 2384 KeyIso - ok
15:24:08.0633 2384 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:24:08.0633 2384 KSecDD - ok
15:24:08.0664 2384 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:24:08.0664 2384 KSecPkg - ok
15:24:08.0664 2384 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:24:08.0679 2384 ksthunk - ok
15:24:08.0742 2384 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:24:08.0742 2384 KtmRm - ok
15:24:08.0804 2384 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:24:08.0804 2384 LanmanServer - ok
15:24:08.0851 2384 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:24:08.0851 2384 LanmanWorkstation - ok
15:24:08.0945 2384 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
15:24:08.0960 2384 lirsgt - ok
15:24:09.0023 2384 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:24:09.0023 2384 lltdio - ok
15:24:09.0085 2384 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:24:09.0085 2384 lltdsvc - ok
15:24:09.0116 2384 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:24:09.0132 2384 lmhosts - ok
15:24:09.0257 2384 LMS (6d515466ab8bfe61184092b635ae6eb4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:24:09.0257 2384 LMS - ok
15:24:09.0303 2384 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:24:09.0319 2384 LSI_FC - ok
15:24:09.0335 2384 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:24:09.0335 2384 LSI_SAS - ok
15:24:09.0350 2384 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:24:09.0350 2384 LSI_SAS2 - ok
15:24:09.0381 2384 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:24:09.0381 2384 LSI_SCSI - ok
15:24:09.0397 2384 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:24:09.0397 2384 luafv - ok
15:24:09.0444 2384 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:24:09.0444 2384 Mcx2Svc - ok
15:24:09.0475 2384 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:24:09.0475 2384 megasas - ok
15:24:09.0506 2384 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:24:09.0506 2384 MegaSR - ok
15:24:09.0537 2384 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:24:09.0537 2384 MMCSS - ok
15:24:09.0553 2384 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:24:09.0553 2384 Modem - ok
15:24:09.0569 2384 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:24:09.0569 2384 monitor - ok
15:24:09.0615 2384 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:24:09.0615 2384 mouclass - ok
15:24:09.0678 2384 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:24:09.0678 2384 mouhid - ok
15:24:09.0725 2384 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:24:09.0725 2384 mountmgr - ok
15:24:09.0803 2384 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:24:09.0803 2384 MpFilter - ok
15:24:09.0834 2384 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:24:09.0834 2384 mpio - ok
15:24:09.0849 2384 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:24:09.0865 2384 mpsdrv - ok
15:24:09.0974 2384 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:24:09.0974 2384 MpsSvc - ok
15:24:10.0021 2384 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:24:10.0021 2384 MRxDAV - ok
15:24:10.0052 2384 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:10.0052 2384 mrxsmb - ok
15:24:10.0115 2384 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:10.0115 2384 mrxsmb10 - ok
15:24:10.0146 2384 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:10.0146 2384 mrxsmb20 - ok
15:24:10.0161 2384 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:24:10.0161 2384 msahci - ok
15:24:10.0193 2384 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:24:10.0193 2384 msdsm - ok
15:24:10.0239 2384 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:24:10.0239 2384 MSDTC - ok
15:24:10.0255 2384 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:24:10.0271 2384 Msfs - ok
15:24:10.0286 2384 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:24:10.0286 2384 mshidkmdf - ok
15:24:10.0286 2384 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:24:10.0302 2384 msisadrv - ok
15:24:10.0333 2384 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:24:10.0333 2384 MSiSCSI - ok
15:24:10.0333 2384 msiserver - ok
15:24:10.0380 2384 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:24:10.0380 2384 MSKSSRV - ok
15:24:10.0489 2384 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:24:10.0489 2384 MsMpSvc - ok
15:24:10.0505 2384 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:10.0505 2384 MSPCLOCK - ok
15:24:10.0536 2384 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:24:10.0536 2384 MSPQM - ok
15:24:10.0583 2384 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:24:10.0598 2384 MsRPC - ok
15:24:10.0614 2384 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:24:10.0614 2384 mssmbios - ok
15:24:10.0629 2384 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:24:10.0629 2384 MSTEE - ok
15:24:10.0645 2384 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:24:10.0645 2384 MTConfig - ok
15:24:10.0661 2384 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:24:10.0661 2384 Mup - ok
15:24:10.0754 2384 MyWiFiDHCPDNS (8f57db74bf5407a4cda6c8b005dc8dd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:24:10.0754 2384 MyWiFiDHCPDNS - ok
15:24:10.0817 2384 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:24:10.0832 2384 napagent - ok
15:24:10.0910 2384 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:24:10.0910 2384 NativeWifiP - ok
15:24:11.0035 2384 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:24:11.0051 2384 NDIS - ok
15:24:11.0082 2384 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:24:11.0082 2384 NdisCap - ok
15:24:11.0113 2384 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:11.0113 2384 NdisTapi - ok
15:24:11.0160 2384 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:11.0175 2384 Ndisuio - ok
15:24:11.0207 2384 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:11.0222 2384 NdisWan - ok
15:24:11.0238 2384 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:24:11.0238 2384 NDProxy - ok
15:24:11.0269 2384 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:24:11.0269 2384 NetBIOS - ok
15:24:11.0285 2384 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:24:11.0285 2384 NetBT - ok
15:24:11.0316 2384 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:11.0316 2384 Netlogon - ok
15:24:11.0363 2384 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:24:11.0378 2384 Netman - ok
15:24:11.0487 2384 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:11.0487 2384 NetMsmqActivator - ok
15:24:11.0534 2384 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:11.0534 2384 NetPipeActivator - ok
15:24:11.0581 2384 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:24:11.0581 2384 netprofm - ok
15:24:11.0597 2384 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:11.0597 2384 NetTcpActivator - ok
15:24:11.0597 2384 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:11.0597 2384 NetTcpPortSharing - ok
15:24:12.0111 2384 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
15:24:12.0205 2384 NETw5s64 - ok
15:24:12.0860 2384 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
15:24:12.0938 2384 netw5v64 - ok
15:24:13.0843 2384 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
15:24:13.0921 2384 NETwNs64 - ok
15:24:14.0295 2384 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:24:14.0295 2384 nfrd960 - ok
15:24:14.0358 2384 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:24:14.0358 2384 NisDrv - ok
15:24:14.0467 2384 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:24:14.0483 2384 NisSrv - ok
15:24:14.0545 2384 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:24:14.0545 2384 NlaSvc - ok
15:24:14.0576 2384 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:24:14.0576 2384 Npfs - ok
15:24:14.0623 2384 npggsvc - ok
15:24:14.0654 2384 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:24:14.0670 2384 nsi - ok
15:24:14.0670 2384 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:24:14.0670 2384 nsiproxy - ok
15:24:14.0795 2384 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:24:14.0810 2384 Ntfs - ok
15:24:15.0153 2384 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:24:15.0153 2384 Null - ok
15:24:15.0216 2384 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:24:15.0216 2384 nvraid - ok
15:24:15.0247 2384 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:24:15.0247 2384 nvstor - ok
15:24:15.0309 2384 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:24:15.0309 2384 nv_agp - ok
15:24:15.0387 2384 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:24:15.0387 2384 ohci1394 - ok
15:24:15.0497 2384 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:24:15.0512 2384 ose - ok
15:24:15.0543 2384 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:24:15.0559 2384 p2pimsvc - ok
15:24:15.0590 2384 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:24:15.0590 2384 p2psvc - ok
15:24:15.0621 2384 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:24:15.0621 2384 Parport - ok
15:24:15.0668 2384 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:24:15.0668 2384 partmgr - ok
15:24:15.0684 2384 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:24:15.0684 2384 PcaSvc - ok
15:24:15.0731 2384 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:24:15.0731 2384 pci - ok
15:24:15.0777 2384 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:24:15.0777 2384 pciide - ok
15:24:15.0809 2384 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:24:15.0809 2384 pcmcia - ok
15:24:15.0840 2384 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:24:15.0840 2384 pcw - ok
15:24:15.0887 2384 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:24:15.0902 2384 PEAUTH - ok
15:24:15.0965 2384 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:24:15.0965 2384 PerfHost - ok
15:24:16.0355 2384 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:24:16.0370 2384 pla - ok
15:24:16.0760 2384 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:24:16.0776 2384 PlugPlay - ok
15:24:16.0807 2384 PnkBstrA - ok
15:24:16.0854 2384 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:24:16.0854 2384 PNRPAutoReg - ok
15:24:16.0901 2384 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:24:16.0901 2384 PNRPsvc - ok
15:24:16.0979 2384 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:24:16.0994 2384 PolicyAgent - ok
15:24:17.0041 2384 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:24:17.0057 2384 Power - ok
15:24:17.0181 2384 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:24:17.0181 2384 PptpMiniport - ok
15:24:17.0197 2384 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:24:17.0213 2384 Processor - ok
15:24:17.0259 2384 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:24:17.0259 2384 ProfSvc - ok
15:24:17.0291 2384 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:17.0291 2384 ProtectedStorage - ok
15:24:17.0353 2384 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:24:17.0353 2384 Psched - ok
15:24:17.0493 2384 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:24:17.0525 2384 ql2300 - ok
15:24:17.0852 2384 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:24:17.0852 2384 ql40xx - ok
15:24:17.0883 2384 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:24:17.0899 2384 QWAVE - ok
15:24:17.0915 2384 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:24:17.0915 2384 QWAVEdrv - ok
15:24:17.0915 2384 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:24:17.0930 2384 RasAcd - ok
15:24:17.0977 2384 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:24:17.0977 2384 RasAgileVpn - ok
15:24:17.0993 2384 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:24:17.0993 2384 RasAuto - ok
15:24:18.0039 2384 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:24:18.0039 2384 Rasl2tp - ok
15:24:18.0102 2384 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:24:18.0102 2384 RasMan - ok
15:24:18.0117 2384 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:24:18.0117 2384 RasPppoe - ok
15:24:18.0133 2384 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:24:18.0133 2384 RasSstp - ok
15:24:18.0195 2384 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:24:18.0195 2384 rdbss - ok
15:24:18.0211 2384 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:24:18.0211 2384 rdpbus - ok
15:24:18.0258 2384 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:24:18.0258 2384 RDPCDD - ok
15:24:18.0273 2384 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:24:18.0273 2384 RDPENCDD - ok
15:24:18.0289 2384 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:24:18.0289 2384 RDPREFMP - ok
15:24:18.0336 2384 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:24:18.0336 2384 RDPWD - ok
15:24:18.0414 2384 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:24:18.0414 2384 rdyboost - ok
15:24:18.0539 2384 RegSrvc (fd11c1287d38a46fb72353e14d50089c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:24:18.0539 2384 RegSrvc - ok
15:24:18.0601 2384 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:24:18.0601 2384 RemoteAccess - ok
15:24:18.0617 2384 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:24:18.0632 2384 RemoteRegistry - ok
15:24:18.0710 2384 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
15:24:18.0726 2384 Revoflt - ok
15:24:18.0741 2384 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:24:18.0757 2384 RpcEptMapper - ok
15:24:18.0773 2384 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:24:18.0773 2384 RpcLocator - ok
15:24:18.0835 2384 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:24:18.0851 2384 RpcSs - ok
15:24:18.0929 2384 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:24:18.0929 2384 rspndr - ok
15:24:19.0007 2384 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
15:24:19.0007 2384 RSUSBSTOR - ok
15:24:19.0085 2384 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:24:19.0085 2384 RTL8167 - ok
15:24:19.0147 2384 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:19.0147 2384 SamSs - ok
15:24:19.0287 2384 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:24:19.0287 2384 SASDIFSV - ok
15:24:19.0334 2384 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:24:19.0334 2384 SASKUTIL - ok
15:24:19.0365 2384 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:24:19.0365 2384 sbp2port - ok
15:24:19.0397 2384 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:24:19.0397 2384 SCardSvr - ok
15:24:19.0475 2384 SCDEmu (d3022dba20029f1899b555298a5e95a3) C:\Windows\system32\drivers\SCDEmu.sys
15:24:19.0490 2384 SCDEmu - ok
15:24:19.0537 2384 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:24:19.0537 2384 scfilter - ok
15:24:19.0646 2384 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:24:19.0662 2384 Schedule - ok
15:24:19.0709 2384 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:24:19.0709 2384 SCPolicySvc - ok
15:24:19.0755 2384 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
15:24:19.0771 2384 sdbus - ok
15:24:19.0802 2384 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:24:19.0802 2384 SDRSVC - ok
15:24:19.0833 2384 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:24:19.0833 2384 secdrv - ok
15:24:19.0849 2384 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:24:19.0865 2384 seclogon - ok
15:24:19.0880 2384 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:24:19.0880 2384 SENS - ok
15:24:19.0927 2384 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:24:19.0927 2384 SensrSvc - ok
15:24:19.0974 2384 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:24:19.0974 2384 Serenum - ok
15:24:19.0989 2384 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:24:19.0989 2384 Serial - ok
15:24:20.0052 2384 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:24:20.0052 2384 sermouse - ok
15:24:20.0099 2384 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:24:20.0114 2384 SessionEnv - ok
15:24:20.0130 2384 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:24:20.0130 2384 sffdisk - ok
15:24:20.0161 2384 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:24:20.0161 2384 sffp_mmc - ok
15:24:20.0177 2384 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:24:20.0177 2384 sffp_sd - ok
15:24:20.0192 2384 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:20.0192 2384 sfloppy - ok
15:24:20.0270 2384 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:24:20.0286 2384 SharedAccess - ok
15:24:20.0317 2384 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:24:20.0317 2384 ShellHWDetection - ok
15:24:20.0379 2384 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:20.0379 2384 SiSRaid2 - ok
15:24:20.0395 2384 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:20.0395 2384 SiSRaid4 - ok
15:24:20.0520 2384 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
15:24:20.0520 2384 SkypeUpdate - ok
15:24:20.0535 2384 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:24:20.0535 2384 Smb - ok
15:24:20.0598 2384 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:24:20.0598 2384 SNMPTRAP - ok
15:24:20.0613 2384 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:24:20.0629 2384 spldr - ok
15:24:20.0691 2384 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:24:20.0707 2384 Spooler - ok
15:24:21.0003 2384 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:24:21.0050 2384 sppsvc - ok
15:24:21.0347 2384 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:24:21.0362 2384 sppuinotify - ok
15:24:21.0425 2384 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:24:21.0440 2384 srv - ok
15:24:21.0471 2384 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:24:21.0471 2384 srv2 - ok
15:24:21.0549 2384 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:24:21.0549 2384 SrvHsfHDA - ok
15:24:21.0659 2384 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:24:21.0674 2384 SrvHsfV92 - ok
15:24:22.0064 2384 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:24:22.0064 2384 SrvHsfWinac - ok
15:24:22.0111 2384 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:24:22.0111 2384 srvnet - ok
15:24:22.0173 2384 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:24:22.0173 2384 SSDPSRV - ok
15:24:22.0189 2384 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:24:22.0189 2384 SstpSvc - ok
15:24:22.0283 2384 STacSV (463e33b1ea7af1e6eb87b66b831db41a) C:\Program Files\IDT\WDM\STacSV64.exe
15:24:22.0345 2384 STacSV - ok
15:24:22.0407 2384 Steam Client Service - ok
15:24:22.0439 2384 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:24:22.0439 2384 stexstor - ok
15:24:22.0517 2384 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
15:24:22.0517 2384 STHDA - ok
15:24:22.0610 2384 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:24:22.0610 2384 stisvc - ok
15:24:22.0641 2384 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:24:22.0641 2384 swenum - ok
15:24:22.0688 2384 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:24:22.0688 2384 swprv - ok
15:24:22.0829 2384 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
15:24:22.0844 2384 SynTP - ok
15:24:23.0343 2384 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:24:23.0359 2384 SysMain - ok
15:24:23.0702 2384 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:24:23.0702 2384 TabletInputService - ok
15:24:23.0780 2384 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:24:23.0780 2384 TapiSrv - ok
15:24:23.0811 2384 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:24:23.0811 2384 TBS - ok
15:24:24.0014 2384 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:24:24.0045 2384 Tcpip - ok
15:24:24.0513 2384 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:24:24.0529 2384 TCPIP6 - ok
15:24:24.0872 2384 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:24:24.0872 2384 tcpipreg - ok
15:24:24.0919 2384 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:24:24.0935 2384 TDPIPE - ok
15:24:24.0966 2384 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:24:24.0966 2384 TDTCP - ok
15:24:25.0013 2384 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:24:25.0013 2384 tdx - ok
15:24:25.0075 2384 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:24:25.0075 2384 TermDD - ok
15:24:25.0153 2384 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:24:25.0169 2384 TermService - ok
15:24:25.0184 2384 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:24:25.0200 2384 Themes - ok
15:24:25.0231 2384 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:24:25.0231 2384 THREADORDER - ok
15:24:25.0247 2384 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:24:25.0247 2384 TrkWks - ok
15:24:25.0309 2384 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:24:25.0356 2384 TrustedInstaller - ok
15:24:25.0403 2384 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:25.0403 2384 tssecsrv - ok
15:24:25.0465 2384 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:24:25.0465 2384 TsUsbFlt - ok
15:24:25.0527 2384 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:24:25.0527 2384 tunnel - ok
15:24:25.0559 2384 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:24:25.0559 2384 uagp35 - ok
15:24:25.0621 2384 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:24:25.0621 2384 udfs - ok
15:24:25.0652 2384 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:24:25.0652 2384 UI0Detect - ok
15:24:25.0715 2384 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:24:25.0715 2384 uliagpkx - ok
15:24:25.0777 2384 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:24:25.0777 2384 umbus - ok
15:24:25.0793 2384 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:24:25.0793 2384 UmPass - ok
15:24:26.0058 2384 UNS (0fadd949576a164b4e51e716f46b6c33) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:24:26.0089 2384 UNS - ok
15:24:26.0417 2384 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:24:26.0417 2384 upnphost - ok
15:24:26.0495 2384 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
15:24:26.0495 2384 USBAAPL64 - ok
15:24:26.0573 2384 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:24:26.0573 2384 usbaudio - ok
15:24:26.0635 2384 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:26.0635 2384 usbccgp - ok
15:24:26.0666 2384 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:24:26.0666 2384 usbcir - ok
15:24:26.0713 2384 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:24:26.0713 2384 usbehci - ok
15:24:26.0744 2384 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:24:26.0744 2384 usbhub - ok
15:24:26.0775 2384 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:24:26.0775 2384 usbohci - ok
15:24:26.0807 2384 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:24:26.0807 2384 usbprint - ok
15:24:26.0822 2384 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:26.0822 2384 USBSTOR - ok
15:24:26.0853 2384 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:24:26.0853 2384 usbuhci - ok
15:24:26.0916 2384 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:24:26.0916 2384 usbvideo - ok
15:24:26.0963 2384 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:24:26.0963 2384 UxSms - ok
15:24:27.0009 2384 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:27.0009 2384 VaultSvc - ok
15:24:27.0181 2384 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe
15:24:27.0212 2384 vcsFPService - ok
15:24:27.0571 2384 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:24:27.0571 2384 vdrvroot - ok
15:24:27.0649 2384 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:24:27.0649 2384 vds - ok
15:24:27.0665 2384 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:27.0680 2384 vga - ok
15:24:27.0696 2384 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:24:27.0696 2384 VgaSave - ok
15:24:27.0727 2384 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:24:27.0727 2384 vhdmp - ok
15:24:27.0789 2384 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:24:27.0789 2384 viaide - ok
15:24:27.0805 2384 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:24:27.0805 2384 volmgr - ok
15:24:27.0852 2384 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:24:27.0852 2384 volmgrx - ok
15:24:27.0883 2384 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:24:27.0883 2384 volsnap - ok
15:24:27.0930 2384 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:27.0930 2384 vsmraid - ok
15:24:28.0039 2384 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:24:28.0055 2384 VSS - ok
15:24:28.0398 2384 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:28.0398 2384 vwifibus - ok
15:24:28.0460 2384 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:28.0460 2384 vwififlt - ok
15:24:28.0476 2384 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:24:28.0476 2384 vwifimp - ok
15:24:28.0538 2384 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:24:28.0554 2384 W32Time - ok
15:24:28.0569 2384 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:24:28.0569 2384 WacomPen - ok
15:24:28.0632 2384 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:24:28.0647 2384 WANARP - ok
15:24:28.0647 2384 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:24:28.0647 2384 Wanarpv6 - ok
15:24:28.0757 2384 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:24:28.0757 2384 WatAdminSvc - ok
15:24:28.0975 2384 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:24:29.0006 2384 wbengine - ok
15:24:29.0521 2384 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:24:29.0521 2384 WbioSrvc - ok
15:24:29.0583 2384 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:24:29.0583 2384 wcncsvc - ok
15:24:29.0630 2384 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:24:29.0630 2384 WcsPlugInService - ok
15:24:29.0724 2384 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:24:29.0724 2384 Wd - ok
15:24:29.0817 2384 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:24:29.0817 2384 Wdf01000 - ok
15:24:29.0833 2384 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:24:29.0849 2384 WdiServiceHost - ok
15:24:29.0849 2384 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:24:29.0849 2384 WdiSystemHost - ok
15:24:29.0911 2384 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
15:24:29.0911 2384 wdkmd - ok
15:24:29.0958 2384 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:24:29.0973 2384 WebClient - ok
15:24:29.0989 2384 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:24:29.0989 2384 Wecsvc - ok
15:24:30.0005 2384 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:24:30.0020 2384 wercplsupport - ok
15:24:30.0036 2384 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:24:30.0036 2384 WerSvc - ok
15:24:30.0083 2384 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:30.0083 2384 WfpLwf - ok
15:24:30.0098 2384 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:24:30.0098 2384 WIMMount - ok
15:24:30.0161 2384 WinDefend - ok
15:24:30.0176 2384 WinHttpAutoProxySvc - ok
15:24:30.0239 2384 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:24:30.0270 2384 Winmgmt - ok
15:24:30.0426 2384 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:24:30.0457 2384 WinRM - ok
15:24:30.0816 2384 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
15:24:30.0816 2384 WinUSB - ok
15:24:30.0925 2384 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:24:30.0941 2384 Wlansvc - ok
15:24:31.0253 2384 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:24:31.0268 2384 wlidsvc - ok
15:24:31.0627 2384 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:24:31.0627 2384 WmiAcpi - ok
15:24:31.0705 2384 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:24:31.0736 2384 wmiApSrv - ok
15:24:31.0783 2384 WMPNetworkSvc - ok
15:24:31.0830 2384 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:24:31.0830 2384 WPCSvc - ok
15:24:31.0877 2384 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:24:31.0877 2384 WPDBusEnum - ok
15:24:31.0908 2384 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:24:31.0908 2384 ws2ifsl - ok
15:24:31.0955 2384 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:24:31.0970 2384 wscsvc - ok
15:24:31.0970 2384 WSearch - ok
15:24:32.0142 2384 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:24:32.0173 2384 wuauserv - ok
15:24:32.0516 2384 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:24:32.0516 2384 WudfPf - ok
15:24:32.0579 2384 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:32.0579 2384 WUDFRd - ok
15:24:32.0625 2384 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:24:32.0625 2384 wudfsvc - ok
15:24:32.0657 2384 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:24:32.0672 2384 WwanSvc - ok
15:24:32.0735 2384 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
15:24:32.0750 2384 xusb21 - ok
15:24:32.0813 2384 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:24:32.0828 2384 yukonw7 - ok
15:24:32.0875 2384 MBR (0x1B8) (c9637362ff056720212791091350eb2c) \Device\Harddisk0\DR0
15:24:33.0156 2384 \Device\Harddisk0\DR0 - ok
15:24:35.0901 2384 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:24:35.0964 2384 \Device\Harddisk1\DR1 - ok
15:24:35.0979 2384 Boot (0x1200) (84caeb90f2be7fa66329267434a7a82e) \Device\Harddisk0\DR0\Partition0
15:24:35.0979 2384 \Device\Harddisk0\DR0\Partition0 - ok
15:24:35.0995 2384 Boot (0x1200) (9671e94dd6251453f9841a02e9a51f9b) \Device\Harddisk0\DR0\Partition1
15:24:35.0995 2384 \Device\Harddisk0\DR0\Partition1 - ok
15:24:36.0026 2384 Boot (0x1200) (62e5dba26e4d13843454937342ad9f24) \Device\Harddisk0\DR0\Partition2
15:24:36.0026 2384 \Device\Harddisk0\DR0\Partition2 - ok
15:24:36.0042 2384 Boot (0x1200) (51cbadf8b67265a0971d8b5f6786268a) \Device\Harddisk0\DR0\Partition3
15:24:36.0042 2384 \Device\Harddisk0\DR0\Partition3 - ok
15:24:36.0073 2384 Boot (0x1200) (08a8c8ba57e9c372d3bc8c378ff3026c) \Device\Harddisk1\DR1\Partition0
15:24:36.0073 2384 \Device\Harddisk1\DR1\Partition0 - ok
15:24:36.0073 2384 ============================================================
15:24:36.0073 2384 Scan finished
15:24:36.0073 2384 ============================================================
15:24:36.0089 3496 Detected object count: 0
15:24:36.0089 3496 Actual detected object count: 0
15:24:44.0310 4428 ============================================================
15:24:44.0310 4428 Scan started
15:24:44.0310 4428 Mode: Manual;
15:24:44.0310 4428 ============================================================
15:24:44.0731 4428 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:24:44.0731 4428 !SASCORE - ok
15:24:44.0793 4428 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:24:44.0793 4428 1394ohci - ok
15:24:44.0809 4428 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
15:24:44.0809 4428 Accelerometer - ok
15:24:44.0871 4428 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:24:44.0871 4428 ACPI - ok
15:24:44.0903 4428 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:24:44.0903 4428 AcpiPmi - ok
15:24:44.0981 4428 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:24:44.0981 4428 AdobeARMservice - ok
15:24:45.0043 4428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:24:45.0043 4428 adp94xx - ok
15:24:45.0090 4428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:24:45.0105 4428 adpahci - ok
15:24:45.0152 4428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:24:45.0152 4428 adpu320 - ok
15:24:45.0199 4428 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:24:45.0199 4428 AeLookupSvc - ok
15:24:45.0277 4428 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
15:24:45.0277 4428 AESTFilters - ok
15:24:45.0355 4428 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:24:45.0355 4428 AFD - ok
15:24:45.0402 4428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:24:45.0402 4428 agp440 - ok
15:24:45.0449 4428 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:24:45.0449 4428 ALG - ok
15:24:45.0464 4428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:24:45.0464 4428 aliide - ok
15:24:45.0527 4428 ALSysIO - ok
15:24:45.0573 4428 AMD External Events Utility (48619a29f9c9c3cfeb66718dd03d8057) C:\Windows\system32\atiesrxx.exe
15:24:45.0573 4428 AMD External Events Utility - ok
15:24:45.0589 4428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:24:45.0589 4428 amdide - ok
15:24:45.0620 4428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:24:45.0620 4428 AmdK8 - ok
15:24:46.0057 4428 amdkmdag (06bf0785de714637eba9bb1084b28626) C:\Windows\system32\DRIVERS\atikmdag.sys
15:24:46.0135 4428 amdkmdag - ok
15:24:46.0463 4428 amdkmdap (2dec3274589ff6889ab05adceeb0f642) C:\Windows\system32\DRIVERS\atikmpag.sys
15:24:46.0463 4428 amdkmdap - ok
15:24:46.0494 4428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:24:46.0494 4428 AmdPPM - ok
15:24:46.0525 4428 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:24:46.0525 4428 amdsata - ok
15:24:46.0556 4428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:24:46.0556 4428 amdsbs - ok
15:24:46.0572 4428 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:24:46.0572 4428 amdxata - ok
15:24:46.0619 4428 AMPPAL (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys
15:24:46.0619 4428 AMPPAL - ok
15:24:46.0619 4428 AMPPALP (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys
15:24:46.0634 4428 AMPPALP - ok
15:24:46.0759 4428 AMPPALR3 (576134e43169810b560f0bb6fdee13f5) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:24:46.0759 4428 AMPPALR3 - ok
15:24:47.0102 4428 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:24:47.0102 4428 AppID - ok
15:24:47.0133 4428 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:24:47.0133 4428 AppIDSvc - ok
15:24:47.0180 4428 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:24:47.0180 4428 Appinfo - ok
15:24:47.0258 4428 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:24:47.0258 4428 Apple Mobile Device - ok
15:24:47.0289 4428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:24:47.0289 4428 arc - ok
15:24:47.0321 4428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:24:47.0321 4428 arcsas - ok
15:24:47.0430 4428 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:24:47.0430 4428 aspnet_state - ok
15:24:47.0445 4428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:24:47.0445 4428 AsyncMac - ok
15:24:47.0461 4428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:24:47.0461 4428 atapi - ok
15:24:47.0508 4428 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
15:24:47.0508 4428 AtiHdmiService - ok
15:24:47.0555 4428 atksgt (1fd0fa6618b31fad14385740d0f6c333) C:\Windows\system32\DRIVERS\atksgt.sys
15:24:47.0555 4428 atksgt - ok
15:24:47.0633 4428 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:24:47.0633 4428 AudioEndpointBuilder - ok
15:24:47.0648 4428 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:24:47.0664 4428 AudioSrv - ok
15:24:47.0711 4428 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:24:47.0711 4428 AxInstSV - ok
15:24:47.0742 4428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:24:47.0742 4428 b06bdrv - ok
15:24:47.0773 4428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:24:47.0789 4428 b57nd60a - ok
15:24:47.0820 4428 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:24:47.0820 4428 BDESVC - ok
15:24:47.0851 4428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:24:47.0851 4428 Beep - ok
15:24:47.0929 4428 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:24:47.0929 4428 BFE - ok
15:24:47.0991 4428 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:24:48.0007 4428 BITS - ok
15:24:48.0054 4428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:24:48.0054 4428 blbdrive - ok
15:24:48.0116 4428 Bonjour Service (673cf4f6bb1fbe09331b526802fbb892) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
15:24:48.0116 4428 Bonjour Service - ok
15:24:48.0147 4428 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:24:48.0147 4428 bowser - ok
15:24:48.0179 4428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:24:48.0179 4428 BrFiltLo - ok
15:24:48.0194 4428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:24:48.0194 4428 BrFiltUp - ok
15:24:48.0210 4428 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:24:48.0210 4428 BridgeMP - ok
15:24:48.0257 4428 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:24:48.0257 4428 Browser - ok
15:24:48.0303 4428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:24:48.0303 4428 Brserid - ok
15:24:48.0319 4428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:24:48.0319 4428 BrSerWdm - ok
15:24:48.0335 4428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:24:48.0335 4428 BrUsbMdm - ok
15:24:48.0350 4428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:24:48.0350 4428 BrUsbSer - ok
15:24:48.0366 4428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:24:48.0366 4428 BTHMODEM - ok
15:24:48.0397 4428 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:24:48.0397 4428 bthserv - ok
15:24:48.0475 4428 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:24:48.0475 4428 BTHSSecurityMgr - ok
15:24:48.0475 4428 catchme - ok
15:24:48.0506 4428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:24:48.0506 4428 cdfs - ok
15:24:48.0553 4428 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:24:48.0553 4428 cdrom - ok
15:24:48.0600 4428 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:24:48.0600 4428 CertPropSvc - ok
15:24:48.0662 4428 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
15:24:48.0662 4428 CinemaNow Service - ok
15:24:48.0678 4428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:24:48.0678 4428 circlass - ok
15:24:48.0725 4428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:24:48.0725 4428 CLFS - ok
15:24:48.0787 4428 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
15:24:48.0803 4428 CLKMSVC10_C6F09094 - ok
15:24:48.0865 4428 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:24:48.0865 4428 clr_optimization_v2.0.50727_32 - ok
15:24:48.0912 4428 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:24:48.0912 4428 clr_optimization_v2.0.50727_64 - ok
15:24:48.0990 4428 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:24:48.0990 4428 clr_optimization_v4.0.30319_32 - ok
15:24:49.0021 4428 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:24:49.0021 4428 clr_optimization_v4.0.30319_64 - ok
15:24:49.0317 4428 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
15:24:49.0317 4428 clwvd - ok
15:24:49.0333 4428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:24:49.0333 4428 CmBatt - ok
15:24:49.0364 4428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:24:49.0364 4428 cmdide - ok
15:24:49.0411 4428 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:24:49.0427 4428 CNG - ok
15:24:49.0427 4428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:24:49.0427 4428 Compbatt - ok
15:24:49.0458 4428 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:24:49.0458 4428 CompositeBus - ok
15:24:49.0473 4428 COMSysApp - ok
15:24:49.0505 4428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:24:49.0505 4428 crcdisk - ok
15:24:49.0551 4428 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:24:49.0551 4428 CryptSvc - ok
15:24:49.0614 4428 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:24:49.0629 4428 DcomLaunch - ok
15:24:49.0661 4428 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:24:49.0676 4428 defragsvc - ok
15:24:49.0723 4428 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:24:49.0723 4428 DfsC - ok
15:24:49.0739 4428 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:24:49.0754 4428 Dhcp - ok
15:24:49.0770 4428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:24:49.0770 4428 discache - ok
15:24:49.0801 4428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:24:49.0801 4428 Disk - ok
15:24:49.0848 4428 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:24:49.0848 4428 Dnscache - ok
15:24:49.0895 4428 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:24:49.0895 4428 dot3svc - ok
15:24:49.0988 4428 DpHost (3e6b2753a09d46958f5d0df8e1b650ca) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
15:24:49.0988 4428 DpHost - ok
15:24:50.0035 4428 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:24:50.0035 4428 DPS - ok
15:24:50.0051 4428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:24:50.0051 4428 drmkaud - ok
15:24:50.0144 4428 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:24:50.0160 4428 DXGKrnl - ok
15:24:50.0191 4428 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:24:50.0191 4428 EapHost - ok
15:24:50.0409 4428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:24:50.0441 4428 ebdrv - ok
15:24:50.0753 4428 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:24:50.0753 4428 EFS - ok
15:24:50.0862 4428 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:24:50.0862 4428 ehRecvr - ok
15:24:50.0909 4428 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:24:50.0909 4428 ehSched - ok
15:24:50.0987 4428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:24:50.0987 4428 elxstor - ok
15:24:51.0018 4428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:24:51.0018 4428 ErrDev - ok
15:24:51.0080 4428 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:24:51.0080 4428 EventSystem - ok
15:24:51.0221 4428 EvtEng (e3a96d5ae6e5c7b5472011ba77353368) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:24:51.0236 4428 EvtEng - ok
15:24:51.0579 4428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:24:51.0579 4428 exfat - ok
15:24:51.0595 4428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:24:51.0595 4428 fastfat - ok
15:24:51.0689 4428 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:24:51.0689 4428 Fax - ok
15:24:51.0704 4428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:24:51.0704 4428 fdc - ok
15:24:51.0720 4428 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:24:51.0720 4428 fdPHost - ok
15:24:51.0735 4428 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:24:51.0735 4428 FDResPub - ok
15:24:51.0767 4428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:24:51.0767 4428 FileInfo - ok
15:24:51.0782 4428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:24:51.0782 4428 Filetrace - ok
15:24:51.0782 4428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:24:51.0782 4428 flpydisk - ok
15:24:51.0813 4428 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:24:51.0813 4428 FltMgr - ok
15:24:51.0923 4428 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:24:51.0938 4428 FontCache - ok
15:24:52.0016 4428 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:24:52.0016 4428 FontCache3.0.0.0 - ok
15:24:52.0063 4428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:24:52.0063 4428 FsDepends - ok
15:24:52.0094 4428 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:24:52.0094 4428 Fs_Rec - ok
15:24:52.0141 4428 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:24:52.0141 4428 fvevol - ok
15:24:52.0172 4428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:24:52.0172 4428 gagp30kx - ok
15:24:52.0188 4428 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:24:52.0188 4428 GEARAspiWDM - ok
15:24:52.0281 4428 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:24:52.0281 4428 gpsvc - ok
15:24:52.0391 4428 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:24:52.0391 4428 gupdate - ok
15:24:52.0391 4428 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:24:52.0391 4428 gupdatem - ok
15:24:52.0422 4428 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
15:24:52.0422 4428 hamachi - ok
15:24:52.0593 4428 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:24:52.0609 4428 Hamachi2Svc - ok
15:24:52.0983 4428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:24:52.0983 4428 hcw85cir - ok
15:24:53.0061 4428 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:24:53.0061 4428 HdAudAddService - ok
15:24:53.0108 4428 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:24:53.0108 4428 HDAudBus - ok
15:24:53.0139 4428 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:24:53.0155 4428 HECIx64 - ok
15:24:53.0155 4428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:24:53.0155 4428 HidBatt - ok
15:24:53.0186 4428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:24:53.0186 4428 HidBth - ok
15:24:53.0202 4428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:24:53.0202 4428 HidIr - ok
15:24:53.0233 4428 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:24:53.0233 4428 hidserv - ok
15:24:53.0249 4428 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:24:53.0249 4428 HidUsb - ok
15:24:53.0295 4428 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:24:53.0295 4428 hkmsvc - ok
15:24:53.0342 4428 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:24:53.0342 4428 HomeGroupListener - ok
15:24:53.0389 4428 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:24:53.0405 4428 HomeGroupProvider - ok
15:24:53.0451 4428 HP Health Check Service - ok
15:24:53.0529 4428 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
15:24:53.0529 4428 HP Wireless Assistant Service - ok
15:24:53.0561 4428 HPDrvMntSvc.exe (881f74074963cdad8c475d09dc3a0bb6) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:24:53.0561 4428 HPDrvMntSvc.exe - ok
15:24:53.0576 4428 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
15:24:53.0592 4428 hpdskflt - ok
15:24:53.0639 4428 hpqwmiex (fe51b163a618b1cbf015485d21c1bc68) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:24:53.0639 4428 hpqwmiex - ok
15:24:53.0670 4428 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:24:53.0670 4428 HpSAMD - ok
15:24:53.0701 4428 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
15:24:53.0701 4428 hpsrv - ok
15:24:53.0717 4428 HPWMISVC (5aa89e152634954e15e9db265c6a8557) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
15:24:53.0717 4428 HPWMISVC - ok
15:24:53.0810 4428 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:24:53.0810 4428 HTTP - ok
15:24:53.0841 4428 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:24:53.0841 4428 hwpolicy - ok
15:24:53.0873 4428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:24:53.0873 4428 i8042prt - ok
15:24:53.0919 4428 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
15:24:53.0935 4428 iaStor - ok
15:24:53.0966 4428 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:24:53.0966 4428 iaStorV - ok
15:24:54.0075 4428 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:24:54.0075 4428 idsvc - ok
15:24:55.0214 4428 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:24:55.0308 4428 igfx - ok
15:24:55.0651 4428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:24:55.0651 4428 iirsp - ok
15:24:55.0745 4428 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:24:55.0745 4428 IKEEXT - ok
15:24:55.0776 4428 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
15:24:55.0776 4428 Impcd - ok
15:24:55.0807 4428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:24:55.0807 4428 intelide - ok
15:24:56.0462 4428 intelkmd (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdpmd64.sys
15:24:56.0556 4428 intelkmd - ok
15:24:56.0883 4428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:24:56.0899 4428 intelppm - ok
15:24:56.0915 4428 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:24:56.0930 4428 IPBusEnum - ok
15:24:56.0977 4428 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:24:56.0977 4428 IpFilterDriver - ok
15:24:57.0055 4428 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:24:57.0055 4428 iphlpsvc - ok
15:24:57.0086 4428 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:24:57.0086 4428 IPMIDRV - ok
15:24:57.0133 4428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:24:57.0133 4428 IPNAT - ok
15:24:57.0242 4428 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe
15:24:57.0258 4428 iPod Service - ok
15:24:57.0273 4428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:24:57.0273 4428 IRENUM - ok
15:24:57.0289 4428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:24:57.0289 4428 isapnp - ok
15:24:57.0320 4428 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:24:57.0320 4428 iScsiPrt - ok
15:24:57.0336 4428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:24:57.0336 4428 kbdclass - ok
15:24:57.0383 4428 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:24:57.0383 4428 kbdhid - ok
15:24:57.0414 4428 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:57.0414 4428 KeyIso - ok
15:24:57.0429 4428 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:24:57.0429 4428 KSecDD - ok
15:24:57.0445 4428 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:24:57.0445 4428 KSecPkg - ok
15:24:57.0461 4428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:24:57.0461 4428 ksthunk - ok
15:24:57.0507 4428 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:24:57.0523 4428 KtmRm - ok
15:24:57.0570 4428 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:24:57.0570 4428 LanmanServer - ok
15:24:57.0632 4428 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:24:57.0632 4428 LanmanWorkstation - ok
15:24:57.0679 4428 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
15:24:57.0679 4428 lirsgt - ok
15:24:57.0695 4428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:24:57.0695 4428 lltdio - ok
15:24:57.0741 4428 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:24:57.0741 4428 lltdsvc - ok
15:24:57.0757 4428 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:24:57.0757 4428 lmhosts - ok
15:24:57.0866 4428 LMS (6d515466ab8bfe61184092b635ae6eb4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:24:57.0866 4428 LMS - ok
15:24:57.0913 4428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:24:57.0913 4428 LSI_FC - ok
15:24:57.0929 4428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:24:57.0929 4428 LSI_SAS - ok
15:24:57.0944 4428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:24:57.0944 4428 LSI_SAS2 - ok
15:24:57.0975 4428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:24:57.0975 4428 LSI_SCSI - ok
15:24:57.0991 4428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:24:57.0991 4428 luafv - ok
15:24:58.0038 4428 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:24:58.0053 4428 Mcx2Svc - ok
15:24:58.0069 4428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:24:58.0069 4428 megasas - ok
15:24:58.0100 4428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:24:58.0100 4428 MegaSR - ok
15:24:58.0131 4428 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:24:58.0131 4428 MMCSS - ok
15:24:58.0147 4428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:24:58.0147 4428 Modem - ok
15:24:58.0163 4428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:24:58.0163 4428 monitor - ok
15:24:58.0194 4428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:24:58.0209 4428 mouclass - ok
15:24:58.0241 4428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:24:58.0241 4428 mouhid - ok
15:24:58.0287 4428 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:24:58.0287 4428 mountmgr - ok
15:24:58.0334 4428 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:24:58.0334 4428 MpFilter - ok
15:24:58.0365 4428 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:24:58.0365 4428 mpio - ok
15:24:58.0381 4428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:24:58.0381 4428 mpsdrv - ok
15:24:58.0475 4428 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:24:58.0475 4428 MpsSvc - ok
15:24:58.0521 4428 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:24:58.0521 4428 MRxDAV - ok
15:24:58.0553 4428 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:58.0553 4428 mrxsmb - ok
15:24:58.0615 4428 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:58.0615 4428 mrxsmb10 - ok
15:24:58.0646 4428 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:58.0646 4428 mrxsmb20 - ok
15:24:58.0677 4428 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:24:58.0677 4428 msahci - ok
15:24:58.0693 4428 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:24:58.0693 4428 msdsm - ok
15:24:58.0740 4428 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:24:58.0740 4428 MSDTC - ok
15:24:58.0771 4428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:24:58.0771 4428 Msfs - ok
15:24:58.0787 4428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:24:58.0787 4428 mshidkmdf - ok
15:24:58.0802 4428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:24:58.0802 4428 msisadrv - ok
15:24:58.0833 4428 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:24:58.0833 4428 MSiSCSI - ok
15:24:58.0849 4428 msiserver - ok
15:24:58.0865 4428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:24:58.0865 4428 MSKSSRV - ok
15:24:58.0896 4428 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:24:58.0911 4428 MsMpSvc - ok
15:24:58.0927 4428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:58.0927 4428 MSPCLOCK - ok
15:24:58.0943 4428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:24:58.0943 4428 MSPQM - ok
15:24:58.0989 4428 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:24:59.0005 4428 MsRPC - ok
15:24:59.0005 4428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:24:59.0005 4428 mssmbios - ok
15:24:59.0036 4428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:24:59.0036 4428 MSTEE - ok
15:24:59.0036 4428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:24:59.0036 4428 MTConfig - ok
15:24:59.0067 4428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:24:59.0067 4428 Mup - ok
15:24:59.0145 4428 MyWiFiDHCPDNS (8f57db74bf5407a4cda6c8b005dc8dd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:24:59.0145 4428 MyWiFiDHCPDNS - ok
15:24:59.0223 4428 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:24:59.0239 4428 napagent - ok
15:24:59.0270 4428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:24:59.0270 4428 NativeWifiP - ok
15:24:59.0348 4428 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:24:59.0348 4428 NDIS - ok
15:24:59.0379 4428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:24:59.0379 4428 NdisCap - ok
15:24:59.0395 4428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:59.0395 4428 NdisTapi - ok
15:24:59.0442 4428 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:59.0442 4428 Ndisuio - ok
15:24:59.0489 4428 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:59.0489 4428 NdisWan - ok
15:24:59.0520 4428 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:24:59.0520 4428 NDProxy - ok
15:24:59.0551 4428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:24:59.0551 4428 NetBIOS - ok
15:24:59.0582 4428 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:24:59.0582 4428 NetBT - ok
15:24:59.0613 4428 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:24:59.0613 4428 Netlogon - ok
15:24:59.0660 4428 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:24:59.0660 4428 Netman - ok
15:24:59.0738 4428 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:59.0738 4428 NetMsmqActivator - ok
15:24:59.0754 4428 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:59.0754 4428 NetPipeActivator - ok
15:24:59.0785 4428 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:24:59.0801 4428 netprofm - ok
15:24:59.0801 4428 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:59.0801 4428 NetTcpActivator - ok
15:24:59.0816 4428 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:59.0816 4428 NetTcpPortSharing - ok
15:25:00.0300 4428 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
15:25:00.0378 4428 NETw5s64 - ok
15:25:01.0127 4428 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
15:25:01.0173 4428 netw5v64 - ok
15:25:02.0000 4428 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
15:25:02.0078 4428 NETwNs64 - ok
15:25:02.0421 4428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:25:02.0421 4428 nfrd960 - ok
15:25:02.0453 4428 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:25:02.0453 4428 NisDrv - ok
15:25:02.0515 4428 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:25:02.0515 4428 NisSrv - ok
15:25:02.0577 4428 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:25:02.0577 4428 NlaSvc - ok
15:25:02.0609 4428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:25:02.0609 4428 Npfs - ok
15:25:02.0609 4428 npggsvc - ok
15:25:02.0640 4428 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:25:02.0640 4428 nsi - ok
15:25:02.0655 4428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:25:02.0655 4428 nsiproxy - ok
15:25:02.0780 4428 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:25:02.0796 4428 Ntfs - ok
15:25:03.0139 4428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:25:03.0139 4428 Null - ok
15:25:03.0170 4428 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:25:03.0170 4428 nvraid - ok
15:25:03.0186 4428 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:25:03.0186 4428 nvstor - ok
15:25:03.0233 4428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:25:03.0233 4428 nv_agp - ok
15:25:03.0264 4428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:25:03.0264 4428 ohci1394 - ok
15:25:03.0326 4428 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:25:03.0326 4428 ose - ok
15:25:03.0373 4428 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:25:03.0373 4428 p2pimsvc - ok
15:25:03.0420 4428 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:25:03.0420 4428 p2psvc - ok
15:25:03.0451 4428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:25:03.0451 4428 Parport - ok
15:25:03.0498 4428 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:25:03.0498 4428 partmgr - ok
15:25:03.0513 4428 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:25:03.0513 4428 PcaSvc - ok
15:25:03.0545 4428 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:25:03.0560 4428 pci - ok
15:25:03.0560 4428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:25:03.0560 4428 pciide - ok
15:25:03.0607 4428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:25:03.0607 4428 pcmcia - ok
15:25:03.0638 4428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:25:03.0638 4428 pcw - ok
15:25:03.0685 4428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:25:03.0701 4428 PEAUTH - ok
15:25:03.0763 4428 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:25:03.0763 4428 PerfHost - ok
15:25:04.0122 4428 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:25:04.0137 4428 pla - ok
15:25:04.0465 4428 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:25:04.0465 4428 PlugPlay - ok
15:25:04.0465 4428 PnkBstrA - ok
15:25:04.0496 4428 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:25:04.0496 4428 PNRPAutoReg - ok
15:25:04.0559 4428 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:25:04.0559 4428 PNRPsvc - ok
15:25:04.0621 4428 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:25:04.0621 4428 PolicyAgent - ok
15:25:04.0668 4428 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:25:04.0668 4428 Power - ok
15:25:04.0746 4428 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:25:04.0761 4428 PptpMiniport - ok
15:25:04.0777 4428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:25:04.0777 4428 Processor - ok
15:25:04.0824 4428 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:25:04.0824 4428 ProfSvc - ok
15:25:04.0871 4428 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:25:04.0871 4428 ProtectedStorage - ok
15:25:04.0917 4428 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:25:04.0917 4428 Psched - ok
15:25:05.0042 4428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:25:05.0058 4428 ql2300 - ok
15:25:05.0385 4428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:25:05.0385 4428 ql40xx - ok
15:25:05.0417 4428 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:25:05.0432 4428 QWAVE - ok
15:25:05.0432 4428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:25:05.0432 4428 QWAVEdrv - ok
15:25:05.0448 4428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:25:05.0448 4428 RasAcd - ok
15:25:05.0463 4428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:25:05.0463 4428 RasAgileVpn - ok
15:25:05.0463 4428 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:25:05.0479 4428 RasAuto - ok
15:25:05.0526 4428 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:25:05.0526 4428 Rasl2tp - ok
15:25:05.0557 4428 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:25:05.0557 4428 RasMan - ok
15:25:05.0573 4428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:25:05.0573 4428 RasPppoe - ok
15:25:05.0588 4428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:25:05.0588 4428 RasSstp - ok
15:25:05.0635 4428 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:25:05.0635 4428 rdbss - ok
15:25:05.0651 4428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:25:05.0651 4428 rdpbus - ok
15:25:05.0666 4428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:25:05.0666 4428 RDPCDD - ok
15:25:05.0682 4428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:25:05.0682 4428 RDPENCDD - ok
15:25:05.0697 4428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:25:05.0697 4428 RDPREFMP - ok
15:25:05.0744 4428 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:25:05.0760 4428 RDPWD - ok
15:25:05.0807 4428 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:25:05.0807 4428 rdyboost - ok
15:25:05.0900 4428 RegSrvc (fd11c1287d38a46fb72353e14d50089c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:25:05.0916 4428 RegSrvc - ok
15:25:05.0931 4428 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:25:05.0931 4428 RemoteAccess - ok
15:25:05.0963 4428 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:25:05.0963 4428 RemoteRegistry - ok
15:25:06.0009 4428 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
15:25:06.0009 4428 Revoflt - ok
15:25:06.0041 4428 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:25:06.0041 4428 RpcEptMapper - ok
15:25:06.0056 4428 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:25:06.0056 4428 RpcLocator - ok
15:25:06.0119 4428 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:25:06.0119 4428 RpcSs - ok
15:25:06.0165 4428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:25:06.0165 4428 rspndr - ok
15:25:06.0197 4428 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
15:25:06.0197 4428 RSUSBSTOR - ok
15:25:06.0228 4428 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:25:06.0228 4428 RTL8167 - ok
15:25:06.0259 4428 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:25:06.0259 4428 SamSs - ok
15:25:06.0368 4428 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:25:06.0368 4428 SASDIFSV - ok
15:25:06.0384 4428 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:25:06.0384 4428 SASKUTIL - ok
15:25:06.0415 4428 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:25:06.0415 4428 sbp2port - ok
15:25:06.0431 4428 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:25:06.0431 4428 SCardSvr - ok
15:25:06.0477 4428 SCDEmu (d3022dba20029f1899b555298a5e95a3) C:\Windows\system32\drivers\SCDEmu.sys
15:25:06.0477 4428 SCDEmu - ok
15:25:06.0524 4428 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:25:06.0524 4428 scfilter - ok
15:25:06.0618 4428 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:25:06.0633 4428 Schedule - ok
15:25:06.0680 4428 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:25:06.0680 4428 SCPolicySvc - ok
15:25:06.0711 4428 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
15:25:06.0711 4428 sdbus - ok
15:25:06.0743 4428 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:25:06.0743 4428 SDRSVC - ok
15:25:06.0774 4428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:25:06.0789 4428 secdrv - ok
15:25:06.0821 4428 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:25:06.0836 4428 seclogon - ok
15:25:06.0852 4428 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:25:06.0852 4428 SENS - ok
15:25:06.0867 4428 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:25:06.0883 4428 SensrSvc - ok
15:25:06.0899 4428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:25:06.0899 4428 Serenum - ok
15:25:06.0930 4428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:25:06.0930 4428 Serial - ok
15:25:06.0961 4428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:25:06.0961 4428 sermouse - ok
15:25:07.0039 4428 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:25:07.0039 4428 SessionEnv - ok
15:25:07.0070 4428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:25:07.0070 4428 sffdisk - ok
15:25:07.0086 4428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:25:07.0086 4428 sffp_mmc - ok
15:25:07.0101 4428 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:25:07.0101 4428 sffp_sd - ok
15:25:07.0133 4428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:25:07.0133 4428 sfloppy - ok
15:25:07.0179 4428 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:25:07.0179 4428 SharedAccess - ok
15:25:07.0242 4428 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:25:07.0257 4428 ShellHWDetection - ok
15:25:07.0289 4428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:25:07.0289 4428 SiSRaid2 - ok
15:25:07.0320 4428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:25:07.0320 4428 SiSRaid4 - ok
15:25:07.0398 4428 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
15:25:07.0398 4428 SkypeUpdate - ok
15:25:07.0413 4428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:25:07.0413 4428 Smb - ok
15:25:07.0445 4428 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:25:07.0460 4428 SNMPTRAP - ok
15:25:07.0476 4428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:25:07.0476 4428 spldr - ok
15:25:07.0523 4428 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:25:07.0523 4428 Spooler - ok
15:25:07.0757 4428 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:25:07.0788 4428 sppsvc - ok
15:25:08.0100 4428 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:25:08.0100 4428 sppuinotify - ok
15:25:08.0178 4428 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:25:08.0193 4428 srv - ok
15:25:08.0225 4428 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:25:08.0225 4428 srv2 - ok
15:25:08.0271 4428 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:25:08.0271 4428 SrvHsfHDA - ok
15:25:08.0381 4428 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:25:08.0381 4428 SrvHsfV92 - ok
15:25:08.0755 4428 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:25:08.0755 4428 SrvHsfWinac - ok
15:25:08.0786 4428 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:25:08.0802 4428 srvnet - ok
15:25:08.0817 4428 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:25:08.0833 4428 SSDPSRV - ok
15:25:08.0833 4428 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:25:08.0849 4428 SstpSvc - ok
15:25:08.0911 4428 STacSV (463e33b1ea7af1e6eb87b66b831db41a) C:\Program Files\IDT\WDM\STacSV64.exe
15:25:08.0927 4428 STacSV - ok
15:25:08.0958 4428 Steam Client Service - ok
15:25:08.0989 4428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:25:08.0989 4428 stexstor - ok
15:25:09.0036 4428 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
15:25:09.0036 4428 STHDA - ok
15:25:09.0114 4428 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:25:09.0129 4428 stisvc - ok
15:25:09.0145 4428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:25:09.0145 4428 swenum - ok
15:25:09.0207 4428 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:25:09.0223 4428 swprv - ok
15:25:09.0363 4428 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
15:25:09.0379 4428 SynTP - ok
15:25:09.0800 4428 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:25:09.0816 4428 SysMain - ok
15:25:10.0143 4428 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:25:10.0143 4428 TabletInputService - ok
15:25:10.0175 4428 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:25:10.0175 4428 TapiSrv - ok
15:25:10.0206 4428 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:25:10.0206 4428 TBS - ok
15:25:10.0377 4428 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:25:10.0393 4428 Tcpip - ok
15:25:10.0830 4428 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:25:10.0845 4428 TCPIP6 - ok
15:25:11.0204 4428 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:25:11.0204 4428 tcpipreg - ok
15:25:11.0235 4428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:25:11.0235 4428 TDPIPE - ok
15:25:11.0282 4428 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:25:11.0282 4428 TDTCP - ok
15:25:11.0329 4428 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:25:11.0329 4428 tdx - ok
15:25:11.0360 4428 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:25:11.0360 4428 TermDD - ok
15:25:11.0469 4428 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:25:11.0485 4428 TermService - ok
15:25:11.0501 4428 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:25:11.0501 4428 Themes - ok
15:25:11.0532 4428 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:25:11.0532 4428 THREADORDER - ok
15:25:11.0563 4428 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:25:11.0563 4428 TrkWks - ok
15:25:11.0625 4428 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:25:11.0625 4428 TrustedInstaller - ok
15:25:11.0688 4428 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:25:11.0688 4428 tssecsrv - ok
15:25:11.0735 4428 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:25:11.0735 4428 TsUsbFlt - ok
15:25:11.0781 4428 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:25:11.0797 4428 tunnel - ok
15:25:11.0828 4428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:25:11.0828 4428 uagp35 - ok
15:25:11.0891 4428 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:25:11.0891 4428 udfs - ok
15:25:11.0922 4428 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:25:11.0922 4428 UI0Detect - ok
15:25:11.0969 4428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:25:11.0969 4428 uliagpkx - ok
15:25:12.0000 4428 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:25:12.0000 4428 umbus - ok
15:25:12.0015 4428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:25:12.0015 4428 UmPass - ok
15:25:12.0218 4428 UNS (0fadd949576a164b4e51e716f46b6c33) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:25:12.0234 4428 UNS - ok
15:25:12.0561 4428 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:25:12.0561 4428 upnphost - ok
15:25:12.0608 4428 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
15:25:12.0608 4428 USBAAPL64 - ok
15:25:12.0639 4428 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:25:12.0639 4428 usbaudio - ok
15:25:12.0671 4428 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:25:12.0671 4428 usbccgp - ok
15:25:12.0717 4428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:25:12.0717 4428 usbcir - ok
15:25:12.0749 4428 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:25:12.0749 4428 usbehci - ok
15:25:12.0764 4428 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:25:12.0780 4428 usbhub - ok
15:25:12.0795 4428 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:25:12.0795 4428 usbohci - ok
15:25:12.0842 4428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:25:12.0842 4428 usbprint - ok
15:25:12.0858 4428 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:25:12.0858 4428 USBSTOR - ok
15:25:12.0873 4428 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:25:12.0873 4428 usbuhci - ok
15:25:12.0951 4428 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:25:12.0951 4428 usbvideo - ok
15:25:12.0983 4428 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:25:12.0983 4428 UxSms - ok
15:25:13.0029 4428 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:25:13.0029 4428 VaultSvc - ok
15:25:13.0263 4428 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe
15:25:13.0295 4428 vcsFPService - ok
15:25:13.0622 4428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:25:13.0622 4428 vdrvroot - ok
15:25:13.0685 4428 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:25:13.0700 4428 vds - ok
15:25:13.0731 4428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:25:13.0731 4428 vga - ok
15:25:13.0747 4428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:25:13.0763 4428 VgaSave - ok
15:25:13.0794 4428 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:25:13.0794 4428 vhdmp - ok
15:25:13.0809 4428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:25:13.0809 4428 viaide - ok
15:25:13.0825 4428 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:25:13.0825 4428 volmgr - ok
15:25:13.0887 4428 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:25:13.0887 4428 volmgrx - ok
15:25:13.0934 4428 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:25:13.0950 4428 volsnap - ok
15:25:13.0981 4428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:25:13.0981 4428 vsmraid - ok
15:25:14.0121 4428 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:25:14.0137 4428 VSS - ok
15:25:14.0480 4428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:25:14.0480 4428 vwifibus - ok
15:25:14.0496 4428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:25:14.0496 4428 vwififlt - ok
15:25:14.0511 4428 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:25:14.0511 4428 vwifimp - ok
15:25:14.0574 4428 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:25:14.0574 4428 W32Time - ok
15:25:14.0667 4428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:25:14.0667 4428 WacomPen - ok
15:25:14.0714 4428 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:25:14.0714 4428 WANARP - ok
15:25:14.0730 4428 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:25:14.0730 4428 Wanarpv6 - ok
15:25:14.0808 4428 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:25:14.0823 4428 WatAdminSvc - ok
15:25:14.0964 4428 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:25:14.0979 4428 wbengine - ok
15:25:15.0307 4428 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:25:15.0307 4428 WbioSrvc - ok
15:25:15.0369 4428 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:25:15.0385 4428 wcncsvc - ok
15:25:15.0401 4428 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:25:15.0401 4428 WcsPlugInService - ok
15:25:15.0447 4428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:25:15.0447 4428 Wd - ok
15:25:15.0510 4428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:25:15.0510 4428 Wdf01000 - ok
15:25:15.0525 4428 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:25:15.0541 4428 WdiServiceHost - ok
15:25:15.0541 4428 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:25:15.0541 4428 WdiSystemHost - ok
15:25:15.0572 4428 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
15:25:15.0572 4428 wdkmd - ok
15:25:15.0619 4428 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:25:15.0619 4428 WebClient - ok
15:25:15.0635 4428 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:25:15.0650 4428 Wecsvc - ok
15:25:15.0666 4428 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:25:15.0666 4428 wercplsupport - ok
15:25:15.0681 4428 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:25:15.0681 4428 WerSvc - ok
15:25:15.0697 4428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:25:15.0713 4428 WfpLwf - ok
15:25:15.0728 4428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:25:15.0728 4428 WIMMount - ok
15:25:15.0744 4428 WinDefend - ok
15:25:15.0759 4428 WinHttpAutoProxySvc - ok
15:25:15.0822 4428 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:25:15.0822 4428 Winmgmt - ok
15:25:15.0962 4428 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:25:15.0978 4428 WinRM - ok
15:25:16.0305 4428 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
15:25:16.0305 4428 WinUSB - ok
15:25:16.0368 4428 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:25:16.0368 4428 Wlansvc - ok
15:25:16.0539 4428 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:25:16.0555 4428 wlidsvc - ok
15:25:16.0883 4428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:25:16.0883 4428 WmiAcpi - ok
15:25:16.0976 4428 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:25:16.0976 4428 wmiApSrv - ok
15:25:17.0007 4428 WMPNetworkSvc - ok
15:25:17.0023 4428 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:25:17.0023 4428 WPCSvc - ok
15:25:17.0054 4428 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:25:17.0070 4428 WPDBusEnum - ok
15:25:17.0085 4428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:25:17.0085 4428 ws2ifsl - ok
15:25:17.0101 4428 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:25:17.0117 4428 wscsvc - ok
15:25:17.0117 4428 WSearch - ok
15:25:17.0288 4428 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:25:17.0319 4428 wuauserv - ok
15:25:17.0663 4428 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:25:17.0663 4428 WudfPf - ok
15:25:17.0694 4428 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:25:17.0694 4428 WUDFRd - ok
15:25:17.0741 4428 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:25:17.0756 4428 wudfsvc - ok
15:25:17.0787 4428 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:25:17.0787 4428 WwanSvc - ok
15:25:17.0819 4428 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
15:25:17.0819 4428 xusb21 - ok
15:25:17.0865 4428 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:25:17.0881 4428 yukonw7 - ok
15:25:17.0912 4428 MBR (0x1B8) (c9637362ff056720212791091350eb2c) \Device\Harddisk0\DR0
15:25:18.0115 4428 \Device\Harddisk0\DR0 - ok
15:25:20.0439 4428 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:25:20.0439 4428 \Device\Harddisk1\DR1 - ok
15:25:20.0439 4428 Boot (0x1200) (84caeb90f2be7fa66329267434a7a82e) \Device\Harddisk0\DR0\Partition0
15:25:20.0455 4428 \Device\Harddisk0\DR0\Partition0 - ok
15:25:20.0471 4428 Boot (0x1200) (9671e94dd6251453f9841a02e9a51f9b) \Device\Harddisk0\DR0\Partition1
15:25:20.0471 4428 \Device\Harddisk0\DR0\Partition1 - ok
15:25:20.0502 4428 Boot (0x1200) (62e5dba26e4d13843454937342ad9f24) \Device\Harddisk0\DR0\Partition2
15:25:20.0517 4428 \Device\Harddisk0\DR0\Partition2 - ok
15:25:20.0533 4428 Boot (0x1200) (51cbadf8b67265a0971d8b5f6786268a) \Device\Harddisk0\DR0\Partition3
15:25:20.0533 4428 \Device\Harddisk0\DR0\Partition3 - ok
15:25:20.0533 4428 Boot (0x1200) (08a8c8ba57e9c372d3bc8c378ff3026c) \Device\Harddisk1\DR1\Partition0
15:25:20.0533 4428 \Device\Harddisk1\DR1\Partition0 - ok
15:25:20.0549 4428 ============================================================
15:25:20.0549 4428 Scan finished
15:25:20.0549 4428 ============================================================
15:25:20.0564 4936 Detected object count: 0
15:25:20.0564 4936 Actual detected object count: 0

#14 Jeremy T

Jeremy T
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 27 June 2012 - 02:29 PM

Uninstalled MSE, re-installed, scanned- no issues. MBAM picked up Farbar quarantined items - nothing else. Same for ESET online scanner.

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 27 June 2012 - 05:33 PM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users