Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Background Audio Ads


  • This topic is locked This topic is locked
31 replies to this topic

#1 MJL574

MJL574

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 12 July 2012 - 05:42 PM

I have seen posts about this pest dating back to '07, yet none of the anti-spyware/anti-virus programs seem to be able to do anything about it. It's the typical Background Audio Ads problem, and my Bing results keep redirecting. Ironically, when I uninstalled McAfee the other day as I am not happy with it's performance, I was no longer able to connect to the Internet. Instead, I had a pop-up asking me for log in credentials to a proxy server of 0.0.0.0. I do not have a proxy enabled on our home network. Restoring McAfee restored my connectivity. So it appears that McAfee is actually enabling this mal/adware!

Attached is my DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Mike at 15:22:27 on 2012-07-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1890 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Spybot - Search and Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\ThreatFire\TFService.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\TinyWall\TinyWall.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TinyWall\TinyWall.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe
C:\Users\Mike\Downloads\network-activity-indicator\NetworkIndicator.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Mike\Documents\wopt021\WLAN Optimizer.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\POP Peeper\POPPeeper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\A.L.A.R.M\alarm.exe
C:\Program Files (x86)\AnalogX\Atomic TimeSync\ats.exe
C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\ThreatFire\TFTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\UI0Detect.exe
C:\PROGRAM FILES (X86)\FILEHIPPO.COM\UPDATECHECKER.EXE
C:\Users\Mike\APPDATA\ROAMING\CBS INTERACTIVE\CNET TECHTRACKER\TECHTRACKER.EXE
C:\PROGRAM FILES (X86)\SECUNIA\PSI\PSI_TRAY.EXE
C:\Users\Mike\APPDATA\ROAMING\SPOTIFY\DATA\SPOTIFYWEBHELPER.EXE
C:\BAMBOX\CLIENT\BAMBOXCLIENT.EXE
C:\PROGRAM FILES (X86)\FEED NOTIFIER\NOTIFIER.EXE
C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Mike\Documents\SysinternalsSuite\Tcpview.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://g.live.com/1rewlive4startup/home
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv73&r=27361011k115l03f4z175a49m2x325
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv73&r=27361011k115l03f4z175a49m2x325
uURLSearchHooks: H - No File
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120706060527.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: {8E8B08E2-2856-4B3E-85E5-FE74406796E8} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
uRun: [NetworkIndicator] C:\Users\Mike\Downloads\network-activity-indicator\NetworkIndicator.exe
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [WLAN Optimizer] C:\Users\Mike\Documents\wopt021\WLAN Optimizer.exe
uRun: [msnmsgr] "C:\PROGRAM FILES (X86)\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE" /background
uRun: [POP Peeper] "c:\program files (x86)\pop peeper\poppeeper.exe" -min
uRun: [09009A79D78F7D57D59454FD1051E02615098430._service_run] "C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [CommCtr] C:\PROGRA~2\NET2PH~1\CommCtr.exe -auto
uRun: [Facebook Update] "C:\Users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe"
mRun: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe
mRun: [LManager] c:\program files (x86)\launch manager\lmanager.exe
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\alarm.lnk - C:\Program Files (x86)\A.L.A.R.M\alarm.exe
StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ATOMIC~1.LNK - C:\Program Files (x86)\AnalogX\Atomic TimeSync\ats.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRYSTA~1.LNK - C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINPAT~1.LNK - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
uPolicies-explorer: MaxRecentDocs = 7 (0x7)
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
uPolicies-explorer: NoFile = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
uPolicies-explorer: NoDFSTab = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-explorer: NoEncryptOnMove = 0 (0x0)
uPolicies-explorer: NoResolveTrack = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
mPolicies-explorer: NoFile = 0 (0x0)
mPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
mPolicies-explorer: NoDFSTab = 0 (0x0)
mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
mPolicies-explorer: NoEncryptOnMove = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 0 (0x0)
mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: NoDispAppearancePage = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
dPolicies-explorer: NoViewOnDrive = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
dPolicies-explorer: NoFile = 0 (0x0)
dPolicies-explorer: HideClock = 0 (0x0)
dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
dPolicies-explorer: NoDFSTab = 0 (0x0)
dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
dPolicies-explorer: NoEncryptOnMove = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 0 (0x0)
dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
dPolicies-system: NoDispAppearancePage = 0 (0x0)
dPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6739011D-62BA-4CA4-AACC-91064E6134EE} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6739011D-62BA-4CA4-AACC-91064E6134EE}\441667567516E64616 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6739011D-62BA-4CA4-AACC-91064E6134EE}\7574453534 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6739011D-62BA-4CA4-AACC-91064E6134EE}\E4544574541425 : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
Notify: SDWinLogon - SDWinLogon.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120706060527.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB-X64: {8E8B08E2-2856-4B3E-85E5-FE74406796E8} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB-X64: Swag Bucks Toolbar: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe"
mRun-x64: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe
mRun-x64: [LManager] c:\program files (x86)\launch manager\lmanager.exe
mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
IE-X64: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2c51ve6k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10516.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Mike\AppData\Local\Facebook\Messenger\2.1.4570.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\Mike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
# Mozilla User Preferences
.
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs
*/
.
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1335522678
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1335522678
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1335522678
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1335582174
FF - user.js: browser.bookmarks.restore_default_bookmarks - false
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 1048576
FF - user.js: browser.migration.version - 6
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.selectedEngine - Web Search
FF - user.js: browser.search.useDBForOrder - true
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage - hxxp://www.google.com
FF - user.js: browser.startup.homepage_override.buildID - 20120420145725
FF - user.js: browser.startup.homepage_override.mstone - rv:12.0
FF - user.js: browser.syncPromoViewsLeft - 4
FF - user.js: browser.taskbar.lastgroupid - E7CF176E110C211B
FF - user.js: extensions.blocklist.pingCountVersion - 0
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 12
FF - user.js: extensions.enabledAddons - {51ef49d2-624b-4194-8b97-1c468e9b0efe}:1.300.422,{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\McAfee\\\\SiteAdvisor\,\mtime\:1335974642406},\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Common Files\\\\McAfee\\\\SystemCore\,\mtime\:1335611430014},\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\,\mtime\:1335610983471}}},{\name\:\app-global\,\addons\:{\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1335522420994}}},{\name\:\app-profile\,\addons\:{\{51ef49d2-624b-4194-8b97-1c468e9b0efe}\:{\descriptor\:\C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\2c51ve6k.default\\\\extensions\\\\{51ef49d2-624b-4194-8b97-1c468e9b0efe}.xpi\,\mtime\:1335524595164}}}]
FF - user.js: extensions.lastAppVersion - 12.0
FF - user.js: extensions.lastPlatformVersion - 12.0
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.AutoSearchEventData - auto%20search
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.ClearCacheDate - 2
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.DNSCatch - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.DisplayEULA - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.DnsCatchEventData - dns%20catch
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.FirstLaunchShown - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.LoadLayoutDate.60497 - 2
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.MailLastCheckTime - 1335524897
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.NewTabSearchEventData - tab%20search
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.RemoveAllData - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.ShowDescriptiveText - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.ShowRecommendedOptions - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.StateReportDate - 1335978218352
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.TopRightSearchEventData - top%20right%20search
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.api.settings.fctoolbar51ef49d2624b41948b971c468e9b0efe.user - 1a2go56
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.beforeInstallSaved - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.beforeinstall.homepage - http%3A//www.google.com
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.beforeinstall.search - Google
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.customNewTab - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.helpUsImprove - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.hideOthers - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.processAddrBar - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.remove_search - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.restoreSearch - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.searchHistory - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.session - B57A22F9268ABD75CA04278AAD70012FA87316317735995D758FD4E6F67456EBA98970879EF524028CB58F760E86A4C10FE4EF3CE25D2D9E5F4333ED2AD9DEA685D738FE2C5A28DF0408FC74DF5A8A533A48BA0B90B78EB7CA986B0B79572561
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.showFirstLaunchOptions - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.tb_lang - en
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.tool_id - 60497
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_id - 77504961
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_key - 892be7dad78effc57c30f85106dc56b1a2a9b4f3
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_layouts - 60497
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_lnames - MyPoints%20Point%20Finder
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.weather_location_IDcid2799617 - MXBS0007
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.weather_location_namecid2799617 - Los%20Cabos%2C%20Mexico
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.xml_service_url - 64e3a27980eeceb34248bc3e680b4e63
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.yahooSearch - false
FF - user.js: idle.lastDailyNotification - 1335582451
FF - user.js: intl.charsetmenu.browser.cache - windows-1252, UTF-8
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: places.database.lastMaintenance - 1335582451
FF - user.js: places.history.expiration.transient_current_max_pages - 100564
FF - user.js: prefs.fc_activetabpage - 60497
FF - user.js: prefs.fc_affiliate_active - {51ef49d2-624b-4194-8b97-1c468e9b0efe}
FF - user.js: prefs.fc_uuid - b0634b46-5587-406c-937a-880ed8ce0a5c
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: storage.vacuum.last.index - 0
FF - user.js: storage.vacuum.last.places.sqlite - 1335582451
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1338114507
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys --> C:\Windows\system32\drivers\TfFsMon.sys [?]
R0 TfSysMon;TfSysMon;C:\Windows\system32\drivers\TfSysMon.sys --> C:\Windows\system32\drivers\TfSysMon.sys [?]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Users\Mike\Documents\EmsisoftEmergencyKit\Run\a2ddax64.sys [2012-6-19 23208]
R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 TfNetMon;TfNetMon;\??\C:\Windows\system32\drivers\TfNetMon.sys --> C:\Windows\system32\drivers\TfNetMon.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2012-6-11 66320]
S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-7-10 21384]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 PORTMON;PORTMON;C:\Users\Mike\Documents\SysinternalsSuite\PORTMSYS.SYS [2012-6-10 28656]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-11-2 225280]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-7-10 21904]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2012-5-2 35256]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-07-12 12:45:13 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{46E46601-9662-4F34-80A5-B49854038D97}\mpengine.dll
2012-07-12 12:35:05 -------- d-----w- C:\Users\Mike\AppData\Local\{7FF3D580-C8DD-43C6-9DFE-A02BC5EA4D9C}
2012-07-12 12:33:39 -------- d-----w- C:\Users\Mike\AppData\Local\{3F9EE57E-297F-4871-97E5-659693F4EF32}
2012-07-12 00:16:01 -------- d-----w- C:\Users\Mike\AppData\Local\{33493531-A73F-4A3F-A6BB-75BD0D8491C2}
2012-07-12 00:15:39 -------- d-----w- C:\Users\Mike\AppData\Local\{83153898-18CD-477B-88DA-BDFB9C3C614C}
2012-07-11 13:20:43 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-07-11 13:18:36 129176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
2012-07-11 13:09:34 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2012-07-11 13:09:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-07-11 12:15:09 -------- d-----w- C:\Users\Mike\AppData\Local\{C24911C1-9F05-4C62-9589-6F122CEA18D7}
2012-07-11 12:14:17 -------- d-----w- C:\Users\Mike\AppData\Local\{1F645CEE-94F9-4A9A-B2CE-1A105D857D2D}
2012-07-11 10:24:38 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 06:59:05 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-11 06:59:04 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-07-11 06:59:04 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-07-11 06:59:02 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-07-11 06:59:02 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-07-11 06:59:02 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-07-11 05:41:30 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-07-11 05:17:39 9013136 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-11 05:03:37 -------- d-----w- C:\Users\Mike\AppData\Local\{C730B9C2-6827-4605-ACE5-E30A92049719}
2012-07-11 04:56:03 -------- d-----w- C:\Users\Mike\AppData\Local\{6E85E05E-EA38-42BD-9F81-AB85D7B2F5E8}
2012-07-10 19:02:53 -------- d-----w- C:\Users\Mike\AppData\Local\{52711298-BEBA-4FD1-B43A-F7B46BEF5EED}
2012-07-10 06:58:28 -------- d-----w- C:\Users\Mike\AppData\Local\{9ADE347D-1EFE-4EE6-9F94-C545D38B198D}
2012-07-09 18:58:10 -------- d-----w- C:\Users\Mike\AppData\Local\{4F636436-599A-42E7-84C2-C3914129FCD6}
2012-07-07 17:46:15 -------- d-----w- C:\Users\Mike\AppData\Local\{BB1E0CFA-5DE2-480C-845F-A945C69F4BED}
2012-07-07 17:45:48 -------- d-----w- C:\Users\Mike\AppData\Local\{3FE9F82C-45E6-414C-A40F-434784518C58}
2012-07-06 23:24:17 -------- d-----w- C:\Users\Mike\AppData\Local\{59D1B7E4-77CB-460E-9015-D443A03B7139}
2012-07-06 23:23:31 -------- d-----w- C:\Users\Mike\AppData\Local\{A0274FB7-31DE-4627-8A0C-E33F53578C03}
2012-07-06 11:20:52 -------- d-----w- C:\Users\Mike\AppData\Local\{A82EE207-95A7-467A-8E74-32C0C53234BE}
2012-07-06 11:20:23 -------- d-----w- C:\Users\Mike\AppData\Local\{F467BA6E-727D-4DAF-8045-36841E48894A}
2012-07-05 23:19:56 -------- d-----w- C:\Users\Mike\AppData\Local\{24FAF7A2-8D97-4C4D-81A4-0D4CC193EFE6}
2012-07-05 23:19:34 -------- d-----w- C:\Users\Mike\AppData\Local\{E7CBD59F-CF6F-47FB-889D-DF90AE4AAD54}
2012-07-05 11:18:55 -------- d-----w- C:\Users\Mike\AppData\Local\{A461833C-0A17-44BD-A3DD-5B6295A33AFD}
2012-07-05 11:18:25 -------- d-----w- C:\Users\Mike\AppData\Local\{D1BF2F4D-2F25-4733-87F6-82C2A4281023}
2012-07-04 23:18:10 -------- d-----w- C:\Users\Mike\AppData\Local\{A744F4E0-2DD5-474B-8C4F-21AE408EAAEF}
2012-07-04 23:17:47 -------- d-----w- C:\Users\Mike\AppData\Local\{AABC37A2-76D3-474C-8C90-1EB278678487}
2012-07-04 18:47:23 53248 ----a-w- C:\Windows\SysWow64\BiMAppNT.exe
2012-07-04 11:17:00 -------- d-----w- C:\Users\Mike\AppData\Local\{89DDBCF4-5C29-4F80-8076-26419E75C98D}
2012-07-04 11:16:12 -------- d-----w- C:\Users\Mike\AppData\Local\{A24993A8-E77D-41B5-8DA3-20CA7947EFDB}
2012-07-03 23:14:17 -------- d-----w- C:\Users\Mike\AppData\Local\{DD7B2928-3ED5-44F5-B2A6-FDF00D1B136D}
2012-07-03 23:13:31 -------- d-----w- C:\Users\Mike\AppData\Local\{26CECD03-4E4C-4B04-B3B1-EC240BC5F51E}
2012-07-03 22:25:28 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{06F2331D-70A6-4FB7-B58A-BE9ED9B0DC67}\gapaengine.dll
2012-07-03 22:20:45 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-07-03 22:20:24 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-07-03 11:29:26 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4A54909A-C402-4A44-A721-9A1FE29BFD8B}\mpengine.dll
2012-07-03 11:13:13 -------- d-----w- C:\Users\Mike\AppData\Local\{9099F381-FC45-4E0C-A7AB-7524700E866A}
2012-07-03 11:12:49 -------- d-----w- C:\Users\Mike\AppData\Local\{DF05A763-508A-4354-A2B9-5DDAE8B26990}
2012-07-03 10:34:56 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BF3D8750-9409-4797-BA5A-4D084A23A177}\offreg.dll
2012-07-03 10:34:56 -------- d-----w- C:\Users\Mike\AppData\Local\IsolatedStorage
2012-07-03 06:21:49 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BF3D8750-9409-4797-BA5A-4D084A23A177}\mpengine.dll
2012-07-03 02:11:13 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-07-03 02:11:01 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-07-03 02:10:58 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-07-03 01:33:00 -------- d-----w- C:\Users\Mike\AppData\Local\{6EB08941-3D8C-4588-B551-3609563F469A}
2012-07-03 01:09:13 -------- d-----w- C:\Users\Mike\AppData\Local\{EF08A1EA-6AB7-4AA4-91A8-48F2D22C2199}
2012-07-01 02:30:21 -------- d-----w- C:\Users\Mike\AppData\Local\{5A79850B-8202-43E8-BF1D-B7DDB5950648}
2012-07-01 02:30:00 -------- d-----w- C:\Users\Mike\AppData\Local\{A0502634-E141-408E-907E-CDF65E377311}
2012-06-30 14:29:30 -------- d-----w- C:\Users\Mike\AppData\Local\{4832726D-A8B6-4886-A972-1B508F547212}
2012-06-30 14:29:08 -------- d-----w- C:\Users\Mike\AppData\Local\{8506E846-7CEE-4916-9BE9-EBFCF46A24F7}
2012-06-30 02:28:34 -------- d-----w- C:\Users\Mike\AppData\Local\{B7FBDFC6-1919-4C2D-9C2F-9B155DEA3A15}
2012-06-30 02:28:07 -------- d-----w- C:\Users\Mike\AppData\Local\{D0173E11-E70D-4875-AEBE-A395C70F0955}
2012-06-29 14:27:32 -------- d-----w- C:\Users\Mike\AppData\Local\{BFA36506-47FE-4A07-BC5C-8E9163EB6C54}
2012-06-29 14:26:11 -------- d-----w- C:\Users\Mike\AppData\Local\{D63494D6-79EB-4729-9FA1-E0004BAD0E73}
2012-06-29 01:36:00 -------- d-----w- C:\Users\Mike\AppData\Local\{F5184B1B-DADD-49DE-A999-9159B32FED9B}
2012-06-29 01:35:41 -------- d-----w- C:\Users\Mike\AppData\Local\{4A84272A-4332-4081-9839-3369EBB959C1}
2012-06-28 01:07:29 -------- d-----w- C:\Users\Mike\AppData\Local\{11DF3CF9-F94D-4658-A031-1333C3537A09}
2012-06-28 01:07:07 -------- d-----w- C:\Users\Mike\AppData\Local\{2BD9C398-FC70-4FA4-977B-87933583A875}
2012-06-27 13:06:53 -------- d-----w- C:\Users\Mike\AppData\Local\{3F892EF7-70E6-4EC1-A540-286E5E264D88}
2012-06-27 13:06:30 -------- d-----w- C:\Users\Mike\AppData\Local\{7511664C-1241-45F9-ADB5-2B7495A88CB4}
2012-06-27 09:25:42 -------- d-----r- C:\Users\Mike\Podcasts
2012-06-27 09:25:11 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR
2012-06-27 09:25:09 -------- d-----w- C:\Windows\System32\drivers\UMDF\ms-MY
2012-06-27 09:25:07 -------- d-----w- C:\Windows\System32\drivers\UMDF\id-ID
2012-06-27 09:25:04 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2012-06-27 09:25:01 -------- d-----w- C:\Windows\System32\drivers\UMDF\nb-NO
2012-06-27 01:06:06 -------- d-----w- C:\Users\Mike\AppData\Local\{6A4393D3-7D60-414C-B2C6-5DFC6CB70025}
2012-06-27 01:05:51 -------- d-----w- C:\Users\Mike\AppData\Local\{68173BCB-0DA0-43BE-ADB6-C2AC21C36E0C}
2012-06-26 13:05:36 -------- d-----w- C:\Users\Mike\AppData\Local\{FA21D255-7731-47E1-9240-99F47A184C4F}
2012-06-26 13:05:14 -------- d-----w- C:\Users\Mike\AppData\Local\{EFEA8ACF-ACEE-45F1-98DE-759AA477F9CA}
2012-06-26 01:04:45 -------- d-----w- C:\Users\Mike\AppData\Local\{594379F3-A3AD-4011-9284-B9447F08CBB4}
2012-06-26 01:04:33 -------- d-----w- C:\Users\Mike\AppData\Local\{309EE7E9-86A3-454C-8955-50B04649EFC2}
2012-06-25 16:28:06 29312 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll
2012-06-25 00:13:34 -------- d-----w- C:\Users\Mike\AppData\Local\{AEE9ADD6-FD3A-4FEA-8412-92F0650F76E9}
2012-06-25 00:12:29 -------- d-----w- C:\Users\Mike\AppData\Local\{12926730-7D6A-4DC5-8903-5A4007FE3317}
2012-06-24 09:26:27 -------- d-----w- C:\Users\Mike\AppData\Local\{D1CF2029-004B-4AF0-B566-A22EED39362F}
2012-06-24 09:26:03 -------- d-----w- C:\Users\Mike\AppData\Local\{3ED7998A-79EF-44DE-A4C8-D9BF584FB837}
2012-06-23 21:25:12 -------- d-----w- C:\Users\Mike\AppData\Local\{C711089A-964A-4A9A-9B4F-D33D6BADFDB6}
2012-06-23 21:24:41 -------- d-----w- C:\Users\Mike\AppData\Local\{9CBC4C2C-1EE9-4355-8D19-0B3662B3E69E}
2012-06-23 09:24:19 -------- d-----w- C:\Users\Mike\AppData\Local\{59B1273A-8566-4C9E-91AF-4F6C8744DEB0}
2012-06-23 09:23:55 -------- d-----w- C:\Users\Mike\AppData\Local\{D5E33065-B318-4EBE-B7F3-9177470FB7B4}
2012-06-23 06:19:03 -------- d-----w- C:\Hotspot Shield
2012-06-23 06:18:16 -------- d-----w- C:\Program Files (x86)\Hotspot Shield
2012-06-22 22:34:45 -------- d-----w- C:\Users\Mike\AppData\Roaming\RealNetworks
2012-06-22 21:33:43 -------- d-----w- C:\Program Files (x86)\WOT
2012-06-22 21:33:42 -------- d-----w- C:\Program Files\WOT
2012-06-22 21:23:37 -------- d-----w- C:\Users\Mike\AppData\Local\{161EB96F-126B-41CB-9C34-1FEF4C034246}
2012-06-22 21:23:12 -------- d-----w- C:\Users\Mike\AppData\Local\{52FA012C-EC8F-4238-9541-89659609456A}
2012-06-22 20:08:01 -------- d-----w- C:\Users\Mike\AppData\Roaming\TinyWall
2012-06-22 20:04:15 -------- d-----w- C:\ProgramData\TinyWall
2012-06-22 20:04:15 -------- d-----w- C:\Program Files\TinyWall
2012-06-22 15:40:48 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 15:40:24 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 15:40:07 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 15:40:07 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-22 09:22:42 -------- d-----w- C:\Users\Mike\AppData\Local\{759A9FE8-EF66-4F11-88B0-16D77246841F}
2012-06-22 09:22:20 -------- d-----w- C:\Users\Mike\AppData\Local\{799B497F-4101-4CF1-9977-16EBF982BA5C}
2012-06-21 21:21:59 -------- d-----w- C:\Users\Mike\AppData\Local\{5AA6AC31-B21A-4B7C-BD40-5A3D8E5A99CF}
2012-06-21 21:21:22 -------- d-----w- C:\Users\Mike\AppData\Local\{CCA628D4-84EE-4A3D-A0B2-DDC93CB846AD}
2012-06-21 18:54:06 -------- d-----w- C:\Users\Mike\AppData\Local\{65E72421-042E-411A-9060-E6AE7398194B}
2012-06-21 18:53:23 -------- d-----w- C:\Users\Mike\AppData\Local\{95F9F459-91A4-46F5-B6D0-34A47F30FB33}
2012-06-21 04:37:21 -------- d-----w- C:\Users\Mike\AppData\Local\{16BDF799-B5B4-4E1E-AFE7-A0EBB0E215EE}
2012-06-21 04:36:53 -------- d-----w- C:\Users\Mike\AppData\Local\{7BDFC3F4-144F-451B-B08B-4BB4F6A6BEB4}
2012-06-21 02:08:43 -------- d-----w- C:\THIS_MEANS_WAR
2012-06-21 02:03:50 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2012-06-20 16:36:38 -------- d-----w- C:\Users\Mike\AppData\Local\{C124A7A9-330C-4397-AFD8-89A38EF035D7}
2012-06-20 16:36:15 -------- d-----w- C:\Users\Mike\AppData\Local\{E56B409F-0018-4938-A08C-BF13139A0EF0}
2012-06-20 16:14:20 12800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
2012-06-20 04:35:59 -------- d-----w- C:\Users\Mike\AppData\Local\{F61C862F-C6B5-4469-93D7-78FBF1D3E94B}
2012-06-20 04:35:43 -------- d-----w- C:\Users\Mike\AppData\Local\{6C2F39CB-9968-4EE8-97DC-F337B08CF222}
2012-06-19 14:53:20 -------- d-----w- C:\Users\Mike\AppData\Local\{0EDC7F99-9EE4-4EAB-B357-831015596BB0}
2012-06-19 14:52:58 -------- d-----w- C:\Users\Mike\AppData\Local\{4A8031ED-BCD9-4FC0-89F5-87C8CF3CB859}
2012-06-19 02:52:34 -------- d-----w- C:\Users\Mike\AppData\Local\{E26A6D8E-6580-4D3C-A7B1-9EB9136C5060}
2012-06-19 02:51:57 -------- d-----w- C:\Users\Mike\AppData\Local\{20E3AEB9-1620-43BE-A854-F27F53DDFF77}
2012-06-18 13:29:13 -------- d-----w- C:\Users\Mike\AppData\Local\{F82C4737-F202-464E-A9EF-A47574F174C1}
2012-06-18 03:05:07 -------- d-----w- C:\Users\Mike\AppData\Roaming\Trillian
2012-06-18 01:28:48 -------- d-----w- C:\Users\Mike\AppData\Local\{94FFAC80-43BE-4ED3-A73E-697D2A361F58}
2012-06-17 13:30:46 -------- d-----w- C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2012-06-17 11:16:47 -------- d-----w- C:\Program Files (x86)\Emsisoft HiJackFree
2012-06-17 04:50:02 -------- d-----w- C:\Users\Mike\AppData\Local\{688509D1-6305-45BC-98F5-069AF61A4B8A}
2012-06-16 21:18:45 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-16 19:30:54 -------- d-----w- C:\Users\Mike\AppData\Local\{1A3042BE-5B0E-4550-AADC-1ADE4024A925}
2012-06-16 09:39:54 -------- d-----w- C:\Users\Mike\AppData\Local\{C185736B-2E37-435C-BA18-B0EB201F37E0}
2012-06-15 21:39:31 -------- d-----w- C:\Users\Mike\AppData\Local\{C566B875-487C-4EE2-9843-5CE385F0F6E2}
2012-06-15 18:33:10 -------- d-----w- C:\Users\Mike\AppData\Local\Amazon
2012-06-15 09:38:55 -------- d-----w- C:\Users\Mike\AppData\Local\{3B335ACB-5C9F-4768-8C79-A4F9ADFE3DE1}
2012-06-14 21:38:27 -------- d-----w- C:\Users\Mike\AppData\Local\{0BD23D9B-1711-4D8F-92C6-1E26F5B80E90}
2012-06-14 21:38:13 -------- d-----w- C:\Users\Mike\AppData\Local\{5744A1E3-56C6-4828-9406-D0A35EFD0A9C}
2012-06-14 09:37:57 -------- d-----w- C:\Users\Mike\AppData\Local\{77656E32-6448-46ED-A366-EDE270DDB057}
2012-06-14 09:37:35 -------- d-----w- C:\Users\Mike\AppData\Local\{F57D05EC-A7FE-499F-BF27-7D7AEFEA25EA}
2012-06-14 05:02:25 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-14 03:35:44 -------- d-----w- C:\Users\Mike\AppData\Roaming\Digsby
2012-06-14 03:35:44 -------- d-----w- C:\Users\Mike\AppData\Local\Digsby
2012-06-14 03:35:44 -------- d-----w- C:\ProgramData\Digsby
2012-06-13 21:37:21 -------- d-----w- C:\Users\Mike\AppData\Local\{D7A50EF0-D93F-4FA1-A967-084B83890A99}
2012-06-13 21:36:51 -------- d-----w- C:\Users\Mike\AppData\Local\{C9066514-7E01-4E6F-8537-F1E78608DF8C}
2012-06-13 13:52:55 -------- d-----w- C:\Program Files\iPod
2012-06-13 13:52:53 -------- d-----w- C:\Program Files\iTunes
2012-06-13 09:00:22 -------- d-----w- C:\Users\Mike\AppData\Local\{4971BADA-CFB9-4EBC-B149-8C85D2E7F9BF}
2012-06-13 09:00:00 -------- d-----w- C:\Users\Mike\AppData\Local\{2735188D-AE10-440A-A175-5D9E6B38B21A}
2012-06-13 03:41:51 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 01:50:48 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-13 01:50:48 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-13 01:26:10 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 01:26:10 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 01:26:09 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
.
==================== Find3M ====================
.
2012-07-11 13:17:32 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-07-11 13:17:32 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-24 00:01:49 955840 ----a-w- C:\Windows\System32\npdeployJava1.dll
2012-06-24 00:01:49 839096 ----a-w- C:\Windows\System32\deployJava1.dll
2012-06-10 12:25:14 84360 ---ha-w- C:\Windows\System32\drivers\PROCMON23.SYS
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-27 11:59:27 557056 ----a-w- C:\Windows\Restart Explorer.exe
2012-05-24 21:18:40 4472832 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2012-05-17 21:27:37 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
2012-05-17 21:25:18 74703 ----a-w- C:\Windows\SysWOW64mfc45.dll
2012-05-09 18:40:26 4818944 ----a-w- C:\Windows\SysWow64\x264vfw.dll
2012-05-05 02:29:22 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-05-05 02:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-29 03:23:00 1250816 ----a-w- C:\Windows\SysWow64\VSFilter.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-04-17 17:11:54 49152 ----a-w- C:\Windows\System32\iolobtdfg.exe
2012-04-17 17:11:38 17920 ----a-w- C:\Windows\System32\smrgdf.exe
2012-04-17 16:37:06 2154032 ----a-w- C:\Windows\System32\Incinerator64.dll
2012-04-17 16:37:02 2095816 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2012-04-17 15:25:12 69000 ----a-w- C:\Windows\System32\offreg.dll
2012-04-17 15:25:12 56200 ----a-w- C:\Windows\SysWow64\offreg.dll
2012-04-17 15:25:02 31432 ----a-w- C:\Windows\System32\drivers\ElRawDsk.sys
.
============= FINISH: 15:37:45.61 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 12 July 2012 - 06:45 PM

Hello MJL574,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


Do you have a USB Flash Drive you can use?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 12 July 2012 - 08:48 PM

Thanks for the quick response! Yes, I have access to a USB drive.

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 12 July 2012 - 08:54 PM

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list][/quote]

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 12 July 2012 - 10:04 PM

Scan result of Farbar Recovery Scan Tool Version: 11-07-2012
Ran by SYSTEM at 12-07-2012 19:51:58
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [TinyWall Controller] C:\Program Files\TinyWall\TinyWall.exe [623272 2012-06-22] (Károly Pados)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1675160 2012-03-21] (McAfee, Inc.)
HKLM-x32\...\Run: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe" [938680 2012-04-17] (iolo technologies, LLC)
HKLM-x32\...\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [LManager] c:\program files (x86)\launch manager\lmanager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKLM-x32\...\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot [383720 2012-07-05] (BillP Studios)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3921432 2012-07-04] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot [296096 2012-07-11] (RealNetworks, Inc.)
HKU\Mike\...\Run: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st [446080 2007-05-31] (AWS Convergence Technologies)
HKU\Mike\...\Run: [NetworkIndicator] C:\Users\Mike\Downloads\network-activity-indicator\NetworkIndicator.exe [344064 2012-05-04] (ITSamples.com)
HKU\Mike\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Mike\...\Run: [WLAN Optimizer] C:\Users\Mike\Documents\wopt021\WLAN Optimizer.exe [109056 2009-08-07] (none)
HKU\Mike\...\Run: [msnmsgr] "C:\PROGRAM FILES (X86)\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\Mike\...\Run: [POP Peeper] "c:\program files (x86)\pop peeper\poppeeper.exe" -min [1613824 2011-11-16] (Mortal Universe)
HKU\Mike\...\Run: [09009A79D78F7D57D59454FD1051E02615098430._service_run] "C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service [1250328 2012-06-28] (Google Inc.)
HKU\Mike\...\Run: [CommCtr] C:\PROGRA~2\NET2PH~1\CommCtr.exe -auto [2383872 2006-05-24] (Net2Phone Inc.)
HKU\Mike\...\Run: [Facebook Update] "C:\Users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.)
HKU\Mike\...\Policies\system: [DisableCMD] 0
HKU\Mike\...\Policies\system: [NoDispAppearancePage] 0
HKU\Mike\...\Policies\system: [NoDispBackgroundPage] 0
HKU\Mike\...\Policies\system: [NoDispSettingsPage] 0
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\CrystalDiskInfo.lnk
ShortcutTarget: CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\All Users\Start Menu\Programs\Startup\WinPatrol.lnk
ShortcutTarget: WinPatrol.lnk -> C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
Startup: C:\Users\Mike\Start Menu\Programs\Startup\alarm.lnk
ShortcutTarget: alarm.lnk -> C:\Program Files (x86)\A.L.A.R.M\alarm.exe ()
Startup: C:\Users\Mike\Start Menu\Programs\Startup\Atomic TimeSync.lnk
ShortcutTarget: Atomic TimeSync.lnk -> C:\Program Files (x86)\AnalogX\Atomic TimeSync\ats.exe (AnalogX, LLC)

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 a2AntiMalware; "C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe" [3069752 2012-06-20] (Emsisoft GmbH)
2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit)
3 ADVService; "C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe" [25704 2011-11-23] (Amazon.com)
4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [329544 2012-03-26] ()
2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
2 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [1047336 2012-04-17] (iolo technologies, LLC)
2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [502032 2012-04-19] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199272 2012-03-20] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [210584 2012-03-20] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [162192 2012-03-20] (McAfee, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [62720 2009-09-24] (NewTech Infosystems, Inc.)
3 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [91848 2012-05-16] (PC Pitstop LLC)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1188896 2012-07-04] (Safer-Networking Ltd.)
2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1395736 2012-07-04] (Safer-Networking Ltd.)
2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer-Networking Ltd.)
3 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [1302072 2012-05-03] (Secunia)
2 Secunia Update Agent; "C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service [681016 2012-05-03] (Secunia)
2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe service [70928 2011-02-22] (PC Tools)
2 TinyWall; "C:\Program Files\TinyWall\TinyWall.exe" [623272 2012-06-22] (Károly Pados)
3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [306400 2011-08-05] (Microsoft Corporation)
3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [8277728 2011-08-05] (Microsoft Corporation)
3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [467680 2011-08-05] (Microsoft Corporation)
2 0067841341495755mcinstcleanup; C:\Windows\TEMP\006784~1.EXE -cleanup -nolog [x]

========================== Drivers (Whitelisted) =============

3 a2acc; \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-06-20] (Emsisoft GmbH)
1 A2DDA; \??\C:\Users\Mike\Documents\EmsisoftEmergencyKit\Run\a2ddax64.sys [23208 2012-06-19] (Emsi Software GmbH)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
1 ElRawDisk; \??\C:\Windows\system32\drivers\ElRawDsk.sys [31432 2012-04-17] (EldoS Corporation)
3 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
4 IObitUnlocker; \??\C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [35256 2011-08-26] ()
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
3 NTIDrvr; C:\Windows\System32\Drivers\NTIDrvr.sys [18432 2009-05-05] (NewTech Infosystems, Inc.)
3 PORTMON; \??\C:\Users\Mike\Documents\SysinternalsSuite\PORTMSYS.SYS [28656 2012-06-10] (Systems Internals)
3 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84360 2012-06-10] (Sysinternals - www.sysinternals.com)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
0 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
3 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
0 TfSysMon; C:\Windows\System32\Drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
3 UBHelper; C:\Windows\System32\Drivers\UBHelper.sys [16896 2009-05-05] (NewTech Infosystems Corporation)
3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21904 2012-07-05] (IObit.com)
2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [55400 2010-11-22] (Exent Technologies Ltd.)
3 ALSysIO; \??\C:\Users\Mike\AppData\Local\Temp\ALSysIO64.sys [x]
3 mfeavfk01; [x]
1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]
3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-12 19:51 - 2012-07-12 19:51 - 00000000 ____D C:\FRST
2012-07-12 18:19 - 2012-07-12 18:20 - 01434551 ____A (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2012-07-12 16:36 - 2012-07-12 16:36 - 00000000 ____D C:\Users\Mike\AppData\Local\{E2F391A4-D5C5-47BE-8786-B58B5712E20F}
2012-07-12 16:35 - 2012-07-12 16:36 - 00000000 ____D C:\Users\Mike\AppData\Local\{260D78C2-CD18-4109-A2AB-8C92408072A2}
2012-07-12 14:41 - 2012-07-12 14:41 - 00013290 ____A C:\Users\Mike\Downloads\Attach.txt
2012-07-12 13:32 - 2012-06-14 13:58 - 00604003 ____A C:\Windows\System32\Drivers\etc\hosts.20120712-143208.backup
2012-07-12 12:42 - 2012-06-14 13:58 - 00604003 ____A C:\Windows\System32\Drivers\etc\hosts.20120712-134207.backup
2012-07-12 12:41 - 2012-07-12 12:41 - 00980480 ____A C:\Users\Mike\Downloads\MicrosoftFixit50267.msi
2012-07-12 05:18 - 2012-07-12 05:18 - 00548848 ____A (Symantec) C:\Users\Mike\Downloads\Setup.exe
2012-07-12 04:35 - 2012-07-12 04:35 - 00000000 ____D C:\Users\Mike\AppData\Local\{7FF3D580-C8DD-43C6-9DFE-A02BC5EA4D9C}
2012-07-12 04:33 - 2012-07-12 04:35 - 00000000 ____D C:\Users\Mike\AppData\Local\{3F9EE57E-297F-4871-97E5-659693F4EF32}
2012-07-11 21:41 - 2012-07-11 21:41 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-1.62.0.1300.exe
2012-07-11 16:16 - 2012-07-11 16:16 - 00000000 ____D C:\Users\Mike\AppData\Local\{33493531-A73F-4A3F-A6BB-75BD0D8491C2}
2012-07-11 16:15 - 2012-07-11 16:16 - 00000000 ____D C:\Users\Mike\AppData\Local\{83153898-18CD-477B-88DA-BDFB9C3C614C}
2012-07-11 05:09 - 2012-07-11 05:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-07-11 05:09 - 2009-01-25 12:14 - 00017272 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2012-07-11 04:59 - 2012-07-11 05:00 - 48534720 ____A (Safer-Networking Ltd. ) C:\Users\Mike\Downloads\spybotsd-2.0.9-rc1.exe
2012-07-11 04:38 - 2012-07-11 04:39 - 09822920 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\install_flash_player.exe
2012-07-11 04:37 - 2012-07-11 04:38 - 09226440 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\install_flash_player_ax.exe
2012-07-11 04:15 - 2012-07-11 04:15 - 00000000 ____D C:\Users\Mike\AppData\Local\{C24911C1-9F05-4C62-9589-6F122CEA18D7}
2012-07-11 04:14 - 2012-07-11 04:15 - 00000000 ____D C:\Users\Mike\AppData\Local\{1F645CEE-94F9-4A9A-B2CE-1A105D857D2D}
2012-07-11 02:24 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-11 02:04 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-11 02:04 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-11 02:04 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-11 02:04 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-11 02:04 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-11 02:04 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-11 02:04 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-11 02:04 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-11 02:04 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-11 02:04 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-11 02:04 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-11 02:04 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-11 02:04 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-11 02:04 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-11 02:04 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-11 02:04 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-11 02:04 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-11 02:04 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-11 02:04 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-11 02:04 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-11 02:04 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-11 02:04 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-11 02:04 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-11 02:04 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-11 02:04 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-11 02:04 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-11 02:04 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-11 02:04 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-10 22:59 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-10 22:59 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-10 22:59 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-10 22:59 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-10 22:59 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-10 22:59 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-10 22:58 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-10 22:58 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-10 22:58 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-10 22:58 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-10 22:58 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-10 22:58 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-10 22:58 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-10 22:58 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-10 22:58 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-10 22:58 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-10 22:58 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-10 22:58 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-10 22:58 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-10 21:54 - 2012-07-10 21:56 - 20043136 ____A (IObit ) C:\Users\Mike\Downloads\imf-setup.exe
2012-07-10 21:46 - 2012-07-10 21:47 - 06077848 ____A (BitTorrent, Inc.) C:\Users\Mike\Downloads\BitTorrent.exe
2012-07-10 21:41 - 2012-07-10 21:42 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-07-10 21:37 - 2012-07-10 21:37 - 04402576 ____A ( ) C:\Users\Mike\Downloads\cpu-z_1.61-setup-en.exe
2012-07-10 21:35 - 2012-07-10 21:35 - 18101376 ____A (SUPERAntiSpyware.com) C:\Users\Mike\Downloads\SUPERAntiSpyware(1).exe
2012-07-10 21:31 - 2012-07-10 21:31 - 00884936 ____A (BillP Studios) C:\Users\Mike\Downloads\wpsetup.exe
2012-07-10 21:03 - 2012-07-10 21:03 - 00000000 ____D C:\Users\Mike\AppData\Local\{C730B9C2-6827-4605-ACE5-E30A92049719}
2012-07-10 20:56 - 2012-07-10 20:56 - 00000000 ____D C:\Users\Mike\AppData\Local\{6E85E05E-EA38-42BD-9F81-AB85D7B2F5E8}
2012-07-10 11:02 - 2012-07-10 11:03 - 00000000 ____D C:\Users\Mike\AppData\Local\{52711298-BEBA-4FD1-B43A-F7B46BEF5EED}
2012-07-09 22:58 - 2012-07-09 22:58 - 00000000 ____D C:\Users\Mike\AppData\Local\{9ADE347D-1EFE-4EE6-9F94-C545D38B198D}
2012-07-09 10:58 - 2012-07-10 11:02 - 00000000 ____D C:\Users\Mike\AppData\Local\{4F636436-599A-42E7-84C2-C3914129FCD6}
2012-07-07 17:04 - 2012-07-07 17:04 - 00000000 ____D C:\Users\Mike\Desktop\CPS Court Appeal Forms
2012-07-07 09:46 - 2012-07-07 09:46 - 00000000 ____D C:\Users\Mike\AppData\Local\{BB1E0CFA-5DE2-480C-845F-A945C69F4BED}
2012-07-07 09:45 - 2012-07-07 09:46 - 00000000 ____D C:\Users\Mike\AppData\Local\{3FE9F82C-45E6-414C-A40F-434784518C58}
2012-07-06 15:24 - 2012-07-06 15:24 - 00000000 ____D C:\Users\Mike\AppData\Local\{59D1B7E4-77CB-460E-9015-D443A03B7139}
2012-07-06 15:23 - 2012-07-06 15:24 - 00000000 ____D C:\Users\Mike\AppData\Local\{A0274FB7-31DE-4627-8A0C-E33F53578C03}
2012-07-06 03:20 - 2012-07-06 03:21 - 00000000 ____D C:\Users\Mike\AppData\Local\{A82EE207-95A7-467A-8E74-32C0C53234BE}
2012-07-06 03:20 - 2012-07-06 03:20 - 00000000 ____D C:\Users\Mike\AppData\Local\{F467BA6E-727D-4DAF-8045-36841E48894A}
2012-07-05 15:19 - 2012-07-05 15:20 - 00000000 ____D C:\Users\Mike\AppData\Local\{24FAF7A2-8D97-4C4D-81A4-0D4CC193EFE6}
2012-07-05 15:19 - 2012-07-05 15:19 - 00000000 ____D C:\Users\Mike\AppData\Local\{E7CBD59F-CF6F-47FB-889D-DF90AE4AAD54}
2012-07-05 03:18 - 2012-07-05 03:19 - 00000000 ____D C:\Users\Mike\AppData\Local\{A461833C-0A17-44BD-A3DD-5B6295A33AFD}
2012-07-05 03:18 - 2012-07-05 03:18 - 00000000 ____D C:\Users\Mike\AppData\Local\{D1BF2F4D-2F25-4733-87F6-82C2A4281023}
2012-07-04 15:18 - 2012-07-04 15:18 - 00000000 ____D C:\Users\Mike\AppData\Local\{A744F4E0-2DD5-474B-8C4F-21AE408EAAEF}
2012-07-04 15:17 - 2012-07-04 15:18 - 00000000 ____D C:\Users\Mike\AppData\Local\{AABC37A2-76D3-474C-8C90-1EB278678487}
2012-07-04 10:47 - 2003-04-23 14:14 - 00053248 ____A C:\Windows\SysWOW64\BiMAppNT.exe
2012-07-04 10:15 - 2012-07-12 05:37 - 00004242 ____A C:\Windows\PFRO.log
2012-07-04 03:17 - 2012-07-04 03:17 - 00000000 ____D C:\Users\Mike\AppData\Local\{89DDBCF4-5C29-4F80-8076-26419E75C98D}
2012-07-04 03:16 - 2012-07-04 03:16 - 00000000 ____D C:\Users\Mike\AppData\Local\{A24993A8-E77D-41B5-8DA3-20CA7947EFDB}
2012-07-03 15:14 - 2012-07-03 15:15 - 00000000 ____D C:\Users\Mike\AppData\Local\{DD7B2928-3ED5-44F5-B2A6-FDF00D1B136D}
2012-07-03 15:13 - 2012-07-03 15:14 - 00000000 ____D C:\Users\Mike\AppData\Local\{26CECD03-4E4C-4B04-B3B1-EC240BC5F51E}
2012-07-03 14:20 - 2012-07-03 14:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-07-03 14:20 - 2012-07-03 14:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-07-03 03:13 - 2012-07-03 03:13 - 00000000 ____D C:\Users\Mike\AppData\Local\{9099F381-FC45-4E0C-A7AB-7524700E866A}
2012-07-03 03:12 - 2012-07-03 03:13 - 00000000 ____D C:\Users\Mike\AppData\Local\{DF05A763-508A-4354-A2B9-5DDAE8B26990}
2012-07-03 03:10 - 2012-07-12 18:45 - 00001914 ____A C:\Windows\setupact.log
2012-07-03 03:10 - 2012-07-03 03:10 - 00000000 ____A C:\Windows\setuperr.log
2012-07-03 02:34 - 2012-07-03 02:34 - 00000000 ____D C:\Users\Mike\AppData\Local\IsolatedStorage
2012-07-02 17:57 - 2012-07-02 17:57 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-07-02 17:57 - 2012-07-02 17:57 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2012-07-02 17:57 - 2012-07-02 17:57 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-07-02 17:57 - 2012-07-02 17:57 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2012-07-02 17:33 - 2012-07-02 17:33 - 00000000 ____D C:\Users\Mike\AppData\Local\{6EB08941-3D8C-4588-B551-3609563F469A}
2012-07-02 17:09 - 2012-07-02 17:09 - 00000000 ____D C:\Users\Mike\AppData\Local\{EF08A1EA-6AB7-4AA4-91A8-48F2D22C2199}
2012-06-30 18:30 - 2012-06-30 18:30 - 00000000 ____D C:\Users\Mike\AppData\Local\{A0502634-E141-408E-907E-CDF65E377311}
2012-06-30 18:30 - 2012-06-30 18:30 - 00000000 ____D C:\Users\Mike\AppData\Local\{5A79850B-8202-43E8-BF1D-B7DDB5950648}
2012-06-30 06:29 - 2012-06-30 06:29 - 00000000 ____D C:\Users\Mike\AppData\Local\{8506E846-7CEE-4916-9BE9-EBFCF46A24F7}
2012-06-30 06:29 - 2012-06-30 06:29 - 00000000 ____D C:\Users\Mike\AppData\Local\{4832726D-A8B6-4886-A972-1B508F547212}
2012-06-29 18:28 - 2012-06-29 18:28 - 00000000 ____D C:\Users\Mike\AppData\Local\{D0173E11-E70D-4875-AEBE-A395C70F0955}
2012-06-29 18:28 - 2012-06-29 18:28 - 00000000 ____D C:\Users\Mike\AppData\Local\{B7FBDFC6-1919-4C2D-9C2F-9B155DEA3A15}
2012-06-29 07:40 - 2012-06-29 07:40 - 03281592 ____A (Secunia) C:\Users\Mike\Downloads\PSISetup.exe
2012-06-29 06:27 - 2012-06-29 06:27 - 00000000 ____D C:\Users\Mike\AppData\Local\{BFA36506-47FE-4A07-BC5C-8E9163EB6C54}
2012-06-29 06:26 - 2012-06-29 06:27 - 00000000 ____D C:\Users\Mike\AppData\Local\{D63494D6-79EB-4729-9FA1-E0004BAD0E73}
2012-06-28 17:57 - 2012-06-28 17:57 - 00000240 ____A C:\Users\Mike\AppData\Roaming\GPU Meter_Settings.ini
2012-06-28 17:56 - 2012-06-30 18:33 - 00000132 ____A C:\Users\Mike\AppData\Roaming\Earthquakes Meter_Settings.ini
2012-06-28 17:36 - 2012-06-28 17:36 - 00000000 ____D C:\Users\Mike\AppData\Local\{F5184B1B-DADD-49DE-A999-9159B32FED9B}
2012-06-28 17:35 - 2012-06-28 17:35 - 00000000 ____D C:\Users\Mike\AppData\Local\{4A84272A-4332-4081-9839-3369EBB959C1}
2012-06-27 18:08 - 2012-06-27 18:09 - 13083592 ____A (Microsoft Corporation) C:\Users\Mike\Downloads\Silverlight_x64.exe
2012-06-27 17:07 - 2012-06-27 17:07 - 00000000 ____D C:\Users\Mike\AppData\Local\{2BD9C398-FC70-4FA4-977B-87933583A875}
2012-06-27 17:07 - 2012-06-27 17:07 - 00000000 ____D C:\Users\Mike\AppData\Local\{11DF3CF9-F94D-4658-A031-1333C3537A09}
2012-06-27 13:44 - 2012-06-27 13:44 - 00000000 ____D C:\Users\Mike\Documents\Web Site
2012-06-27 13:44 - 2012-06-27 13:44 - 00000000 ____D C:\Users\Mike\Documents\web customers
2012-06-27 13:44 - 2012-06-27 13:44 - 00000000 ____D C:\Users\Mike\Documents\Web Authoring & Design stuff
2012-06-27 11:56 - 2012-06-27 13:44 - 00000000 ____D C:\Users\Mike\Documents\Sounds
2012-06-27 11:56 - 2012-06-27 11:56 - 00000000 ____D C:\Users\Mike\Documents\SkyWarn
2012-06-27 11:55 - 2012-06-27 13:42 - 00000000 ____D C:\Users\Mike\Documents\Fire
2012-06-27 11:55 - 2012-06-27 13:39 - 00000000 ____D C:\Users\Mike\Documents\Computer
2012-06-27 11:55 - 2012-06-27 13:38 - 00000000 ____D C:\Users\Mike\Documents\Amateur Radio
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\Photos
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\My Library
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\MikeJLevyWebMASTER site
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\Maps
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\Law Enforcement
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\Job Search Resources
2012-06-27 11:55 - 2012-06-27 11:55 - 00000000 ____D C:\Users\Mike\Documents\Emergency Services and Rescue
2012-06-27 11:41 - 2004-12-20 15:18 - 00000182 ____A C:\Users\Mike\Documents\The Expanded Dictionary of Obscure and Obscene Sexual Terms.url
2012-06-27 11:41 - 2004-09-29 12:17 - 00000132 ____A C:\Users\Mike\Documents\The Pleasure Organ.url
2012-06-27 11:41 - 2004-09-27 18:07 - 00000182 ____A C:\Users\Mike\Documents\The OGO goes legit today - Handhelds - handhelds.engadget.co.url
2012-06-27 11:41 - 2004-09-02 13:57 - 00000178 ____A C:\Users\Mike\Documents\Test Your Stress Levels.url
2012-06-27 11:41 - 2004-08-19 08:41 - 00000641 ____A C:\Users\Mike\Documents\Verizon.iaf
2012-06-27 11:41 - 2004-07-15 10:39 - 00000276 ____A C:\Users\Mike\Documents\Viruses & Other Malware - Detection, Prevention, and Cure.url
2012-06-27 11:41 - 2004-05-27 23:53 - 00000116 ____A C:\Users\Mike\Documents\The Linux Documentation Project.url
2012-06-27 11:41 - 2004-05-14 16:20 - 00000126 ____A C:\Users\Mike\Documents\Welcome to inthe80s, The Eighties nostalgia site.url
2012-06-27 11:41 - 2004-04-19 21:27 - 00000206 ____A C:\Users\Mike\Documents\Walmart.com - Music Downloads.url
2012-06-27 11:41 - 2004-04-10 21:44 - 00028511 ____A C:\Users\Mike\Documents\Text of Bush's Aug_ 6, 2001, Intel Brief.htm
2012-06-27 11:41 - 2004-04-01 12:39 - 00015404 ____A C:\Users\Mike\Documents\VoIP Reaches Out, Wirelessly.htm
2012-06-27 11:41 - 2004-03-20 07:35 - 00000154 ____A C:\Users\Mike\Documents\TrafficMobile.com - Real Time Traffic Information For Your M.url
2012-06-27 11:41 - 2004-02-29 22:33 - 00000290 ____A C:\Users\Mike\Documents\Yahoo! Directory Extraterrestrial Life Mars's Cydonia Regio.url
2012-06-27 11:41 - 2003-02-18 14:28 - 00000093 ____A C:\Users\Mike\Documents\utilities.txt
2012-06-27 11:40 - 2012-06-27 11:41 - 00000000 ____D C:\Users\Mike\Documents\IRLP
2012-06-27 11:40 - 2004-12-22 11:57 - 00004201 ____A C:\Users\Mike\Documents\Love Song Mix.nra
2012-06-27 11:40 - 2004-12-22 10:10 - 00012700 ____A C:\Users\Mike\Documents\ke6alvmike.blt
2012-06-27 11:40 - 2004-12-22 10:03 - 00001380 ____A C:\Users\Mike\Documents\Contacts for ke6alv (hotmail).ctt
2012-06-27 11:40 - 2004-12-20 23:08 - 00000126 ____A C:\Users\Mike\Documents\Renaissance Faire Homepage.url
2012-06-27 11:40 - 2004-12-17 20:11 - 00000259 ____A C:\Users\Mike\Documents\Drinking Songs The Poxy Boggards.url
2012-06-27 11:40 - 2004-12-14 10:35 - 20208939 ____A C:\Users\Mike\Documents\kate-babyoil-movie[1].wmv
2012-06-27 11:40 - 2004-12-04 22:30 - 00000174 ____A C:\Users\Mike\Documents\K6HEY's Pussy Photos.url
2012-06-27 11:40 - 2004-11-29 14:38 - 00006906 ____A C:\Users\Mike\Documents\ke6alv.blt
2012-06-27 11:40 - 2004-11-02 05:34 - 00000146 ____A C:\Users\Mike\Documents\Star Trek Sound files.url
2012-06-27 11:40 - 2004-10-27 13:10 - 00000184 ____A C:\Users\Mike\Documents\Holistic Wisdom Corporation.url
2012-06-27 11:40 - 2004-10-21 23:00 - 00000162 ____A C:\Users\Mike\Documents\HeartStart.url
2012-06-27 11:40 - 2004-10-12 21:33 - 00000688 ____A C:\Users\Mike\Documents\MikeJLevy@KE6ALV.com.iaf
2012-06-27 11:40 - 2004-10-02 12:30 - 00000258 ____A C:\Users\Mike\Documents\Adult ADHD An Overlooked Problem.url
2012-06-27 11:40 - 2004-10-01 23:05 - 00000156 ____A C:\Users\Mike\Documents\Hello Kitty's Homepage City.url
2012-06-27 11:40 - 2004-10-01 13:48 - 00000144 ____A C:\Users\Mike\Documents\Southern California Frequency Directory - Police Fire EMS Ai.url
2012-06-27 11:40 - 2004-09-29 23:12 - 00000190 ____A C:\Users\Mike\Documents\Mount St. Helens - Current Volcanic Activity.url
2012-06-27 11:40 - 2004-09-27 18:45 - 00000242 ____A C:\Users\Mike\Documents\Sys Admin CDROM v9.url
2012-06-27 11:40 - 2004-09-19 09:00 - 00000300 ____A C:\Users\Mike\Documents\91X.wpl
2012-06-27 11:40 - 2004-09-18 19:27 - 00000541 ____A C:\Users\Mike\Documents\MikeJLevy.iaf
2012-06-27 11:40 - 2004-09-16 14:41 - 00000166 ____A C:\Users\Mike\Documents\NOLA.com Hurricane Center.url
2012-06-27 11:40 - 2004-09-02 14:00 - 00000128 ____A C:\Users\Mike\Documents\All About My Vagina Sitemap.url
2012-06-27 11:40 - 2004-08-27 18:12 - 00000182 ____A C:\Users\Mike\Documents\Holistic Wisdom Newsletter.url
2012-06-27 11:40 - 2004-08-23 21:15 - 00000288 ____A C:\Users\Mike\Documents\Site Results [ULS DATABASE].url
2012-06-27 11:40 - 2004-08-19 08:41 - 00000667 ____A C:\Users\Mike\Documents\Mike.iaf
2012-06-27 11:40 - 2004-08-19 08:41 - 00000661 ____A C:\Users\Mike\Documents\aYahoo.iaf
2012-06-27 11:40 - 2004-08-19 08:36 - 00000192 ____A C:\Users\Mike\Documents\MyPleasure.com - How to Perform Cunnilingus.url
2012-06-27 11:40 - 2004-08-17 07:28 - 00000148 ____A C:\Users\Mike\Documents\http--redhat.irlp.net-echo-install.url
2012-06-27 11:40 - 2004-08-07 13:12 - 00000184 ____A C:\Users\Mike\Documents\Riverside County Fire Department - GIS.url
2012-06-27 11:40 - 2004-08-03 13:19 - 00000192 ____A C:\Users\Mike\Documents\Cingular-AT&T Wireless.url
2012-06-27 11:40 - 2004-07-04 07:12 - 00000150 ____A C:\Users\Mike\Documents\Juror Reporting Information.url
2012-06-27 11:40 - 2004-06-29 20:35 - 00000150 ____A C:\Users\Mike\Documents\Cunnilingus FAQ.url
2012-06-27 11:40 - 2004-06-29 12:51 - 02086912 ____A C:\Users\Mike\Documents\lec9.ppt
2012-06-27 11:40 - 2004-06-28 14:09 - 00000282 ____A C:\Users\Mike\Documents\Misty - Southern California Escort.url
2012-06-27 11:40 - 2004-06-25 09:39 - 00000200 ____A C:\Users\Mike\Documents\Summer Movies Planner '04.url
2012-06-27 11:40 - 2004-06-20 16:15 - 00219648 ____A C:\Users\Mike\Documents\KenwoodPlan10-2003v3.2.xls
2012-06-27 11:40 - 2004-05-27 23:58 - 00000184 ____A C:\Users\Mike\Documents\Categorized List of HOWTOs.url
2012-06-27 11:40 - 2004-05-13 15:15 - 00000142 ____A C:\Users\Mike\Documents\MABEL'S WHORE HOUSE.url
2012-06-27 11:40 - 2004-05-08 22:15 - 00000352 ____A C:\Users\Mike\Documents\CyberParodies.com - Funny Song Parodies.url
2012-06-27 11:40 - 2004-05-03 16:04 - 00000182 ____A C:\Users\Mike\Documents\Howstuffworks How does the walkie-talkie feature on a Nextel.url
2012-06-27 11:40 - 2004-05-02 20:21 - 00000116 ____A C:\Users\Mike\Documents\Kelley Blue Book - New Car Pricing, Used Car Values.url
2012-06-27 11:40 - 2004-04-26 13:09 - 00000306 ____A C:\Users\Mike\Documents\San Bernardino Campus Programs Offered.url
2012-06-27 11:40 - 2004-04-21 23:16 - 00000198 ____A C:\Users\Mike\Documents\AskMen.com - Pick-up & Sex Guide.url
2012-06-27 11:40 - 2004-04-17 12:44 - 00000294 ____A C:\Users\Mike\Documents\Strep Throat.url
2012-06-27 11:40 - 2004-04-17 09:55 - 00014815 ____A C:\Users\Mike\Documents\ARRLWeb FCC Proposes Wide-Ranging Changes to Amateur Service.htm
2012-06-27 11:40 - 2004-04-12 14:37 - 00000144 ____A C:\Users\Mike\Documents\EchoLink Link Status.url
2012-06-27 11:40 - 2004-04-12 12:18 - 00000142 ____A C:\Users\Mike\Documents\IRLP New Node Installation.url
2012-06-27 11:40 - 2004-04-08 14:23 - 00000213 ____A C:\Users\Mike\Documents\Driver License and Identification (ID) Card Information.url
2012-06-27 11:40 - 2004-03-20 21:55 - 00000184 ____A C:\Users\Mike\Documents\FRAGGLE ROCK guide - the Episodes.url
2012-06-27 11:40 - 2004-03-16 21:19 - 00006634 ____A C:\Users\Mike\Documents\modat.wav
2012-06-27 11:40 - 2004-03-16 21:19 - 00000138 ____A C:\Users\Mike\Documents\Digital Modes Samples.url
2012-06-27 11:40 - 2004-03-16 21:17 - 00008916 ____A C:\Users\Mike\Documents\mdc1200.wav
2012-06-27 11:40 - 2004-03-15 17:52 - 00000206 ____A C:\Users\Mike\Documents\MyProfile1.url
2012-06-27 11:40 - 2004-03-08 17:56 - 00000202 ____A C:\Users\Mike\Documents\800 MHz Interference Issue & Plans.url
2012-06-27 11:40 - 2004-03-02 09:03 - 00000172 ____A C:\Users\Mike\Documents\Cydonia images.url
2012-06-27 11:40 - 2004-02-18 12:08 - 00213048 ____A C:\Users\Mike\Documents\Bookmarks.htm
2012-06-27 11:40 - 2004-02-15 22:52 - 00000184 ____A C:\Users\Mike\Documents\IRLP Node Codes and locations.url
2012-06-27 11:40 - 2003-11-21 17:14 - 00015228 ____A C:\Users\Mike\Documents\NexBeep.wav
2012-06-27 11:40 - 1994-03-14 20:36 - 00022980 ____A C:\Users\Mike\Documents\MINDY.WAV
2012-06-27 11:29 - 2012-06-27 13:45 - 00000000 ____D C:\Users\Mike\Documents\Weather
2012-06-27 11:29 - 2012-06-27 13:44 - 00000000 ____D C:\Users\Mike\Documents\Entertainment
2012-06-27 11:28 - 2012-06-27 13:45 - 00000000 ____D C:\Users\Mike\Documents\September 11 2001
2012-06-27 11:28 - 2012-06-27 13:45 - 00000000 ____D C:\Users\Mike\Documents\School
2012-06-27 11:28 - 2012-06-27 13:45 - 00000000 ____D C:\Users\Mike\Documents\Scanners
2012-06-27 05:06 - 2012-06-27 05:07 - 00000000 ____D C:\Users\Mike\AppData\Local\{3F892EF7-70E6-4EC1-A540-286E5E264D88}
2012-06-27 05:06 - 2012-06-27 05:06 - 00000000 ____D C:\Users\Mike\AppData\Local\{7511664C-1241-45F9-ADB5-2B7495A88CB4}
2012-06-27 01:25 - 2012-07-11 04:12 - 00000000 ___RD C:\Users\Mike\Podcasts
2012-06-27 01:21 - 2012-06-27 01:25 - 00000000 ____D C:\Program Files\Zune
2012-06-27 01:17 - 2012-06-27 01:19 - 105664248 ____A (Microsoft Corporation) C:\Users\Mike\Downloads\ZuneSetupPkg.exe
2012-06-26 17:06 - 2012-06-26 17:06 - 00000000 ____D C:\Users\Mike\AppData\Local\{6A4393D3-7D60-414C-B2C6-5DFC6CB70025}
2012-06-26 17:05 - 2012-06-26 17:06 - 00000000 ____D C:\Users\Mike\AppData\Local\{68173BCB-0DA0-43BE-ADB6-C2AC21C36E0C}
2012-06-26 13:04 - 2012-06-26 13:04 - 03889704 ____A (Piriform Ltd) C:\Users\Mike\Downloads\ccsetup320.exe
2012-06-26 13:04 - 2012-06-26 13:04 - 00946352 ____A (Skype Technologies S.A.) C:\Users\Mike\Downloads\SkypeSetup.exe
2012-06-26 05:05 - 2012-06-26 05:05 - 00000000 ____D C:\Users\Mike\AppData\Local\{FA21D255-7731-47E1-9240-99F47A184C4F}
2012-06-26 05:05 - 2012-06-26 05:05 - 00000000 ____D C:\Users\Mike\AppData\Local\{EFEA8ACF-ACEE-45F1-98DE-759AA477F9CA}
2012-06-25 17:05 - 2012-06-25 17:05 - 00000132 ____A C:\Windows\(null)toolkit.ini
2012-06-25 17:04 - 2012-06-25 17:04 - 00000000 ____D C:\Users\Mike\AppData\Local\{594379F3-A3AD-4011-9284-B9447F08CBB4}
2012-06-25 17:04 - 2012-06-25 17:04 - 00000000 ____D C:\Users\Mike\AppData\Local\{309EE7E9-86A3-454C-8955-50B04649EFC2}
2012-06-24 16:13 - 2012-06-24 16:13 - 00000000 ____D C:\Users\Mike\AppData\Local\{AEE9ADD6-FD3A-4FEA-8412-92F0650F76E9}
2012-06-24 16:12 - 2012-06-24 16:13 - 00000000 ____D C:\Users\Mike\AppData\Local\{12926730-7D6A-4DC5-8903-5A4007FE3317}
2012-06-24 01:26 - 2012-06-24 01:26 - 00000000 ____D C:\Users\Mike\AppData\Local\{D1CF2029-004B-4AF0-B566-A22EED39362F}
2012-06-24 01:26 - 2012-06-24 01:26 - 00000000 ____D C:\Users\Mike\AppData\Local\{3ED7998A-79EF-44DE-A4C8-D9BF584FB837}
2012-06-23 16:25 - 2012-06-23 16:26 - 00000000 ____D C:\Users\Mike\Downloads\wnetwatcher
2012-06-23 16:22 - 2012-06-23 16:22 - 00072554 ____A C:\Users\Mike\Downloads\usbdeview.zip
2012-06-23 16:02 - 2012-06-23 16:01 - 00268720 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-06-23 16:02 - 2012-06-23 16:01 - 00189360 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-06-23 16:02 - 2012-06-23 16:01 - 00188840 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-06-23 16:01 - 2012-06-23 16:01 - 00000000 ____D C:\Program Files\Java
2012-06-23 13:25 - 2012-06-23 13:25 - 00000000 ____D C:\Users\Mike\AppData\Local\{C711089A-964A-4A9A-9B4F-D33D6BADFDB6}
2012-06-23 13:24 - 2012-06-23 13:25 - 00000000 ____D C:\Users\Mike\AppData\Local\{9CBC4C2C-1EE9-4355-8D19-0B3662B3E69E}
2012-06-23 01:24 - 2012-06-23 01:24 - 00000000 ____D C:\Users\Mike\AppData\Local\{59B1273A-8566-4C9E-91AF-4F6C8744DEB0}
2012-06-23 01:23 - 2012-06-23 01:24 - 00000000 ____D C:\Users\Mike\AppData\Local\{D5E33065-B318-4EBE-B7F3-9177470FB7B4}
2012-06-22 22:19 - 2012-06-22 22:19 - 00000000 ____D C:\Hotspot Shield
2012-06-22 22:18 - 2012-06-22 22:19 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2012-06-22 22:13 - 2012-06-22 22:14 - 21919744 ____A C:\Users\Mike\Downloads\trillian-v5.2.0.10.exe
2012-06-22 14:34 - 2012-06-22 14:34 - 00000000 ____D C:\Users\Mike\AppData\Roaming\RealNetworks
2012-06-22 13:33 - 2012-06-22 13:33 - 00000000 ____D C:\Program Files\WOT
2012-06-22 13:33 - 2012-06-22 13:33 - 00000000 ____D C:\Program Files (x86)\WOT
2012-06-22 13:32 - 2012-06-22 13:32 - 01974272 ____A C:\Users\Mike\Downloads\WOT-latest-all-x64.msi
2012-06-22 13:23 - 2012-06-22 13:23 - 00000000 ____D C:\Users\Mike\AppData\Local\{52FA012C-EC8F-4238-9541-89659609456A}
2012-06-22 13:23 - 2012-06-22 13:23 - 00000000 ____D C:\Users\Mike\AppData\Local\{161EB96F-126B-41CB-9C34-1FEF4C034246}
2012-06-22 12:08 - 2012-06-22 12:10 - 00000000 ____D C:\Users\Mike\AppData\Roaming\TinyWall
2012-06-22 12:04 - 2012-07-10 21:00 - 00000000 ____D C:\Users\All Users\TinyWall
2012-06-22 12:04 - 2012-06-28 17:36 - 00002722 ____A C:\Windows\System32\InstallUtil.InstallLog
2012-06-22 12:04 - 2012-06-28 17:36 - 00000000 ____D C:\Program Files\TinyWall
2012-06-22 12:02 - 2012-06-22 12:02 - 01064960 ____A C:\Users\Mike\Downloads\TinyWallInstaller.msi
2012-06-22 07:40 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-22 07:40 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-22 07:40 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-22 07:40 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-22 07:40 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-22 07:40 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-22 07:40 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-22 07:40 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-22 07:40 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-22 01:22 - 2012-06-22 01:22 - 00000000 ____D C:\Users\Mike\AppData\Local\{799B497F-4101-4CF1-9977-16EBF982BA5C}
2012-06-22 01:22 - 2012-06-22 01:22 - 00000000 ____D C:\Users\Mike\AppData\Local\{759A9FE8-EF66-4F11-88B0-16D77246841F}
2012-06-21 22:51 - 2012-06-21 23:03 - 00000000 ____D C:\Users\Mike\Documents\Kumare-BitTorrent
2012-06-21 13:21 - 2012-06-21 13:22 - 00000000 ____D C:\Users\Mike\AppData\Local\{5AA6AC31-B21A-4B7C-BD40-5A3D8E5A99CF}
2012-06-21 13:21 - 2012-06-21 13:21 - 00000000 ____D C:\Users\Mike\AppData\Local\{CCA628D4-84EE-4A3D-A0B2-DDC93CB846AD}
2012-06-21 10:54 - 2012-06-21 10:54 - 00000000 ____D C:\Users\Mike\AppData\Local\{65E72421-042E-411A-9060-E6AE7398194B}
2012-06-21 10:53 - 2012-06-21 10:54 - 00000000 ____D C:\Users\Mike\AppData\Local\{95F9F459-91A4-46F5-B6D0-34A47F30FB33}
2012-06-20 20:37 - 2012-06-20 20:37 - 00000000 ____D C:\Users\Mike\AppData\Local\{16BDF799-B5B4-4E1E-AFE7-A0EBB0E215EE}
2012-06-20 20:36 - 2012-06-20 20:37 - 00000000 ____D C:\Users\Mike\AppData\Local\{7BDFC3F4-144F-451B-B08B-4BB4F6A6BEB4}
2012-06-20 18:08 - 2012-06-20 18:08 - 00000000 ____D C:\THIS_MEANS_WAR
2012-06-20 18:03 - 2012-06-22 12:57 - 00000000 ____D C:\Users\All Users\DVD Shrink
2012-06-20 18:03 - 2012-06-20 18:03 - 00000000 ____D C:\Program Files (x86)\DVD Shrink
2012-06-20 18:02 - 2012-06-20 18:02 - 00158176 ____A () C:\Users\Mike\Downloads\DVDShrink_downloader_by_DVDShrink.exe
2012-06-20 15:26 - 2012-06-20 15:26 - 00000000 ____D C:\Users\Mike\Documents\ProcAlyzer Dumps
2012-06-20 14:01 - 2012-06-20 14:01 - 43975616 ____A (Safer-Networking Ltd. ) C:\Users\Mike\Downloads\spybotsd-2.0.8-beta6.exe
2012-06-20 08:36 - 2012-06-20 08:36 - 00000000 ____D C:\Users\Mike\AppData\Local\{E56B409F-0018-4938-A08C-BF13139A0EF0}
2012-06-20 08:36 - 2012-06-20 08:36 - 00000000 ____D C:\Users\Mike\AppData\Local\{C124A7A9-330C-4397-AFD8-89A38EF035D7}
2012-06-19 20:35 - 2012-06-19 20:36 - 00000000 ____D C:\Users\Mike\AppData\Local\{F61C862F-C6B5-4469-93D7-78FBF1D3E94B}
2012-06-19 20:35 - 2012-06-19 20:35 - 00000000 ____D C:\Users\Mike\AppData\Local\{6C2F39CB-9968-4EE8-97DC-F337B08CF222}
2012-06-19 06:53 - 2012-06-19 06:53 - 00000000 ____D C:\Users\Mike\AppData\Local\{0EDC7F99-9EE4-4EAB-B357-831015596BB0}
2012-06-19 06:52 - 2012-06-19 06:53 - 00000000 ____D C:\Users\Mike\AppData\Local\{4A8031ED-BCD9-4FC0-89F5-87C8CF3CB859}
2012-06-18 18:52 - 2012-06-18 18:52 - 00000000 ____D C:\Users\Mike\AppData\Local\{E26A6D8E-6580-4D3C-A7B1-9EB9136C5060}
2012-06-18 18:51 - 2012-06-18 18:52 - 00000000 ____D C:\Users\Mike\AppData\Local\{20E3AEB9-1620-43BE-A854-F27F53DDFF77}
2012-06-18 05:29 - 2012-06-18 05:29 - 00000000 ____D C:\Users\Mike\AppData\Local\{F82C4737-F202-464E-A9EF-A47574F174C1}
2012-06-17 19:05 - 2012-06-19 18:36 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Trillian
2012-06-17 19:04 - 2012-07-10 20:56 - 00000000 ____D C:\Program Files (x86)\Trillian
2012-06-17 17:28 - 2012-06-17 17:28 - 00000000 ____D C:\Users\Mike\AppData\Local\{94FFAC80-43BE-4ED3-A73E-697D2A361F58}
2012-06-17 03:16 - 2012-06-17 03:16 - 00000000 ____D C:\Program Files (x86)\Emsisoft HiJackFree
2012-06-17 03:13 - 2012-06-17 03:13 - 02095808 ____A (Emsi Software GmbH ) C:\Users\Mike\Downloads\a2HiJackFreeSetup.exe
2012-06-17 03:13 - 2012-06-17 03:13 - 01710784 ____A (Crystal Dew World ) C:\Users\Mike\Downloads\CrystalDiskInfo5_0_0-en.exe
2012-06-17 01:23 - 2012-07-12 18:47 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-16 20:50 - 2012-06-16 20:50 - 00000000 ____D C:\Users\Mike\AppData\Local\{688509D1-6305-45BC-98F5-069AF61A4B8A}
2012-06-16 13:18 - 2012-07-11 04:54 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-16 11:30 - 2012-06-16 11:30 - 00000000 ____D C:\Users\Mike\AppData\Local\{1A3042BE-5B0E-4550-AADC-1ADE4024A925}
2012-06-16 01:39 - 2012-06-16 01:39 - 00000000 ____D C:\Users\Mike\AppData\Local\{C185736B-2E37-435C-BA18-B0EB201F37E0}
2012-06-15 13:39 - 2012-06-15 13:39 - 00000000 ____D C:\Users\Mike\AppData\Local\{C566B875-487C-4EE2-9843-5CE385F0F6E2}
2012-06-15 10:33 - 2012-06-15 10:33 - 00000000 ____D C:\Users\Mike\AppData\Local\Amazon
2012-06-15 10:30 - 2012-06-15 10:31 - 25360896 ____A C:\Users\Mike\Downloads\AmazonCloudDrive-installer.msi
2012-06-15 01:38 - 2012-06-15 01:39 - 00000000 ____D C:\Users\Mike\AppData\Local\{3B335ACB-5C9F-4768-8C79-A4F9ADFE3DE1}
2012-06-14 13:38 - 2012-06-14 13:38 - 00000000 ____D C:\Users\Mike\AppData\Local\{5744A1E3-56C6-4828-9406-D0A35EFD0A9C}
2012-06-14 13:38 - 2012-06-14 13:38 - 00000000 ____D C:\Users\Mike\AppData\Local\{0BD23D9B-1711-4D8F-92C6-1E26F5B80E90}
2012-06-14 01:37 - 2012-06-14 01:38 - 00000000 ____D C:\Users\Mike\AppData\Local\{77656E32-6448-46ED-A366-EDE270DDB057}
2012-06-14 01:37 - 2012-06-14 01:37 - 00000000 ____D C:\Users\Mike\AppData\Local\{F57D05EC-A7FE-499F-BF27-7D7AEFEA25EA}
2012-06-13 21:02 - 2012-06-13 21:02 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-13 21:01 - 2012-05-04 18:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-13 20:59 - 2012-05-15 18:06 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-13 20:59 - 2012-05-15 18:06 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-13 20:57 - 2012-06-13 20:59 - 00002925 ____A C:\Windows\SysWOW64\jupdate-1.7.0_05-b05.log
2012-06-13 20:53 - 2012-06-13 20:54 - 00893936 ____A (Oracle Corporation) C:\Users\Mike\Downloads\jxpiinstall.exe
2012-06-13 19:35 - 2012-06-17 20:54 - 00000000 ____D C:\Users\Mike\AppData\Local\Digsby
2012-06-13 19:35 - 2012-06-13 19:40 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Digsby
2012-06-13 19:35 - 2012-06-13 19:40 - 00000000 ____D C:\Users\All Users\Digsby
2012-06-13 13:37 - 2012-06-13 13:37 - 00000000 ____D C:\Users\Mike\AppData\Local\{D7A50EF0-D93F-4FA1-A967-084B83890A99}
2012-06-13 13:36 - 2012-06-13 13:37 - 00000000 ____D C:\Users\Mike\AppData\Local\{C9066514-7E01-4E6F-8537-F1E78608DF8C}
2012-06-13 05:52 - 2012-06-13 05:54 - 00000000 ____D C:\Program Files\iTunes
2012-06-13 05:52 - 2012-06-13 05:52 - 00000000 ____D C:\Program Files\iPod
2012-06-13 01:00 - 2012-06-13 01:00 - 00000000 ____D C:\Users\Mike\AppData\Local\{4971BADA-CFB9-4EBC-B149-8C85D2E7F9BF}
2012-06-13 01:00 - 2012-06-13 01:00 - 00000000 ____D C:\Users\Mike\AppData\Local\{2735188D-AE10-440A-A175-5D9E6B38B21A}
2012-06-12 19:41 - 2012-07-11 04:54 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-12 19:27 - 2012-06-12 19:27 - 00686792 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\uninstall_flash_player.exe
2012-06-12 17:50 - 2012-05-04 03:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-06-12 17:50 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-06-12 17:26 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-12 17:26 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-12 17:26 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-12 17:25 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-12 17:25 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-12 17:25 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-12 17:25 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-12 17:25 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-12 17:25 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-12 17:25 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-12 17:25 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-12 17:25 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-12 17:25 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-12 17:25 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-12 17:25 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-12 17:25 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-12 12:59 - 2012-06-12 12:59 - 00000000 ____D C:\Users\Mike\AppData\Local\{9E21622D-2872-4B11-B44F-B073CE544CFB}
2012-06-12 12:58 - 2012-06-12 12:59 - 00000000 ____D C:\Users\Mike\AppData\Local\{327BC9A9-844C-45E8-A5EC-97964A1B45EE}
2012-06-12 12:37 - 2012-06-12 12:37 - 00000000 ____D C:\Users\Mike\AppData\Local\{BB72CF91-851D-42E7-954D-71661CAE96D8}

============ 3 Months Modified Files ========================

2012-07-12 18:47 - 2012-06-17 01:23 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-07-12 18:47 - 2011-10-24 18:15 - 01067696 ____A C:\Windows\WindowsUpdate.log
2012-07-12 18:45 - 2012-07-03 03:10 - 00001914 ____A C:\Windows\setupact.log
2012-07-12 18:20 - 2012-07-12 18:19 - 01434551 ____A (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2012-07-12 17:03 - 2012-04-26 20:03 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003UA.job
2012-07-12 14:41 - 2012-07-12 14:41 - 00013290 ____A C:\Users\Mike\Downloads\Attach.txt
2012-07-12 14:03 - 2012-04-26 20:02 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003Core.job
2012-07-12 12:41 - 2012-07-12 12:41 - 00980480 ____A C:\Users\Mike\Downloads\MicrosoftFixit50267.msi
2012-07-12 05:46 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-12 05:46 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-12 05:37 - 2012-07-04 10:15 - 00004242 ____A C:\Windows\PFRO.log
2012-07-12 05:37 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-12 05:35 - 2012-05-14 19:50 - 00000446 ___AH C:\Windows\Tasks\Norton Security Scan for Mike.job
2012-07-12 05:18 - 2012-07-12 05:18 - 00548848 ____A (Symantec) C:\Users\Mike\Downloads\Setup.exe
2012-07-12 05:08 - 2012-05-17 18:40 - 00165877 ____A C:\Windows\SysWOW64\debug.log
2012-07-11 21:41 - 2012-07-11 21:41 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-1.62.0.1300.exe
2012-07-11 05:19 - 2012-05-03 20:12 - 00198864 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2012-07-11 05:18 - 2012-05-03 20:12 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2012-07-11 05:18 - 2012-05-03 20:12 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2012-07-11 05:18 - 2012-05-03 20:12 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2012-07-11 05:17 - 2007-02-01 22:13 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2012-07-11 05:17 - 2007-02-01 19:11 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2012-07-11 05:00 - 2012-07-11 04:59 - 48534720 ____A (Safer-Networking Ltd. ) C:\Users\Mike\Downloads\spybotsd-2.0.9-rc1.exe
2012-07-11 04:54 - 2012-06-16 13:18 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-11 04:54 - 2012-06-12 19:41 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-11 04:39 - 2012-07-11 04:38 - 09822920 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\install_flash_player.exe
2012-07-11 04:38 - 2012-07-11 04:37 - 09226440 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\install_flash_player_ax.exe
2012-07-11 02:46 - 2009-07-13 20:45 - 00391664 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-11 02:09 - 2011-11-04 15:26 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-10 21:56 - 2012-07-10 21:54 - 20043136 ____A (IObit ) C:\Users\Mike\Downloads\imf-setup.exe
2012-07-10 21:47 - 2012-07-10 21:46 - 06077848 ____A (BitTorrent, Inc.) C:\Users\Mike\Downloads\BitTorrent.exe
2012-07-10 21:37 - 2012-07-10 21:37 - 04402576 ____A ( ) C:\Users\Mike\Downloads\cpu-z_1.61-setup-en.exe
2012-07-10 21:35 - 2012-07-10 21:35 - 18101376 ____A (SUPERAntiSpyware.com) C:\Users\Mike\Downloads\SUPERAntiSpyware(1).exe
2012-07-10 21:31 - 2012-07-10 21:31 - 00884936 ____A (BillP Studios) C:\Users\Mike\Downloads\wpsetup.exe
2012-07-10 20:58 - 2012-05-20 09:55 - 00001212 ____A C:\Windows\SysWOW64\Clientsettings.SXML
2012-07-06 02:29 - 2012-05-02 12:37 - 00026112 ____A C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-03 14:28 - 2011-12-12 22:13 - 00001945 ____A C:\Windows\epplauncher.mif
2012-07-03 14:20 - 2011-11-14 19:04 - 00797782 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-07-03 03:10 - 2012-07-03 03:10 - 00000000 ____A C:\Windows\setuperr.log
2012-07-03 03:10 - 2012-04-27 02:57 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003UA.job
2012-07-03 03:10 - 2012-04-27 02:57 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003Core.job
2012-07-03 03:10 - 2011-10-24 19:30 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-03 03:10 - 2011-10-24 19:30 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-30 18:33 - 2012-06-28 17:56 - 00000132 ____A C:\Users\Mike\AppData\Roaming\Earthquakes Meter_Settings.ini
2012-06-29 07:40 - 2012-06-29 07:40 - 03281592 ____A (Secunia) C:\Users\Mike\Downloads\PSISetup.exe
2012-06-28 23:24 - 2012-05-20 01:37 - 00000343 ____A C:\Users\Mike\AppData\Roaming\Drives Meter_Settings.ini
2012-06-28 17:57 - 2012-06-28 17:57 - 00000240 ____A C:\Users\Mike\AppData\Roaming\GPU Meter_Settings.ini
2012-06-28 17:36 - 2012-06-22 12:04 - 00002722 ____A C:\Windows\System32\InstallUtil.InstallLog
2012-06-27 18:09 - 2012-06-27 18:08 - 13083592 ____A (Microsoft Corporation) C:\Users\Mike\Downloads\Silverlight_x64.exe
2012-06-27 01:19 - 2012-06-27 01:17 - 105664248 ____A (Microsoft Corporation) C:\Users\Mike\Downloads\ZuneSetupPkg.exe
2012-06-26 13:04 - 2012-06-26 13:04 - 03889704 ____A (Piriform Ltd) C:\Users\Mike\Downloads\ccsetup320.exe
2012-06-26 13:04 - 2012-06-26 13:04 - 00946352 ____A (Skype Technologies S.A.) C:\Users\Mike\Downloads\SkypeSetup.exe
2012-06-25 17:05 - 2012-06-25 17:05 - 00000132 ____A C:\Windows\(null)toolkit.ini
2012-06-23 16:22 - 2012-06-23 16:22 - 00072554 ____A C:\Users\Mike\Downloads\usbdeview.zip
2012-06-23 16:01 - 2012-06-23 16:02 - 00268720 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-06-23 16:01 - 2012-06-23 16:02 - 00189360 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-06-23 16:01 - 2012-06-23 16:02 - 00188840 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-06-23 16:01 - 2012-02-16 15:15 - 00955840 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2012-06-23 16:01 - 2012-02-16 15:15 - 00839096 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-06-22 22:14 - 2012-06-22 22:13 - 21919744 ____A C:\Users\Mike\Downloads\trillian-v5.2.0.10.exe
2012-06-22 13:32 - 2012-06-22 13:32 - 01974272 ____A C:\Users\Mike\Downloads\WOT-latest-all-x64.msi
2012-06-22 12:02 - 2012-06-22 12:02 - 01064960 ____A C:\Users\Mike\Downloads\TinyWallInstaller.msi
2012-06-20 18:02 - 2012-06-20 18:02 - 00158176 ____A () C:\Users\Mike\Downloads\DVDShrink_downloader_by_DVDShrink.exe
2012-06-20 14:01 - 2012-06-20 14:01 - 43975616 ____A (Safer-Networking Ltd. ) C:\Users\Mike\Downloads\spybotsd-2.0.8-beta6.exe
2012-06-17 06:24 - 2012-05-21 22:01 - 00000345 ____A C:\Users\Mike\AppData\Roaming\Digital Clock_Settings.ini
2012-06-17 03:13 - 2012-06-17 03:13 - 02095808 ____A (Emsi Software GmbH ) C:\Users\Mike\Downloads\a2HiJackFreeSetup.exe
2012-06-17 03:13 - 2012-06-17 03:13 - 01710784 ____A (Crystal Dew World ) C:\Users\Mike\Downloads\CrystalDiskInfo5_0_0-en.exe
2012-06-17 02:57 - 2012-06-11 20:49 - 00000098 ____A C:\index.ini
2012-06-15 10:31 - 2012-06-15 10:30 - 25360896 ____A C:\Users\Mike\Downloads\AmazonCloudDrive-installer.msi
2012-06-14 13:58 - 2012-07-12 13:32 - 00604003 ____A C:\Windows\System32\Drivers\etc\hosts.20120712-143208.backup
2012-06-14 13:58 - 2012-07-12 12:42 - 00604003 ____A C:\Windows\System32\Drivers\etc\hosts.20120712-134207.backup
2012-06-13 20:59 - 2012-06-13 20:57 - 00002925 ____A C:\Windows\SysWOW64\jupdate-1.7.0_05-b05.log
2012-06-13 20:54 - 2012-06-13 20:53 - 00893936 ____A (Oracle Corporation) C:\Users\Mike\Downloads\jxpiinstall.exe
2012-06-12 19:27 - 2012-06-12 19:27 - 00686792 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\uninstall_flash_player.exe
2012-06-12 18:15 - 2009-07-13 21:13 - 00794566 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-11 22:21 - 2012-06-11 22:21 - 00526800 ____A (McAfee, Inc.) C:\Users\Mike\Downloads\MVTInstaller.exe
2012-06-11 21:21 - 2012-05-04 22:24 - 00007590 ____A C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2012-06-11 20:40 - 2012-06-11 20:33 - 134289552 ____A (Emsisoft GmbH ) C:\Users\Mike\Downloads\EmsisoftAntiMalwareSetup.exe
2012-06-11 19:08 - 2012-07-11 02:24 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-11 01:53 - 2012-06-11 01:53 - 02074728 ____A (Acer Inc.) C:\Users\Mike\Downloads\HWVendorDetection.exe
2012-06-11 01:53 - 2012-06-11 01:53 - 00004502 ____A C:\Users\Mike\AppData\Local\HWVendorDetection.log
2012-06-11 01:37 - 2012-06-11 01:37 - 00484568 ____A (PC Pitstop LLC ) C:\Users\Mike\Downloads\driveralert2-setup-0004.exe
2012-06-11 01:09 - 2012-06-11 01:09 - 01462096 ____A (PC Pitstop LLC ) C:\Users\Mike\Downloads\pcmatic-setup-1010.exe
2012-06-11 01:04 - 2012-06-11 01:03 - 02103688 ____A (PC Pitstop LLC ) C:\Users\Mike\Downloads\exterminate2-setup-0004.exe
2012-06-10 05:51 - 2012-06-10 05:18 - 1324482932 ____A C:\Windows\Procmon.pmb
2012-06-10 04:58 - 2012-06-10 04:58 - 00607260 ____R (Swearware) C:\Users\Mike\Downloads\dds.scr
2012-06-10 04:56 - 2012-06-10 04:56 - 01012656 ____A C:\Users\Mike\Downloads\rkill.exe
2012-06-10 04:51 - 2012-06-10 04:51 - 00397451 ____A C:\Users\Mike\Downloads\MiniToolBox.exe
2012-06-10 04:38 - 2012-06-10 04:37 - 00001395 ____A C:\Users\Mike\Desktop\shutdown.lnk
2012-06-10 04:25 - 2012-06-10 04:25 - 00084360 ___AH (Sysinternals - www.sysinternals.com) C:\Windows\System32\Drivers\PROCMON23.SYS
2012-06-10 03:47 - 2012-06-02 17:15 - 04739072 ____A C:\Users\Mike\Downloads\Geosense_1.2_x64.msi
2012-06-09 11:51 - 2012-06-09 11:51 - 00000287 ____A C:\Users\Mike\Documents\IObit Malware Fighter Report.log
2012-06-09 07:45 - 2012-06-09 07:45 - 27080616 ____A (Google Inc.) C:\Users\Mike\Downloads\chrome_installer.exe
2012-06-08 21:43 - 2012-07-10 22:58 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-10 22:58 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-06 16:43 - 2012-06-06 16:42 - 00001825 ____A C:\Users\Mike\Downloads\FirstBackup.spg
2012-06-05 22:06 - 2012-07-10 22:59 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-10 22:59 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-10 22:58 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-10 22:59 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-10 22:59 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-10 22:58 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-03 01:24 - 2012-06-03 01:23 - 06236280 ____A (Lavasoft Limited) C:\Users\Mike\Downloads\Adaware_Installer.exe
2012-06-02 17:17 - 2012-06-02 17:17 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_GeosenseSensor_01_09_00.Wdf
2012-06-02 14:19 - 2012-06-22 07:40 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-22 07:40 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-22 07:40 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 14:19 - 2012-06-22 07:40 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-22 07:40 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-22 07:40 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-22 07:40 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-22 07:40 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 14:15 - 2012-06-22 07:40 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 04:49 - 2012-07-11 02:04 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-11 02:04 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-11 02:04 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-11 02:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:05 - 2012-07-11 02:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:04 - 2012-07-11 02:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-11 02:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-11 02:04 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-11 02:04 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-11 02:04 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-11 02:04 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-11 02:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-11 02:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-11 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-11 02:04 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-11 02:04 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-11 02:04 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-11 02:04 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-11 02:04 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-11 02:04 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-11 02:04 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-11 02:04 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-11 02:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-11 02:04 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-11 02:04 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-11 02:04 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-11 02:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-11 02:04 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-10 22:58 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-10 22:58 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-10 22:58 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-10 22:58 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-10 22:58 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-10 22:58 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-10 22:58 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-10 22:58 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-10 22:58 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-05-30 21:53 - 2009-07-13 18:34 - 00000571 ____A C:\Windows\win.ini
2012-05-30 19:50 - 2012-05-30 19:47 - 05162468 ____A (Roel and Joost) C:\Users\Mike\Downloads\tedv0972.exe
2012-05-30 15:28 - 2012-05-30 15:02 - 00000209 ___AH C:\Users\Mike\Documents\.picasa.ini
2012-05-30 14:02 - 2012-05-30 14:00 - 15263592 ____A (Google Inc.) C:\Users\Mike\Downloads\picasa39-setup.exe
2012-05-29 13:57 - 2012-05-29 13:56 - 00354536 ____A (AnalogX, LLC) C:\Users\Mike\Downloads\atsi.exe
2012-05-28 14:02 - 2012-05-28 14:02 - 34770944 ____A C:\Windows\System32\config\components.iobit
2012-05-27 18:37 - 2012-05-27 18:37 - 00653935 ____A (Moritz Bartl) C:\Users\Mike\Downloads\alarm101-install.exe
2012-05-27 18:24 - 2012-05-27 18:24 - 00443904 ____A C:\Users\Mike\Downloads\cssetup.msi
2012-05-27 17:49 - 2012-05-27 17:49 - 00929376 ____A (binaerkombinat ) C:\Users\Mike\Downloads\SkypeLauncher-setup.exe
2012-05-27 11:07 - 2012-05-27 11:06 - 17596136 ____A (Mozilla) C:\Users\Mike\Downloads\Thunderbird Setup 12.0.1.exe
2012-05-27 04:30 - 2012-05-27 04:30 - 01402880 ____A C:\Users\Mike\Downloads\HiJackThis.msi
2012-05-27 03:59 - 2012-05-27 03:59 - 00557056 ____A (Lee Whittington for The Windows Club) C:\Windows\Restart Explorer.exe
2012-05-25 02:37 - 2012-05-25 02:37 - 12476928 ____A C:\Users\Mike\Downloads\gsync.msi
2012-05-25 01:59 - 2012-05-25 01:59 - 00000045 ____A C:\Windows\SysWOW64\initdebug.nfo
2012-05-25 01:58 - 2012-05-25 01:57 - 02135728 ____A C:\Users\Mike\Downloads\installspeedfan446.exe
2012-05-25 01:51 - 2012-05-25 01:51 - 03186736 ____A C:\Users\Mike\Downloads\advisorinstaller.exe
2012-05-25 01:43 - 2012-05-25 01:42 - 09876312 ____A (PC Tools ) C:\Users\Mike\Downloads\tfinstall.exe
2012-05-25 01:22 - 2009-07-13 18:34 - 00442922 ____A C:\Windows\System32\Drivers\etc\hosts.msn
2012-05-24 13:18 - 2012-05-24 13:18 - 04472832 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2012-05-22 14:56 - 2009-07-13 21:08 - 00032564 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-22 14:01 - 2012-05-22 14:00 - 07096666 ____A (Michael Fogleman ) C:\Users\Mike\Downloads\feed-notifier-2.5.exe
2012-05-22 08:05 - 2012-05-22 08:05 - 00000322 ____A C:\Users\Mike\Desktop\ScannerLive.appref-ms
2012-05-22 08:05 - 2012-05-22 08:04 - 11956944 ____A (Opera Software ASA) C:\Users\Mike\Downloads\Opera_1200_int_Setup.exe
2012-05-22 02:16 - 2012-05-03 19:28 - 00182220 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-05-21 20:15 - 2012-05-21 20:12 - 05417632 ____A (Last.fm ) C:\Users\Mike\Downloads\Last.fm-1.5.4.27091.exe
2012-05-20 02:04 - 2012-05-20 02:04 - 00890109 ____A ( ) C:\Users\Mike\Downloads\BamBoxClient.exe
2012-05-20 01:51 - 2012-05-20 01:50 - 00000412 ____A C:\Users\Mike\AppData\Roaming\All CPU Meter_Settings.ini
2012-05-20 01:49 - 2012-05-01 21:22 - 00000353 ____A C:\Users\Mike\AppData\Roaming\Network Meter_Settings.ini
2012-05-18 14:51 - 2012-05-18 14:51 - 00659456 ____A (Speed Guide Inc.) C:\Users\Mike\Downloads\TCPOptimizer.exe
2012-05-17 13:34 - 2012-05-17 13:34 - 00000406 ____A C:\Windows\System32\ioloBootDefrag.cfg
2012-05-17 13:27 - 2012-05-17 13:27 - 00074703 ____A C:\Windows\SysWOW64\mfc45.dll
2012-05-17 13:25 - 2012-05-17 13:25 - 00074703 ____A C:\Windows\SysWOW64mfc45.dll
2012-05-17 11:37 - 2012-05-17 11:37 - 00679672 ____A (Webroot) C:\Users\Mike\Downloads\wsainstall.exe
2012-05-16 18:32 - 2012-04-26 17:43 - 00108504 ____A C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-15 18:06 - 2012-06-13 20:59 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-05-15 18:06 - 2012-06-13 20:59 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-05-15 13:19 - 2012-05-15 13:19 - 00417168 ____A C:\Users\Mike\Downloads\iCal-The_Events_Calendar.ics
2012-05-14 19:30 - 2012-05-14 19:30 - 06677264 ____A (Adobe Systems Inc.) C:\Users\Mike\Downloads\Shockwave_Installer_Slim.exe
2012-05-14 18:41 - 2012-05-14 18:41 - 00452472 ____A (AnalogX, LLC) C:\Users\Mike\Downloads\itrci.exe
2012-05-14 09:58 - 2012-05-14 09:57 - 27696456 ____A (Stardock Corporation ) C:\Users\Mike\Downloads\SoundPackager_setup.exe
2012-05-14 09:52 - 2012-05-14 09:52 - 00717317 ____A C:\Users\Mike\Downloads\StarTrek_screensaver_LCARS_Star_Trek_XI_Enterprise_Main_Operationss_Panel.exe
2012-05-14 09:49 - 2012-05-14 09:48 - 10315248 ____A C:\Users\Mike\Downloads\StarTrekBeepsChirpsAndWarbles.soundpack
2012-05-14 09:38 - 2012-05-14 09:38 - 07608747 ____A C:\Users\Mike\Downloads\SWSandstone_DLawler.themepack
2012-05-13 20:36 - 2012-05-13 20:36 - 04507952 ____A (Amazon.com ) C:\Users\Mike\Downloads\AmazonUnboxVideo.exe
2012-05-13 18:48 - 2012-05-13 18:48 - 01637016 ____A C:\Users\Mike\Downloads\AmazonMP3DownloaderInstall.exe
2012-05-10 20:14 - 2012-05-10 20:14 - 00000012 ____A C:\Users\Mike\Downloads\FSSC.dat
2012-05-09 10:40 - 2012-05-09 10:40 - 04818944 ____A C:\Windows\SysWOW64\x264vfw.dll
2012-05-08 19:23 - 2012-05-08 19:23 - 00050472 ____A C:\Users\Mike\Downloads\packagetrackr.gadget
2012-05-07 20:49 - 2012-05-07 20:49 - 00002189 ____A C:\Users\Mike\Documents\hwm_smbus.txt
2012-05-07 20:48 - 2012-05-07 20:48 - 00029607 ____A C:\Users\Mike\Documents\HWMonitor.txt
2012-05-07 20:45 - 2012-05-07 20:45 - 04084576 ____A ( ) C:\Users\Mike\Downloads\hwmonitor_1.19-setup.exe
2012-05-07 14:09 - 2012-05-07 14:09 - 00019244 ____A C:\Windows\SysWOW64\FirewallConfig.xml
2012-05-07 14:09 - 2012-05-07 14:09 - 00001682 ____A C:\Windows\SysWOW64\EmailAVConfig.xml
2012-05-06 05:11 - 2012-05-06 05:11 - 00001188 ____A C:\Windows\SysWOW64\ServiceConfig.xml
2012-05-06 00:35 - 2012-05-06 00:35 - 00000898 ____A C:\Users\Public\Desktop\Zinio Reader 4.lnk
2012-05-05 22:42 - 2012-05-05 22:42 - 00000942 ____A C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2012-05-05 16:39 - 2012-05-05 16:38 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-1.61.0.1400.exe
2012-05-05 11:46 - 2012-02-02 18:14 - 00000026 ____A C:\Windows\popcinfo.dat
2012-05-05 11:27 - 2012-05-05 11:27 - 00002565 ____A C:\Users\Mike\Desktop\IGT Slots Texas Tea.lnk
2012-05-05 11:27 - 2012-05-05 11:27 - 00001188 ____A C:\Users\Mike\Desktop\Play Zuma Deluxe.lnk
2012-05-05 11:20 - 2012-05-05 11:20 - 00001961 ____A C:\Users\Public\Desktop\Play Luxor Bundle Pack.lnk
2012-05-05 11:10 - 2012-05-05 11:10 - 00000064 ____A C:\Windows\GPlrLanc.dat
2012-05-05 10:12 - 2012-05-05 10:12 - 14723352 ____A (AOL Inc.) C:\Users\Mike\Downloads\AIM_Install.exe
2012-05-04 22:21 - 2012-05-04 22:21 - 00007602 ____A C:\Users\Mike\Documents\resourcemonitor.ResmonCfg
2012-05-04 22:13 - 2012-05-04 22:13 - 01777664 ____A C:\Users\Mike\Downloads\MBSASetup-x64-EN.msi
2012-05-04 19:43 - 2012-05-04 19:43 - 01606064 ____A C:\Users\Mike\Downloads\googletalk-setup.exe
2012-05-04 19:00 - 2012-05-04 19:00 - 00739808 ____A (Google Inc.) C:\Users\Mike\Downloads\musicmanagerinstaller.exe
2012-05-04 18:29 - 2012-06-13 21:01 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-05-04 18:29 - 2012-05-14 19:04 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-04 18:29 - 2012-02-10 22:18 - 00687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-05-04 18:28 - 2012-05-04 18:28 - 00308526 ____A C:\Users\Mike\Downloads\PP_Notify_Skin.exe
2012-05-04 18:26 - 2012-05-04 18:25 - 00000022 ____A C:\Users\Mike\Downloads\PPTweaker.zip
2012-05-04 18:24 - 2012-05-03 07:48 - 00000362 ____A C:\Users\Mike\AppData\Roaming\wklnhst.dat
2012-05-04 18:09 - 2012-05-04 18:09 - 01221526 ____A C:\Users\Mike\Downloads\POPPeeper-Install.exe
2012-05-04 03:06 - 2012-06-12 17:25 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 03:00 - 2012-06-12 17:50 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-05-04 02:03 - 2012-06-12 17:25 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-12 17:25 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-04 01:59 - 2012-06-12 17:50 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-05-02 18:42 - 2012-05-02 18:42 - 03255248 ____A (Javacool Software LLC ) C:\Users\Mike\Downloads\spywareblastersetup46.exe
2012-05-02 18:38 - 2012-05-02 18:36 - 09330176 ____A (Irfan Skiljan) C:\Users\Mike\Downloads\irfanview_plugins_433_setup.exe
2012-05-02 18:36 - 2012-05-02 18:35 - 01539072 ____A (Irfan Skiljan) C:\Users\Mike\Downloads\iview433_setup.exe
2012-05-02 15:19 - 2012-05-02 15:19 - 00255753 ____A C:\Users\Mike\Documents\GoogleBookmarks.html
2012-05-02 12:36 - 2012-05-02 12:36 - 00001015 ___RA C:\logFile.xsl
2012-05-02 10:27 - 2012-05-02 10:24 - 31784856 ____A (IObit ) C:\Users\Mike\Downloads\asc-setup.exe
2012-05-02 10:26 - 2012-05-02 10:25 - 03012984 ____A (IObit ) C:\Users\Mike\Downloads\unlocker-setup.exe
2012-05-02 09:09 - 2012-05-02 09:09 - 02617176 ____A (VS Revo Group Ltd.) C:\Users\Mike\Downloads\revosetup.exe
2012-05-01 21:24 - 2012-05-01 21:24 - 01265164 ____A (Arthur Liberman ) C:\Users\Mike\Downloads\Core-Temp-setup.exe
2012-05-01 21:24 - 2012-05-01 21:24 - 00137764 ____A C:\Users\Mike\Downloads\All_CPU_Meter.zip
2012-05-01 21:20 - 2012-05-01 21:20 - 00108344 ____A C:\Users\Mike\Downloads\Network_Meter_V8.1.zip
2012-05-01 21:19 - 2012-05-01 21:19 - 00082361 ____A C:\Users\Mike\Downloads\Drives_Meter.zip
2012-05-01 21:17 - 2012-05-01 21:17 - 00131734 ____A C:\Users\Mike\Downloads\Control_System_With_Clock.zip
2012-05-01 21:16 - 2012-05-01 21:16 - 00081160 ____A C:\Users\Mike\Downloads\Battery_Meter.zip
2012-05-01 20:53 - 2012-05-01 20:53 - 02905305 ____A (Synergenics, LLC ) C:\Users\Mike\Downloads\EchoLinkSetup_2_0_908.exe
2012-05-01 20:29 - 2012-05-01 20:29 - 03936544 ____A C:\Users\Mike\Downloads\SOLOCommCenter.exe
2012-05-01 19:53 - 2012-05-01 19:53 - 00450048 ____A C:\Users\Mike\Downloads\WeatherBugAlert.msi
2012-05-01 16:37 - 2012-05-01 16:37 - 10529122 ____A C:\Users\Mike\Downloads\Quaternaryall.zip
2012-05-01 16:36 - 2012-05-01 16:36 - 00109016 ____A C:\Users\Mike\Downloads\eqs7day-age.kmz
2012-05-01 16:34 - 2012-05-01 16:34 - 00739816 ____A (Google Inc.) C:\Users\Mike\Downloads\GoogleEarthSetup.exe
2012-05-01 16:03 - 2012-05-01 16:03 - 00633848 ____A () C:\Users\Mike\Downloads\setup64_01.exe
2012-04-30 21:40 - 2012-06-12 17:25 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-28 19:23 - 2012-04-28 19:23 - 01250816 ____A (xy-VSFilter Team) C:\Windows\SysWOW64\VSFilter.dll
2012-04-28 03:00 - 2012-04-28 03:00 - 00692480 ____A (RealNetworks, Inc.) C:\Users\Mike\Downloads\RealPlayer.exe
2012-04-28 02:59 - 2012-04-28 02:59 - 00932704 ____A (DivX, LLC) C:\Users\Mike\Downloads\DivXInstaller.exe
2012-04-27 22:34 - 2012-04-27 22:35 - 04894432 ____A (Microsoft Corporation) C:\Users\Mike\Downloads\SkyDriveSetup.exe
2012-04-27 19:55 - 2012-06-12 17:25 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-27 02:56 - 2012-04-27 02:56 - 00739832 ____A (Google Inc.) C:\Users\Mike\Downloads\GoogleVoiceAndVideoSetup.exe
2012-04-27 02:24 - 2012-04-27 02:23 - 16339280 ____A (Mozilla) C:\Users\Mike\Downloads\Firefox Setup 12.0.exe
2012-04-27 01:52 - 2012-04-27 01:52 - 00493520 ____A (Facebook Inc.) C:\Users\Mike\Downloads\FacebookVideoCallSetup_v1.2.203.0.exe
2012-04-27 01:09 - 2012-04-27 01:09 - 01287528 ____A (Microsoft Corporation) C:\Users\Mike\Downloads\wlsetup-web.exe
2012-04-27 01:07 - 2012-04-27 01:07 - 00274432 ____A C:\Users\Mike\Downloads\CCEnhancer23.exe
2012-04-26 21:04 - 2012-04-26 21:03 - 54476696 ____A (Adobe Systems Incorporated) C:\Users\Mike\Downloads\AdbeRdr1013_en_US.exe
2012-04-26 20:07 - 2012-04-26 20:07 - 16409960 ____A (Safer Networking Limited ) C:\Users\Mike\Downloads\spybotsd162.exe
2012-04-26 20:02 - 2012-04-26 20:02 - 00493512 ____A (Facebook Inc.) C:\Users\Mike\Downloads\FacebookMessengerSetup.exe
2012-04-26 20:02 - 2012-04-26 20:02 - 00085272 ____A (Spotify Ltd) C:\Users\Mike\Downloads\SpotifySetup.exe
2012-04-26 19:08 - 2012-05-22 13:06 - 55656824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2012-04-26 17:51 - 2012-04-26 17:51 - 00264271 ____A C:\Users\Mike\Downloads\FHSetup.exe
2012-04-26 17:42 - 2012-04-26 17:42 - 00000020 ___SH C:\Users\Mike\ntuser.ini
2012-04-25 21:41 - 2012-06-12 17:26 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-12 17:26 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-12 17:26 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-23 21:37 - 2012-06-12 17:25 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-12 17:25 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-12 17:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-12 17:25 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-12 17:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-12 17:25 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-18 19:56 - 2012-04-18 19:56 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2012-04-18 19:56 - 2012-04-18 19:56 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2012-04-17 09:36 - 2012-05-17 13:27 - 28632632 ____A (iolo technologies, LLC ) C:\Users\Mike\Downloads\SystemMechanic.exe
2012-04-17 09:11 - 2012-05-17 13:31 - 00049152 ____A (iolo technologies, LLC) C:\Windows\System32\iolobtdfg.exe
2012-04-17 09:11 - 2012-05-17 13:31 - 00017920 ____A (iolo technologies, LLC) C:\Windows\System32\smrgdf.exe
2012-04-17 08:37 - 2012-05-17 13:31 - 02154032 ____A (iolo technologies, LLC) C:\Windows\System32\Incinerator64.dll
2012-04-17 08:37 - 2012-05-17 13:31 - 02095816 ____A (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2012-04-17 07:25 - 2012-05-17 13:30 - 00069000 ____A (Microsoft Corporation) C:\Windows\System32\offreg.dll
2012-04-17 07:25 - 2012-05-17 13:30 - 00056200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2012-04-17 07:25 - 2012-05-17 13:28 - 00031432 ____A (EldoS Corporation) C:\Windows\System32\Drivers\ElRawDsk.sys

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 19%
Total physical RAM: 3836.2 MB
Available physical RAM: 3093.2 MB
Total Pagefile: 3834.35 MB
Available Pagefile: 3085.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (Gateway) (Fixed) (Total:220.78 GB) (Free:119.69 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:3.03 GB) NTFS
4 Drive g: () (Removable) (Total:14.9 GB) (Free:0.02 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 14 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 12 GB 31 KB
Partition 2 Primary 101 MB 12 GB
Partition 3 Primary 220 GB 12 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E PQSERVICE NTFS Partition 12 GB Healthy Hidden

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 101 MB Healthy

==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Gateway NTFS Partition 220 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 14 GB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT32 Removable 14 GB Healthy

==================================================================================
==========================================================
TDL4: custom:26000022 <===== ATTENTION!


==========================================================

Last Boot: 2012-07-11 03:16

======================= End Of Log ==========================

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 13 July 2012 - 03:19 PM

1.
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

TDL4: custom:26000022 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.


2.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.




3.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply::
fixlist.txt
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 13 July 2012 - 05:01 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 11-07-2012
Ran by SYSTEM at 2012-07-13 14:41:10 Run:1
Running from G:\

==============================================


The operation completed successfully.
The operation completed successfully.

==== End of Fixlog ====



14:46:14.0167 4712 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
14:46:15.0580 4712 ============================================================
14:46:15.0580 4712 Current date / time: 2012/07/13 14:46:15.0580
14:46:15.0581 4712 SystemInfo:
14:46:15.0581 4712
14:46:15.0581 4712 OS Version: 6.1.7601 ServicePack: 1.0
14:46:15.0581 4712 Product type: Workstation
14:46:15.0581 4712 ComputerName: KE6ALV
14:46:15.0586 4712 UserName: Mike
14:46:15.0586 4712 Windows directory: C:\Windows
14:46:15.0586 4712 System windows directory: C:\Windows
14:46:15.0586 4712 Running under WOW64
14:46:15.0586 4712 Processor architecture: Intel x64
14:46:15.0586 4712 Number of processors: 2
14:46:15.0586 4712 Page size: 0x1000
14:46:15.0586 4712 Boot type: Normal boot
14:46:15.0586 4712 ============================================================
14:46:21.0007 4712 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:46:21.0014 4712 ============================================================
14:46:21.0014 4712 \Device\Harddisk0\DR0:
14:46:21.0015 4712 MBR partitions:
14:46:21.0015 4712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
14:46:21.0015 4712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x1B990244
14:46:21.0015 4712 ============================================================
14:46:21.0039 4712 C: <-> \Device\Harddisk0\DR0\Partition1
14:46:21.0039 4712 ============================================================
14:46:21.0039 4712 Initialize success
14:46:21.0039 4712 ============================================================
14:46:28.0348 5980 ============================================================
14:46:28.0348 5980 Scan started
14:46:28.0348 5980 Mode: Manual;
14:46:28.0348 5980 ============================================================
14:46:33.0641 5980 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:46:33.0644 5980 !SASCORE - ok
14:46:33.0927 5980 0067841341495755mcinstcleanup - ok
14:46:34.0083 5980 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:46:34.0121 5980 1394ohci - ok
14:46:34.0542 5980 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
14:46:34.0643 5980 a2acc - ok
14:46:34.0876 5980 a2AntiMalware (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
14:46:34.0946 5980 a2AntiMalware - ok
14:46:36.0143 5980 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Users\Mike\Documents\EmsisoftEmergencyKit\Run\a2ddax64.sys
14:46:36.0181 5980 A2DDA - ok
14:46:36.0368 5980 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:46:36.0374 5980 ACPI - ok
14:46:36.0404 5980 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:46:36.0452 5980 AcpiPmi - ok
14:46:36.0545 5980 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:46:36.0548 5980 AdobeARMservice - ok
14:46:36.0663 5980 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:46:36.0785 5980 AdobeFlashPlayerUpdateSvc - ok
14:46:40.0133 5980 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:46:40.0387 5980 adp94xx - ok
14:46:40.0438 5980 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:46:40.0458 5980 adpahci - ok
14:46:40.0584 5980 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:46:40.0614 5980 adpu320 - ok
14:46:45.0332 5980 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
14:46:45.0419 5980 AdvancedSystemCareService5 - ok
14:46:45.0875 5980 ADVService (96a0ff09e226b023dc6aca253aacee2e) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
14:46:45.0946 5980 ADVService - ok
14:46:46.0013 5980 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:46:46.0024 5980 AeLookupSvc - ok
14:46:46.0155 5980 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:46:46.0177 5980 AFD - ok
14:46:46.0232 5980 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:46:46.0256 5980 agp440 - ok
14:46:46.0292 5980 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:46:46.0295 5980 ALG - ok
14:46:46.0355 5980 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:46:46.0373 5980 aliide - ok
14:46:46.0920 5980 ALSysIO - ok
14:46:46.0964 5980 AMD External Events Utility (f238be4fa4e55eb67f17281fadf69851) C:\Windows\system32\atiesrxx.exe
14:46:46.0969 5980 AMD External Events Utility - ok
14:46:47.0009 5980 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:46:47.0027 5980 amdide - ok
14:46:47.0090 5980 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:46:47.0110 5980 AmdK8 - ok
14:46:47.0133 5980 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:46:47.0135 5980 AmdPPM - ok
14:46:47.0183 5980 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:46:47.0199 5980 amdsata - ok
14:46:47.0241 5980 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:46:47.0258 5980 amdsbs - ok
14:46:47.0295 5980 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:46:47.0307 5980 amdxata - ok
14:46:47.0351 5980 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:46:47.0369 5980 AppID - ok
14:46:47.0403 5980 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:46:47.0407 5980 AppIDSvc - ok
14:46:47.0458 5980 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:46:47.0466 5980 Appinfo - ok
14:46:47.0566 5980 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:46:47.0582 5980 arc - ok
14:46:47.0615 5980 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:46:47.0630 5980 arcsas - ok
14:46:48.0019 5980 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:46:48.0075 5980 aspnet_state - ok
14:46:48.0102 5980 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:46:48.0114 5980 AsyncMac - ok
14:46:48.0176 5980 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:46:48.0177 5980 atapi - ok
14:46:48.0345 5980 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
14:46:48.0485 5980 athr - ok
14:46:49.0847 5980 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
14:46:50.0105 5980 atikmdag - ok
14:46:50.0600 5980 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
14:46:50.0612 5980 AtiPcie - ok
14:46:50.0827 5980 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:46:50.0881 5980 AudioEndpointBuilder - ok
14:46:50.0908 5980 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:46:50.0916 5980 AudioSrv - ok
14:46:50.0986 5980 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:46:51.0040 5980 AxInstSV - ok
14:46:51.0147 5980 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:46:51.0176 5980 b06bdrv - ok
14:46:51.0295 5980 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:46:51.0325 5980 b57nd60a - ok
14:46:51.0394 5980 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:46:51.0400 5980 BDESVC - ok
14:46:51.0453 5980 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:46:51.0469 5980 Beep - ok
14:46:51.0642 5980 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:46:51.0754 5980 BFE - ok
14:46:51.0973 5980 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:46:52.0029 5980 BITS - ok
14:46:52.0158 5980 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:52.0202 5980 blbdrive - ok
14:46:52.0384 5980 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:46:52.0391 5980 Bonjour Service - ok
14:46:52.0495 5980 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:46:52.0512 5980 bowser - ok
14:46:52.0547 5980 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:52.0562 5980 BrFiltLo - ok
14:46:52.0588 5980 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:52.0603 5980 BrFiltUp - ok
14:46:52.0684 5980 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:46:52.0688 5980 Browser - ok
14:46:52.0875 5980 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:46:52.0976 5980 Brserid - ok
14:46:53.0057 5980 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:53.0087 5980 BrSerWdm - ok
14:46:53.0142 5980 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:53.0154 5980 BrUsbMdm - ok
14:46:53.0204 5980 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:53.0228 5980 BrUsbSer - ok
14:46:53.0257 5980 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:53.0274 5980 BTHMODEM - ok
14:46:53.0326 5980 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:46:53.0337 5980 bthserv - ok
14:46:53.0377 5980 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
14:46:53.0396 5980 CAXHWAZL - ok
14:46:53.0436 5980 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:46:53.0453 5980 cdfs - ok
14:46:53.0503 5980 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:46:53.0529 5980 cdrom - ok
14:46:53.0579 5980 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:46:53.0584 5980 CertPropSvc - ok
14:46:53.0636 5980 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
14:46:53.0638 5980 cfwids - ok
14:46:53.0704 5980 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:46:53.0727 5980 circlass - ok
14:46:54.0891 5980 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:46:54.0932 5980 CLFS - ok
14:46:55.0303 5980 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:46:55.0307 5980 clr_optimization_v2.0.50727_32 - ok
14:46:55.0627 5980 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:46:55.0632 5980 clr_optimization_v2.0.50727_64 - ok
14:46:55.0721 5980 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:46:55.0969 5980 clr_optimization_v4.0.30319_32 - ok
14:46:56.0178 5980 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:46:56.0407 5980 clr_optimization_v4.0.30319_64 - ok
14:46:56.0450 5980 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:56.0464 5980 CmBatt - ok
14:46:56.0533 5980 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:46:56.0547 5980 cmdide - ok
14:46:56.0755 5980 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
14:46:56.0812 5980 CNG - ok
14:46:56.0898 5980 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:46:56.0910 5980 Compbatt - ok
14:46:57.0000 5980 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:46:57.0019 5980 CompositeBus - ok
14:46:57.0029 5980 COMSysApp - ok
14:46:57.0099 5980 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:57.0113 5980 crcdisk - ok
14:46:57.0163 5980 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
14:46:57.0167 5980 CryptSvc - ok
14:46:58.0797 5980 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:46:58.0850 5980 cvhsvc - ok
14:46:59.0466 5980 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:46:59.0512 5980 DcomLaunch - ok
14:46:59.0604 5980 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:46:59.0789 5980 defragsvc - ok
14:47:00.0521 5980 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:47:00.0535 5980 DfsC - ok
14:47:00.0655 5980 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:47:00.0707 5980 Dhcp - ok
14:47:00.0752 5980 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:47:00.0770 5980 discache - ok
14:47:00.0955 5980 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:47:00.0958 5980 Disk - ok
14:47:01.0309 5980 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
14:47:01.0325 5980 DKbFltr - ok
14:47:01.0379 5980 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:47:01.0395 5980 Dnscache - ok
14:47:01.0487 5980 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:47:01.0508 5980 dot3svc - ok
14:47:01.0662 5980 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:47:01.0709 5980 DPS - ok
14:47:02.0344 5980 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:47:02.0378 5980 drmkaud - ok
14:47:02.0719 5980 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:47:02.0976 5980 DXGKrnl - ok
14:47:03.0126 5980 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:47:03.0161 5980 EapHost - ok
14:47:06.0242 5980 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:47:06.0569 5980 ebdrv - ok
14:47:06.0865 5980 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:47:06.0868 5980 EFS - ok
14:47:07.0239 5980 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:47:07.0292 5980 ehRecvr - ok
14:47:07.0425 5980 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:47:07.0429 5980 ehSched - ok
14:47:07.0594 5980 ElRawDisk (f21a07780bbd64adef872f50e8ce2e75) C:\Windows\system32\drivers\ElRawDsk.sys
14:47:07.0607 5980 ElRawDisk - ok
14:47:08.0345 5980 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:47:08.0574 5980 elxstor - ok
14:47:08.0994 5980 ePowerSvc (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
14:47:09.0003 5980 ePowerSvc - ok
14:47:10.0640 5980 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:47:10.0658 5980 ErrDev - ok
14:47:10.0795 5980 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:47:10.0804 5980 EventSystem - ok
14:47:10.0881 5980 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:47:10.0918 5980 exfat - ok
14:47:10.0958 5980 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:47:10.0987 5980 fastfat - ok
14:47:11.0103 5980 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:47:11.0114 5980 Fax - ok
14:47:11.0158 5980 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:47:11.0178 5980 fdc - ok
14:47:11.0226 5980 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:47:11.0238 5980 fdPHost - ok
14:47:11.0271 5980 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:47:11.0274 5980 FDResPub - ok
14:47:11.0304 5980 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:47:11.0319 5980 FileInfo - ok
14:47:11.0876 5980 FileMonitor (060cc45cecae2feaff9c8c52d8fafaa8) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
14:47:11.0894 5980 FileMonitor - ok
14:47:11.0972 5980 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:47:11.0990 5980 Filetrace - ok
14:47:12.0175 5980 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:47:12.0253 5980 flpydisk - ok
14:47:12.0348 5980 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:47:12.0365 5980 FltMgr - ok
14:47:12.0479 5980 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:47:12.0510 5980 FontCache - ok
14:47:12.0663 5980 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:47:12.0697 5980 FontCache3.0.0.0 - ok
14:47:13.0338 5980 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:47:13.0349 5980 FsDepends - ok
14:47:13.0428 5980 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:47:13.0441 5980 Fs_Rec - ok
14:47:13.0636 5980 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:47:13.0649 5980 fvevol - ok
14:47:13.0739 5980 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:47:13.0780 5980 gagp30kx - ok
14:47:13.0873 5980 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:47:13.0878 5980 GamesAppService - ok
14:47:13.0921 5980 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:47:13.0936 5980 GEARAspiWDM - ok
14:47:14.0015 5980 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:47:14.0097 5980 gpsvc - ok
14:47:14.0647 5980 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:47:14.0651 5980 gupdate - ok
14:47:14.0662 5980 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:47:14.0665 5980 gupdatem - ok
14:47:14.0802 5980 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:47:14.0821 5980 gusvc - ok
14:47:14.0857 5980 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:47:14.0873 5980 hcw85cir - ok
14:47:14.0926 5980 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:47:14.0950 5980 HdAudAddService - ok
14:47:15.0035 5980 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:47:15.0038 5980 HDAudBus - ok
14:47:15.0080 5980 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:47:15.0133 5980 HidBatt - ok
14:47:15.0176 5980 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:47:15.0193 5980 HidBth - ok
14:47:15.0221 5980 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:47:15.0242 5980 HidIr - ok
14:47:15.0289 5980 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:47:15.0342 5980 hidserv - ok
14:47:15.0376 5980 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:47:15.0446 5980 HidUsb - ok
14:47:15.0529 5980 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:47:15.0561 5980 hkmsvc - ok
14:47:15.0615 5980 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:47:15.0666 5980 HomeGroupListener - ok
14:47:15.0721 5980 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:47:15.0727 5980 HomeGroupProvider - ok
14:47:15.0772 5980 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:47:15.0791 5980 HpSAMD - ok
14:47:16.0007 5980 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
14:47:16.0016 5980 HsfXAudioService - ok
14:47:16.0146 5980 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
14:47:16.0269 5980 HSF_DPV - ok
14:47:16.0420 5980 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
14:47:16.0552 5980 HssSrv - ok
14:47:16.0591 5980 HssWd - ok
14:47:16.0815 5980 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:47:16.0949 5980 HTTP - ok
14:47:17.0015 5980 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:47:17.0017 5980 hwpolicy - ok
14:47:17.0088 5980 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:47:17.0259 5980 i8042prt - ok
14:47:17.0327 5980 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:47:17.0375 5980 iaStorV - ok
14:47:17.0513 5980 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:47:17.0615 5980 idsvc - ok
14:47:17.0659 5980 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:47:17.0749 5980 iirsp - ok
14:47:17.0848 5980 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:47:17.0863 5980 IKEEXT - ok
14:47:18.0052 5980 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
14:47:18.0064 5980 IMFservice - ok
14:47:18.0339 5980 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
14:47:18.0378 5980 IntcAzAudAddService - ok
14:47:18.0584 5980 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:47:18.0646 5980 intelide - ok
14:47:18.0674 5980 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:47:18.0714 5980 intelppm - ok
14:47:18.0829 5980 IObitUnlocker (67f6d2a931f194396bda9b05690008d2) C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys
14:47:18.0866 5980 IObitUnlocker - ok
14:47:18.0973 5980 ioloSystemService (440a02fa25be8dccd2103d820036eda1) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
14:47:18.0988 5980 ioloSystemService - ok
14:47:19.0032 5980 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:47:19.0036 5980 IPBusEnum - ok
14:47:19.0131 5980 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:47:19.0197 5980 IpFilterDriver - ok
14:47:19.0278 5980 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:47:19.0290 5980 iphlpsvc - ok
14:47:19.0342 5980 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:47:19.0360 5980 IPMIDRV - ok
14:47:19.0408 5980 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:47:19.0434 5980 IPNAT - ok
14:47:19.0634 5980 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
14:47:19.0647 5980 iPod Service - ok
14:47:19.0684 5980 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:47:19.0719 5980 IRENUM - ok
14:47:19.0770 5980 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:47:19.0795 5980 isapnp - ok
14:47:20.0308 5980 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:47:20.0340 5980 iScsiPrt - ok
14:47:20.0422 5980 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
14:47:20.0567 5980 k57nd60a - ok
14:47:20.0619 5980 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:47:20.0633 5980 kbdclass - ok
14:47:20.0669 5980 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:47:20.0682 5980 kbdhid - ok
14:47:20.0744 5980 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:47:20.0768 5980 KeyIso - ok
14:47:20.0843 5980 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
14:47:20.0854 5980 KSecDD - ok
14:47:20.0882 5980 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
14:47:20.0901 5980 KSecPkg - ok
14:47:20.0947 5980 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:47:20.0960 5980 ksthunk - ok
14:47:21.0213 5980 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:47:21.0255 5980 KtmRm - ok
14:47:21.0326 5980 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:47:21.0333 5980 LanmanServer - ok
14:47:21.0390 5980 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:47:21.0395 5980 LanmanWorkstation - ok
14:47:21.0477 5980 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:47:21.0622 5980 lltdio - ok
14:47:21.0689 5980 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:47:21.0721 5980 lltdsvc - ok
14:47:21.0751 5980 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:47:21.0774 5980 lmhosts - ok
14:47:21.0828 5980 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:47:21.0880 5980 LSI_FC - ok
14:47:21.0896 5980 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:47:21.0949 5980 LSI_SAS - ok
14:47:21.0985 5980 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:47:22.0012 5980 LSI_SAS2 - ok
14:47:22.0035 5980 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:47:22.0076 5980 LSI_SCSI - ok
14:47:22.0105 5980 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:47:22.0136 5980 luafv - ok
14:47:22.0546 5980 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:22.0550 5980 McAfee SiteAdvisor Service - ok
14:47:22.0567 5980 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:22.0571 5980 McMPFSvc - ok
14:47:22.0585 5980 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:22.0589 5980 mcmscsvc - ok
14:47:22.0615 5980 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:22.0619 5980 McNaiAnn - ok
14:47:22.0633 5980 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:22.0637 5980 McNASvc - ok
14:47:22.0764 5980 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
14:47:22.0772 5980 McODS - ok
14:47:22.0785 5980 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:22.0789 5980 McProxy - ok
14:47:22.0863 5980 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:47:22.0866 5980 McShield - ok
14:47:22.0907 5980 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:47:22.0944 5980 Mcx2Svc - ok
14:47:23.0037 5980 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:47:23.0050 5980 mdmxsdk - ok
14:47:23.0072 5980 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:47:23.0116 5980 megasas - ok
14:47:23.0203 5980 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:47:23.0269 5980 MegaSR - ok
14:47:23.0323 5980 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
14:47:23.0326 5980 mfeapfk - ok
14:47:23.0406 5980 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
14:47:23.0426 5980 mfeavfk - ok
14:47:23.0558 5980 mfeavfk01 - ok
14:47:23.0623 5980 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:47:23.0627 5980 mfefire - ok
14:47:23.0768 5980 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
14:47:23.0783 5980 mfefirek - ok
14:47:23.0849 5980 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
14:47:23.0869 5980 mfehidk - ok
14:47:23.0927 5980 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:47:23.0964 5980 mfenlfk - ok
14:47:24.0043 5980 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
14:47:24.0049 5980 mferkdet - ok
14:47:24.0140 5980 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
14:47:24.0143 5980 mfevtp - ok
14:47:24.0218 5980 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
14:47:24.0240 5980 mfewfpk - ok
14:47:24.0282 5980 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:47:24.0285 5980 MMCSS - ok
14:47:24.0328 5980 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:47:24.0330 5980 Modem - ok
14:47:24.0368 5980 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:47:24.0370 5980 monitor - ok
14:47:24.0417 5980 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:47:24.0440 5980 mouclass - ok
14:47:24.0491 5980 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:47:24.0540 5980 mouhid - ok
14:47:24.0582 5980 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:47:24.0585 5980 mountmgr - ok
14:47:24.0753 5980 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:47:24.0759 5980 MozillaMaintenance - ok
14:47:24.0837 5980 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
14:47:24.0851 5980 MpFilter - ok
14:47:24.0890 5980 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:47:24.0918 5980 mpio - ok
14:47:24.0987 5980 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:47:25.0005 5980 mpsdrv - ok
14:47:25.0094 5980 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:47:25.0112 5980 MpsSvc - ok
14:47:25.0164 5980 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:47:25.0209 5980 MRxDAV - ok
14:47:25.0247 5980 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:47:25.0273 5980 mrxsmb - ok
14:47:25.0306 5980 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:47:25.0324 5980 mrxsmb10 - ok
14:47:25.0357 5980 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:47:25.0372 5980 mrxsmb20 - ok
14:47:25.0442 5980 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:47:25.0455 5980 msahci - ok
14:47:25.0505 5980 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:47:25.0570 5980 msdsm - ok
14:47:25.0609 5980 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:47:25.0615 5980 MSDTC - ok
14:47:25.0663 5980 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:47:25.0675 5980 Msfs - ok
14:47:25.0724 5980 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:47:25.0740 5980 mshidkmdf - ok
14:47:25.0772 5980 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:47:25.0780 5980 msisadrv - ok
14:47:25.0813 5980 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:47:25.0823 5980 MSiSCSI - ok
14:47:25.0834 5980 msiserver - ok
14:47:25.0875 5980 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:47:25.0894 5980 MSKSSRV - ok
14:47:26.0020 5980 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:47:26.0021 5980 MsMpSvc - ok
14:47:26.0080 5980 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:47:26.0101 5980 MSPCLOCK - ok
14:47:26.0126 5980 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:47:26.0141 5980 MSPQM - ok
14:47:26.0195 5980 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:47:26.0207 5980 MsRPC - ok
14:47:26.0282 5980 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:47:26.0283 5980 mssmbios - ok
14:47:26.0365 5980 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:47:26.0379 5980 MSTEE - ok
14:47:26.0484 5980 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:47:26.0499 5980 MTConfig - ok
14:47:26.0530 5980 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:47:26.0540 5980 Mup - ok
14:47:26.0621 5980 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:47:26.0628 5980 napagent - ok
14:47:26.0687 5980 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:47:26.0720 5980 NativeWifiP - ok
14:47:26.0904 5980 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:47:26.0916 5980 NDIS - ok
14:47:27.0024 5980 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:47:27.0045 5980 NdisCap - ok
14:47:27.0068 5980 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:47:27.0095 5980 NdisTapi - ok
14:47:27.0530 5980 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:47:27.0543 5980 Ndisuio - ok
14:47:27.0709 5980 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:47:27.0746 5980 NdisWan - ok
14:47:27.0837 5980 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:47:27.0872 5980 NDProxy - ok
14:47:27.0956 5980 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:47:28.0035 5980 NetBIOS - ok
14:47:28.0084 5980 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:47:28.0095 5980 NetBT - ok
14:47:28.0133 5980 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:47:28.0135 5980 Netlogon - ok
14:47:28.0199 5980 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:47:28.0206 5980 Netman - ok
14:47:28.0410 5980 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:47:28.0442 5980 NetMsmqActivator - ok
14:47:28.0452 5980 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:47:28.0455 5980 NetPipeActivator - ok
14:47:28.0505 5980 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:47:28.0534 5980 netprofm - ok
14:47:28.0545 5980 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:47:28.0547 5980 NetTcpActivator - ok
14:47:28.0559 5980 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:47:28.0561 5980 NetTcpPortSharing - ok
14:47:28.0701 5980 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:47:28.0725 5980 nfrd960 - ok
14:47:28.0774 5980 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:47:28.0813 5980 NisDrv - ok
14:47:28.0984 5980 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
14:47:28.0989 5980 NisSrv - ok
14:47:29.0634 5980 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:47:29.0663 5980 NlaSvc - ok
14:47:29.0709 5980 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:47:29.0825 5980 Npfs - ok
14:47:29.0855 5980 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:47:29.0858 5980 nsi - ok
14:47:29.0890 5980 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:47:29.0892 5980 nsiproxy - ok
14:47:30.0039 5980 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:47:30.0131 5980 Ntfs - ok
14:47:30.0232 5980 NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
14:47:30.0234 5980 NTI IScheduleSvc - ok
14:47:30.0534 5980 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
14:47:30.0612 5980 NTIDrvr - ok
14:47:30.0627 5980 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:47:30.0641 5980 Null - ok
14:47:30.0719 5980 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:47:30.0737 5980 nvraid - ok
14:47:30.0776 5980 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:47:30.0806 5980 nvstor - ok
14:47:30.0863 5980 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:47:30.0876 5980 nv_agp - ok
14:47:30.0950 5980 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:47:30.0961 5980 ohci1394 - ok
14:47:31.0048 5980 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:47:31.0084 5980 ose - ok
14:47:31.0449 5980 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:47:31.0493 5980 osppsvc - ok
14:47:31.0670 5980 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:47:31.0675 5980 p2pimsvc - ok
14:47:31.0747 5980 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:47:31.0757 5980 p2psvc - ok
14:47:31.0838 5980 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:47:31.0849 5980 Parport - ok
14:47:31.0890 5980 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
14:47:31.0909 5980 partmgr - ok
14:47:31.0957 5980 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:47:31.0961 5980 PcaSvc - ok
14:47:32.0037 5980 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:47:32.0040 5980 pci - ok
14:47:32.0133 5980 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:47:32.0165 5980 pciide - ok
14:47:32.0233 5980 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:47:32.0261 5980 pcmcia - ok
14:47:32.0403 5980 PCPitstop Scheduling (c654c50ebe6e11a6a5a4b239abfb2e0f) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
14:47:43.0387 5980 PCPitstop Scheduling - ok
14:47:43.0455 5980 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:47:43.0466 5980 pcw - ok
14:47:43.0537 5980 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:47:43.0558 5980 PEAUTH - ok
14:47:43.0889 5980 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:47:43.0901 5980 PerfHost - ok
14:47:44.0118 5980 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:47:44.0181 5980 pla - ok
14:47:44.0274 5980 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:47:44.0282 5980 PlugPlay - ok
14:47:44.0326 5980 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:47:44.0345 5980 PNRPAutoReg - ok
14:47:44.0392 5980 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:47:44.0398 5980 PNRPsvc - ok
14:47:44.0488 5980 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:47:44.0497 5980 PolicyAgent - ok
14:47:44.0834 5980 PORTMON (c58ae9881cd83bb1662a7e062e11cbd6) C:\Users\Mike\Documents\SysinternalsSuite\PORTMSYS.SYS
14:47:44.0962 5980 PORTMON - ok
14:47:45.0044 5980 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:47:45.0050 5980 Power - ok
14:47:45.0141 5980 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:47:45.0196 5980 PptpMiniport - ok
14:47:45.0237 5980 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:47:45.0270 5980 Processor - ok
14:47:45.0318 5980 PROCMON23 (6dff799f7c44cac625bcb95137e73561) C:\Windows\system32\Drivers\PROCMON23.SYS
14:47:45.0333 5980 PROCMON23 - ok
14:47:45.0389 5980 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
14:47:45.0412 5980 ProfSvc - ok
14:47:45.0457 5980 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:47:45.0460 5980 ProtectedStorage - ok
14:47:45.0523 5980 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:47:45.0526 5980 Psched - ok
14:47:45.0583 5980 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
14:47:45.0622 5980 PSI - ok
14:47:45.0797 5980 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:47:45.0839 5980 ql2300 - ok
14:47:46.0768 5980 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:47:46.0812 5980 ql40xx - ok
14:47:46.0907 5980 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:47:46.0914 5980 QWAVE - ok
14:47:46.0949 5980 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:47:46.0952 5980 QWAVEdrv - ok
14:47:47.0010 5980 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:47:47.0034 5980 RasAcd - ok
14:47:47.0102 5980 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:47:47.0119 5980 RasAgileVpn - ok
14:47:47.0169 5980 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:47:47.0223 5980 RasAuto - ok
14:47:47.0312 5980 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:47:47.0331 5980 Rasl2tp - ok
14:47:47.0495 5980 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:47:47.0514 5980 RasMan - ok
14:47:47.0595 5980 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:47:47.0618 5980 RasPppoe - ok
14:47:47.0695 5980 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:47:47.0723 5980 RasSstp - ok
14:47:47.0790 5980 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:47:47.0822 5980 rdbss - ok
14:47:47.0879 5980 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:47:47.0896 5980 rdpbus - ok
14:47:47.0928 5980 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:47:47.0934 5980 RDPCDD - ok
14:47:48.0000 5980 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:47:48.0004 5980 RDPENCDD - ok
14:47:48.0058 5980 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:47:48.0062 5980 RDPREFMP - ok
14:47:48.0134 5980 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
14:47:48.0183 5980 RDPWD - ok
14:47:48.0240 5980 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:47:48.0257 5980 rdyboost - ok
14:47:48.0309 5980 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:47:48.0321 5980 RemoteAccess - ok
14:47:48.0372 5980 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:47:48.0405 5980 RemoteRegistry - ok
14:47:48.0446 5980 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:47:48.0471 5980 RpcEptMapper - ok
14:47:48.0524 5980 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:47:48.0563 5980 RpcLocator - ok
14:47:48.0636 5980 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:47:48.0644 5980 RpcSs - ok
14:47:48.0737 5980 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:47:48.0758 5980 rspndr - ok
14:47:48.0811 5980 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
14:47:48.0859 5980 RSUSBSTOR - ok
14:47:48.0933 5980 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
14:47:48.0960 5980 RTHDMIAzAudService - ok
14:47:49.0101 5980 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:47:49.0104 5980 SamSs - ok
14:47:49.0196 5980 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:47:49.0208 5980 SASDIFSV - ok
14:47:49.0270 5980 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:47:49.0289 5980 SASKUTIL - ok
14:47:49.0344 5980 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:47:49.0375 5980 sbp2port - ok
14:47:49.0396 5980 SBRE - ok
14:47:49.0584 5980 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:47:49.0602 5980 SBSDWSCService - ok
14:47:49.0694 5980 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:47:49.0709 5980 SCardSvr - ok
14:47:49.0788 5980 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:47:49.0838 5980 scfilter - ok
14:47:49.0969 5980 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:47:50.0003 5980 Schedule - ok
14:47:50.0171 5980 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:47:50.0173 5980 SCPolicySvc - ok
14:47:50.0206 5980 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:47:50.0216 5980 SDRSVC - ok
14:47:50.0421 5980 SDScannerService (43d29ecb8137eeae30b0970bbc7a5500) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:47:50.0433 5980 SDScannerService - ok
14:47:50.0561 5980 SDUpdateService (6b859b122e85c2c833e6d8c5dc4b07f3) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:47:50.0578 5980 SDUpdateService - ok
14:47:50.0651 5980 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:47:50.0654 5980 SDWSCService - ok
14:47:50.0791 5980 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:47:50.0804 5980 secdrv - ok
14:47:50.0874 5980 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:47:50.0878 5980 seclogon - ok
14:47:51.0004 5980 Secunia PSI Agent (9189976a69505781b8be9cd62b0a8189) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
14:47:51.0639 5980 Secunia PSI Agent - ok
14:47:51.0769 5980 Secunia Update Agent (1d08c2ff923d2731b546c091320bb779) C:\Program Files (x86)\Secunia\PSI\sua.exe
14:47:51.0799 5980 Secunia Update Agent - ok
14:47:51.0935 5980 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:47:51.0941 5980 SENS - ok
14:47:51.0986 5980 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:47:52.0011 5980 SensrSvc - ok
14:47:52.0077 5980 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:47:52.0090 5980 Serenum - ok
14:47:52.0127 5980 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:47:52.0150 5980 Serial - ok
14:47:52.0207 5980 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:47:52.0220 5980 sermouse - ok
14:47:52.0349 5980 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:47:52.0354 5980 SessionEnv - ok
14:47:52.0402 5980 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:47:52.0420 5980 sffdisk - ok
14:47:52.0461 5980 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:47:52.0492 5980 sffp_mmc - ok
14:47:52.0534 5980 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:47:52.0578 5980 sffp_sd - ok
14:47:52.0611 5980 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:47:52.0638 5980 sfloppy - ok
14:47:52.0740 5980 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
14:47:52.0766 5980 Sftfs - ok
14:47:52.0902 5980 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:47:52.0912 5980 sftlist - ok
14:47:53.0075 5980 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:47:53.0093 5980 Sftplay - ok
14:47:53.0131 5980 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:47:53.0224 5980 Sftredir - ok
14:47:53.0270 5980 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
14:47:53.0285 5980 Sftvol - ok
14:47:53.0356 5980 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:47:53.0360 5980 sftvsa - ok
14:47:53.0545 5980 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:47:53.0554 5980 SharedAccess - ok
14:47:53.0659 5980 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:47:53.0671 5980 ShellHWDetection - ok
14:47:53.0770 5980 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:47:53.0789 5980 SiSRaid2 - ok
14:47:53.0882 5980 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:47:53.0917 5980 SiSRaid4 - ok
14:47:54.0001 5980 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
14:47:54.0005 5980 SkypeUpdate - ok
14:47:54.0052 5980 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:47:54.0151 5980 Smb - ok
14:47:54.0229 5980 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:47:54.0233 5980 SNMPTRAP - ok
14:47:54.0376 5980 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
14:47:54.0389 5980 speedfan - ok
14:47:54.0445 5980 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:47:54.0456 5980 spldr - ok
14:47:54.0534 5980 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:47:54.0545 5980 Spooler - ok
14:47:54.0792 5980 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:47:54.0878 5980 sppsvc - ok
14:47:55.0121 5980 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:47:55.0149 5980 sppuinotify - ok
14:47:55.0225 5980 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:47:55.0248 5980 srv - ok
14:47:55.0295 5980 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:47:55.0335 5980 srv2 - ok
14:47:55.0386 5980 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:47:55.0401 5980 srvnet - ok
14:47:55.0465 5980 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:47:55.0471 5980 SSDPSRV - ok
14:47:55.0512 5980 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:47:55.0516 5980 SstpSvc - ok
14:47:55.0559 5980 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:47:55.0616 5980 stexstor - ok
14:47:55.0702 5980 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:47:55.0713 5980 stisvc - ok
14:47:55.0778 5980 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:47:55.0795 5980 swenum - ok
14:47:55.0866 5980 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:47:55.0877 5980 swprv - ok
14:47:55.0966 5980 SynTP (5aeec2bb8065b563adbc88ca22588953) C:\Windows\system32\DRIVERS\SynTP.sys
14:47:55.0986 5980 SynTP - ok
14:47:56.0107 5980 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:47:56.0135 5980 SysMain - ok
14:47:56.0258 5980 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:47:56.0277 5980 TabletInputService - ok
14:47:56.0335 5980 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:47:56.0361 5980 TapiSrv - ok
14:47:56.0408 5980 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:47:56.0412 5980 TBS - ok
14:47:56.0597 5980 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
14:47:56.0636 5980 Tcpip - ok
14:47:56.0939 5980 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
14:47:56.0957 5980 TCPIP6 - ok
14:47:57.0148 5980 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:47:57.0162 5980 tcpipreg - ok
14:47:57.0257 5980 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:47:57.0288 5980 TDPIPE - ok
14:47:57.0346 5980 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:47:57.0389 5980 TDTCP - ok
14:47:57.0449 5980 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:47:57.0500 5980 tdx - ok
14:47:57.0563 5980 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:47:57.0615 5980 TermDD - ok
14:47:57.0775 5980 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:47:57.0826 5980 TermService - ok
14:47:57.0884 5980 TfFsMon (fa5bfb71e561d279edae7e118435c1c9) C:\Windows\system32\drivers\TfFsMon.sys
14:47:57.0897 5980 TfFsMon - ok
14:47:57.0925 5980 TfNetMon (fa8400d74345ec4bf10e476ca0aaa2df) C:\Windows\system32\drivers\TfNetMon.sys
14:47:57.0941 5980 TfNetMon - ok
14:47:57.0987 5980 TfSysMon (f11aa1a704a4c027e5e8e0f355523834) C:\Windows\system32\drivers\TfSysMon.sys
14:47:58.0001 5980 TfSysMon - ok
14:47:58.0051 5980 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:47:58.0059 5980 Themes - ok
14:47:58.0108 5980 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:47:58.0112 5980 THREADORDER - ok
14:47:58.0185 5980 ThreatFire - ok
14:47:58.0293 5980 TinyWall (36f36843c02f7a98019a4e5503d28788) C:\Program Files\TinyWall\TinyWall.exe
14:47:58.0300 5980 TinyWall - ok
14:47:58.0385 5980 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:47:58.0417 5980 TrkWks - ok
14:47:58.0497 5980 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:47:58.0501 5980 TrustedInstaller - ok
14:47:58.0576 5980 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:47:58.0597 5980 tssecsrv - ok
14:47:58.0670 5980 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:47:58.0688 5980 TsUsbFlt - ok
14:47:58.0737 5980 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:47:58.0769 5980 tunnel - ok
14:47:58.0826 5980 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:47:58.0845 5980 uagp35 - ok
14:47:58.0877 5980 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
14:47:58.0890 5980 UBHelper - ok
14:47:58.0962 5980 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:47:58.0991 5980 udfs - ok
14:47:59.0106 5980 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:47:59.0110 5980 UI0Detect - ok
14:47:59.0215 5980 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:47:59.0243 5980 uliagpkx - ok
14:47:59.0305 5980 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
14:47:59.0370 5980 umbus - ok
14:47:59.0420 5980 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:47:59.0491 5980 UmPass - ok
14:47:59.0650 5980 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
14:47:59.0653 5980 Updater Service - ok
14:47:59.0837 5980 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:47:59.0966 5980 upnphost - ok
14:48:00.0151 5980 UrlFilter (241080f1b28e68f0d00f8f1066a3780d) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
14:48:00.0167 5980 UrlFilter - ok
14:48:00.0226 5980 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:48:00.0267 5980 USBAAPL64 - ok
14:48:00.0339 5980 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
14:48:00.0358 5980 usbaudio - ok
14:48:00.0414 5980 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:48:00.0429 5980 usbccgp - ok
14:48:00.0482 5980 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:48:00.0503 5980 usbcir - ok
14:48:00.0545 5980 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:48:00.0557 5980 usbehci - ok
14:48:00.0607 5980 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
14:48:00.0619 5980 usbfilter - ok
14:48:00.0729 5980 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:48:00.0794 5980 usbhub - ok
14:48:00.0846 5980 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:48:00.0894 5980 usbohci - ok
14:48:00.0947 5980 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:48:01.0091 5980 usbprint - ok
14:48:01.0153 5980 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:48:01.0180 5980 USBSTOR - ok
14:48:01.0222 5980 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:48:01.0240 5980 usbuhci - ok
14:48:01.0293 5980 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:48:01.0311 5980 usbvideo - ok
14:48:01.0354 5980 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:48:01.0359 5980 UxSms - ok
14:48:01.0414 5980 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:48:01.0417 5980 VaultSvc - ok
14:48:01.0491 5980 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:48:01.0505 5980 vdrvroot - ok
14:48:01.0591 5980 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:48:01.0613 5980 vds - ok
14:48:01.0667 5980 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:48:01.0709 5980 vga - ok
14:48:01.0781 5980 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:48:01.0796 5980 VgaSave - ok
14:48:01.0858 5980 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:48:01.0878 5980 vhdmp - ok
14:48:01.0945 5980 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:48:01.0960 5980 viaide - ok
14:48:02.0009 5980 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:48:02.0023 5980 volmgr - ok
14:48:02.0098 5980 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:48:02.0104 5980 volmgrx - ok
14:48:02.0176 5980 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:48:02.0182 5980 volsnap - ok
14:48:02.0238 5980 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:48:02.0261 5980 vsmraid - ok
14:48:02.0375 5980 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:48:02.0401 5980 VSS - ok
14:48:02.0523 5980 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:48:02.0560 5980 vwifibus - ok
14:48:02.0603 5980 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:48:02.0615 5980 vwififlt - ok
14:48:02.0649 5980 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:48:02.0661 5980 vwifimp - ok
14:48:02.0725 5980 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:48:02.0768 5980 W32Time - ok
14:48:02.0826 5980 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:48:02.0871 5980 WacomPen - ok
14:48:02.0935 5980 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:48:02.0948 5980 WANARP - ok
14:48:02.0972 5980 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:48:02.0974 5980 Wanarpv6 - ok
14:48:03.0105 5980 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:48:03.0125 5980 WatAdminSvc - ok
14:48:03.0254 5980 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:48:03.0282 5980 wbengine - ok
14:48:03.0417 5980 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:48:03.0461 5980 WbioSrvc - ok
14:48:03.0561 5980 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:48:03.0593 5980 wcncsvc - ok
14:48:03.0664 5980 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:48:03.0670 5980 WcsPlugInService - ok
14:48:03.0750 5980 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:48:03.0805 5980 Wd - ok
14:48:03.0917 5980 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:48:03.0944 5980 Wdf01000 - ok
14:48:03.0993 5980 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:48:03.0998 5980 WdiServiceHost - ok
14:48:04.0022 5980 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:48:04.0026 5980 WdiSystemHost - ok
14:48:04.0097 5980 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:48:04.0106 5980 WebClient - ok
14:48:04.0167 5980 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:48:04.0193 5980 Wecsvc - ok
14:48:04.0237 5980 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:48:04.0242 5980 wercplsupport - ok
14:48:04.0329 5980 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:48:04.0333 5980 WerSvc - ok
14:48:04.0392 5980 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:48:04.0421 5980 WfpLwf - ok
14:48:04.0479 5980 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:48:04.0515 5980 WIMMount - ok
14:48:04.0586 5980 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
14:48:04.0656 5980 winachsf - ok
14:48:04.0732 5980 WinDefend - ok
14:48:04.0804 5980 WinHttpAutoProxySvc - ok
14:48:04.0937 5980 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:48:04.0942 5980 Winmgmt - ok
14:48:05.0016 5980 WinRing0_1_2_0 - ok
14:48:05.0228 5980 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:48:05.0308 5980 WinRM - ok
14:48:05.0493 5980 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:48:05.0546 5980 WinUsb - ok
14:48:05.0643 5980 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:48:05.0714 5980 Wlansvc - ok
14:48:05.0948 5980 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:48:05.0992 5980 wlidsvc - ok
14:48:06.0111 5980 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:48:06.0112 5980 WmiAcpi - ok
14:48:06.0223 5980 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:48:06.0227 5980 wmiApSrv - ok
14:48:06.0302 5980 WMPNetworkSvc - ok
14:48:06.0573 5980 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
14:48:06.0619 5980 WMZuneComm - ok
14:48:06.0694 5980 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:48:06.0703 5980 WPCSvc - ok
14:48:06.0765 5980 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:48:06.0770 5980 WPDBusEnum - ok
14:48:06.0816 5980 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:48:06.0845 5980 ws2ifsl - ok
14:48:06.0905 5980 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:48:06.0910 5980 wscsvc - ok
14:48:06.0972 5980 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:48:07.0031 5980 WSDPrintDevice - ok
14:48:07.0085 5980 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
14:48:07.0142 5980 WSDScan - ok
14:48:07.0167 5980 WSearch - ok
14:48:07.0440 5980 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
14:48:07.0530 5980 wuauserv - ok
14:48:07.0729 5980 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:48:07.0825 5980 WudfPf - ok
14:48:07.0921 5980 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:48:07.0962 5980 WUDFRd - ok
14:48:08.0021 5980 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:48:08.0056 5980 wudfsvc - ok
14:48:08.0142 5980 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:48:08.0263 5980 WwanSvc - ok
14:48:08.0599 5980 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
14:48:08.0613 5980 X5XSEx - ok
14:48:08.0668 5980 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
14:48:08.0680 5980 XAudio - ok
14:48:09.0292 5980 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
14:48:09.0377 5980 ZuneNetworkSvc - ok
14:48:09.0704 5980 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:48:09.0710 5980 ZuneWlanCfgSvc - ok
14:48:09.0808 5980 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
14:48:09.0832 5980 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
14:48:09.0833 5980 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
14:48:09.0866 5980 Boot (0x1200) (8263a05fb87512c7133e35f3952e3fa0) \Device\Harddisk0\DR0\Partition0
14:48:09.0868 5980 \Device\Harddisk0\DR0\Partition0 - ok
14:48:09.0884 5980 Boot (0x1200) (9eee4d48b29f59a8fd381630d5939c58) \Device\Harddisk0\DR0\Partition1
14:48:09.0886 5980 \Device\Harddisk0\DR0\Partition1 - ok
14:48:09.0887 5980 ============================================================
14:48:09.0887 5980 Scan finished
14:48:09.0887 5980 ============================================================
14:48:09.0912 6016 Detected object count: 1
14:48:09.0912 6016 Actual detected object count: 1
14:48:21.0004 6016 \Device\Harddisk0\DR0\# - copied to quarantine
14:48:21.0496 6016 \Device\Harddisk0\DR0 - copied to quarantine
14:48:22.0465 6016 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
14:48:22.0479 6016 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
14:48:22.0492 6016 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
14:48:22.0503 6016 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
14:48:22.0611 6016 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
14:49:55.0024 6016 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
14:49:55.0026 6016 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
14:49:55.0066 6016 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
14:49:55.0070 6016 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
14:49:55.0101 6016 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
14:49:55.0104 6016 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
14:49:55.0107 6016 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
14:49:55.0110 6016 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
14:49:55.0112 6016 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
14:49:55.0115 6016 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
14:49:55.0169 6016 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
14:49:55.0173 6016 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
14:49:55.0918 6016 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
14:49:56.0047 6016 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
14:49:56.0089 6016 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
14:49:56.0159 6016 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
14:49:56.0224 6016 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
14:49:56.0260 6016 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
14:49:56.0370 6016 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - will be cured on reboot
14:49:56.0410 6016 \Device\Harddisk0\DR0 - ok
14:49:57.0621 6016 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
14:51:32.0843 4784 Deinitialize success



Running ComboFix in a minute...

#8 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 13 July 2012 - 06:18 PM

Things seem too be running a lot better, but not quite 100%. Here's my CF log:


ComboFix 12-07-13.03 - Mike 07/13/2012 15:10:55.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2680 [GMT -7:00]
Running from: c:\users\Mike\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Spybot - Search and Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWOW64mfc45.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-13 to 2012-07-13 )))))))))))))))))))))))))))))))
.
.
2012-07-13 22:27 . 2012-07-13 22:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-13 21:48 . 2012-07-13 21:48 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-13 03:51 . 2012-07-13 03:51 -------- d-----w- C:\FRST
2012-07-12 12:45 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46E46601-9662-4F34-80A5-B49854038D97}\mpengine.dll
2012-07-11 13:20 . 2012-07-11 13:20 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-07-11 13:18 . 2012-07-11 13:18 129176 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
2012-07-11 13:09 . 2009-01-25 20:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2012-07-11 13:09 . 2012-07-11 13:10 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2012-07-11 10:24 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 06:59 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 06:59 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 06:59 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 06:59 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 06:59 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 06:59 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 05:41 . 2012-07-11 05:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-11 05:17 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-04 18:47 . 2003-04-23 22:14 53248 ----a-w- c:\windows\SysWow64\BiMAppNT.exe
2012-07-03 22:25 . 2012-07-03 22:25 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06F2331D-70A6-4FB7-B58A-BE9ED9B0DC67}\gapaengine.dll
2012-07-03 22:20 . 2012-07-03 22:20 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-07-03 22:20 . 2012-07-03 22:21 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-03 11:29 . 2012-06-18 10:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4A54909A-C402-4A44-A721-9A1FE29BFD8B}\mpengine.dll
2012-07-03 10:34 . 2012-07-03 10:34 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF3D8750-9409-4797-BA5A-4D084A23A177}\offreg.dll
2012-07-03 10:34 . 2012-07-03 10:34 -------- d-----w- c:\users\Mike\AppData\Local\IsolatedStorage
2012-07-03 06:21 . 2012-06-18 10:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF3D8750-9409-4797-BA5A-4D084A23A177}\mpengine.dll
2012-07-03 02:11 . 2012-07-03 02:11 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-07-03 02:11 . 2012-07-03 02:11 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-07-03 02:10 . 2012-07-03 02:10 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-07-03 01:57 . 2012-07-03 01:57 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-06-27 09:25 . 2012-07-11 12:12 -------- d-----r- c:\users\Mike\Podcasts
2012-06-27 09:25 . 2012-06-27 09:25 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-06-27 09:25 . 2012-06-27 09:25 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-06-27 09:25 . 2012-06-27 09:25 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-06-27 09:25 . 2012-06-27 09:25 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-06-27 09:25 . 2012-06-27 09:25 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-06-27 09:21 . 2012-06-27 09:25 -------- d-----w- c:\program files\Zune
2012-06-25 16:28 . 2012-05-26 00:09 29312 ----a-w- c:\program files (x86)\Mozilla Firefox\ScriptFF.dll
2012-06-24 00:01 . 2012-06-24 00:01 -------- d-----w- c:\program files\Java
2012-06-23 06:19 . 2012-06-23 06:19 -------- d-----w- C:\Hotspot Shield
2012-06-23 06:18 . 2012-06-23 06:19 -------- d-----w- c:\program files (x86)\Hotspot Shield
2012-06-22 22:34 . 2012-06-22 22:34 -------- d-----w- c:\users\Mike\AppData\Roaming\RealNetworks
2012-06-22 21:33 . 2012-06-22 21:33 -------- d-----w- c:\program files (x86)\WOT
2012-06-22 21:33 . 2012-06-22 21:33 -------- d-----w- c:\program files\WOT
2012-06-22 20:08 . 2012-06-22 20:10 -------- d-----w- c:\users\Mike\AppData\Roaming\TinyWall
2012-06-22 20:04 . 2012-07-11 05:00 -------- d-----w- c:\programdata\TinyWall
2012-06-22 20:04 . 2012-06-29 01:36 -------- d-----w- c:\program files\TinyWall
2012-06-22 15:40 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 15:40 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 15:40 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 15:40 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 15:40 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 15:40 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 15:40 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 15:40 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 15:40 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-21 02:08 . 2012-06-21 02:08 -------- d-----w- C:\THIS_MEANS_WAR
2012-06-21 02:03 . 2012-06-22 20:57 -------- d-----w- c:\programdata\DVD Shrink
2012-06-21 02:03 . 2012-06-21 02:03 -------- d-----w- c:\program files (x86)\DVD Shrink
2012-06-20 16:14 . 2012-06-20 16:14 12800 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npwachk.dll
2012-06-18 03:05 . 2012-06-20 02:36 -------- d-----w- c:\users\Mike\AppData\Roaming\Trillian
2012-06-18 03:04 . 2012-07-11 04:56 -------- d-----w- c:\program files (x86)\Trillian
2012-06-17 13:30 . 2012-07-06 07:40 -------- d-----w- c:\users\Mike\AppData\Local\ElevatedDiagnostics
2012-06-17 11:16 . 2012-06-17 11:16 -------- d-----w- c:\program files (x86)\Emsisoft HiJackFree
2012-06-16 21:18 . 2012-07-11 12:54 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-15 18:33 . 2012-06-15 18:33 -------- d-----w- c:\users\Mike\AppData\Local\Amazon
2012-06-14 05:02 . 2012-06-14 05:02 -------- d-----w- c:\program files (x86)\Oracle
2012-06-14 03:35 . 2012-06-18 04:54 -------- d-----w- c:\users\Mike\AppData\Local\Digsby
2012-06-14 03:35 . 2012-06-14 03:40 -------- d-----w- c:\users\Mike\AppData\Roaming\Digsby
2012-06-14 03:35 . 2012-06-14 03:40 -------- d-----w- c:\programdata\Digsby
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 13:17 . 2007-02-02 06:13 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-07-11 13:17 . 2007-02-02 03:11 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-11 12:54 . 2012-06-13 03:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-03 02:11 . 2012-05-04 19:48 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-29 01:38 . 2012-05-02 18:09 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-06-24 00:01 . 2012-02-16 23:15 955840 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-24 00:01 . 2012-02-16 23:15 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-16 19:50 . 2012-05-02 18:08 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-06-16 19:50 . 2012-05-02 18:08 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-16 19:49 . 2012-05-02 18:08 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-10 12:25 . 2012-06-10 12:25 84360 ---ha-w- c:\windows\system32\drivers\PROCMON23.SYS
2012-06-03 08:13 . 2011-03-29 01:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-02 08:25 . 2012-07-11 10:04 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-27 11:59 . 2012-05-27 11:59 557056 ----a-w- c:\windows\Restart Explorer.exe
2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-05-17 21:27 . 2012-05-17 21:27 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
2012-05-09 18:40 . 2012-05-09 18:40 4818944 ----a-w- c:\windows\SysWow64\x264vfw.dll
2012-05-05 02:29 . 2012-05-15 03:04 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-05 02:29 . 2012-02-11 06:18 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-13 01:25 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 11:00 . 2012-06-13 01:50 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-05-04 10:03 . 2012-06-13 01:25 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 01:25 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-04 09:59 . 2012-06-13 01:50 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-05-02 04:54 . 2012-05-02 04:54 53248 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink_Web_Site._B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2012-05-02 04:54 . 2012-05-02 04:54 53248 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink_Support.u_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2012-05-02 04:54 . 2012-05-02 04:54 40960 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.exe11_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2012-05-02 04:54 . 2012-05-02 04:54 40960 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.exe1_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2012-05-02 04:54 . 2012-05-02 04:54 45056 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.chm_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2012-05-02 04:54 . 2012-05-02 04:54 40960 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\ARPPRODUCTICON.exe
2012-05-01 05:40 . 2012-06-13 01:25 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-29 03:23 . 2012-04-29 03:23 1250816 ----a-w- c:\windows\SysWow64\VSFilter.dll
2012-04-28 03:55 . 2012-06-13 01:25 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 01:26 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 01:26 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 01:26 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 01:25 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 01:25 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 01:25 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 01:25 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 01:25 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 01:25 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-19 03:56 . 2012-04-19 03:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 03:56 . 2012-04-19 03:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-17 17:11 . 2012-05-17 21:31 49152 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-04-17 17:11 . 2012-05-17 21:31 17920 ----a-w- c:\windows\system32\smrgdf.exe
2012-04-17 16:37 . 2012-05-17 21:31 2154032 ----a-w- c:\windows\system32\Incinerator64.dll
2012-04-17 16:37 . 2012-05-17 21:31 2095816 ----a-w- c:\windows\SysWow64\Incinerator32.dll
2012-04-17 15:25 . 2012-05-17 21:30 69000 ----a-w- c:\windows\system32\offreg.dll
2012-04-17 15:25 . 2012-05-17 21:30 56200 ----a-w- c:\windows\SysWow64\offreg.dll
2012-04-17 15:25 . 2012-05-17 21:28 31432 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-05-31 15:37 208608 ----a-w- c:\users\Mike\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-05-31 15:37 208608 ----a-w- c:\users\Mike\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-05-31 15:37 208608 ----a-w- c:\users\Mike\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"WeatherBugAlert"="c:\program files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" [2007-05-31 446080]
"NetworkIndicator"="c:\users\Mike\Downloads\network-activity-indicator\NetworkIndicator.exe" [2012-05-05 344064]
"WLAN Optimizer"="c:\users\Mike\Documents\wopt021\WLAN Optimizer.exe" [2009-08-08 109056]
"POP Peeper"="c:\program files (x86)\pop peeper\poppeeper.exe" [2011-11-16 1613824]
"09009A79D78F7D57D59454FD1051E02615098430._service_run"="c:\users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-06-28 1250328]
"CommCtr"="c:\progra~2\NET2PH~1\CommCtr.exe" [2006-05-25 2383872]
"Facebook Update"="c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"iolo Startup"="c:\program files (x86)\iolo\Common\Lib\ioloLManager.exe" [2012-04-17 938680]
"ThreatFire"="c:\program files (x86)\ThreatFire\TFTray.exe" [2011-02-22 378128]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2009-08-18 1157128]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2012-07-05 383720]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-07-04 3921432]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-07-11 296096]
.
c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
alarm.lnk - c:\program files (x86)\A.L.A.R.M\alarm.exe [2006-9-19 383488]
Atomic TimeSync.lnk - c:\program files (x86)\AnalogX\Atomic TimeSync\ats.exe [2012-5-29 142832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CrystalDiskInfo.lnk - c:\program files (x86)\CrystalDiskInfo\DiskInfo.exe [2012-5-21 1149912]
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2012-3-26 4656632]
WinPatrol.lnk - c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [2012-6-11 383720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 7 (0x7)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
"CLMLServer"="c:\program files (x86)\Cyberlink\Power2Go\CLMLSvc.exe"
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"Info Center"=c:\program files (x86)\PCPitstop\Info Center\InfoCenter.exe
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 0067841341495755mcinstcleanup;McAfee Application Installer Cleanup (0067841341495755);c:\windows\TEMP\006784~1.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 135664]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-08 160944]
R2 TinyWall;TinyWall Service;c:\program files\TinyWall\TinyWall.exe [2012-06-23 623272]
R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2012-06-20 66320]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-06 21384]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 135664]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2012-05-16 91848]
R3 PORTMON;PORTMON;c:\users\Mike\Documents\SysinternalsSuite\PORTMSYS.SYS [2012-06-10 28656]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-05-03 1302072]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-26 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-03-26 329544]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 35256]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-02-22 65072]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-02-22 74824]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Mike\Documents\EmsisoftEmergencyKit\Run\a2ddax64.sys [2012-06-19 23208]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-17 31432]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.5 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-06-20 3069752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-15 913752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-04 203264]
S2 ePowerSvc;Acer ePower Service;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-09-30 844320]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-04-17 1047336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-09-24 62720]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-07-04 1188896]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-07-04 1395736]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-03-22 166528]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-05-03 681016]
S2 ThreatFire;ThreatFire;c:\program files (x86)\ThreatFire\TFService.exe service [x]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [2009-07-04 240160]
S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-11-22 55400]
S3 ALSysIO;ALSysIO;c:\users\Mike\AppData\Local\Temp\ALSysIO64.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-02-12 292864]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-06 317480]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-02-22 41888]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-16 12:54]
.
2012-07-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003Core.job
- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-27 21:58]
.
2012-07-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003UA.job
- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-27 21:58]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 03:21]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 03:21]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003Core.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-27 10:56]
.
2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3202008224-526500420-2040653520-1003UA.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-27 10:56]
.
2012-07-12 c:\windows\Tasks\Norton Security Scan for Mike.job
- c:\progra~2\NORTON~2\Engine\372~1.5\Nss.exe [2012-05-15 09:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-03-26 21:45 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-05-31 15:38 232672 ----a-w- c:\users\Mike\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-05-31 15:38 232672 ----a-w- c:\users\Mike\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-05-31 15:38 232672 ----a-w- c:\users\Mike\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-06-21 02:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-06-21 02:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-06-21 02:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-06-21 02:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\Gateway\Gateway Power Management\ePowerTray.exe" [2009-09-30 823840]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"TinyWall Controller"="c:\program files\TinyWall\TinyWall.exe" [2012-06-23 623272]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://g.live.com/1rewlive4startup/home
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv73&r=27361011k115l03f4z175a49m2x325
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2c51ve6k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs
*/
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1335522678
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1335522678
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1335522678
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1335582174
FF - user.js: browser.bookmarks.restore_default_bookmarks - false
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 1048576
FF - user.js: browser.migration.version - 6
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.selectedEngine - Web Search
FF - user.js: browser.search.useDBForOrder - true
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage - hxxp://www.google.com
FF - user.js: browser.startup.homepage_override.buildID - 20120420145725
FF - user.js: browser.startup.homepage_override.mstone - rv:12.0
FF - user.js: browser.syncPromoViewsLeft - 4
FF - user.js: browser.taskbar.lastgroupid - E7CF176E110C211B
FF - user.js: extensions.blocklist.pingCountVersion - 0
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 12
FF - user.js: extensions.enabledAddons - {51ef49d2-624b-4194-8b97-1c468e9b0efe}:1.300.422,{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\McAfee\\\\SiteAdvisor\,\mtime\:1335974642406},\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\Common Files\\\\McAfee\\\\SystemCore\,\mtime\:1335611430014},\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\,\mtime\:1335610983471}}},{\name\:\app-global\,\addons\:{\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1335522420994}}},{\name\:\app-profile\,\addons\:{\{51ef49d2-624b-4194-8b97-1c468e9b0efe}\:{\descriptor\:\c:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\2c51ve6k.default\\\\extensions\\\\{51ef49d2-624b-4194-8b97-1c468e9b0efe}.xpi\,\mtime\:1335524595164}}}]
FF - user.js: extensions.lastAppVersion - 12.0
FF - user.js: extensions.lastPlatformVersion - 12.0
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.AutoSearchEventData - auto%20search
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.ClearCacheDate - 2
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.DNSCatch - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.DisplayEULA - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.DnsCatchEventData - dns%20catch
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.FirstLaunchShown - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.LoadLayoutDate.60497 - 2
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.MailLastCheckTime - 1335524897
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.NewTabSearchEventData - tab%20search
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.RemoveAllData - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.ShowDescriptiveText - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.ShowRecommendedOptions - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.StateReportDate - 1335978218352
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.TopRightSearchEventData - top%20right%20search
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.api.settings.fctoolbar51ef49d2624b41948b971c468e9b0efe.user - 1a2go56
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.beforeInstallSaved - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.beforeinstall.homepage - http%3A//www.google.com
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.beforeinstall.search - Google
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.customNewTab - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.helpUsImprove - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.hideOthers - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.processAddrBar - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.remove_search - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.restoreSearch - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.searchHistory - true
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.session - B57A22F9268ABD75CA04278AAD70012FA87316317735995D758FD4E6F67456EBA98970879EF524028CB58F760E86A4C10FE4EF3CE25D2D9E5F4333ED2AD9DEA685D738FE2C5A28DF0408FC74DF5A8A533A48BA0B90B78EB7CA986B0B79572561
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.showFirstLaunchOptions - false
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.tb_lang - en
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.tool_id - 60497
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_id - 77504961
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_key - 892be7dad78effc57c30f85106dc56b1a2a9b4f3
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_layouts - 60497
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.user_lnames - MyPoints%20Point%20Finder
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.weather_location_IDcid2799617 - MXBS0007
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.weather_location_namecid2799617 - Los%20Cabos%2C%20Mexico
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.xml_service_url - 64e3a27980eeceb34248bc3e680b4e63
FF - user.js: freecause51ef49d2624b41948b971c468e9b0efe.yahooSearch - false
FF - user.js: idle.lastDailyNotification - 1335582451
FF - user.js: intl.charsetmenu.browser.cache - windows-1252, UTF-8
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: places.database.lastMaintenance - 1335582451
FF - user.js: places.history.expiration.transient_current_max_pages - 100564
FF - user.js: prefs.fc_activetabpage - 60497
FF - user.js: prefs.fc_affiliate_active - {51ef49d2-624b-4194-8b97-1c468e9b0efe}
FF - user.js: prefs.fc_uuid - b0634b46-5587-406c-937a-880ed8ce0a5c
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: storage.vacuum.last.index - 0
FF - user.js: storage.vacuum.last.places.sqlite - 1335582451
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1338114507
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
.
------- File Associations -------
.
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Notify-SDWinLogon - SDWinLogon.dll
Toolbar-Locked - (no file)
WebBrowser-{8E8B08E2-2856-4B3E-85E5-FE74406796E8} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
WebBrowser-{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ThreatFire]
"AlternateImagePath"=""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3202008224-526500420-2040653520-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\05\01\1c\17\15\15?"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\ThreatFire\TFService.exe
c:\users\Mike\Documents\SysinternalsSuite\Tcpview.exe
c:\program files (x86)\Mozilla Firefox\firefox.exe
c:\program files (x86)\Mozilla Firefox\plugin-container.exe
c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
c:\program files (x86)\Mozilla Firefox\plugin-container.exe
.
**************************************************************************
.
Completion time: 2012-07-13 16:26:37 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-13 23:26
.
Pre-Run: 131,494,617,088 bytes free
Post-Run: 130,954,842,112 bytes free
.
- - End Of File - - 176A110C9CA8CF76CC63B159EF90F59E

Edited by MJL574, 13 July 2012 - 06:28 PM.


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 14 July 2012 - 11:16 AM

  • 1. Please download OTL from one of the following mirrors:
  • This is THE Mirror
    2. Save it to your desktop.
    3. Double click on the Posted Image icon on your desktop.
    4. Under the Custom Scan box paste this in
    c:\windows\*. /SL
    c:\windows\*. /RP 
    netsvcs
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav 
    %systemroot%\system32\drivers\*.sys /90
    5. Push the Quick Scan button.
    6. Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 16 July 2012 - 01:22 AM

Sorry it took a while to get back to you, but I've been between work (graveyard) and getting my car fixed. :|

I have tried to run OTL about a half dozen times, but it keeps locking up on me while "Checking FireFox settings". I do have my anti-virus programs disabled.

#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 16 July 2012 - 04:10 PM

Have you tried running Otl in Safemode?

Now reboot into Safe Mode.
This can be done tapping the F8 key as soon as you start your computer
You will be brought to a menu where you can choose to boot into safe mode.
Make sure you choose the option without networking support.
Please see here for additional details.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 18 July 2012 - 07:20 PM

Tried Safe Mode. OTL still locks up on my at the same point.

#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 18 July 2012 - 07:44 PM

Hello,

Please run TDssKiller again and post its log.


1.
Please download Sophos Anti-rootkit & save it to your desktop.
alternate download link
Note: If using the vendor's download site you will be asked to register with MySophos so an email containing an activation link can be sent to your email address.

Be sure to print out and read the Sophos Anti-Rookit User Manual and Release Notes.
  • Double-click sar_15_sfx.exe to begin the installation, read the license agreement and click Accept.
  • Allow the default location of C:\Program Files\Sophos\Sophos Anti-Rootkit and click Install.
  • A message will appear "Sophos Anti-Rootkit was successfully installed. Click 'yes' to start it now".
  • Click Yes and allow the driver and its randomly named .tmp file (i.e. F.tmp) to load if asked.
  • If the scan did not start automatically, make sure the following are checked:
    • Running processes
    • Windows Registry
    • Local Hard Drives
  • Click Start scan.
  • Sophos Anti-Rootkit will scan the selected areas and display any suspicious files in the upper panel.
  • When the scan is complete, a pop-up screen will appear with "Rootkit Scan Results". Click OK to continue.
  • Click on the suspicious file to display more information about it in the lower panel which also includes whether the item is recommended for removal.
    • Files tagged as Removable: No are not marked for removal and cannot be removed.
    • Files tagged as Removable: Yes (clean up recommended) are marked for removal by default.
    • Files tagged as Removable: Yes (but clean up not recommended) are not marked for removal because Sophos did not recognize them. These files will require further investigation.
  • Select only items recommended for removal, then click "Clean up checked items". You will be asked to confirm, click Yes.
  • A pop up window will appear advising the cleanup will finish when you restart your computer. Click Restart Now.
  • After reboot, a dialog box displays the files you selected for removal and the action taken.
  • Click Empty list and then click Continue to re-scan your computer a second time to ensure everything was cleaned.
  • When done, go to Start > Run and type or copy/paste: %temp%\sarscan.log
  • This should open the log from the rootkit scan. Please post this log in your next reply. If you have a problem, you can find sarscan.log in C:\Documents and Settings\<username>\Local Settings\Temp\.
Before performing an ARK scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.
  • Disconnect from the Internet or physically unplug you Internet cable connection.
  • Clean out your temporary files.
  • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
  • Temporarily disable your anti-virus and real-time anti-spyware protection.
  • After starting the scan, do not use the computer until the scan has completed.
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.

2.
  • Download RogueKiller on the desktop
  • Close all the running processes
  • Under Vista/Seven, right click -> Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • When prompted, Click Scan
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

3.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


Things to include in your next reply::
TdssKiller log
Sophos antirootkit log
RogueKiller log
MBAM LOG
Still getting audio ads? If so which browser is it doing it in?

Edited by fireman4it, 18 July 2012 - 07:44 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:31 PM

Posted 20 July 2012 - 04:35 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 MJL574

MJL574
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:31 PM

Posted 21 July 2012 - 06:57 AM

02:56:46.0505 9180 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
02:56:48.0328 9180 ============================================================
02:56:48.0328 9180 Current date / time: 2012/07/21 02:56:48.0328
02:56:48.0328 9180 SystemInfo:
02:56:48.0328 9180
02:56:48.0328 9180 OS Version: 6.1.7601 ServicePack: 1.0
02:56:48.0328 9180 Product type: Workstation
02:56:48.0329 9180 ComputerName: KE6ALV
02:56:48.0329 9180 UserName: Mike
02:56:48.0329 9180 Windows directory: C:\Windows
02:56:48.0329 9180 System windows directory: C:\Windows
02:56:48.0329 9180 Running under WOW64
02:56:48.0329 9180 Processor architecture: Intel x64
02:56:48.0329 9180 Number of processors: 2
02:56:48.0329 9180 Page size: 0x1000
02:56:48.0329 9180 Boot type: Normal boot
02:56:48.0329 9180 ============================================================
02:56:51.0779 9180 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:56:51.0838 9180 ============================================================
02:56:51.0838 9180 \Device\Harddisk0\DR0:
02:56:51.0838 9180 MBR partitions:
02:56:51.0838 9180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
02:56:51.0839 9180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x1B990244
02:56:51.0839 9180 ============================================================
02:56:51.0867 9180 C: <-> \Device\Harddisk0\DR0\Partition1
02:56:51.0867 9180 ============================================================
02:56:51.0867 9180 Initialize success
02:56:51.0867 9180 ============================================================
02:56:54.0760 7296 ============================================================
02:56:54.0760 7296 Scan started
02:56:54.0760 7296 Mode: Manual;
02:56:54.0760 7296 ============================================================
02:56:56.0433 7296 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
02:56:56.0437 7296 !SASCORE - ok
02:56:56.0602 7296 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:56:56.0673 7296 1394ohci - ok
02:56:56.0768 7296 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
02:56:56.0882 7296 a2acc - ok
02:56:57.0058 7296 a2AntiMalware (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
02:56:57.0099 7296 a2AntiMalware - ok
02:56:57.0225 7296 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Users\Mike\Documents\EmsisoftEmergencyKit\Run\a2ddax64.sys
02:56:57.0302 7296 A2DDA - ok
02:56:57.0433 7296 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:56:57.0513 7296 ACPI - ok
02:56:57.0542 7296 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:56:57.0611 7296 AcpiPmi - ok
02:56:57.0703 7296 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:56:57.0705 7296 AdobeARMservice - ok
02:56:57.0799 7296 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:56:57.0802 7296 AdobeFlashPlayerUpdateSvc - ok
02:56:57.0850 7296 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:56:57.0865 7296 adp94xx - ok
02:56:57.0886 7296 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:56:57.0900 7296 adpahci - ok
02:56:57.0918 7296 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:56:57.0928 7296 adpu320 - ok
02:56:58.0092 7296 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
02:56:58.0103 7296 AdvancedSystemCareService5 - ok
02:56:58.0145 7296 ADVService (96a0ff09e226b023dc6aca253aacee2e) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
02:56:58.0147 7296 ADVService - ok
02:56:58.0216 7296 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:56:58.0218 7296 AeLookupSvc - ok
02:56:58.0299 7296 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
02:56:58.0377 7296 AFD - ok
02:56:58.0401 7296 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:56:58.0407 7296 agp440 - ok
02:56:58.0439 7296 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:56:58.0442 7296 ALG - ok
02:56:58.0469 7296 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:56:58.0477 7296 aliide - ok
02:56:58.0641 7296 ALSysIO - ok
02:56:58.0676 7296 AMD External Events Utility (f238be4fa4e55eb67f17281fadf69851) C:\Windows\system32\atiesrxx.exe
02:56:58.0679 7296 AMD External Events Utility - ok
02:56:58.0712 7296 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:56:58.0716 7296 amdide - ok
02:56:58.0754 7296 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:56:58.0762 7296 AmdK8 - ok
02:56:58.0781 7296 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:56:58.0787 7296 AmdPPM - ok
02:56:58.0830 7296 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:56:58.0902 7296 amdsata - ok
02:56:58.0946 7296 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:56:58.0957 7296 amdsbs - ok
02:56:58.0975 7296 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:56:59.0051 7296 amdxata - ok
02:56:59.0087 7296 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:56:59.0156 7296 AppID - ok
02:56:59.0184 7296 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:56:59.0186 7296 AppIDSvc - ok
02:56:59.0228 7296 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
02:56:59.0230 7296 Appinfo - ok
02:56:59.0283 7296 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:56:59.0290 7296 arc - ok
02:56:59.0318 7296 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:56:59.0327 7296 arcsas - ok
02:56:59.0427 7296 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:56:59.0455 7296 aspnet_state - ok
02:56:59.0482 7296 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:56:59.0490 7296 AsyncMac - ok
02:56:59.0523 7296 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:56:59.0524 7296 atapi - ok
02:56:59.0629 7296 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
02:56:59.0709 7296 athr - ok
02:57:00.0113 7296 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
02:57:00.0376 7296 atikmdag - ok
02:57:00.0502 7296 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
02:57:00.0577 7296 AtiPcie - ok
02:57:00.0631 7296 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:57:00.0640 7296 AudioEndpointBuilder - ok
02:57:00.0649 7296 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:57:00.0656 7296 AudioSrv - ok
02:57:00.0701 7296 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
02:57:00.0704 7296 AxInstSV - ok
02:57:00.0750 7296 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:57:00.0765 7296 b06bdrv - ok
02:57:00.0799 7296 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:57:00.0809 7296 b57nd60a - ok
02:57:00.0847 7296 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:57:00.0850 7296 BDESVC - ok
02:57:00.0879 7296 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:57:00.0886 7296 Beep - ok
02:57:00.0943 7296 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
02:57:00.0952 7296 BFE - ok
02:57:01.0042 7296 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
02:57:01.0054 7296 BITS - ok
02:57:01.0106 7296 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:57:01.0114 7296 blbdrive - ok
02:57:01.0194 7296 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
02:57:01.0200 7296 Bonjour Service - ok
02:57:01.0248 7296 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:57:01.0320 7296 bowser - ok
02:57:01.0500 7296 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:57:01.0539 7296 BrFiltLo - ok
02:57:01.0562 7296 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:57:01.0579 7296 BrFiltUp - ok
02:57:01.0629 7296 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
02:57:01.0647 7296 BridgeMP - ok
02:57:01.0674 7296 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
02:57:01.0677 7296 Browser - ok
02:57:01.0717 7296 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:57:01.0730 7296 Brserid - ok
02:57:01.0769 7296 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:57:01.0783 7296 BrSerWdm - ok
02:57:01.0800 7296 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:57:01.0814 7296 BrUsbMdm - ok
02:57:01.0830 7296 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:57:01.0852 7296 BrUsbSer - ok
02:57:01.0884 7296 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:57:01.0889 7296 BTHMODEM - ok
02:57:01.0942 7296 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:57:01.0944 7296 bthserv - ok
02:57:01.0965 7296 catchme - ok
02:57:02.0003 7296 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
02:57:02.0102 7296 CAXHWAZL - ok
02:57:02.0150 7296 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:57:02.0158 7296 cdfs - ok
02:57:02.0193 7296 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
02:57:02.0276 7296 cdrom - ok
02:57:02.0324 7296 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:57:02.0326 7296 CertPropSvc - ok
02:57:02.0373 7296 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
02:57:02.0447 7296 cfwids - ok
02:57:02.0494 7296 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:57:02.0500 7296 circlass - ok
02:57:02.0563 7296 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:57:02.0595 7296 CLFS - ok
02:57:02.0674 7296 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:57:02.0676 7296 clr_optimization_v2.0.50727_32 - ok
02:57:02.0785 7296 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:57:02.0789 7296 clr_optimization_v2.0.50727_64 - ok
02:57:02.0869 7296 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:57:02.0950 7296 clr_optimization_v4.0.30319_32 - ok
02:57:03.0014 7296 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:57:03.0087 7296 clr_optimization_v4.0.30319_64 - ok
02:57:03.0121 7296 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:57:03.0128 7296 CmBatt - ok
02:57:03.0159 7296 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:57:03.0165 7296 cmdide - ok
02:57:03.0222 7296 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
02:57:03.0289 7296 CNG - ok
02:57:03.0323 7296 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:57:03.0331 7296 Compbatt - ok
02:57:03.0358 7296 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
02:57:03.0431 7296 CompositeBus - ok
02:57:03.0442 7296 COMSysApp - ok
02:57:03.0456 7296 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:57:03.0465 7296 crcdisk - ok
02:57:03.0504 7296 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
02:57:03.0507 7296 CryptSvc - ok
02:57:03.0638 7296 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
02:57:03.0650 7296 cvhsvc - ok
02:57:03.0704 7296 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:57:03.0712 7296 DcomLaunch - ok
02:57:03.0755 7296 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:57:03.0760 7296 defragsvc - ok
02:57:03.0824 7296 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:57:03.0895 7296 DfsC - ok
02:57:03.0948 7296 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
02:57:03.0953 7296 Dhcp - ok
02:57:03.0988 7296 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:57:03.0993 7296 discache - ok
02:57:04.0019 7296 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:57:04.0027 7296 Disk - ok
02:57:04.0123 7296 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
02:57:04.0197 7296 DKbFltr - ok
02:57:04.0244 7296 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
02:57:04.0248 7296 Dnscache - ok
02:57:04.0303 7296 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
02:57:04.0307 7296 dot3svc - ok
02:57:04.0333 7296 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
02:57:04.0336 7296 DPS - ok
02:57:04.0367 7296 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:57:04.0391 7296 drmkaud - ok
02:57:04.0482 7296 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:57:04.0582 7296 DXGKrnl - ok
02:57:04.0627 7296 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:57:04.0630 7296 EapHost - ok
02:57:04.0827 7296 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:57:04.0917 7296 ebdrv - ok
02:57:05.0022 7296 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
02:57:05.0024 7296 EFS - ok
02:57:05.0128 7296 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
02:57:05.0137 7296 ehRecvr - ok
02:57:05.0181 7296 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:57:05.0184 7296 ehSched - ok
02:57:05.0250 7296 ElRawDisk (f21a07780bbd64adef872f50e8ce2e75) C:\Windows\system32\drivers\ElRawDsk.sys
02:57:05.0362 7296 ElRawDisk - ok
02:57:05.0422 7296 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:57:05.0435 7296 elxstor - ok
02:57:05.0571 7296 ePowerSvc (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
02:57:05.0581 7296 ePowerSvc - ok
02:57:05.0703 7296 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:57:05.0709 7296 ErrDev - ok
02:57:05.0780 7296 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:57:05.0786 7296 EventSystem - ok
02:57:05.0825 7296 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:57:05.0837 7296 exfat - ok
02:57:05.0877 7296 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:57:05.0887 7296 fastfat - ok
02:57:05.0969 7296 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
02:57:05.0981 7296 Fax - ok
02:57:06.0013 7296 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:57:06.0022 7296 fdc - ok
02:57:06.0050 7296 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:57:06.0055 7296 fdPHost - ok
02:57:06.0073 7296 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:57:06.0077 7296 FDResPub - ok
02:57:06.0105 7296 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:57:06.0115 7296 FileInfo - ok
02:57:06.0279 7296 FileMonitor (060cc45cecae2feaff9c8c52d8fafaa8) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
02:57:06.0384 7296 FileMonitor - ok
02:57:06.0416 7296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:57:06.0422 7296 Filetrace - ok
02:57:06.0462 7296 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:57:06.0483 7296 flpydisk - ok
02:57:06.0636 7296 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:57:06.0712 7296 FltMgr - ok
02:57:06.0857 7296 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
02:57:06.0875 7296 FontCache - ok
02:57:06.0941 7296 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:57:06.0943 7296 FontCache3.0.0.0 - ok
02:57:06.0985 7296 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:57:06.0991 7296 FsDepends - ok
02:57:07.0026 7296 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
02:57:07.0101 7296 Fs_Rec - ok
02:57:07.0133 7296 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:57:07.0207 7296 fvevol - ok
02:57:07.0242 7296 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:57:07.0251 7296 gagp30kx - ok
02:57:07.0329 7296 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
02:57:07.0334 7296 GamesAppService - ok
02:57:07.0368 7296 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:57:07.0442 7296 GEARAspiWDM - ok
02:57:07.0520 7296 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
02:57:07.0530 7296 gpsvc - ok
02:57:07.0617 7296 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:57:07.0620 7296 gupdate - ok
02:57:07.0628 7296 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:57:07.0630 7296 gupdatem - ok
02:57:07.0674 7296 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:57:07.0678 7296 gusvc - ok
02:57:07.0713 7296 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:57:07.0718 7296 hcw85cir - ok
02:57:07.0777 7296 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
02:57:07.0856 7296 HdAudAddService - ok
02:57:07.0892 7296 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
02:57:07.0959 7296 HDAudBus - ok
02:57:07.0992 7296 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:57:07.0997 7296 HidBatt - ok
02:57:08.0022 7296 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:57:08.0028 7296 HidBth - ok
02:57:08.0055 7296 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:57:08.0061 7296 HidIr - ok
02:57:08.0088 7296 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
02:57:08.0090 7296 hidserv - ok
02:57:08.0122 7296 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
02:57:08.0193 7296 HidUsb - ok
02:57:08.0228 7296 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
02:57:08.0231 7296 hkmsvc - ok
02:57:08.0274 7296 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
02:57:08.0279 7296 HomeGroupListener - ok
02:57:08.0323 7296 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
02:57:08.0327 7296 HomeGroupProvider - ok
02:57:08.0363 7296 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:57:08.0438 7296 HpSAMD - ok
02:57:08.0616 7296 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
02:57:08.0624 7296 HsfXAudioService - ok
02:57:08.0773 7296 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
02:57:08.0857 7296 HSF_DPV - ok
02:57:08.0988 7296 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
02:57:08.0993 7296 HssSrv - ok
02:57:09.0007 7296 HssWd - ok
02:57:09.0166 7296 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:57:09.0245 7296 HTTP - ok
02:57:09.0272 7296 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:57:09.0329 7296 hwpolicy - ok
02:57:09.0378 7296 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
02:57:09.0388 7296 i8042prt - ok
02:57:09.0441 7296 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:57:09.0519 7296 iaStorV - ok
02:57:09.0656 7296 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:57:09.0667 7296 idsvc - ok
02:57:09.0715 7296 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:57:09.0723 7296 iirsp - ok
02:57:09.0797 7296 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
02:57:09.0804 7296 IKEEXT - ok
02:57:10.0163 7296 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
02:57:10.0173 7296 IMFservice - ok
02:57:10.0385 7296 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
02:57:10.0472 7296 IntcAzAudAddService - ok
02:57:10.0607 7296 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:57:10.0610 7296 intelide - ok
02:57:10.0641 7296 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:57:10.0651 7296 intelppm - ok
02:57:10.0753 7296 IObitUnlocker (67f6d2a931f194396bda9b05690008d2) C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys
02:57:10.0830 7296 IObitUnlocker - ok
02:57:10.0939 7296 ioloSystemService (440a02fa25be8dccd2103d820036eda1) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
02:57:10.0947 7296 ioloSystemService - ok
02:57:10.0983 7296 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:57:10.0986 7296 IPBusEnum - ok
02:57:11.0044 7296 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:57:11.0114 7296 IpFilterDriver - ok
02:57:11.0182 7296 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
02:57:11.0191 7296 iphlpsvc - ok
02:57:11.0233 7296 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:57:11.0304 7296 IPMIDRV - ok
02:57:11.0347 7296 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:57:11.0359 7296 IPNAT - ok
02:57:11.0465 7296 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
02:57:11.0476 7296 iPod Service - ok
02:57:11.0507 7296 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:57:11.0513 7296 IRENUM - ok
02:57:11.0549 7296 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:57:11.0555 7296 isapnp - ok
02:57:11.0603 7296 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:57:11.0688 7296 iScsiPrt - ok
02:57:11.0833 7296 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
02:57:11.0912 7296 k57nd60a - ok
02:57:11.0932 7296 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:57:11.0941 7296 kbdclass - ok
02:57:11.0984 7296 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
02:57:12.0052 7296 kbdhid - ok
02:57:12.0078 7296 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:57:12.0080 7296 KeyIso - ok
02:57:12.0109 7296 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
02:57:12.0168 7296 KSecDD - ok
02:57:12.0204 7296 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
02:57:12.0278 7296 KSecPkg - ok
02:57:12.0314 7296 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:57:12.0320 7296 ksthunk - ok
02:57:12.0362 7296 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:57:12.0369 7296 KtmRm - ok
02:57:12.0416 7296 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
02:57:12.0423 7296 LanmanServer - ok
02:57:12.0475 7296 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
02:57:12.0480 7296 LanmanWorkstation - ok
02:57:12.0513 7296 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:57:12.0520 7296 lltdio - ok
02:57:12.0573 7296 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:57:12.0578 7296 lltdsvc - ok
02:57:12.0597 7296 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:57:12.0600 7296 lmhosts - ok
02:57:12.0655 7296 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:57:12.0662 7296 LSI_FC - ok
02:57:12.0693 7296 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:57:12.0698 7296 LSI_SAS - ok
02:57:12.0732 7296 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:57:12.0738 7296 LSI_SAS2 - ok
02:57:12.0756 7296 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:57:12.0764 7296 LSI_SCSI - ok
02:57:12.0795 7296 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:57:12.0800 7296 luafv - ok
02:57:12.0925 7296 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
02:57:12.0928 7296 McAfee SiteAdvisor Service - ok
02:57:12.0940 7296 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
02:57:12.0943 7296 McMPFSvc - ok
02:57:12.0966 7296 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
02:57:12.0968 7296 mcmscsvc - ok
02:57:12.0979 7296 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
02:57:12.0983 7296 McNaiAnn - ok
02:57:12.0993 7296 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
02:57:12.0996 7296 McNASvc - ok
02:57:13.0070 7296 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
02:57:13.0076 7296 McODS - ok
02:57:13.0087 7296 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
02:57:13.0090 7296 McProxy - ok
02:57:13.0168 7296 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
02:57:13.0172 7296 McShield - ok
02:57:13.0208 7296 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
02:57:13.0212 7296 Mcx2Svc - ok
02:57:13.0249 7296 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
02:57:13.0319 7296 mdmxsdk - ok
02:57:13.0340 7296 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:57:13.0348 7296 megasas - ok
02:57:13.0407 7296 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:57:13.0420 7296 MegaSR - ok
02:57:13.0461 7296 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
02:57:13.0533 7296 mfeapfk - ok
02:57:13.0581 7296 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
02:57:13.0658 7296 mfeavfk - ok
02:57:13.0695 7296 mfeavfk01 - ok
02:57:13.0739 7296 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
02:57:13.0743 7296 mfefire - ok
02:57:13.0808 7296 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
02:57:13.0890 7296 mfefirek - ok
02:57:13.0954 7296 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
02:57:14.0035 7296 mfehidk - ok
02:57:14.0080 7296 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
02:57:14.0150 7296 mfenlfk - ok
02:57:14.0322 7296 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
02:57:14.0325 7296 mferkdet - ok
02:57:14.0375 7296 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
02:57:14.0379 7296 mfevtp - ok
02:57:14.0437 7296 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
02:57:14.0517 7296 mfewfpk - ok
02:57:14.0550 7296 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:57:14.0554 7296 MMCSS - ok
02:57:14.0593 7296 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:57:14.0598 7296 Modem - ok
02:57:14.0616 7296 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:57:14.0626 7296 monitor - ok
02:57:14.0661 7296 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:57:14.0669 7296 mouclass - ok
02:57:14.0704 7296 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:57:14.0711 7296 mouhid - ok
02:57:14.0748 7296 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:57:14.0821 7296 mountmgr - ok
02:57:14.0898 7296 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:57:14.0901 7296 MozillaMaintenance - ok
02:57:14.0974 7296 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
02:57:15.0044 7296 MpFilter - ok
02:57:15.0098 7296 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:57:15.0175 7296 mpio - ok
02:57:15.0211 7296 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:57:15.0222 7296 mpsdrv - ok
02:57:15.0315 7296 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
02:57:15.0326 7296 MpsSvc - ok
02:57:15.0367 7296 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:57:15.0447 7296 MRxDAV - ok
02:57:15.0482 7296 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:57:15.0554 7296 mrxsmb - ok
02:57:15.0594 7296 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:57:15.0673 7296 mrxsmb10 - ok
02:57:15.0702 7296 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:57:15.0770 7296 mrxsmb20 - ok
02:57:15.0811 7296 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:57:15.0886 7296 msahci - ok
02:57:15.0937 7296 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:57:16.0017 7296 msdsm - ok
02:57:16.0056 7296 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:57:16.0059 7296 MSDTC - ok
02:57:16.0107 7296 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:57:16.0113 7296 Msfs - ok
02:57:16.0136 7296 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:57:16.0143 7296 mshidkmdf - ok
02:57:16.0184 7296 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:57:16.0191 7296 msisadrv - ok
02:57:16.0227 7296 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:57:16.0231 7296 MSiSCSI - ok
02:57:16.0245 7296 msiserver - ok
02:57:16.0287 7296 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:57:16.0300 7296 MSKSSRV - ok
02:57:16.0398 7296 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
02:57:16.0400 7296 MsMpSvc - ok
02:57:16.0435 7296 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:57:16.0444 7296 MSPCLOCK - ok
02:57:16.0482 7296 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:57:16.0487 7296 MSPQM - ok
02:57:16.0541 7296 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:57:16.0599 7296 MsRPC - ok
02:57:16.0660 7296 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
02:57:16.0667 7296 mssmbios - ok
02:57:16.0702 7296 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:57:16.0709 7296 MSTEE - ok
02:57:16.0729 7296 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:57:16.0736 7296 MTConfig - ok
02:57:16.0752 7296 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:57:16.0761 7296 Mup - ok
02:57:16.0839 7296 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
02:57:16.0846 7296 napagent - ok
02:57:16.0897 7296 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:57:16.0909 7296 NativeWifiP - ok
02:57:16.0979 7296 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:57:16.0991 7296 NDIS - ok
02:57:17.0026 7296 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:57:17.0037 7296 NdisCap - ok
02:57:17.0058 7296 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:57:17.0064 7296 NdisTapi - ok
02:57:17.0101 7296 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:57:17.0171 7296 Ndisuio - ok
02:57:17.0207 7296 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:57:17.0281 7296 NdisWan - ok
02:57:17.0305 7296 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:57:17.0374 7296 NDProxy - ok
02:57:17.0410 7296 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:57:17.0418 7296 NetBIOS - ok
02:57:17.0464 7296 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:57:17.0536 7296 NetBT - ok
02:57:17.0566 7296 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:57:17.0569 7296 Netlogon - ok
02:57:17.0616 7296 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:57:17.0623 7296 Netman - ok
02:57:17.0756 7296 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:57:17.0768 7296 NetMsmqActivator - ok
02:57:17.0781 7296 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:57:17.0783 7296 NetPipeActivator - ok
02:57:17.0846 7296 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:57:17.0854 7296 netprofm - ok
02:57:17.0865 7296 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:57:17.0868 7296 NetTcpActivator - ok
02:57:17.0883 7296 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:57:17.0886 7296 NetTcpPortSharing - ok
02:57:17.0968 7296 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:57:17.0974 7296 nfrd960 - ok
02:57:18.0019 7296 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
02:57:18.0090 7296 NisDrv - ok
02:57:18.0207 7296 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
02:57:18.0211 7296 NisSrv - ok
02:57:18.0264 7296 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
02:57:18.0270 7296 NlaSvc - ok
02:57:18.0300 7296 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:57:18.0304 7296 Npfs - ok
02:57:18.0334 7296 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:57:18.0337 7296 nsi - ok
02:57:18.0358 7296 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:57:18.0364 7296 nsiproxy - ok
02:57:18.0523 7296 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:57:18.0606 7296 Ntfs - ok
02:57:18.0701 7296 NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
02:57:18.0704 7296 NTI IScheduleSvc - ok
02:57:18.0836 7296 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
02:57:18.0906 7296 NTIDrvr - ok
02:57:18.0928 7296 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:57:18.0936 7296 Null - ok
02:57:18.0995 7296 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:57:19.0079 7296 nvraid - ok
02:57:19.0113 7296 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:57:19.0189 7296 nvstor - ok
02:57:19.0222 7296 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:57:19.0232 7296 nv_agp - ok
02:57:19.0272 7296 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:57:19.0282 7296 ohci1394 - ok
02:57:19.0358 7296 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:57:19.0361 7296 ose - ok
02:57:19.0722 7296 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:57:19.0828 7296 osppsvc - ok
02:57:19.0955 7296 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:57:19.0962 7296 p2pimsvc - ok
02:57:20.0047 7296 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:57:20.0055 7296 p2psvc - ok
02:57:20.0140 7296 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:57:20.0154 7296 Parport - ok
02:57:20.0203 7296 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
02:57:20.0283 7296 partmgr - ok
02:57:20.0334 7296 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:57:20.0339 7296 PcaSvc - ok
02:57:20.0396 7296 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:57:20.0493 7296 pci - ok
02:57:20.0545 7296 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:57:20.0556 7296 pciide - ok
02:57:20.0621 7296 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:57:20.0638 7296 pcmcia - ok
02:57:20.0736 7296 PCPitstop Scheduling (c654c50ebe6e11a6a5a4b239abfb2e0f) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
02:57:20.0739 7296 PCPitstop Scheduling - ok
02:57:20.0788 7296 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:57:20.0798 7296 pcw - ok
02:57:20.0866 7296 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:57:20.0890 7296 PEAUTH - ok
02:57:21.0034 7296 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:57:21.0037 7296 PerfHost - ok
02:57:21.0181 7296 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
02:57:21.0198 7296 pla - ok
02:57:21.0257 7296 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
02:57:21.0264 7296 PlugPlay - ok
02:57:21.0315 7296 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:57:21.0318 7296 PNRPAutoReg - ok
02:57:21.0362 7296 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:57:21.0367 7296 PNRPsvc - ok
02:57:21.0429 7296 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
02:57:21.0437 7296 PolicyAgent - ok
02:57:21.0562 7296 PORTMON (c58ae9881cd83bb1662a7e062e11cbd6) C:\Users\Mike\Documents\SysinternalsSuite\PORTMSYS.SYS
02:57:21.0686 7296 PORTMON - ok
02:57:21.0766 7296 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
02:57:21.0773 7296 Power - ok
02:57:21.0893 7296 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:57:21.0999 7296 PptpMiniport - ok
02:57:22.0036 7296 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:57:22.0049 7296 Processor - ok
02:57:22.0097 7296 PROCMON23 (6dff799f7c44cac625bcb95137e73561) C:\Windows\system32\Drivers\PROCMON23.SYS
02:57:22.0155 7296 PROCMON23 - ok
02:57:22.0203 7296 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
02:57:22.0208 7296 ProfSvc - ok
02:57:22.0245 7296 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:57:22.0248 7296 ProtectedStorage - ok
02:57:22.0292 7296 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:57:22.0295 7296 Psched - ok
02:57:22.0326 7296 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
02:57:22.0412 7296 PSI - ok
02:57:22.0610 7296 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:57:22.0644 7296 ql2300 - ok
02:57:22.0780 7296 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:57:22.0786 7296 ql40xx - ok
02:57:22.0842 7296 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:57:22.0847 7296 QWAVE - ok
02:57:22.0872 7296 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:57:22.0879 7296 QWAVEdrv - ok
02:57:22.0912 7296 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:57:22.0917 7296 RasAcd - ok
02:57:22.0958 7296 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:57:22.0963 7296 RasAgileVpn - ok
02:57:23.0013 7296 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:57:23.0017 7296 RasAuto - ok
02:57:23.0062 7296 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:57:23.0131 7296 Rasl2tp - ok
02:57:23.0184 7296 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
02:57:23.0192 7296 RasMan - ok
02:57:23.0231 7296 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:57:23.0240 7296 RasPppoe - ok
02:57:23.0272 7296 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:57:23.0277 7296 RasSstp - ok
02:57:23.0325 7296 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:57:23.0405 7296 rdbss - ok
02:57:23.0443 7296 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:57:23.0450 7296 rdpbus - ok
02:57:23.0471 7296 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:57:23.0476 7296 RDPCDD - ok
02:57:23.0515 7296 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:57:23.0522 7296 RDPENCDD - ok
02:57:23.0559 7296 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:57:23.0563 7296 RDPREFMP - ok
02:57:23.0609 7296 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
02:57:23.0688 7296 RDPWD - ok
02:57:23.0745 7296 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:57:23.0825 7296 rdyboost - ok
02:57:23.0865 7296 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:57:23.0869 7296 RemoteAccess - ok
02:57:23.0916 7296 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:57:23.0921 7296 RemoteRegistry - ok
02:57:23.0946 7296 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:57:23.0950 7296 RpcEptMapper - ok
02:57:23.0990 7296 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:57:23.0993 7296 RpcLocator - ok
02:57:24.0050 7296 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:57:24.0056 7296 RpcSs - ok
02:57:24.0094 7296 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:57:24.0099 7296 rspndr - ok
02:57:24.0147 7296 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
02:57:24.0217 7296 RSUSBSTOR - ok
02:57:24.0269 7296 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
02:57:24.0351 7296 RTHDMIAzAudService - ok
02:57:24.0390 7296 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:57:24.0393 7296 SamSs - ok
02:57:24.0463 7296 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
02:57:24.0534 7296 SASDIFSV - ok
02:57:24.0593 7296 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
02:57:24.0667 7296 SASKUTIL - ok
02:57:24.0713 7296 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:57:24.0797 7296 sbp2port - ok
02:57:24.0819 7296 SBRE - ok
02:57:24.0991 7296 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
02:57:25.0006 7296 SBSDWSCService - ok
02:57:25.0061 7296 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:57:25.0065 7296 SCardSvr - ok
02:57:25.0141 7296 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:57:25.0215 7296 scfilter - ok
02:57:25.0297 7296 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
02:57:25.0311 7296 Schedule - ok
02:57:25.0349 7296 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:57:25.0351 7296 SCPolicySvc - ok
02:57:25.0384 7296 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
02:57:25.0389 7296 SDRSVC - ok
02:57:25.0555 7296 SDScannerService (43d29ecb8137eeae30b0970bbc7a5500) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
02:57:25.0569 7296 SDScannerService - ok
02:57:25.0698 7296 SDUpdateService (6b859b122e85c2c833e6d8c5dc4b07f3) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
02:57:25.0719 7296 SDUpdateService - ok
02:57:25.0762 7296 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
02:57:25.0765 7296 SDWSCService - ok
02:57:25.0891 7296 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:57:25.0896 7296 secdrv - ok
02:57:25.0952 7296 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
02:57:25.0955 7296 seclogon - ok
02:57:26.0082 7296 Secunia PSI Agent (9189976a69505781b8be9cd62b0a8189) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
02:57:26.0097 7296 Secunia PSI Agent - ok
02:57:26.0219 7296 Secunia Update Agent (1d08c2ff923d2731b546c091320bb779) C:\Program Files (x86)\Secunia\PSI\sua.exe
02:57:26.0227 7296 Secunia Update Agent - ok
02:57:26.0347 7296 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
02:57:26.0350 7296 SENS - ok
02:57:26.0372 7296 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:57:26.0375 7296 SensrSvc - ok
02:57:26.0455 7296 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:57:26.0460 7296 Serenum - ok
02:57:26.0496 7296 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:57:26.0505 7296 Serial - ok
02:57:26.0579 7296 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:57:26.0587 7296 sermouse - ok
02:57:26.0694 7296 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
02:57:26.0698 7296 SessionEnv - ok
02:57:26.0734 7296 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:57:26.0740 7296 sffdisk - ok
02:57:26.0771 7296 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:57:26.0778 7296 sffp_mmc - ok
02:57:26.0811 7296 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:57:26.0880 7296 sffp_sd - ok
02:57:26.0933 7296 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:57:26.0944 7296 sfloppy - ok
02:57:27.0206 7296 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
02:57:27.0288 7296 Sftfs - ok
02:57:27.0414 7296 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
02:57:27.0421 7296 sftlist - ok
02:57:27.0542 7296 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
02:57:27.0620 7296 Sftplay - ok
02:57:27.0653 7296 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
02:57:27.0725 7296 Sftredir - ok
02:57:27.0758 7296 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
02:57:27.0897 7296 Sftvol - ok
02:57:27.0955 7296 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
02:57:27.0959 7296 sftvsa - ok
02:57:28.0038 7296 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
02:57:28.0044 7296 SharedAccess - ok
02:57:28.0110 7296 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
02:57:28.0116 7296 ShellHWDetection - ok
02:57:28.0158 7296 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:57:28.0166 7296 SiSRaid2 - ok
02:57:28.0204 7296 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:57:28.0213 7296 SiSRaid4 - ok
02:57:28.0284 7296 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
02:57:28.0287 7296 SkypeUpdate - ok
02:57:28.0318 7296 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:57:28.0328 7296 Smb - ok
02:57:28.0406 7296 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:57:28.0409 7296 SNMPTRAP - ok
02:57:28.0508 7296 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
02:57:28.0579 7296 speedfan - ok
02:57:28.0633 7296 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:57:28.0641 7296 spldr - ok
02:57:28.0734 7296 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
02:57:28.0743 7296 Spooler - ok
02:57:28.0970 7296 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
02:57:29.0052 7296 sppsvc - ok
02:57:29.0185 7296 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:57:29.0189 7296 sppuinotify - ok
02:57:29.0287 7296 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:57:29.0368 7296 srv - ok
02:57:29.0435 7296 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:57:29.0547 7296 srv2 - ok
02:57:29.0586 7296 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:57:29.0664 7296 srvnet - ok
02:57:29.0726 7296 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:57:29.0732 7296 SSDPSRV - ok
02:57:29.0765 7296 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:57:29.0769 7296 SstpSvc - ok
02:57:29.0802 7296 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:57:29.0808 7296 stexstor - ok
02:57:29.0877 7296 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
02:57:29.0886 7296 stisvc - ok
02:57:29.0929 7296 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
02:57:29.0936 7296 swenum - ok
02:57:30.0003 7296 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:57:30.0012 7296 swprv - ok
02:57:30.0094 7296 SynTP (5aeec2bb8065b563adbc88ca22588953) C:\Windows\system32\DRIVERS\SynTP.sys
02:57:30.0181 7296 SynTP - ok
02:57:30.0314 7296 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
02:57:30.0350 7296 SysMain - ok
02:57:30.0548 7296 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
02:57:30.0553 7296 TabletInputService - ok
02:57:30.0628 7296 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
02:57:30.0638 7296 TapiSrv - ok
02:57:30.0673 7296 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:57:30.0677 7296 TBS - ok
02:57:30.0828 7296 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
02:57:30.0926 7296 Tcpip - ok
02:57:31.0138 7296 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
02:57:31.0152 7296 TCPIP6 - ok
02:57:31.0302 7296 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:57:31.0374 7296 tcpipreg - ok
02:57:31.0433 7296 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:57:31.0442 7296 TDPIPE - ok
02:57:31.0489 7296 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
02:57:31.0561 7296 TDTCP - ok
02:57:31.0605 7296 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:57:31.0692 7296 tdx - ok
02:57:31.0737 7296 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
02:57:31.0800 7296 TermDD - ok
02:57:31.0870 7296 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
02:57:31.0880 7296 TermService - ok
02:57:31.0928 7296 TfFsMon (fa5bfb71e561d279edae7e118435c1c9) C:\Windows\system32\drivers\TfFsMon.sys
02:57:31.0931 7296 TfFsMon - ok
02:57:31.0958 7296 TfNetMon (fa8400d74345ec4bf10e476ca0aaa2df) C:\Windows\system32\drivers\TfNetMon.sys
02:57:31.0960 7296 TfNetMon - ok
02:57:31.0987 7296 TfSysMon (f11aa1a704a4c027e5e8e0f355523834) C:\Windows\system32\drivers\TfSysMon.sys
02:57:31.0989 7296 TfSysMon - ok
02:57:32.0039 7296 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:57:32.0044 7296 Themes - ok
02:57:32.0085 7296 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:57:32.0088 7296 THREADORDER - ok
02:57:32.0166 7296 ThreatFire - ok
02:57:32.0292 7296 TinyWall (36f36843c02f7a98019a4e5503d28788) C:\Program Files\TinyWall\TinyWall.exe
02:57:32.0300 7296 TinyWall - ok
02:57:32.0354 7296 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:57:32.0358 7296 TrkWks - ok
02:57:32.0432 7296 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
02:57:32.0436 7296 TrustedInstaller - ok
02:57:32.0510 7296 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:57:32.0595 7296 tssecsrv - ok
02:57:32.0647 7296 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:57:32.0742 7296 TsUsbFlt - ok
02:57:32.0781 7296 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:57:32.0859 7296 tunnel - ok
02:57:32.0938 7296 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:57:32.0945 7296 uagp35 - ok
02:57:32.0976 7296 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
02:57:33.0045 7296 UBHelper - ok
02:57:33.0109 7296 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:57:33.0183 7296 udfs - ok
02:57:33.0261 7296 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:57:33.0264 7296 UI0Detect - ok
02:57:33.0304 7296 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:57:33.0311 7296 uliagpkx - ok
02:57:33.0349 7296 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
02:57:33.0418 7296 umbus - ok
02:57:33.0463 7296 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:57:33.0468 7296 UmPass - ok
02:57:33.0588 7296 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
02:57:33.0592 7296 Updater Service - ok
02:57:33.0653 7296 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:57:33.0663 7296 upnphost - ok
02:57:33.0850 7296 UrlFilter (241080f1b28e68f0d00f8f1066a3780d) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
02:57:33.0923 7296 UrlFilter - ok
02:57:33.0970 7296 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
02:57:34.0060 7296 USBAAPL64 - ok
02:57:34.0109 7296 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
02:57:34.0182 7296 usbaudio - ok
02:57:34.0224 7296 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:57:34.0298 7296 usbccgp - ok
02:57:34.0348 7296 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:57:34.0356 7296 usbcir - ok
02:57:34.0399 7296 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
02:57:34.0474 7296 usbehci - ok
02:57:34.0517 7296 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
02:57:34.0588 7296 usbfilter - ok
02:57:34.0641 7296 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:57:34.0717 7296 usbhub - ok
02:57:34.0752 7296 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
02:57:34.0825 7296 usbohci - ok
02:57:34.0868 7296 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:57:34.0873 7296 usbprint - ok
02:57:34.0901 7296 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:57:34.0982 7296 USBSTOR - ok
02:57:35.0010 7296 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
02:57:35.0077 7296 usbuhci - ok
02:57:35.0128 7296 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
02:57:35.0215 7296 usbvideo - ok
02:57:35.0253 7296 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:57:35.0257 7296 UxSms - ok
02:57:35.0291 7296 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:57:35.0293 7296 VaultSvc - ok
02:57:35.0343 7296 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:57:35.0352 7296 vdrvroot - ok
02:57:35.0418 7296 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
02:57:35.0427 7296 vds - ok
02:57:35.0476 7296 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:57:35.0481 7296 vga - ok
02:57:35.0511 7296 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:57:35.0518 7296 VgaSave - ok
02:57:35.0575 7296 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:57:35.0657 7296 vhdmp - ok
02:57:35.0700 7296 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:57:35.0714 7296 viaide - ok
02:57:35.0775 7296 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:57:35.0862 7296 volmgr - ok
02:57:35.0915 7296 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:57:36.0003 7296 volmgrx - ok
02:57:36.0074 7296 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:57:36.0169 7296 volsnap - ok
02:57:36.0219 7296 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:57:36.0229 7296 vsmraid - ok
02:57:36.0355 7296 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
02:57:36.0375 7296 VSS - ok
02:57:36.0568 7296 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:57:36.0575 7296 vwifibus - ok
02:57:36.0615 7296 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:57:36.0626 7296 vwififlt - ok
02:57:36.0671 7296 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
02:57:36.0680 7296 vwifimp - ok
02:57:36.0736 7296 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:57:36.0744 7296 W32Time - ok
02:57:36.0804 7296 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:57:36.0843 7296 WacomPen - ok
02:57:36.0892 7296 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:57:36.0967 7296 WANARP - ok
02:57:36.0985 7296 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:57:36.0987 7296 Wanarpv6 - ok
02:57:37.0086 7296 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:57:37.0117 7296 WatAdminSvc - ok
02:57:37.0410 7296 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
02:57:37.0429 7296 wbengine - ok
02:57:37.0562 7296 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:57:37.0567 7296 WbioSrvc - ok
02:57:37.0632 7296 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
02:57:37.0640 7296 wcncsvc - ok
02:57:37.0686 7296 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:57:37.0690 7296 WcsPlugInService - ok
02:57:37.0750 7296 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:57:37.0757 7296 Wd - ok
02:57:37.0820 7296 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:57:37.0859 7296 Wdf01000 - ok
02:57:37.0904 7296 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:57:37.0909 7296 WdiServiceHost - ok
02:57:37.0931 7296 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:57:37.0935 7296 WdiSystemHost - ok
02:57:37.0995 7296 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
02:57:38.0000 7296 WebClient - ok
02:57:38.0046 7296 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:57:38.0052 7296 Wecsvc - ok
02:57:38.0104 7296 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:57:38.0108 7296 wercplsupport - ok
02:57:38.0150 7296 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:57:38.0155 7296 WerSvc - ok
02:57:38.0214 7296 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:57:38.0219 7296 WfpLwf - ok
02:57:38.0256 7296 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:57:38.0260 7296 WIMMount - ok
02:57:38.0324 7296 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
02:57:38.0398 7296 winachsf - ok
02:57:38.0454 7296 WinDefend - ok
02:57:38.0524 7296 WinHttpAutoProxySvc - ok
02:57:38.0608 7296 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:57:38.0612 7296 Winmgmt - ok
02:57:38.0686 7296 WinRing0_1_2_0 - ok
02:57:38.0843 7296 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
02:57:38.0870 7296 WinRM - ok
02:57:39.0049 7296 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
02:57:39.0120 7296 WinUsb - ok
02:57:39.0228 7296 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:57:39.0243 7296 Wlansvc - ok
02:57:39.0435 7296 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:57:39.0464 7296 wlidsvc - ok
02:57:39.0584 7296 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
02:57:39.0590 7296 WmiAcpi - ok
02:57:39.0680 7296 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:57:39.0684 7296 wmiApSrv - ok
02:57:39.0759 7296 WMPNetworkSvc - ok
02:57:39.0892 7296 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
02:57:39.0897 7296 WMZuneComm - ok
02:57:39.0939 7296 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:57:39.0942 7296 WPCSvc - ok
02:57:39.0999 7296 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
02:57:40.0003 7296 WPDBusEnum - ok
02:57:40.0049 7296 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:57:40.0055 7296 ws2ifsl - ok
02:57:40.0106 7296 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
02:57:40.0110 7296 wscsvc - ok
02:57:40.0160 7296 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
02:57:40.0168 7296 WSDPrintDevice - ok
02:57:40.0217 7296 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
02:57:40.0225 7296 WSDScan - ok
02:57:40.0245 7296 WSearch - ok
02:57:40.0429 7296 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
02:57:40.0458 7296 wuauserv - ok
02:57:40.0606 7296 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:57:40.0674 7296 WudfPf - ok
02:57:40.0717 7296 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:57:40.0789 7296 WUDFRd - ok
02:57:40.0844 7296 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
02:57:40.0848 7296 wudfsvc - ok
02:57:40.0909 7296 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:57:40.0915 7296 WwanSvc - ok
02:57:40.0986 7296 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
02:57:41.0065 7296 X5XSEx - ok
02:57:41.0112 7296 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
02:57:41.0179 7296 XAudio - ok
02:57:41.0979 7296 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
02:57:42.0156 7296 ZuneNetworkSvc - ok
02:57:42.0318 7296 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
02:57:42.0325 7296 ZuneWlanCfgSvc - ok
02:57:42.0418 7296 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:57:42.0995 7296 \Device\Harddisk0\DR0 - ok
02:57:43.0009 7296 Boot (0x1200) (8263a05fb87512c7133e35f3952e3fa0) \Device\Harddisk0\DR0\Partition0
02:57:43.0011 7296 \Device\Harddisk0\DR0\Partition0 - ok
02:57:43.0027 7296 Boot (0x1200) (9eee4d48b29f59a8fd381630d5939c58) \Device\Harddisk0\DR0\Partition1
02:57:43.0029 7296 \Device\Harddisk0\DR0\Partition1 - ok
02:57:43.0030 7296 ============================================================
02:57:43.0030 7296 Scan finished
02:57:43.0030 7296 ============================================================
02:57:43.0045 2456 Detected object count: 0
02:57:43.0045 2456 Actual detected object count: 0
02:58:53.0894 8996 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users