Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting, Extremely slow browsers, Lagging


  • This topic is locked This topic is locked
9 replies to this topic

#1 TechRaven

TechRaven

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 05 March 2013 - 04:01 PM

If anybody can please help ASAP I would appreciate it as I need the laptop to study for a midterm in a day and a half.

 

Considering this I have uploaded ALL that I have to try and make fixing the issue as easy and fast as possible.

 

The browsers have become impossible to work on. Takes roughly a minute to two to load a page, random redirecting, constant lagging when scrolling/loading/downloading/typing.

 

I ran the scan and have attached the txt logs. Attached File  DDS-1.txt   18.73KB   1 downloadsAttached File  Attach-1.txt   24.09KB   0 downloads

 

As a just in case I also have a log from Malwarebytes  which I had run trying to fix the issue.Attached File  mbam-log-2013-03-05 (01-46-51).txt   2.13KB   1 downloads

 

I also ran a ComboFix on my own when I was trying to fix it (I included the log I have from it)Attached File  combo.txt   18.14KB   2 downloads

 

I also ran OTL with this in the custom scan box. (I also included the log from this)Attached File  OTL.Txt   187.39KB   2 downloadsAttached File  Extras.Txt   78.17KB   0 downloads

%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
disk.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
usbstor.sys
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

 

 


Edited by TechRaven, 05 March 2013 - 04:06 PM.


BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:41 PM

Posted 05 March 2013 - 06:17 PM

Hello TechRaven,,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

 

1.

We need to run an OTL Fix

  • Please reopen on your desktop.
  • Copy and Paste the following code into the textbox. Do not include the word "quote"

    :Otl
    [2013/03/03 17:48:16 | 000,000,176 | ---- | C] () -- C:\ProgramData\-glnVBErsTnrwJEnr
    [2013/03/03 17:48:16 | 000,000,176 | ---- | C] () -- C:\ProgramData\-glnVBErsTnrwJEn
    [2013/03/02 23:19:11 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-HaDBaVsVgnyPsr
    [2013/03/02 23:19:11 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-HaDBaVsVgnyPs

    :Commands
    [EMPTYYEMP]
    [RESETHOSTS]

  • Push
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click .
  • A report will open. Copy and Paste that report in your next reply.

 

 

2.

Download AdwCleaner

  • Double click on AdwCleaner.exe to run the tool.
    ***Note: Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select
  • Click the Delete button.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your next reply.
  • Or you can find the logfile at C:\AdwCleaner[R1].txt.

 

Things to include in your next reply::

Otl fix log

AswCleaner log

How is your machine running now/

Please Copy and Paste all logs directly into your reply. Don't attach them unless asked to do so.


Edited by fireman4it, 05 March 2013 - 06:35 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 TechRaven

TechRaven
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 05 March 2013 - 11:49 PM

Ok here are the logs.

 

Still no change. All browsers are laggy to an unusable extent. . If I have one tab open and i open another tab, I cannot scroll down on any tabs or move a page around until ALL tabs have completely stopped loading, which is also taking as long as 2 minutes sometimes.

 

The laptop itself works fine, this is entirely happening in the browsers. Sometimes I can type an entire paragraph and nothing will show on the screen until I about a minute after.

 

Then trying to go on YouTube is horrible as it takes about 3 minutes for a page to load, and videos wont even play correctly, or have a full 30 second delay, or the image will freeze up. 

Attached Files



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:41 PM

Posted 06 March 2013 - 12:54 AM

1.

We need to run an OTL Fix

  • Please reopen on your desktop.
  • Copy and Paste the following code into the textbox. Do not include the word "quote"

    :Otl
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKCU\..\URLSearchHook:  - No CLSID value found
    IE - HKCU\..\URLSearchHook: {6b556d31-eeee-de44-19f4-13e37eb9ba64} - C:\Program Files\BucksBee Loyalty Plugin - Softonic\Helper.dll ()
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa/search/redirect/?type=default&user_id=422e0ac3-0e12-4ac2-b1b2-6dc5c4fd418b&query={searchTerms}
    [2013/03/03 19:35:26 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Vercetti\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
    [2013/03/03 19:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vercetti\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
    [2013/03/03 19:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vercetti\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
    [2013/03/03 19:35:26 | 000,000,000 | ---D | M] (PlayBryte) -- C:\Users\Vercetti\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\playbryte@playbryte.com
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O9 - Extra 'Tools' menuitem : BucksBee Loyalty Plugin - Softonic Notifications - {a8e3281a-999a-ab24-9566-42314ed92b6e} - C:\Program Files\BucksBee Loyalty Plugin - Softonic\ribbon_menu.hta ()
    [2013/03/04 18:49:55 | 005,036,013 | R--- | C] (Swearware) -- C:\Users\Vercetti\Desktop\PCHelpForum.exe.exe
    [2013/03/03 22:49:38 | 000,000,000 | ---D | C] -- C:\Users\Vercetti\AppData\Local\CRE
    [2013/03/03 17:48:16 | 000,000,176 | ---- | M] () -- C:\ProgramData\-glnVBErsTnrwJEnr
    [2013/03/03 17:48:16 | 000,000,176 | ---- | M] () -- C:\ProgramData\-glnVBErsTnrwJEn
    [2013/03/03 16:57:50 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-HaDBaVsVgnyPsr
    [2013/03/03 16:57:50 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-HaDBaVsVgnyPs


    :Commands
    [EMPTYTEMP]

  • Push
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click .
  • A report will open. Copy and Paste that report in your next reply.

 

 

2.

  •    
  • Download RogueKiller on the desktop
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Scan 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

 

 

Things to include in your next reply::

Otl fix log

Roguekiller log

How is the machine running now? Is it still redirecting?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 TechRaven

TechRaven
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 06 March 2013 - 01:44 AM

It is still acting up. Still redirecting and still continuing the lagging and stuttering.

 

Am I suppose delete or do anything with whatever RougeKiller finds? I still have the scanner opened up, so if so let me know so that I can have those things removed if need be.

 

Here are the logs.

 

I'd like to take the time to say Thank You for sticking with this and trying to help me out.

 

Attached Files



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:41 PM

Posted 06 March 2013 - 12:46 PM

Please Copy and Paste all logs directly into your reply. Don't attach them unless asked to do so.

Please follow these directions in the future. i have stated this twice now.

 

 

1.

  •    
  • Re-Run RogueKiller
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Delete 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

 

2.

  •    
  • Re-Run RogueKiller
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click HOSTFIX 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

 

 

3.

Are you connected to the internet through a router? If so we need to reset that router.

How to reset your router.

 

4.

 Download the yorkyt.exe disinfection tool (1,31 MB).

    Save the file to your hard disk; to the Windows Desktop, for example.
    Double click the yorkyt.exe file.
    A reboot will be requested to install a driver.
    Another reboot will be requested to complete the disinfection.
    When the disinfection is completed, accept the message that will be displayed.
    In order to ensure a full cleanup, run a scan of your PC with the antivirus installed.

 

5.

  • Download Malwarebytes Anti-Rootkit from HERE

      
  • Unzip the contents to a folder in a convenient location.
      
  • Open the folder where the contents were unzipped and run mbar.exe
      
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
      
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
      
  • Wait while the system shuts down and the cleanup process is performed.
      
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
      
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

 

 

Things to include in your next reply::

Roguekiller logs

yorkyt.exe log

mabar-log.txt

system-log-txt

How is your machine running now?  If its still redirecting can you tell me where its redirecting to?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 TechRaven

TechRaven
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 06 March 2013 - 06:21 PM

Sorry have to split this up because it is not posting it all in one post.

 

 

 

It seems like everything is working fine now, and everything is up to speed. Seems that it has finally been fixed. But then again I'll know that for sure when you look at the results and see if there is anything else that I need to do.

 

Ok here are the logs.

 

Rogue SCAN

 

 

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Vercetti [Admin rights]
Mode : Scan -- Date : 03/06/2013 15:48:05
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
 
ÿþ1
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: TOSHIBA MK3263GSX SCSI Disk Device +++++
--- User ---
[MBR] 925255868f70cbd86cb8380bc1d2cc24
[BSP] 8f1a9b219b9c3144a56514a6679881a2 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 20973568 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21178368 | Size: 176930 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 383535810 | Size: 117956 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Finished : << RKreport[4]_S_03062013_02d1548.txt >>
RKreport[1]_S_03062013_02d0136.txt ; RKreport[2]_D_03062013_02d1209.txt ; RKreport[3]_D_03062013_02d1210.txt ; RKreport[4]_S_03062013_02d1548.txt
 
 
 
 
Rogue DELETE
 
RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Vercetti [Admin rights]
Mode : Remove -- Date : 03/06/2013 15:50:03
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
 
ÿþ1
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: TOSHIBA MK3263GSX SCSI Disk Device +++++
--- User ---
[MBR] 925255868f70cbd86cb8380bc1d2cc24
[BSP] 8f1a9b219b9c3144a56514a6679881a2 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 20973568 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21178368 | Size: 176930 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 383535810 | Size: 117956 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Finished : << RKreport[5]_D_03062013_02d1550.txt >>
RKreport[1]_S_03062013_02d0136.txt ; RKreport[2]_D_03062013_02d1209.txt ; RKreport[3]_D_03062013_02d1210.txt ; RKreport[4]_S_03062013_02d1548.txt ; RKreport[5]_D_03062013_02d1550.txt
 
 
Rogue FIX HOST
 
RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Vercetti [Admin rights]
Mode : HOSTSFix -- Date : 03/06/2013 15:50:26
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
 
ÿþ1
 
¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost
 
Finished : << RKreport[6]_H_03062013_02d1550.txt >>
RKreport[1]_S_03062013_02d0136.txt ; RKreport[2]_D_03062013_02d1209.txt ; RKreport[3]_D_03062013_02d1210.txt ; RKreport[4]_S_03062013_02d1548.txt ; RKreport[5]_D_03062013_02d1550.txt ; 
RKreport[6]_H_03062013_02d1550.txt
 
 
YORKRT LOG
 
2013-03-06 15:54:05: ****************************************************
2013-03-06 15:54:05:  Starting UP ... v 0.0.0.220
2013-03-06 15:54:05: ****************************************************
2013-03-06 15:54:08: Stop TPSRV returns: 2
2013-03-06 15:54:23: Listing processes...
2013-03-06 15:54:23:    :[System Process]:0
2013-03-06 15:54:23:    :System:4
2013-03-06 15:54:23:    :smss.exe:284
2013-03-06 15:54:23:    :avgrsx.exe:388
2013-03-06 15:54:23:    :avgcsrvx.exe:424
2013-03-06 15:54:23:    :csrss.exe:648
2013-03-06 15:54:23:    :wininit.exe:864
2013-03-06 15:54:23:    :csrss.exe:876
2013-03-06 15:54:23:    :services.exe:928
2013-03-06 15:54:23:    :lsass.exe:936
2013-03-06 15:54:23:    :lsm.exe:948
2013-03-06 15:54:23:    :winlogon.exe:1036
2013-03-06 15:54:23:    :svchost.exe:1116
2013-03-06 15:54:23:    :nvvsvc.exe:1180
2013-03-06 15:54:23:    :svchost.exe:1220
2013-03-06 15:54:23:    :svchost.exe:1336
2013-03-06 15:54:23:    :svchost.exe:1368
2013-03-06 15:54:23:    :svchost.exe:1400
2013-03-06 15:54:23:    :svchost.exe:1428
2013-03-06 15:54:23:    :audiodg.exe:1500
2013-03-06 15:54:23:    :svchost.exe:1548
2013-03-06 15:54:23:    :svchost.exe:1632
2013-03-06 15:54:23:    :nvvsvc.exe:1788
2013-03-06 15:54:23:    :wlanext.exe:1800
2013-03-06 15:54:23:    :conhost.exe:1812
2013-03-06 15:54:23:    :spoolsv.exe:1904
2013-03-06 15:54:23:    :svchost.exe:2036
2013-03-06 15:54:23:    :NetworkLicenseServer.exe:668
2013-03-06 15:54:23:    :ACService.exe:696
2013-03-06 15:54:23:    :AppleMobileDeviceService.exe:716
2013-03-06 15:54:23:    :avgwdsvc.exe:808
2013-03-06 15:54:23:    :mDNSResponder.exe:652
2013-03-06 15:54:23:    :DevSvc.exe:996
2013-03-06 15:54:23:    :nSvcAppFlt.exe:856
2013-03-06 15:54:23:    :MSIService.exe:1652
2013-03-06 15:54:23:    :sqlservr.exe:992
2013-03-06 15:54:23:    :rndlresolversvc.exe:1616
2013-03-06 15:54:23:    :sqlwriter.exe:2104
2013-03-06 15:54:23:    :vmware-usbarbitrator.exe:2204
2013-03-06 15:54:23:    :vmnat.exe:2264
2013-03-06 15:54:23:    :avgnsx.exe:2332
2013-03-06 15:54:23:    :WLIDSVC.EXE:2340
2013-03-06 15:54:23:    :nSvcIp.exe:2412
2013-03-06 15:54:23:    :vmware-authd.exe:2460
2013-03-06 15:54:23:    :WLIDSVCM.EXE:2512
2013-03-06 15:54:23:    :vmnetdhcp.exe:2740
2013-03-06 15:54:23:    :vmware-hostd.exe:3356
2013-03-06 15:54:23:    :WmiPrvSE.exe:3516
2013-03-06 15:54:23:    :svchost.exe:3748
2013-03-06 15:54:23:    :WmiPrvSE.exe:4004
2013-03-06 15:54:23:    :dwm.exe:2016
2013-03-06 15:54:23:    :explorer.exe:2096
2013-03-06 15:54:23:    :taskhost.exe:2364
2013-03-06 15:54:23:    :rundll32.exe:1460
2013-03-06 15:54:23:    :RtHDVCpl.exe:2132
2013-03-06 15:54:23:    :MGSysCtrl.exe:3952
2013-03-06 15:54:23:    :GrooveMonitor.exe:2656
2013-03-06 15:54:23:    :avgtray.exe:3936
2013-03-06 15:54:23:    :unsecapp.exe:3416
2013-03-06 15:54:23:    :DivXUpdate.exe:3492
2013-03-06 15:54:23:    :realsched.exe:1704
2013-03-06 15:54:23:    :StikyNot.exe:3308
2013-03-06 15:54:23:    :SearchIndexer.exe:2376
2013-03-06 15:54:23:    :wmpnetwk.exe:4320
2013-03-06 15:54:23:    :svchost.exe:4700
2013-03-06 15:54:23:    :svchost.exe:4964
2013-03-06 15:54:23:    :mscorsvw.exe:5072
2013-03-06 15:54:23:    :taskeng.exe:3040
2013-03-06 15:54:23:    :chrome.exe:3076
2013-03-06 15:54:23:    :chrome.exe:256
2013-03-06 15:54:23:    :chrome.exe:3544
2013-03-06 15:54:23:    :chrome.exe:3904
2013-03-06 15:54:23:    :chrome.exe:5352
2013-03-06 15:54:23:    :SearchProtocolHost.exe:4672
2013-03-06 15:54:23:    :SearchFilterHost.exe:5676
2013-03-06 15:54:23:    :yorkyt.exe:360
2013-03-06 15:54:23: 
2013-03-06 15:54:23: Setting restore point
2013-03-06 15:54:48: Determining autonomous or dropped mode...
2013-03-06 15:54:48: Autonomus mode
2013-03-06 15:54:48: Installing drivers...
2013-03-06 15:54:50: Checking that it installed...
2013-03-06 15:54:50: Driver is installed...
2013-03-06 15:54:50: cmd.exe /c start "C:\Users\Vercetti\Desktop\yorkyt.exe"
2013-03-06 15:54:56: Restarting...
2013-03-06 15:57:55: ****************************************************
2013-03-06 15:57:55:  Starting UP ... v 0.0.0.220
2013-03-06 15:57:55: ****************************************************
2013-03-06 15:57:59: Stop TPSRV returns: 2
2013-03-06 15:58:14: Listing processes...
2013-03-06 15:58:14:    :[System Process]:0
2013-03-06 15:58:14:    :System:4
2013-03-06 15:58:14:    :smss.exe:412
2013-03-06 15:58:14:    :avgrsx.exe:528
2013-03-06 15:58:14:    :avgcsrvx.exe:568
2013-03-06 15:58:14:    :csrss.exe:860
2013-03-06 15:58:14:    :wininit.exe:920
2013-03-06 15:58:14:    :csrss.exe:936
2013-03-06 15:58:14:    :services.exe:996
2013-03-06 15:58:14:    :lsass.exe:1012
2013-03-06 15:58:14:    :lsm.exe:1032
2013-03-06 15:58:14:    :svchost.exe:1132
2013-03-06 15:58:14:    :winlogon.exe:1192
2013-03-06 15:58:14:    :nvvsvc.exe:1256
2013-03-06 15:58:14:    :svchost.exe:1300
2013-03-06 15:58:14:    :svchost.exe:1372
2013-03-06 15:58:14:    :svchost.exe:1412
2013-03-06 15:58:14:    :svchost.exe:1448
2013-03-06 15:58:14:    :svchost.exe:1476
2013-03-06 15:58:14:    :audiodg.exe:1556
2013-03-06 15:58:14:    :svchost.exe:1592
2013-03-06 15:58:14:    :svchost.exe:1672
2013-03-06 15:58:14:    :wlanext.exe:1848
2013-03-06 15:58:14:    :conhost.exe:1860
2013-03-06 15:58:14:    :spoolsv.exe:1972
2013-03-06 15:58:14:    :nvvsvc.exe:2032
2013-03-06 15:58:14:    :svchost.exe:832
2013-03-06 15:58:14:    :NetworkLicenseServer.exe:1200
2013-03-06 15:58:14:    :ACService.exe:1444
2013-03-06 15:58:14:    :AppleMobileDeviceService.exe:1616
2013-03-06 15:58:14:    :avgwdsvc.exe:2008
2013-03-06 15:58:14:    :mDNSResponder.exe:940
2013-03-06 15:58:14:    :DevSvc.exe:1264
2013-03-06 15:58:14:    :nSvcAppFlt.exe:912
2013-03-06 15:58:14:    :MSIService.exe:2104
2013-03-06 15:58:14:    :taskeng.exe:2300
2013-03-06 15:58:14:    :taskhost.exe:2312
2013-03-06 15:58:14:    :taskeng.exe:2380
2013-03-06 15:58:14:    :dwm.exe:2400
2013-03-06 15:58:14:    :realupgrade.exe:2432
2013-03-06 15:58:14:    :explorer.exe:2472
2013-03-06 15:58:14:    :sqlservr.exe:2532
2013-03-06 15:58:14:    :rndlresolversvc.exe:2672
2013-03-06 15:58:14:    :Updater.exe:2736
2013-03-06 15:58:14:    :sqlwriter.exe:2804
2013-03-06 15:58:14:    :svchost.exe:2836
2013-03-06 15:58:14:    :vmware-usbarbitrator.exe:2964
2013-03-06 15:58:14:    :avgnsx.exe:3028
2013-03-06 15:58:14:    :vmnat.exe:3100
2013-03-06 15:58:14:    :WLIDSVC.EXE:3192
2013-03-06 15:58:14:    :nSvcIp.exe:3316
2013-03-06 15:58:14:    :vmware-authd.exe:3376
2013-03-06 15:58:14:    :WLIDSVCM.EXE:3444
2013-03-06 15:58:14:    :vmnetdhcp.exe:3584
2013-03-06 15:58:14:    :vmware-hostd.exe:3920
2013-03-06 15:58:14:    :svchost.exe:2188
2013-03-06 15:58:14:    :WmiPrvSE.exe:3188
2013-03-06 15:58:14:    :yorkyt.exe:1964
2013-03-06 15:58:14:    :WmiPrvSE.exe:2424
2013-03-06 15:58:14:    :RtHDVCpl.exe:3784
2013-03-06 15:58:14:    :FspUip.exe:1040
2013-03-06 15:58:14:    :MGSysCtrl.exe:1844
2013-03-06 15:58:14:    :GrooveMonitor.exe:2192
2013-03-06 15:58:14:    :unsecapp.exe:2168
2013-03-06 15:58:14:    :dllhost.exe:4104
2013-03-06 15:58:14:    :avgtray.exe:4152
2013-03-06 15:58:14:    :SearchIndexer.exe:4260
2013-03-06 15:58:14:    :WmiApSrv.exe:4324
2013-03-06 15:58:14: 
2013-03-06 15:58:14: RUN mode
2013-03-06 15:58:14: Determining autonomous or dropped mode...
2013-03-06 15:58:14: Autonomus mode
2013-03-06 15:58:14: Waiting for Explorer.exe...
2013-03-06 15:58:45: Launching parsers...
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\CRASHDMP.SYS CRASHDMP.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\DISKDUMP.SYS DISKDUMP.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\NVSTOR32.SYS NVSTOR.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\DUMPFVE.SYS DUMPFVE.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS CDROM.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AVGMFX86.SYS AVGMFX86.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS NULL.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS BEEP.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\WATCHDOG.SYS WATCHDOG.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\VIDEOPRT.SYS VIDEOPRT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS VGA.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS RDPCDD.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RDPENCDD.SYS RDPENCDD.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RDPREFMP.SYS RDPREFMP.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS MSFS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS NPFS.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\TDI.SYS TDI.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\TDX.SYS TDX.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AVGTDIX.SYS AVGTDIX.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS NETBT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AFD.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS WS2IFSL.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\WFPLWF.SYS WFPLWF.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\PACER.SYS PACER.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\VWIFIFLT.SYS VWIFIFLT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS NETBIOS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS WANARP.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS TERMDD.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS RDBSS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NSIPROXY.SYS NSIPROXY.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS SMBIOS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\DISCACHE.SYS SYSCACHE.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\DFSC.SYS DFSCLIENT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\BLBDRIVE.SYS BLBDRIVE.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AVGLDX86.SYS AVGLDX86.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\TUNNEL.SYS TUNNEL.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS INTELPPM.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS I8042PRT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS KBDCLASS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\FSPAD_WLH32.SYS FSPAD.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS MOUCLASS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS CMBATT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS WMIACPI.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NVSMU.SYS NVSMU.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\USBPORT.SYS USBPORT.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS USBOHCI.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS USBEHCI.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS HDAUDBUS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NVMF6232.SYS NVM62X32.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\NVBRIDGE.KMD NVBRIDGE.KMD
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NVLDDMKM.SYS NVLDDMKM.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\DXGKRNL.SYS DXGKRNL.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\DXGMMS1.SYS DXGMMS1.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\ATHR.SYS ATHR.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\VWIFIBUS.SYS VWIFIBUS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\COMPOSITEBUS.SYS COMPOSITEBUS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AGILEVPN.SYS AGILEVPN.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RASL2TP.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS NDISTAPI.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NDISWAN.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS RASPPPOE.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS RASPPTP.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RASSSTP.SYS RASSSTP.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\KS.SYS KS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS SWENUM.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\UMBUS.SYS UMBUS.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\VMNET.SYS VMNET.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\VMNETADAPTER.SYS VMNETADAPTER.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBHUB.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS NDPROXY.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\DRMK.SYS DRMK.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\PORTCLS.SYS PORTCLS.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RTKVHDA.SYS RTKHDAUD.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NVHDA32V.SYS NVHDA.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\DRIVERS\DXAPI.SYS DXAPI.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\WIN32K.SYS WIN32K.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MONITOR.SYS MONITOR.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\TSDDD.DLL FRAMEBUF.DLL
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\windows\SYSTEM32\CDD.DLL CDD.DLL
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\LUAFV.SYS LUAFV.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\VMNETBRIDGE.SYS VMNETBRIDGE.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\LLTDIO.SYS LLTDIO.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NWIFI.SYS NWIFI.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NDISUIO.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\RSPNDR.SYS RSPNDR.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS HTTP.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\BOWSER.SYS BROWSER.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MPSDRV.SYS MPSDRV.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS MRXSMB.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MRXSMB10.SYS MRXSMB0.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\MRXSMB20.SYS MRXSMB20.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS PARPORT.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\WINDOWS\SYSTEM32\DRIVERS\HCMON.SYS HCMON.SYS
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\WINDOWS\SYSTEM32\DRIVERS\VMX86.SYS VMX86.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AVGIDSSHIMX.SYS IDSSHIM.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\PEAUTH.SYS PEAUTH.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS SECDRV.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\SRVNET.SYS SRVNET.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\TCPIPREG.SYS TCPIPREG.SYS
2013-03-06 15:58:49:  ... Failed to identify driver 0DABAA63799B0BF20F95C73CE5D9CA87, using metod 2...
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\TICALC.SYS 
2013-03-06 15:58:49: Looking at \Device\HarddiskVolume3\WINDOWS\SYSTEM32\DRIVERS\VMNETUSERIF.SYS VMNETUSERIF.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\VSTOR2-MNTAPI10-SHARED.SYS VSTOR2.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFILTERX.SYS IDSFILTER.SYS
2013-03-06 15:58:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\SRV2.SYS SRV2.SYS
2013-03-06 15:59:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDRIVERX.SYS IDSDRIVER.SYS
2013-03-06 15:59:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS SRV.SYS
2013-03-06 15:59:49:  ... Failed to identify driver B3C157A66ECDBCD3570E2DA139225589, using metod 2...
2013-03-06 15:59:49: Looking at \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\DRIVERS\PRSBDRVR.SYS 
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\crashdmp.sys CRASHDMP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\Diskdump.sys DISKDUMP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nvstor32.sys NVSTOR.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\dumpfve.sys DUMPFVE.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\ntdll.dll NTDLL.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\cdrom.sys CDROM.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\avgmfx86.sys AVGMFX86.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\null.sys NULL.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\beep.sys BEEP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vga.sys VGA.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\videoprt.sys VIDEOPRT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\watchdog.sys WATCHDOG.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\RDPCDD.sys RDPCDD.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\RDPENCDD.sys RDPENCDD.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\RDPREFMP.sys RDPREFMP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\msfs.sys MSFS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\npfs.sys NPFS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\tdx.sys TDX.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\tdi.sys TDI.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\avgtdix.sys AVGTDIX.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys NETBT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\afd.sys AFD.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\ws2ifsl.sys WS2IFSL.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\wfplwf.sys WFPLWF.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\pacer.sys PACER.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vwififlt.sys VWIFIFLT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\netbios.sys NETBIOS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\wanarp.sys WANARP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\termdd.sys TERMDD.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\rdbss.sys RDBSS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nsiproxy.sys NSIPROXY.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\mssmbios.sys SMBIOS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\discache.sys SYSCACHE.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\dfsc.sys DFSCLIENT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\blbdrive.sys BLBDRIVE.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\avgldx86.sys AVGLDX86.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\tunnel.sys TUNNEL.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\smss.exe SMSS.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\intelppm.sys INTELPPM.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\i8042prt.sys I8042PRT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\kbdclass.sys KBDCLASS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\fspad_wlh32.sys FSPAD.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\mouclass.sys MOUCLASS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\CmBatt.sys CMBATT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\wmiacpi.sys WMIACPI.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nvsmu.sys NVSMU.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\usbohci.sys USBOHCI.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\usbport.sys USBPORT.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\usbehci.sys USBEHCI.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\hdaudbus.sys HDAUDBUS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nvmf6232.sys NVM62X32.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nvlddmkm.sys NVLDDMKM.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nvBridge.kmd NVBRIDGE.KMD
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\dxgkrnl.sys DXGKRNL.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\dxgmms1.sys DXGMMS1.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\athr.sys ATHR.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vwifibus.sys VWIFIBUS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\CompositeBus.sys COMPOSITEBUS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\agilevpn.sys AGILEVPN.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\rasl2tp.sys RASL2TP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\ndistapi.sys NDISTAPI.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\ndiswan.sys NDISWAN.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\raspppoe.sys RASPPPOE.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\raspptp.sys RASPPTP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\rassstp.sys RASSSTP.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\swenum.sys SWENUM.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\ks.sys KS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\umbus.sys UMBUS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vmnetadapter.sys VMNETADAPTER.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vmnet.sys VMNET.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\usbhub.sys USBHUB.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\ndproxy.sys NDPROXY.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\RTKVHDA.sys RTKHDAUD.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\portcls.sys PORTCLS.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\drmk.sys DRMK.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nvhda32v.sys NVHDA.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\autochk.exe AUTOCHK.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgrsx.exe AVGRS.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgsysx.dll AVGSYS.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgntopensslx.dll AVGNTOPENSSL.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avglogx.dll AVGLOG.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgchjwx.dll CHJWSDK.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgclitx.dll AVGCLIT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgcclix.dll AVGCCLI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgcsrvx.exe AVGCSRV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgcorex.dll CORESDK.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgcertx.dll AVGCERT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgchclx.dll AVGCHCL.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\shell32.dll SHELL32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\comdlg32.dll COMDLG32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wininet.dll WININET.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\psapi.dll PSAPI
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\lpk.dll LANGUAGEPACK
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\clbcatq.dll CLBCATQ.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\difxapi.dll DIFXAPI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\sechost.dll SECHOST.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\msctf.dll MSCTF.DLL
2013-03-06 15:59:49:  ... Failed to identify driver 6C765E82B57F2E66CE9C54AC238471D9, using metod 2...
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\oleaut32.dll 
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\setupapi.dll SETUPAPI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll RPCRT4.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\ole32.dll OLE32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\Wldap32.dll WLDAP32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\user32.dll USER32
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\urlmon.dll URLMON.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\usp10.dll UNISCRIBE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\advapi32.dll ADVAPI32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\imm32.dll IMM32
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\nsi.dll NSI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\shlwapi.dll SHLWAPI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\iertutil.dll IERTUTIL.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\imagehlp.dll IMAGEHLP.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\normaliz.dll NORMALIZ.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\gdi32.dll GDI32
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\msvcrt.dll MSVCRT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\kernel32.dll KERNEL32
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\ws2_32.dll WS2_32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wintrust.dll WINTRUST.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll CFGMGR32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\devobj.dll DEVINFOSET.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\crypt32.dll CRYPT32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\KernelBase.dll KERNELBASE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\comctl32.dll COMCTL32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\msasn1.dll MSASN1.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\win32k.sys WIN32K.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\dxapi.sys DXAPI.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\csrss.exe CSRSS.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\csrsrv.dll CSRSRV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\basesrv.dll BASESRV
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\winsrv.dll WINSRV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\monitor.sys MONITOR.SYS
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\tsddd.dll FRAMEBUF.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\sxssrv.dll SXSSRV
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wininit.exe WININIT.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\profapi.dll PROFAPI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll RPCRTREMOTE.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\KBDUS.DLL KBDUS.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\cdd.dll CDD.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\WlS0WndH.dll WLS0WNDH.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\services.exe SERVICES.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\sxs.dll SXS.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\cryptbase.dll CRYPTBASE.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\apphelp.dll APPHELP
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\lsass.exe LSASS.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\sspicli.dll SSPICLI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\scext.dll SCEXT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\secur32.dll SECUR32.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\scesrv.dll SCESRV
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\srvcli.dll SRVCLI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\sspisrv.dll SSPISRV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\lsm.exe LSM.EXE
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\sysntfy.dll SYSNTFY.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\lsasrv.dll LSASRV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wmsgapi.dll WMSGAPI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\samsrv.dll SAMSRV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\cryptdll.dll CRYPTDLL.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wevtapi.dll WEVTAPI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\cngaudit.dll CNGAUDIT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\authz.dll AUTHZ.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\ncrypt.dll NCRYPT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\bcrypt.dll BCRYPT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\msprivs.dll MSPRIV.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\netjoin.dll NETJOIN.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\negoexts.dll NEGOEXTS.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\kerberos.dll KERBEROS.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\cryptsp.dll CRYPTSP.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\mswsock.dll MSWSOCK.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wship6.dll WSHIP6.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\msv1_0.dll MSV1_0.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\netlogon.dll NETLOGON.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\dnsapi.dll DNSAPI
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\logoncli.dll LOGONCLI.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\schannel.dll SCHANNEL.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\wdigest.dll WDIGEST.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\rsaenh.dll RSAENH.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\TSpkg.dll TSPKG.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\pku2u.dll PKU2U.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\LIVESSP.DLL LIVESSP.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll BCRYPTPRIMITIVES.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\efslsaext.dll EFSLSAEXT.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\credssp.dll CREDSSP.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\ubpm.dll UBPM.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\winsta.dll WINSTA.DLL
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\scecli.dll SCECLI
2013-03-06 15:59:49: Looking at \Device\HarddiskVolume3\Windows\System32\svchost.exe SVCHOST.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\umpnpmgr.dll UMPNPMGR.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\SPInf.dll SPINF.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\devrtl.dll DEVRTL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\userenv.dll USERENV.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\gpapi.dll GPAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\winlogon.exe WINLOGON.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\umpo.dll UMPO.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\pcwum.dll PCWUM.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\powrprof.dll POWRPROF.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\luafv.sys LUAFV.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nvvsvc.exe NVSVC32.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\rpcss.dll RPCSS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\RpcEpMap.dll RPCEPMAP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll NVLSP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wshqos.dll WSHQOS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL WSHTCPIP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\FirewallAPI.dll FIREWALLAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\version.dll VERSION.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wevtsvc.dll WEVTSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\audiosrv.dll AUDIOSRV.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll MMDEVAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\FntCache.dll FONTCACHESERVICE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\propsys.dll PROPSYS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\avrt.dll AVRT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\mmcss.dll MMCSS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\audiodg.exe AUDIOADG.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\ntmarta.dll NTMARTA.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\profsvc.dll PROFSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\gpsvc.dll GPSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nlaapi.dll NLAAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\atl.dll ATL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\themeservice.dll THEMESERVICE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dsrole.dll DSROLE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\slc.dll SLCDLL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\es.dll ES.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\Sens.dll SENS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\uxsms.dll UXSMS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vmnetbridge.sys VMNETBRIDGE.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wtsapi32.dll WTSAPI32.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\lltdio.sys LLTDIO.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\nwifi.sys NWIFI.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\ndisuio.sys NDISUIO.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\rspndr.sys RSPNDR.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nsisvc.dll NSISVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\lmhsvc.dll LMHSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\keyiso.dll KEYISO.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dnsrslvr.dll DNSRSLVR.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL IPHLPAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\eapsvc.dll EAPSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\eapphost.dll EAPPHOST.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\winnsi.dll WINNSI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nrpsrv.dll NRPSRV.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dhcpcore.dll DHCPCORE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\umb.dll UMB.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dhcpcore6.dll DHCPCORE6.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlansvc.dll WLANSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlanmsm.dll WLANMSM.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlansec.dll WLANSEC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll DHCPCSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\onex.dll ONEX.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll DHCPCSVC6.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\eappprxy.dll EAPPPRXY.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\eappcfg.dll EAPPCFG.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\FWPUCLNT.DLL FWPUCLNT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlgpclnt.dll WLGPCLNT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\l2gpstore.dll WLSTORE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlanutil.dll WLANUTIL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\WinSCard.dll WINSCARD.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dnsext.dll DNSEXT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\LogonUI.exe LOGONUI.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msxml6.dll MSXML6.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\authui.dll AUTHUI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\cryptui.dll CRYPTUI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll COMCTL32.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\shacct.dll SHACCT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\samlib.dll SAMLIB.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\uxtheme.dll UXTHEME.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll GDIPLUS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\shsvcs.dll SHSVCS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dui70.dll DUI70.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\duser.dll DUSER.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlanext.exe WLANEXT.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\winmm.dll WINMM.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\schedsvc.dll SCHEDSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\netapi32.dll NETAPI32.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\netutils.dll NETUTILS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wkscli.dll WKSCLI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\ktmw32.dll KTMW32
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\xmllite.dll XMLLITE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\conhost.exe CONHOST.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wdmaud.drv WDMAUD.DRV
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\ksuser.dll KSUSER.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\SndVolSSO.dll SNDVOLSSO.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\hid.dll HID.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dwmapi.dll DWMAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll ATHIHVWLANEXT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll WINDOWSCODECS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\taskcomp.dll TASKCOMP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\fveapi.dll FVEAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\AudioSes.dll AUDIOSES.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\tbs.dll TBS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\fvecerts.dll FVECERTS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\winbrand.dll WINBRAND.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll ATL90.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MSVCP90.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MSVCR90.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wlanapi.dll WLANAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\VaultCredProvider.dll VAULTCREDPROVIDER.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\SmartcardCredentialProvider.dll SMARTCARDCREDENTIALPROVIDER.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\BioCredProv.dll BIOCREDPROV.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\winbio.dll WINBIO.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\credui.dll CREDUI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\vaultcli.dll VAULTCLI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWpaP2p.dll ATHIHVWPAP2P.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\samcli.dll SAMCLI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\certCredProvider.dll CERTCREDPROVIDER.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL WLIDCREDPROVIDER.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\rasplap.dll RASCREDPROV
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\rasapi32.dll RASAPI32.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wiarpc.dll WIARPC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\rasman.dll RASMAN.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\rtutils.dll RTUTILS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msacm32.drv MSACM32.ACM
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\http.sys HTTP.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msacm32.dll MSFLTR32.ACM
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\midimap.dll MIDIMAP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\spoolsv.exe SPOOLSV.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\AudioEng.dll AUDIOENG.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\AUDIOKSE.dll AUDIOKSE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\RtkAPO.dll RTKAPO.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\UXInit.dll UXINIT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\WMALFXGFXDSP.dll WMALFXGFXDSP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\mfplat.dll MFPLAT.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nvsvc.dll NVSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msimg32.dll GDIEXT
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nvapi.dll NVAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nvsvcr.dll NVSVCR.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\nvcpl.dll NVCPL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\netcfgx.dll NETCFGX.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\winspool.drv WINSPOOL.DRV
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\oleacc.dll OLEACC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\UIAutomationCore.dll UIAUTOMATIONCORE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\BFE.DLL BFE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\bowser.sys BROWSER.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\mpsdrv.sys MPSDRV.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys MRXSMB.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\MPSSVC.dll MPSSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb10.sys MRXSMB0.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb20.sys MRXSMB20.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wkssvc.dll WKSSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\parport.sys PARPORT.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wfapigp.dll WFAPIGP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\hcmon.sys HCMON.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vmx86.sys VMX86.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe NETWORKLICENSESERVER.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\FineObj.dll FINEOBJ.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\FineNet.dll FINENET.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\AbbyyZlib.dll ABBYYZLIB.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensingShared.dll PRODUCTLICENSINGSHARED.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing0.dll PRODUCTLICENSING0.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing1.dll PRODUCTLICENSING1.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing14.dll PRODUCTLICENSING14.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing15.dll PRODUCTLICENSING15.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing16.dll PRODUCTLICENSING16.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing17.dll PRODUCTLICENSING17.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing2.dll PRODUCTLICENSING2.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing20.dll PRODUCTLICENSING20.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing22.dll PRODUCTLICENSING22.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing23.dll PRODUCTLICENSING23.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing24.dll PRODUCTLICENSING24.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing26.dll PRODUCTLICENSING26.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing27.dll PRODUCTLICENSING27.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing3.dll PRODUCTLICENSING3.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing4.dll PRODUCTLICENSING4.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing5.dll PRODUCTLICENSING5.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing6.dll PRODUCTLICENSING6.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing63.dll PRODUCTLICENSING63.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing64.dll PRODUCTLICENSING64.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing65.dll PRODUCTLICENSING65.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing7.dll PRODUCTLICENSING7.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing8.dll PRODUCTLICENSING8.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\ABBYY FineReader 11\ProductLicensing9.dll PRODUCTLICENSING9.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe ACSERVICE.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe APPLEMOBILEDEVICESERVICE.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MSVCP80.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MSVCR80.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll APPLEVERSIONS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\ArcSoft\Bin\ArcCon.dll ARCCON.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msi.dll MSI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll YSCRASHDUMP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll COREFOUNDATION.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll PTHREADVC
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\wsock32.dll WSOCK32.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\objc.dll LIBOBJC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll LIBDISPATCH.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll LIBICUIN.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll LIBICUUC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll ICUDT46.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\ASL.dll ASL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll APPLEMOBILEDEVICESERVICE_MAIN.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dnssd.dll DNSSD.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\avgidsshimx.sys IDSSHIM.SYS
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll ITUNESMOBILEDEVICE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ZLIB1.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgwdsvc.exe AVGWDSVC.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll CFNETWORK.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll SQLITE3.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll LIBXML2
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Bonjour\mDNSResponder.exe MDNSRESPONDER.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe DEVSVC.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll ATL80.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\cryptsvc.dll CRYPTSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dps.dll DPS.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\efssvc.dll EFSSVC.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\cryptnet.dll CRYPTNET.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\taskschd.dll TASKSCHD.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe APP_FILTER.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\efscore.dll EFSCORE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\vssapi.dll VSSAPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\devenum.dll DEVENUM.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\efsutil.dll EFSUTIL.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\vsstrace.dll VSSTRACE.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msdmo.dll MSDMO.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\NMI.dll NMI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\qcap.dll QCAP.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\msvfw32.dll MSVFW32.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll COMCTL32.DLL
2013-03-06 15:59:50:  ... Failed to identify driver 2BBB3EA36086E8E95DC1606F8C6B2243, using metod 2...
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll 
2013-03-06 15:59:50:  ... Failed to identify driver EC9EA5361ABC7A09ABA7E909E5D38687, using metod 2...
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll 
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\System Control Manager\MSIService.exe SERVICE2.EXE
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\System Control Manager\MSIWmiAcpi.dll MSIWMIACPI.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\qdvd.dll QDVD.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Program Files\InterVideo\Common\Bin\IVInav.ax IVINAV.AX
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\ddraw.dll DDRAW.DLL
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\dciman32.dll DCIMAN32
2013-03-06 15:59:50: Looking at \Device\HarddiskVolume3\Windows\System32\quartz.dll QUARTZ.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgwd.dll AVGWD.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgcfgx.dll AVGCFG.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dllhost.exe DLLHOST.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\IDStore.dll IDSTORE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\taskeng.exe TASKENG.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL WLIDNSP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\taskhost.exe TASKHOST.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\mpr.dll MPR.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\userinit.exe USERINIT.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\rastls.dll RASTLS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\TSChannel.dll TSCHANNEL.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dwm.exe DWM.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll MDNSNSP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\rasadhlp.dll RASADHLP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Real\RealUpgrade\realupgrade.exe REALUPGRADE.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\raschap.dll RASCHAP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Google\Update\GoogleUpdate.exe GOOGLEUPDATE.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dwmredir.dll DWMREDIR.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dwmcore.dll DWMCORE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\explorer.exe EXPLORER.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\HotStartUserAgent.dll HOTSTARTUSERAGENT.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\localspl.dll LOCALSPL.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\d3d10_1.dll D3D10_1.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\spoolss.dll SPOOLSS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\PlaySndSrv.dll PLAYSNDSRV.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\MsCtfMonitor.dll MSCTFMONITOR.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\PrintIsolationProxy.dll PRINTSANDBOXPROXY.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\d3d10_1core.dll D3D10_1CORE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe SQLSERVR.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\msvcr100.dll MSVCR100_CLR0400.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\msutb.dll MSUTB.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Google\Update\1.3.21.135\goopdate.dll GOOPDATE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ExplorerFrame.dll EXPLORERFRAME.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll SQLOS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\FXSMON.dll FXSMON.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\pdh.dll PDH.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgidpsdkx.dll AVGIDPSDKX.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll OPENDS60.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll BATCHPARSER.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\cscapi.dll CSCAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dxgi.dll DXGI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dbghelp.dll DBGHELP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\hpz3lw71.dll HPZ3LW71.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll INSTAPI10.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\msvcp100.dll MSVCP100.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll SQLBOOT.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\PEAuth.sys PEAUTH.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\nlasvc.dll NLASVC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\netman.dll NETMAN.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\msonpmon.dll MSPCORE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ncsi.dll NCSI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\winhttp.dll WINHTTP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\webio.dll WEBIO.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\NapiNSP.dll NAPINSP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ssdpapi.dll SSDPAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll PNRPNSP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\winrnr.dll WINRNR
2013-03-06 15:59:51:  ... Failed to identify driver A0FF419B61AE47E26ADF3BB15DB4F2FE, using metod 2...
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\secdrv.sys SECDRV.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\tcpmon.dll TCPMON.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\seclogon.dll SECLOGON.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\snmpapi.dll SNMPAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wsnmp32.dll WSNMP32.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\usbmon.dll DYNAMON.DLL
2013-03-06 15:59:51:  ... Failed to identify driver F07AF60B152221472FBDB2FECEC4896D, using metod 2...
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Skype\Updater\Updater.exe ,PRODUCTNAME
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgwdwsc.dll AVGWDWSC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\WSDMon.dll WSDMON.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wscapi.dll WSCAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe GOOGLEUPDATE.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe SQLWRITER.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\mstask.dll MSTASK.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\srvnet.sys SRVNET.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\sstpsvc.dll SSTPSVC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\tapisrv.dll TAPISRV.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\sysmain.dll SYSMAIN.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll SQLWVSS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\WSDApi.dll WSDAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wiaservc.dll WIASERVC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll WBEMPROX.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\httpapi.dll HTTPAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wiatrace.dll WIATRACE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll SQLEVN70.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll WBEMCOMN.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\webservices.dll WEBSERVICES.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\tcpipreg.sys TCPIPREG.SYS
2013-03-06 15:59:51:  ... Failed to identify driver 0DABAA63799B0BF20F95C73CE5D9CA87, using metod 2...
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\Ticalc.sys 
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\trkwks.dll TRKWKS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vmnetuserif.sys VMNETUSERIF.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\fundisc.dll FUNDISC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\fdPnp.dll FDPNP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe VMWARE-USBARBITRATOR.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\d3d11.dll D3D11.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgnsx.exe AVGNS.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\spool\prtprocs\w32x86\winprint.dll WINPRINT.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\spool\prtprocs\w32x86\hpzppw71.dll HPZPPW71.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll MSPCORE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll HXMEDPLTFM.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\vmnat.exe VMNAT.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\bthprops.cpl BLUETOOTH.CPL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\nvwgf2um.dll NVWGF2UM.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\shfolder.dll SHFOLDER.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\win32spl.dll WIN32SPL.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\vstor2-mntapi10-shared.sys VSTOR2.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\inetpp.dll INETPP.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\browcli.dll BROWCLI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WMIsvc.dll WMISVC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Real\RealUpgrade\Plugins\upgrade.dll UPGRADE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\mscoree.dll MSCOREE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\uDWM.dll UDWM.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiDcPrv.dll WMIDCPRV.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wbemcore.dll WBEMCORE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\esscli.dll ESSCLI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE WLIDSVC.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MSCOREEI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll FASTPROX.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll FASTPROX.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\SensApi.dll SENSAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\security.dll SECURITY.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgntsqlitex.dll AVGNTSQLITE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ntdsapi.dll NTDSAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\dssenh.dll DSSENH.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL SQMAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ieframe.dll IEFRAME.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll WBEMSVC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wer.dll WER.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\avgidsfilterx.sys IDSFILTER.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\EhStorShell.dll EHSTORSHELL.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wmiutils.dll WMIUTILS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\iphlpsvc.dll IPHLPSVC.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\sqmapi.dll SQMAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wdscore.dll WDSCORE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe NSVCIP.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\hnetcfg.dll HNETCFG.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_resource_L1033.dll NV_RESOURCE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\srv2.sys SRV2.SYS
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgsched.dll AVGSCHED.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\repdrvfs.dll REPDRVFS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\netprofm.dll NETPROFM.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vmware-authd.exe VMWARE-AUTHD.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\rasmans.dll RASMANS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\msxml3.dll MSXML3.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\rastapi.dll RASTAPI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE WLIDSVCM.EXE
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\tapi32.dll TAPI32.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll GROOVESHELLEXTENSIONS.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\unimdm.tsp UNIMDM.TSP
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\uniplat.dll UNIPLAT.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\kmddsp.tsp KMDDSP.TSP
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ndptsp.tsp NDPROXY.TSP
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\GrooveUtil.dll GROOVEUTIL.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\GrooveNew.dll GROOVENEW.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\hidphone.tsp HIDPHONE.TSP
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\ntshrui.dll NTSHRUI.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\IconCodecService.dll ICONCODESERVICE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vmwarebase.dll VMWAREBASE.DLL
2013-03-06 15:59:51: Looking at \Device\HarddiskVolume3\Windows\System32\rasppp.dll RASPPP.DLL
2013-03-06 15:59:51:  ... Failed to identify driver 314453D3A532A4BDDB6C2470BD675DC9, using metod 2...
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\libxml2.dll 
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\vpnike.dll VPNIKE.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\iconv.dll ICONV.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll SQLSCRIPTUPGRADE.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\libeay32.dll LIBEAY32.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\ssleay32.dll SSLEAY32.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSD.dll WMIPRVSD.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\ncobjapi.dll NCOBJAPI.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\vmnetdhcp.exe VMNETDHCP.EXE
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wbemess.dll WBEMESS.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\avgidsdriverx.sys IDSDRIVER.SYS
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\ipnathlp.dll IPNATHLP.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\srv.sys SRV.SYS
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\mprapi.dll MPRAPI.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\netshell.dll NETSHELL.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\mshtml.dll MSHTML.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\mlang.dll MLANG.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgidsagent.exe AVGIDSAGENT.EXE
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\perfos.dll PERFOS.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\perfproc.dll PERFPROC.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgopensslx.dll AVGNTOPENSSL.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\srvsvc.dll SRVSVC.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\browser.dll BROWSER.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\netmsg.dll NETMSG.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\sscore.dll SSCORE.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\WindowsCodecsExt.dll WINDOWSCODECSEXT
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\msimtf.dll MSIMTF.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\clusapi.dll CLUSAPI
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\resutils.dll RESUTILS
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\jscript9.dll JSCRIPT9.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\Macromed\Flash\Flash32_11_5_502_149.ocx FLASH.OCX
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\dsound.dll DSOUND.DLL
2013-03-06 15:59:52: Looking at \Device\HarddiskVolume3\Windows\System32\mscms.dll MSCMS.DLL
2013-03-06 15:59:52:  ... Failed to identify driver D580C4EDC87A6AC6C2E0607CCFA685F4, using metod 2...
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vmware-hostd.exe 
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\d2d1.dll D2D1
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\DWrite.dll DWRITE
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\imgutil.dll IMGUTIL.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\types.dll TYPES.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vmacore.dll VMACORE.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vmomi.dll VMOMI.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vnetlib.dll VNETLIB.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\newdev.dll NEWDEV.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\appinfo.dll APPINFO.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\wdi.dll WDI.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\wpdbusenum.dll WPDBUSENUM.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\npmproxy.dll NPFPROXY.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\IPSECSVC.DLL IPSECSVC.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\FwRemoteSvr.dll FWREMAPISSERVER.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\PortableDeviceApi.dll PORTABLEDEVICEAPI.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\diagperf.dll DIAGPERF.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\PortableDeviceConnectApi.dll PORTABLEDEVICECONNECTAPI.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\Apphlpdm.dll APPHLPDM.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\pnpts.dll PNPTS.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\wdiasqmmodule.dll WDIASQMMODULE
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\perftrack.dll PERFTRACK.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\aepic.dll AEPIC.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\radardt.dll RADARDT.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\sfc.dll SFC.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\sfc_os.dll SFC_OS.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\runonce.exe RUNONCE.EXE
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\dimsjob.dll DIMSJOB.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\pautoenr.dll AUTOENROLLMENTDLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\certcli.dll CERTCLI
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\CertEnroll.dll CERTENROLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll GROOVESYSTEMSERVICES.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe WMIPRVSE.EXE
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\GrooveMisc.dll GROOVEMISC.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\cimwin32.dll CIMWIN32.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\cmd.exe CMD.EXE
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\framedynos.dll FRAMEDYN.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Windows\System32\msls31.dll MSLS31.DLL
2013-03-06 15:59:55: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL MSOXMLMF.DLL
2013-03-06 15:59:55:  ... Failed to identify driver C0484E445BBF648E5709E95E07E26B92, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Users\Vercetti\Desktop\yorkyt.exe 
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\vmnetbridge.dll VMNETBRIDGE.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\ndiscapCfg.dll NDISCAPCFG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\rascfg.dll RASCFG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mprmsg.dll ROUTEMSG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\tcpipcfg.dll NETCFGX.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wbemdisp.dll WBEMDISP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\net.exe NET.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\net1.exe NET1.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\vnetlib.dll VNETLIB.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiPerfClass.dll WBEMPERFCLASS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wshnetbs.dll WSHNETBS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\timedate.cpl TIMEDATE.CPL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\nci.dll NCI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wlaninst.dll WLANINST.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\actxprxy.dll ACTXPRXY.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wwaninst.dll WWANINST.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\shdocvw.dll SHDOCVW.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\linkinfo.dll LINKINFO.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msftedit.dll MSFTEDIT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\tiptsf.dll TIPTSF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\rundll32.exe RUNDLL32.EXE
2013-03-06 15:59:56:  ... Failed to identify driver 96C70BD48D49B87475F4572DEDC62EB9, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\AppPatch\AcLayers.dll J%PRODUCTNAME
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\activeds.dll ADS
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\adsldpc.dll ADSLDPC
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\gameux.dll GAMEUX.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\adsnt.dll WINNT
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\thumbcache.dll THUMBCACHE.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe RTHDVCPL.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wmi.dll WMI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\oledlg.dll OLEDLG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\networkexplorer.dll NETWORKEXPLORER.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\RTCOM\RtkCfg.dll RTKCFG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\FSP\FspUip.exe FSPUIP.EXE
2013-03-06 15:59:56:  ... Failed to identify driver D1F34683354D47DBDEC5E86EFF784FD2, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\FSP\KbdHook.dll 
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\stobject.dll STOBJECT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\FSP\FspAppCtrl.dll FSPAPPCTRL.DLL
2013-03-06 15:59:56:  ... Failed to identify driver 42F5DC5A9A2C957348A2DE129918BEA1, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\FSP\FspLib.dll 
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\batmeter.dll BATMETER.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\netfxperf.dll NETFXPERF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll PERFCOUNTER.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\System Control Manager\MGSysCtrl.exe MGSYSCTRL.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msvcr100_clr0400.dll MSVCR100_CLR0400.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\GrooveMonitor.exe GROOVEMONITOR.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll CORPERFMONEXT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\aspnet_counters.dll ASPNET_COUNTERS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\unsecapp.exe UNSECAPP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll ASPNET_PERF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\bitsperf.dll BITSPERF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\esentprf.dll ESENTPRF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msdtcuiu.dll MSDTCUIU.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msdtcprx.dll MSDTCPRX.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mtxclu.dll MTXCLU.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\prnfldr.dll PRNFLDR.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msscntrs.dll MSSCNTRS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll SQLCTR100.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\DXP.dll DXP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\Syncreg.dll SYNCREG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\ehome\ehSSO.dll EHSSO.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgtray.exe AVGTRAY.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\AltTab.dll ALTTAB.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Microsoft Office\Office12\OLMAPI32.DLL MAPI32.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\WPDShServiceObj.dll WPDSHSERVICEOBJ.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\perfdisk.dll PERFDISK.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\l3codeca.acm L3CODEC.ACM
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\pnidui.dll PNIDUI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MFC90U.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\QUTIL.DLL QUTIL.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL MFC90ENU.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\PortableDeviceTypes.dll PORTABLEDEVICETYPES.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\perfnet.dll PERFNET.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\srchadmin.dll SRCHADMIN.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avglngx.dll AVGLNG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\SearchIndexer.exe SEARCHINDEXER.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\rasctrs.dll RASCTRS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\esent.dll ESENT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll SQLAGENTCTR100.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\tapiperf.dll TAPIPERF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\perfctrs.dll PERFCTRS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\perfts.dll PERFTS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\utildll.dll UTILDLL.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\rasdlg.dll RASDLG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\ActionCenter.dll ACTIONCENTER.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\usbperf.dll USBPERF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\tquery.dll TQUERY.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\VMware\VMware Workstation\vmPerfmon.dll VMWAREPERFMON.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\dot3api.dll DOT3API.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiApRpl.dll WMIAPRPL.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\FXSST.dll FXSST.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\loadperf.dll LODCTR.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\FXSAPI.dll FXSAPI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\FXSRESM.dll FXSRESM.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wlanhlp.dll WLANHLP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mssrch.dll MSSRCH.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiApSrv.exe WMIAPSRV.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msidle.dll MSIDLE.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mssprxy.dll MSSPRXY.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgabout.dll AVGABOUT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\en-US\tquery.dll.mui TQUERY.DLL.MUI
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msiltcfg.dll MSILTCFG.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\DivX\DivX Update\DivXUpdate.exe DIVXUPDATE.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\cabinet.dll CABINET.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\DivX\DivX Update\DivXUpdateCheck.dll DIVXUPDATE.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\deployJava1.dll DEPLOYJAVA1.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Real\RealPlayer\Update\realsched.exe REALSCHED.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll ACROPDF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\StikyNot.exe STIKYNOT.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Real\RealPlayer\Update\setu3270.dll RNSETUP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mf.dll MF.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\ink\InkObj.dll INKOBJ.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\UIAnimation.dll UIANIMATION.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wmiprov.dll MOFD.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\NCProv.dll NCOBJAPI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Real\RealPlayer\realplay.exe REALPLAY.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Real\RealPlayer\rpwa3260.dll RPWA3260.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Windows Media Player\wmpnscfg.exe WMPNSCFG.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\WWanAPI.dll MBNAPI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wwapi.dll WWAPI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Windows Media Player\wmpnssci.dll WMPNSSCI.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Windows Media Player\wmpnetwk.exe WMPNETWK.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wmdrmdev.dll WMDRMNET.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\QAGENT.DLL QAGENT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\drmv2clt.dll DRMV2CLT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\spfileq.dll SPFILEQ.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avguires.dll AVGUIRES.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\AVG\AVG2012\avgidpmx.dll AVGIDPMX.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\System Control Manager\MGKBHook.dll MGKBHOOK.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\SyncCenter.dll SYNCCENTER.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wmp.dll WMP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wmp.dll WMP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\WmiPerfInst.dll WBEMPERFINST.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\webcheck.dll WEBCHECK.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\imapi2.dll IMAPI2.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\hgcpl.dll HGCPL.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\provsvc.dll PROVSVC.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\fdPHost.dll FDPHOST.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\FDResPub.dll FDRESPUB.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\fdWSD.dll FDWSD.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\fdSSDP.dll FDSSDP.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\SearchProtocolHost.exe SEARCHPROTOCOLHOST.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wmploc.DLL WMPLOC.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\msshooks.dll MSSHOOKS.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\fdProxy.dll FDPROXY.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\SearchFilterHost.exe SEARCHFILTERHOST.EXE
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mssph.dll MSSPH.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\ListSvc.dll LISTSVC.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\mapi32.dll MAPI32.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\P2P.dll P2P.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\IdListen.dll IDLISTEN.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\hgprint.dll HGPRINT.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\p2pcollab.dll P2PCOLLAB.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\pnrpsvc.dll PNRPSVC.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\p2psvc.dll P2PSVC.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Program Files\Internet Explorer\ieproxy.dll IEPROXY.DLL
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\P2PGraph.dll P2PGRAPH.DLL
2013-03-06 15:59:56:  ... Failed to identify driver D8555A09D5862497F4156E9E4CCC808B, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\temp\yt\run.bat 
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\aelupsvc.dll AELUPSVC.DLL
2013-03-06 15:59:56:  ... Failed to identify driver 2CD77B980B2CC3D655589A2E315AAB57, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\temp\yt\nemesiscmd.exe 
2013-03-06 15:59:56:  ... Failed to identify driver 459A04CCA068CAB8799C2F84068C222D, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\temp\yt\PRSBLib.dll 
2013-03-06 15:59:56:  ... Failed to identify driver B3C157A66ECDBCD3570E2DA139225589, using metod 2...
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\drivers\PRSBDrvr.sys 
2013-03-06 15:59:56: Looking at \Device\HarddiskVolume3\Windows\System32\wbem\wmipcima.dll WMIPCIMA.DLL
2013-03-06 15:59:56: ---------------------------------------------------------------------
2013-03-06 15:59:56: Found Service: AeLookupSvc
2013-03-06 15:59:56: Real Path: C:\windows\System32\aelupsvc.dll
2013-03-06 15:59:56: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1
2013-03-06 15:59:56: Description: @%SystemRoot%\system32\aelupsvc.dll,-2
2013-03-06 15:59:56: ServiceDLL: System32\aelupsvc.dll
2013-03-06 15:59:56: File size: 62464
2013-03-06 15:59:56: DLL File name: aelupsvc.dll
2013-03-06 15:59:56: Original File Name: aelupsvc.dll.mui
2013-03-06 15:59:56: Company: 
2013-03-06 15:59:56: Mod/Cre/Acc time: 20090713201453 20090713181228 20090713181228
2013-03-06 15:59:56: ---------------------------------------------------------------------
2013-03-06 15:59:56: Found Service: AppIDSvc
2013-03-06 15:59:56: Real Path: C:\windows\System32\appidsvc.dll
2013-03-06 15:59:56: Display Name: @%systemroot%\system32\appidsvc.dll,-100
2013-03-06 15:59:56: Description: @%systemroot%\system32\appidsvc.dll,-101
2013-03-06 15:59:56: ServiceDLL: System32\appidsvc.dll
2013-03-06 15:59:56: File size: 27648
2013-03-06 15:59:56: DLL File name: appidsvc.dll
2013-03-06 15:59:56: Original File Name: appidsvc.dll.mui
2013-03-06 15:59:56: Company: 
2013-03-06 15:59:56: Mod/Cre/Acc time: 20090713201453 20090713183652 20090713183652
2013-03-06 15:59:56: ---------------------------------------------------------------------
2013-03-06 15:59:56: Found Service: Appinfo
2013-03-06 15:59:56: Real Path: C:\windows\System32\appinfo.dll
2013-03-06 15:59:56: Display Name: @%systemroot%\system32\appinfo.dll,-100
2013-03-06 15:59:56: Description: @%systemroot%\system32\appinfo.dll,-101
2013-03-06 15:59:56: ServiceDLL: System32\appinfo.dll
2013-03-06 15:59:56: File size: 47104
2013-03-06 15:59:56: DLL File name: appinfo.dll
2013-03-06 15:59:56: Original File Name: appinfo.dll.mui
2013-03-06 15:59:56: Company: 
2013-03-06 15:59:56: Mod/Cre/Acc time: 20101120071803 20120319151017 20120319151017
2013-03-06 15:59:56: !!!!!!!
2013-03-06 15:59:56: Found Service: AppMgmt
2013-03-06 15:59:56: Real Path: C:\windows\System32\appmgmts.dll
2013-03-06 15:59:56: Display Name: 
2013-03-06 15:59:56: Description: 
2013-03-06 15:59:56: ServiceDLL: System32\appmgmts.dll
2013-03-06 15:59:56: File size: 0
2013-03-06 15:59:56: DLL File name: appmgmts.dll
2013-03-06 15:59:56: Original File Name: 
2013-03-06 15:59:56: Company: 
2013-03-06 15:59:56: Mod/Cre/Acc time:   
2013-03-06 15:59:56: !!!!!!!!!
2013-03-06 15:59:56: ---------------------------------------------------------------------
2013-03-06 15:59:56: Found Service: AudioEndpointBuilder
2013-03-06 15:59:56: Real Path: C:\windows\System32\Audiosrv.dll
2013-03-06 15:59:56: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204
2013-03-06 15:59:56: Description: @%SystemRoot%\System32\audiosrv.dll,-205
2013-03-06 15:59:56: ServiceDLL: System32\Audiosrv.dll
2013-03-06 15:59:56: File size: 473600
2013-03-06 15:59:56: DLL File name: Audiosrv.dll
2013-03-06 15:59:56: Original File Name: audiosrv.dll.mui
2013-03-06 15:59:56: Company: 
2013-03-06 15:59:56: Mod/Cre/Acc time: 20101120071805 20120319151104 20120319151104
2013-03-06 15:59:56: ---------------------------------------------------------------------
2013-03-06 15:59:56: Found Service: Audiosrv
2013-03-06 15:59:56: Real Path: C:\windows\System32\Audiosrv.dll
2013-03-06 15:59:56: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200
2013-03-06 15:59:56: Description: @%SystemRoot%\System32\audiosrv.dll,-201
2013-03-06 15:59:56: ServiceDLL: System32\Audiosrv.dll
2013-03-06 15:59:56: File size: 473600
2013-03-06 15:59:56: DLL File name: Audiosrv.dll
2013-03-06 15:59:56: Original File Name: audiosrv.dll.mui
2013-03-06 15:59:56: Company: 
2013-03-06 15:59:56: Mod/Cre/Acc time: 20101120071805 20120319151104 20120319151104
2013-03-06 15:59:56: ---------------------------------------------------------------------
2013-03-06 15:59:56: Found Service: AxInstSV
2013-03-06 15:59:57: Real Path: C:\windows\System32\AxInstSV.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\AxInstSV.dll,-103
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\AxInstSV.dll,-104
2013-03-06 15:59:57: ServiceDLL: System32\AxInstSV.dll
2013-03-06 15:59:57: File size: 88064
2013-03-06 15:59:57: DLL File name: AxInstSV.dll
2013-03-06 15:59:57: Original File Name: AxInstSv.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071806 20120319151019 20120319151019
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: BDESVC
2013-03-06 15:59:57: Real Path: C:\windows\System32\bdesvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\bdesvc.dll,-100
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\bdesvc.dll,-101
2013-03-06 15:59:57: ServiceDLL: System32\bdesvc.dll
2013-03-06 15:59:57: File size: 76800
2013-03-06 15:59:57: DLL File name: bdesvc.dll
2013-03-06 15:59:57: Original File Name: BDESVC.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201459 20090713181249 20090713181249
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: BFE
2013-03-06 15:59:57: Real Path: C:\windows\System32\bfe.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\bfe.dll,-1001
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\bfe.dll,-1002
2013-03-06 15:59:57: ServiceDLL: System32\bfe.dll
2013-03-06 15:59:57: File size: 494592
2013-03-06 15:59:57: DLL File name: bfe.dll
2013-03-06 15:59:57: Original File Name: BFE.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071806 20120319151101 20120319151101
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: BITS
2013-03-06 15:59:57: Real Path: C:\windows\System32\qmgr.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\qmgr.dll,-1001
2013-03-06 15:59:57: ServiceDLL: System32\qmgr.dll
2013-03-06 15:59:57: File size: 585728
2013-03-06 15:59:57: DLL File name: qmgr.dll
2013-03-06 15:59:57: Original File Name: qmgr.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120072058 20120319151126 20120319151126
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: Browser
2013-03-06 15:59:57: Real Path: C:\windows\System32\browser.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\browser.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\browser.dll,-101
2013-03-06 15:59:57: ServiceDLL: System32\browser.dll
2013-03-06 15:59:57: File size: 102912
2013-03-06 15:59:57: DLL File name: browser.dll
2013-03-06 15:59:57: Original File Name: browser.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20120704161434 20120817202022 20120817202022
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: bthserv
2013-03-06 15:59:57: Real Path: C:\windows\system32\bthserv.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\System32\bthserv.dll,-101
2013-03-06 15:59:57: Description: @%SystemRoot%\System32\bthserv.dll,-102
2013-03-06 15:59:57: ServiceDLL: system32\bthserv.dll
2013-03-06 15:59:57: File size: 64512
2013-03-06 15:59:57: DLL File name: bthserv.dll
2013-03-06 15:59:57: Original File Name: BTHSERV.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201500 20090713185127 20090713185127
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: CertPropSvc
2013-03-06 15:59:57: Real Path: C:\windows\System32\certprop.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\System32\certprop.dll,-11
2013-03-06 15:59:57: Description: @%SystemRoot%\System32\certprop.dll,-12
2013-03-06 15:59:57: ServiceDLL: System32\certprop.dll
2013-03-06 15:59:57: File size: 67584
2013-03-06 15:59:57: DLL File name: certprop.dll
2013-03-06 15:59:57: Original File Name: certprop.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071812 20120319151017 20120319151017
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: CryptSvc
2013-03-06 15:59:57: Real Path: C:\windows\system32\cryptsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
2013-03-06 15:59:57: ServiceDLL: system32\cryptsvc.dll
2013-03-06 15:59:57: File size: 140288
2013-03-06 15:59:57: DLL File name: cryptsvc.dll
2013-03-06 15:59:57: Original File Name: cryptsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20120423233642 20120612205843 20120612205843
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: DcomLaunch
2013-03-06 15:59:57: Real Path: C:\windows\system32\rpcss.dll
2013-03-06 15:59:57: Display Name: @oleres.dll,-5012
2013-03-06 15:59:57: Description: @oleres.dll,-5013
2013-03-06 15:59:57: ServiceDLL: system32\rpcss.dll
2013-03-06 15:59:57: File size: 376832
2013-03-06 15:59:57: DLL File name: rpcss.dll
2013-03-06 15:59:57: Original File Name: rpcss.dll
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120072103 20120319151103 20120319151103
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: defragsvc
2013-03-06 15:59:57: Real Path: C:\windows\System32\defragsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\defragsvc.dll,-101
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\defragsvc.dll,-102
2013-03-06 15:59:57: ServiceDLL: System32\defragsvc.dll
2013-03-06 15:59:57: File size: 218624
2013-03-06 15:59:57: DLL File name: defragsvc.dll
2013-03-06 15:59:57: Original File Name: defragsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201510 20090713182332 20090713182332
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: Dhcp
2013-03-06 15:59:57: Real Path: C:\windows\system32\dhcpcore.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\dhcpcore.dll,-100
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\dhcpcore.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\dhcpcore.dll
2013-03-06 15:59:57: File size: 254464
2013-03-06 15:59:57: DLL File name: dhcpcore.dll
2013-03-06 15:59:57: Original File Name: dhcpcore.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071830 20120319151055 20120319151055
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: Dnscache
2013-03-06 15:59:57: Real Path: C:\windows\System32\dnsrslvr.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101
2013-03-06 15:59:57: Description: @%SystemRoot%\System32\dnsapi.dll,-102
2013-03-06 15:59:57: ServiceDLL: System32\dnsrslvr.dll
2013-03-06 15:59:57: File size: 132608
2013-03-06 15:59:57: DLL File name: dnsrslvr.dll
2013-03-06 15:59:57: Original File Name: dnsrslvr.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20110303003801 20120317140642 20120317140642
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: dot3svc
2013-03-06 15:59:57: Real Path: C:\windows\System32\dot3svc.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\dot3svc.dll,-1102
2013-03-06 15:59:57: Description: @%systemroot%\system32\dot3svc.dll,-1103
2013-03-06 15:59:57: ServiceDLL: System32\dot3svc.dll
2013-03-06 15:59:57: File size: 214016
2013-03-06 15:59:57: DLL File name: dot3svc.dll
2013-03-06 15:59:57: Original File Name: dot3svc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071834 20120319151018 20120319151018
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: DPS
2013-03-06 15:59:57: Real Path: C:\windows\system32\dps.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\dps.dll,-500
2013-03-06 15:59:57: Description: @%systemroot%\system32\dps.dll,-501
2013-03-06 15:59:57: ServiceDLL: system32\dps.dll
2013-03-06 15:59:57: File size: 144384
2013-03-06 15:59:57: DLL File name: dps.dll
2013-03-06 15:59:57: Original File Name: dps.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071834 20120319151048 20120319151048
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: EapHost
2013-03-06 15:59:57: Real Path: C:\windows\System32\eapsvc.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\eapsvc.dll,-1
2013-03-06 15:59:57: Description: @%systemroot%\system32\eapsvc.dll,-2
2013-03-06 15:59:57: ServiceDLL: System32\eapsvc.dll
2013-03-06 15:59:57: File size: 98304
2013-03-06 15:59:57: DLL File name: eapsvc.dll
2013-03-06 15:59:57: Original File Name: eapsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201513 20090713185640 20090713185640
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: EventSystem
2013-03-06 15:59:57: Real Path: C:\windows\system32\es.dll
2013-03-06 15:59:57: Display Name: @comres.dll,-2450
2013-03-06 15:59:57: Description: @comres.dll,-2451
2013-03-06 15:59:57: ServiceDLL: system32\es.dll
2013-03-06 15:59:57: File size: 271360
2013-03-06 15:59:57: DLL File name: es.dll
2013-03-06 15:59:57: Original File Name: ES.DLL
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201519 20090713184438 20090713184438
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: fdPHost
2013-03-06 15:59:57: Real Path: C:\windows\system32\fdPHost.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\fdPHost.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\fdPHost.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\fdPHost.dll
2013-03-06 15:59:57: File size: 12800
2013-03-06 15:59:57: DLL File name: fdPHost.dll
2013-03-06 15:59:57: Original File Name: fdPHost.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201520 20090713182236 20090713182236
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: FDResPub
2013-03-06 15:59:57: Real Path: C:\windows\system32\fdrespub.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\fdrespub.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\fdrespub.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\fdrespub.dll
2013-03-06 15:59:57: File size: 28160
2013-03-06 15:59:57: DLL File name: fdrespub.dll
2013-03-06 15:59:57: Original File Name: FDResPub.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201520 20090713182232 20090713182232
2013-03-06 15:59:57: !!!!!!!
2013-03-06 15:59:57: Found Service: FontCache
2013-03-06 15:59:57: Real Path: C:\windows\system32\FntCache.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\FntCache.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\FntCache.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\FntCache.dll
2013-03-06 15:59:57: File size: 906240
2013-03-06 15:59:57: DLL File name: FntCache.dll
2013-03-06 15:59:57: Original File Name: FontCacheService
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20130113153034 20130228030740 20130228030740
2013-03-06 15:59:57: !!!!!!!!!
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: gpsvc
2013-03-06 15:59:57: Real Path: C:\windows\System32\gpsvc.dll
2013-03-06 15:59:57: Display Name: @gpapi.dll,-112
2013-03-06 15:59:57: Description: @gpapi.dll,-113
2013-03-06 15:59:57: ServiceDLL: System32\gpsvc.dll
2013-03-06 15:59:57: File size: 593408
2013-03-06 15:59:57: DLL File name: gpsvc.dll
2013-03-06 15:59:57: Original File Name: gpsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071909 20120319151117 20120319151117
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: hidserv
2013-03-06 15:59:57: Real Path: C:\windows\System32\hidserv.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\System32\hidserv.dll,-101
2013-03-06 15:59:57: Description: @%SystemRoot%\System32\hidserv.dll,-102
2013-03-06 15:59:57: ServiceDLL: System32\hidserv.dll
2013-03-06 15:59:57: File size: 49152
2013-03-06 15:59:57: DLL File name: hidserv.dll
2013-03-06 15:59:57: Original File Name: HIDSERV.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201524 20090713185109 20090713185109
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: hkmsvc
2013-03-06 15:59:57: Real Path: C:\windows\system32\kmsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\kmsvc.dll,-7
2013-03-06 15:59:57: ServiceDLL: system32\kmsvc.dll
2013-03-06 15:59:57: File size: 71168
2013-03-06 15:59:57: DLL File name: kmsvc.dll
2013-03-06 15:59:57: Original File Name: KmSvc.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071926 20120319151026 20120319151026
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: HomeGroupListener
2013-03-06 15:59:57: Real Path: C:\windows\system32\ListSvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\System32\ListSvc.dll,-100
2013-03-06 15:59:57: Description: @%SystemRoot%\System32\ListSvc.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\ListSvc.dll
2013-03-06 15:59:57: File size: 194560
2013-03-06 15:59:57: DLL File name: ListSvc.dll
2013-03-06 15:59:57: Original File Name: ListSvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071928 20120319151032 20120319151032
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: HomeGroupProvider
2013-03-06 15:59:57: Real Path: C:\windows\system32\provsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\System32\provsvc.dll,-100
2013-03-06 15:59:57: Description: @%SystemRoot%\System32\provsvc.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\provsvc.dll
2013-03-06 15:59:57: File size: 165376
2013-03-06 15:59:57: DLL File name: provsvc.dll
2013-03-06 15:59:57: Original File Name: provsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120072057 20120319151017 20120319151017
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: IKEEXT
2013-03-06 15:59:57: Real Path: C:\windows\System32\ikeext.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\ikeext.dll,-501
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\ikeext.dll,-502
2013-03-06 15:59:57: ServiceDLL: System32\ikeext.dll
2013-03-06 15:59:57: File size: 674304
2013-03-06 15:59:57: DLL File name: ikeext.dll
2013-03-06 15:59:57: Original File Name: IKEEXT.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071921 20120319151121 20120319151121
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: IPBusEnum
2013-03-06 15:59:57: Real Path: C:\windows\system32\ipbusenum.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102
2013-03-06 15:59:57: Description: @%systemroot%\system32\IPBusEnum.dll,-103
2013-03-06 15:59:57: ServiceDLL: system32\ipbusenum.dll
2013-03-06 15:59:57: File size: 78848
2013-03-06 15:59:57: DLL File name: ipbusenum.dll
2013-03-06 15:59:57: Original File Name: IPBusEnum.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201533 20090713182255 20090713182255
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: iphlpsvc
2013-03-06 15:59:57: Real Path: C:\windows\System32\iphlpsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-500
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\iphlpsvc.dll,-501
2013-03-06 15:59:57: ServiceDLL: System32\iphlpsvc.dll
2013-03-06 15:59:57: File size: 499712
2013-03-06 15:59:57: DLL File name: iphlpsvc.dll
2013-03-06 15:59:57: Original File Name: iphlpsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20121003114035 20121114012651 20121114012651
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: KtmRm
2013-03-06 15:59:57: Real Path: C:\windows\system32\msdtckrm.dll
2013-03-06 15:59:57: Display Name: @comres.dll,-2946
2013-03-06 15:59:57: Description: @comres.dll,-2947
2013-03-06 15:59:57: ServiceDLL: system32\msdtckrm.dll
2013-03-06 15:59:57: File size: 308736
2013-03-06 15:59:57: DLL File name: msdtckrm.dll
2013-03-06 15:59:57: Original File Name: MSDTCKRM.DLL
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201543 20090713184409 20090713184409
 


#8 TechRaven

TechRaven
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 06 March 2013 - 06:23 PM

2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: LanmanServer
2013-03-06 15:59:57: Real Path: C:\windows\System32\srvsvc.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\srvsvc.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\srvsvc.dll,-101
2013-03-06 15:59:57: ServiceDLL: System32\srvsvc.dll
2013-03-06 15:59:57: File size: 168960
2013-03-06 15:59:57: DLL File name: srvsvc.dll
2013-03-06 15:59:57: Original File Name: SRVSVC.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120072126 20120319151050 20120319151050
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: LanmanWorkstation
2013-03-06 15:59:57: Real Path: C:\windows\System32\wkssvc.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\wkssvc.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\wkssvc.dll,-101
2013-03-06 15:59:57: ServiceDLL: System32\wkssvc.dll
2013-03-06 15:59:57: File size: 84480
2013-03-06 15:59:57: DLL File name: wkssvc.dll
2013-03-06 15:59:57: Original File Name: WKSSVC.DLL.MUI
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120072136 20120319151026 20120319151026
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: lltdsvc
2013-03-06 15:59:57: Real Path: C:\windows\System32\lltdsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\lltdres.dll,-1
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\lltdres.dll,-2
2013-03-06 15:59:57: ServiceDLL: System32\lltdsvc.dll
2013-03-06 15:59:57: File size: 189952
2013-03-06 15:59:57: DLL File name: lltdsvc.dll
2013-03-06 15:59:57: Original File Name: LLTDSVC.DLL
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201536 20090713185327 20090713185327
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: lmhosts
2013-03-06 15:59:57: Real Path: C:\windows\System32\lmhsvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\lmhsvc.dll,-102
2013-03-06 15:59:57: ServiceDLL: System32\lmhsvc.dll
2013-03-06 15:59:57: File size: 18432
2013-03-06 15:59:57: DLL File name: lmhsvc.dll
2013-03-06 15:59:57: Original File Name: lmhsvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201536 20090713185331 20090713185331
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: Mcx2Svc
2013-03-06 15:59:57: Real Path: C:\windows\system32\Mcx2Svc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501
2013-03-06 15:59:57: Description: @%SystemRoot%\ehome\ehres.dll,-15502
2013-03-06 15:59:57: ServiceDLL: system32\Mcx2Svc.dll
2013-03-06 15:59:57: File size: 68096
2013-03-06 15:59:57: DLL File name: Mcx2Svc.dll
2013-03-06 15:59:57: Original File Name: Mcx2Svc.dll
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071933 20120319151009 20120319151009
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: MMCSS
2013-03-06 15:59:57: Real Path: C:\windows\system32\mmcss.dll
2013-03-06 15:59:57: Display Name: @%systemroot%\system32\mmcss.dll,-100
2013-03-06 15:59:57: Description: @%systemroot%\system32\mmcss.dll,-101
2013-03-06 15:59:57: ServiceDLL: system32\mmcss.dll
2013-03-06 15:59:57: File size: 49664
2013-03-06 15:59:57: DLL File name: mmcss.dll
2013-03-06 15:59:57: Original File Name: mmcss.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201541 20090713190719 20090713190719
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: MpsSvc
2013-03-06 15:59:57: Real Path: C:\windows\system32\mpssvc.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\FirewallAPI.dll,-23090
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091
2013-03-06 15:59:57: ServiceDLL: system32\mpssvc.dll
2013-03-06 15:59:57: File size: 566272
2013-03-06 15:59:57: DLL File name: mpssvc.dll
2013-03-06 15:59:57: Original File Name: mpssvc.dll.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20101120071940 20120319151117 20120319151117
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: MSiSCSI
2013-03-06 15:59:57: Real Path: C:\windows\system32\iscsiexe.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
2013-03-06 15:59:57: ServiceDLL: system32\iscsiexe.dll
2013-03-06 15:59:57: File size: 114688
2013-03-06 15:59:57: DLL File name: iscsiexe.dll
2013-03-06 15:59:57: Original File Name: iscsiexe.exe.mui
2013-03-06 15:59:57: Company: 
2013-03-06 15:59:57: Mod/Cre/Acc time: 20090713201534 20090713184608 20090713184608
2013-03-06 15:59:57: ---------------------------------------------------------------------
2013-03-06 15:59:57: Found Service: napagent
2013-03-06 15:59:57: Real Path: C:\windows\system32\qagentRT.dll
2013-03-06 15:59:57: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6
2013-03-06 15:59:57: Description: @%SystemRoot%\system32\qagentrt.dll,-7
2013-03-06 15:59:57: ServiceDLL: system32\qagentRT.dll
2013-03-06 15:59:57: File size: 330240
2013-03-06 15:59:57: DLL File name: qagentRT.dll
2013-03-06 15:59:57: Original File Name: QAgentRT.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072057 20120319151051 20120319151051
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: Netman
2013-03-06 15:59:58: Real Path: C:\windows\System32\netman.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\netman.dll,-109
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\netman.dll,-110
2013-03-06 15:59:58: ServiceDLL: System32\netman.dll
2013-03-06 15:59:58: File size: 280576
2013-03-06 15:59:58: DLL File name: netman.dll
2013-03-06 15:59:58: Original File Name: netman.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201603 20090713185243 20090713185243
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: netprofm
2013-03-06 15:59:58: Real Path: C:\windows\System32\netprofm.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\netprofm.dll,-202
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\netprofm.dll,-203
2013-03-06 15:59:58: ServiceDLL: System32\netprofm.dll
2013-03-06 15:59:58: File size: 360448
2013-03-06 15:59:58: DLL File name: netprofm.dll
2013-03-06 15:59:58: Original File Name: netprofm.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201603 20090713185658 20090713185658
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: NlaSvc
2013-03-06 15:59:58: Real Path: C:\windows\System32\nlasvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\nlasvc.dll,-1
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\nlasvc.dll,-2
2013-03-06 15:59:58: ServiceDLL: System32\nlasvc.dll
2013-03-06 15:59:58: File size: 242176
2013-03-06 15:59:58: DLL File name: nlasvc.dll
2013-03-06 15:59:58: Original File Name: nlasvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20121003114226 20121114012651 20121114012651
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: nsi
2013-03-06 15:59:58: Real Path: C:\windows\system32\nsisvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\nsisvc.dll,-200
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\nsisvc.dll,-201
2013-03-06 15:59:58: ServiceDLL: system32\nsisvc.dll
2013-03-06 15:59:58: File size: 19456
2013-03-06 15:59:58: DLL File name: nsisvc.dll
2013-03-06 15:59:58: Original File Name: nsisvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201611 20090713181208 20090713181208
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: p2pimsvc
2013-03-06 15:59:58: Real Path: C:\windows\system32\pnrpsvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8004
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8005
2013-03-06 15:59:58: ServiceDLL: system32\pnrpsvc.dll
2013-03-06 15:59:58: File size: 269824
2013-03-06 15:59:58: DLL File name: pnrpsvc.dll
2013-03-06 15:59:58: Original File Name: pnrpsvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713185613 20090713185613
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: p2psvc
2013-03-06 15:59:58: Real Path: C:\windows\system32\p2psvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\p2psvc.dll,-8007
2013-03-06 15:59:58: ServiceDLL: system32\p2psvc.dll
2013-03-06 15:59:58: File size: 327680
2013-03-06 15:59:58: DLL File name: p2psvc.dll
2013-03-06 15:59:58: Original File Name: p2psvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713185614 20090713185614
2013-03-06 15:59:58: !!!!!!!
2013-03-06 15:59:58: Found Service: PcaSvc
2013-03-06 15:59:58: Real Path: C:\windows\System32\pcasvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\pcasvc.dll,-2
2013-03-06 15:59:58: ServiceDLL: System32\pcasvc.dll
2013-03-06 15:59:58: File size: 154624
2013-03-06 15:59:58: DLL File name: pcasvc.dll
2013-03-06 15:59:58: Original File Name: 
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713182030 20090713182030
2013-03-06 15:59:58: !!!!!!!!!
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: pla
2013-03-06 15:59:58: Real Path: C:\windows\system32\pla.dll
2013-03-06 15:59:58: Display Name: @%systemroot%\system32\pla.dll,-500
2013-03-06 15:59:58: Description: @%systemroot%\system32\pla.dll,-501
2013-03-06 15:59:58: ServiceDLL: system32\pla.dll
2013-03-06 15:59:58: File size: 1508864
2013-03-06 15:59:58: DLL File name: pla.dll
2013-03-06 15:59:58: Original File Name: PLA.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072054 20120319151039 20120319151039
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: PlugPlay
2013-03-06 15:59:58: Real Path: C:\windows\system32\umpnpmgr.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
2013-03-06 15:59:58: ServiceDLL: system32\umpnpmgr.dll
2013-03-06 15:59:58: File size: 293376
2013-03-06 15:59:58: DLL File name: umpnpmgr.dll
2013-03-06 15:59:58: Original File Name: Umpnpmgr.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20110524054459 20120317140608 20120317140608
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: PNRPAutoReg
2013-03-06 15:59:58: Real Path: C:\windows\system32\pnrpauto.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\pnrpauto.dll,-8002
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\pnrpauto.dll,-8003
2013-03-06 15:59:58: ServiceDLL: system32\pnrpauto.dll
2013-03-06 15:59:58: File size: 20480
2013-03-06 15:59:58: DLL File name: pnrpauto.dll
2013-03-06 15:59:58: Original File Name: pnrpauto.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713185603 20090713185603
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: PNRPsvc
2013-03-06 15:59:58: Real Path: C:\windows\system32\pnrpsvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8000
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8001
2013-03-06 15:59:58: ServiceDLL: system32\pnrpsvc.dll
2013-03-06 15:59:58: File size: 269824
2013-03-06 15:59:58: DLL File name: pnrpsvc.dll
2013-03-06 15:59:58: Original File Name: pnrpsvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713185613 20090713185613
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: PolicyAgent
2013-03-06 15:59:58: Real Path: C:\windows\System32\ipsecsvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\polstore.dll,-5010
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\polstore.dll,-5011
2013-03-06 15:59:58: ServiceDLL: System32\ipsecsvc.dll
2013-03-06 15:59:58: File size: 350208
2013-03-06 15:59:58: DLL File name: ipsecsvc.dll
2013-03-06 15:59:58: Original File Name: ipsecsvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120071923 20120319151045 20120319151045
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: Power
2013-03-06 15:59:58: Real Path: C:\windows\system32\umpo.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\umpo.dll,-100
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\umpo.dll,-101
2013-03-06 15:59:58: ServiceDLL: system32\umpo.dll
2013-03-06 15:59:58: File size: 119808
2013-03-06 15:59:58: DLL File name: umpo.dll
2013-03-06 15:59:58: Original File Name: Umpo.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072133 20120319151033 20120319151033
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: ProfSvc
2013-03-06 15:59:58: Real Path: C:\windows\system32\profsvc.dll
2013-03-06 15:59:58: Display Name: @%systemroot%\system32\profsvc.dll,-300
2013-03-06 15:59:58: Description: @%systemroot%\system32\profsvc.dll,-301
2013-03-06 15:59:58: ServiceDLL: system32\profsvc.dll
2013-03-06 15:59:58: File size: 164352
2013-03-06 15:59:58: DLL File name: profsvc.dll
2013-03-06 15:59:58: Original File Name: ProfSvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20120430234412 20120612205848 20120612205848
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: QWAVE
2013-03-06 15:59:58: Real Path: C:\windows\system32\qwave.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\qwave.dll,-1
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\qwave.dll,-2
2013-03-06 15:59:58: ServiceDLL: system32\qwave.dll
2013-03-06 15:59:58: File size: 210944
2013-03-06 15:59:58: DLL File name: qwave.dll
2013-03-06 15:59:58: Original File Name: qwave.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713185415 20090713185415
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: RasAuto
2013-03-06 15:59:58: Real Path: C:\windows\System32\rasauto.dll
2013-03-06 15:59:58: Display Name: @%Systemroot%\system32\rasauto.dll,-200
2013-03-06 15:59:58: Description: @%Systemroot%\system32\rasauto.dll,-201
2013-03-06 15:59:58: ServiceDLL: System32\rasauto.dll
2013-03-06 15:59:58: File size: 90624
2013-03-06 15:59:58: DLL File name: rasauto.dll
2013-03-06 15:59:58: Original File Name: rasauto.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201612 20090713185443 20090713185443
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: RasMan
2013-03-06 15:59:58: Real Path: C:\windows\System32\rasmans.dll
2013-03-06 15:59:58: Display Name: @%Systemroot%\system32\rasmans.dll,-200
2013-03-06 15:59:58: Description: @%Systemroot%\system32\rasmans.dll,-201
2013-03-06 15:59:58: ServiceDLL: System32\rasmans.dll
2013-03-06 15:59:58: File size: 286208
2013-03-06 15:59:58: DLL File name: rasmans.dll
2013-03-06 15:59:58: Original File Name: Rasmans.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072100 20120319151037 20120319151037
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: RemoteAccess
2013-03-06 15:59:58: Real Path: C:\windows\System32\mprdim.dll
2013-03-06 15:59:58: Display Name: @%Systemroot%\system32\mprdim.dll,-200
2013-03-06 15:59:58: Description: @%Systemroot%\system32\mprdim.dll,-201
2013-03-06 15:59:58: ServiceDLL: System32\mprdim.dll
2013-03-06 15:59:58: File size: 75264
2013-03-06 15:59:58: DLL File name: mprdim.dll
2013-03-06 15:59:58: Original File Name: MPRDIM.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201541 20090713185426 20090713185426
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: RemoteRegistry
2013-03-06 15:59:58: Real Path: C:\windows\system32\regsvc.dll
2013-03-06 15:59:58: Display Name: @regsvc.dll,-1
2013-03-06 15:59:58: Description: @regsvc.dll,-2
2013-03-06 15:59:58: ServiceDLL: system32\regsvc.dll
2013-03-06 15:59:58: File size: 112640
2013-03-06 15:59:58: DLL File name: regsvc.dll
2013-03-06 15:59:58: Original File Name: REGSVC.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201613 20090713181926 20090713181926
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: RpcEptMapper
2013-03-06 15:59:58: Real Path: C:\windows\System32\RpcEpMap.dll
2013-03-06 15:59:58: Display Name: @%windir%\system32\RpcEpMap.dll,-1001
2013-03-06 15:59:58: Description: @%windir%\system32\RpcEpMap.dll,-1002
2013-03-06 15:59:58: ServiceDLL: System32\RpcEpMap.dll
2013-03-06 15:59:58: File size: 43520
2013-03-06 15:59:58: DLL File name: RpcEpMap.dll
2013-03-06 15:59:58: Original File Name: RpcEpMap.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201613 20090713181208 20090713181208
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: RpcSs
2013-03-06 15:59:58: Real Path: C:\windows\System32\rpcss.dll
2013-03-06 15:59:58: Display Name: @oleres.dll,-5010
2013-03-06 15:59:58: Description: @oleres.dll,-5011
2013-03-06 15:59:58: ServiceDLL: System32\rpcss.dll
2013-03-06 15:59:58: File size: 376832
2013-03-06 15:59:58: DLL File name: rpcss.dll
2013-03-06 15:59:58: Original File Name: rpcss.dll
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072103 20120319151103 20120319151103
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SCardSvr
2013-03-06 15:59:58: Real Path: C:\windows\System32\SCardSvr.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\SCardSvr.dll,-5
2013-03-06 15:59:58: ServiceDLL: System32\SCardSvr.dll
2013-03-06 15:59:58: File size: 132608
2013-03-06 15:59:58: DLL File name: SCardSvr.dll
2013-03-06 15:59:58: Original File Name: SCardSvr.exe.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201613 20090713183351 20090713183351
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: Schedule
2013-03-06 15:59:58: Real Path: C:\windows\system32\schedsvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\schedsvc.dll,-101
2013-03-06 15:59:58: ServiceDLL: system32\schedsvc.dll
2013-03-06 15:59:58: File size: 750592
2013-03-06 15:59:58: DLL File name: schedsvc.dll
2013-03-06 15:59:58: Original File Name: schedsvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072105 20120319151133 20120319151133
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SCPolicySvc
2013-03-06 15:59:58: Real Path: C:\windows\System32\certprop.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\certprop.dll,-13
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\certprop.dll,-14
2013-03-06 15:59:58: ServiceDLL: System32\certprop.dll
2013-03-06 15:59:58: File size: 67584
2013-03-06 15:59:58: DLL File name: certprop.dll
2013-03-06 15:59:58: Original File Name: certprop.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120071812 20120319151017 20120319151017
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SDRSVC
2013-03-06 15:59:58: Real Path: C:\windows\System32\SDRSVC.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\sdrsvc.dll,-102
2013-03-06 15:59:58: ServiceDLL: System32\SDRSVC.dll
2013-03-06 15:59:58: File size: 125952
2013-03-06 15:59:58: DLL File name: SDRSVC.dll
2013-03-06 15:59:58: Original File Name: SDRSVC.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072106 20120319151012 20120319151012
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: seclogon
2013-03-06 15:59:58: Real Path: C:\windows\system32\seclogon.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\seclogon.dll,-7000
2013-03-06 15:59:58: ServiceDLL: system32\seclogon.dll
2013-03-06 15:59:58: File size: 21504
2013-03-06 15:59:58: DLL File name: seclogon.dll
2013-03-06 15:59:58: Original File Name: SECLOGON.EXE.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201613 20090713183747 20090713183747
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SENS
2013-03-06 15:59:58: Real Path: C:\windows\system32\sens.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\Sens.dll,-200
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\Sens.dll,-201
2013-03-06 15:59:58: ServiceDLL: system32\sens.dll
2013-03-06 15:59:58: File size: 49664
2013-03-06 15:59:58: DLL File name: sens.dll
2013-03-06 15:59:58: Original File Name: sens.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201613 20090713182158 20090713182158
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SensrSvc
2013-03-06 15:59:58: Real Path: C:\windows\system32\sensrsvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\sensrsvc.dll,-1000
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\sensrsvc.dll,-1001
2013-03-06 15:59:58: ServiceDLL: system32\sensrsvc.dll
2013-03-06 15:59:58: File size: 25088
2013-03-06 15:59:58: DLL File name: sensrsvc.dll
2013-03-06 15:59:58: Original File Name: sensrsvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201613 20090713184525 20090713184525
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SessionEnv
2013-03-06 15:59:58: Real Path: C:\windows\system32\sessenv.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\SessEnv.dll,-1027
2013-03-06 15:59:58: ServiceDLL: system32\sessenv.dll
2013-03-06 15:59:58: File size: 113664
2013-03-06 15:59:58: DLL File name: sessenv.dll
2013-03-06 15:59:58: Original File Name: SessEnv.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072108 20120319151107 20120319151107
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SharedAccess
2013-03-06 15:59:58: Real Path: C:\windows\System32\ipnathlp.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\ipnathlp.dll,-106
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\ipnathlp.dll,-107
2013-03-06 15:59:58: ServiceDLL: System32\ipnathlp.dll
2013-03-06 15:59:58: File size: 300544
2013-03-06 15:59:58: DLL File name: ipnathlp.dll
2013-03-06 15:59:58: Original File Name: IPNATHLP.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201533 20090713185428 20090713185428
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: ShellHWDetection
2013-03-06 15:59:58: Real Path: C:\windows\System32\shsvcs.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\shsvcs.dll,-12289
2013-03-06 15:59:58: ServiceDLL: System32\shsvcs.dll
2013-03-06 15:59:58: File size: 328192
2013-03-06 15:59:58: DLL File name: shsvcs.dll
2013-03-06 15:59:58: Original File Name: SHSVCS.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072119 20120319151037 20120319151037
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: sppuinotify
2013-03-06 15:59:58: Real Path: C:\windows\system32\sppuinotify.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\sppuinotify.dll,-103
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\sppuinotify.dll,-102
2013-03-06 15:59:58: ServiceDLL: system32\sppuinotify.dll
2013-03-06 15:59:58: File size: 53760
2013-03-06 15:59:58: DLL File name: sppuinotify.dll
2013-03-06 15:59:58: Original File Name: sppuinotify.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072124 20120319151003 20120319151003
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SSDPSRV
2013-03-06 15:59:58: Real Path: C:\windows\System32\ssdpsrv.dll
2013-03-06 15:59:58: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100
2013-03-06 15:59:58: Description: @%systemroot%\system32\ssdpsrv.dll,-101
2013-03-06 15:59:58: ServiceDLL: System32\ssdpsrv.dll
2013-03-06 15:59:58: File size: 162816
2013-03-06 15:59:58: DLL File name: ssdpsrv.dll
2013-03-06 15:59:58: Original File Name: ssdpsrv.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201615 20090713185541 20090713185541
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SstpSvc
2013-03-06 15:59:58: Real Path: C:\windows\system32\sstpsvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\sstpsvc.dll,-201
2013-03-06 15:59:58: ServiceDLL: system32\sstpsvc.dll
2013-03-06 15:59:58: File size: 90112
2013-03-06 15:59:58: DLL File name: sstpsvc.dll
2013-03-06 15:59:58: Original File Name: sstpsvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201615 20090713185451 20090713185451
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: StiSvc
2013-03-06 15:59:58: Real Path: C:\windows\System32\wiaservc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\wiaservc.dll,-10
2013-03-06 15:59:58: ServiceDLL: System32\wiaservc.dll
2013-03-06 15:59:58: File size: 463360
2013-03-06 15:59:58: DLL File name: wiaservc.dll
2013-03-06 15:59:58: Original File Name: WIASERVC.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072135 20120319151038 20120319151038
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: swprv
2013-03-06 15:59:58: Real Path: C:\windows\System32\swprv.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\swprv.dll,-103
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\swprv.dll,-102
2013-03-06 15:59:58: ServiceDLL: System32\swprv.dll
2013-03-06 15:59:58: File size: 313856
2013-03-06 15:59:58: DLL File name: swprv.dll
2013-03-06 15:59:58: Original File Name: SWPRV.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201615 20090713182355 20090713182355
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: SysMain
2013-03-06 15:59:58: Real Path: C:\windows\system32\sysmain.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\sysmain.dll,-1001
2013-03-06 15:59:58: ServiceDLL: system32\sysmain.dll
2013-03-06 15:59:58: File size: 1159168
2013-03-06 15:59:58: DLL File name: sysmain.dll
2013-03-06 15:59:58: Original File Name: sysmain.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072127 20120319151150 20120319151150
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: TabletInputService
2013-03-06 15:59:58: Real Path: C:\windows\System32\TabSvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\TabSvc.dll,-101
2013-03-06 15:59:58: ServiceDLL: System32\TabSvc.dll
2013-03-06 15:59:58: File size: 73216
2013-03-06 15:59:58: DLL File name: TabSvc.dll
2013-03-06 15:59:58: Original File Name: TabSvc.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072128 20120319151037 20120319151037
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: TapiSrv
2013-03-06 15:59:58: Real Path: C:\windows\System32\tapisrv.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\tapisrv.dll,-10100
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\tapisrv.dll,-10101
2013-03-06 15:59:58: ServiceDLL: System32\tapisrv.dll
2013-03-06 15:59:58: File size: 242176
2013-03-06 15:59:58: DLL File name: tapisrv.dll
2013-03-06 15:59:58: Original File Name: TAPISRV.EXE.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072128 20120319151027 20120319151027
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: TBS
2013-03-06 15:59:58: Real Path: C:\windows\System32\tbssvc.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\tbssvc.dll,-100
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\tbssvc.dll,-101
2013-03-06 15:59:58: ServiceDLL: System32\tbssvc.dll
2013-03-06 15:59:58: File size: 55808
2013-03-06 15:59:58: DLL File name: tbssvc.dll
2013-03-06 15:59:58: Original File Name: TBSSVC.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201615 20090713181241 20090713181241
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: TermService
2013-03-06 15:59:58: Real Path: C:\windows\System32\termsrv.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\termsrv.dll,-268
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\termsrv.dll,-267
2013-03-06 15:59:58: ServiceDLL: System32\termsrv.dll
2013-03-06 15:59:58: File size: 521216
2013-03-06 15:59:58: DLL File name: termsrv.dll
2013-03-06 15:59:58: Original File Name: termsrv.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20101120072128 20120319151119 20120319151119
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: Themes
2013-03-06 15:59:58: Real Path: C:\windows\system32\themeservice.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\System32\themeservice.dll,-8192
2013-03-06 15:59:58: Description: @%SystemRoot%\System32\themeservice.dll,-8193
2013-03-06 15:59:58: ServiceDLL: system32\themeservice.dll
2013-03-06 15:59:58: File size: 37376
2013-03-06 15:59:58: DLL File name: themeservice.dll
2013-03-06 15:59:58: Original File Name: THEMESERVICE.DLL.MUI
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201616 20090713183900 20090713183900
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: THREADORDER
2013-03-06 15:59:58: Real Path: C:\windows\system32\mmcss.dll
2013-03-06 15:59:58: Display Name: @%systemroot%\system32\mmcss.dll,-102
2013-03-06 15:59:58: Description: @%systemroot%\system32\mmcss.dll,-103
2013-03-06 15:59:58: ServiceDLL: system32\mmcss.dll
2013-03-06 15:59:58: File size: 49664
2013-03-06 15:59:58: DLL File name: mmcss.dll
2013-03-06 15:59:58: Original File Name: mmcss.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201541 20090713190719 20090713190719
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: TrkWks
2013-03-06 15:59:58: Real Path: C:\windows\System32\trkwks.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\trkwks.dll,-1
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\trkwks.dll,-2
2013-03-06 15:59:58: ServiceDLL: System32\trkwks.dll
2013-03-06 15:59:58: File size: 77312
2013-03-06 15:59:58: DLL File name: trkwks.dll
2013-03-06 15:59:58: Original File Name: trkwks.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201616 20090713184403 20090713184403
2013-03-06 15:59:58: !!!!!!!
2013-03-06 15:59:58: Found Service: upnphost
2013-03-06 15:59:58: Real Path: C:\windows\System32\upnphost.dll
2013-03-06 15:59:58: Display Name: @%systemroot%\system32\upnphost.dll,-213
2013-03-06 15:59:58: Description: @%systemroot%\system32\upnphost.dll,-214
2013-03-06 15:59:58: ServiceDLL: System32\upnphost.dll
2013-03-06 15:59:58: File size: 266752
2013-03-06 15:59:58: DLL File name: upnphost.dll
2013-03-06 15:59:58: Original File Name: unpnhost.dll.mui
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201617 20090713185541 20090713185541
2013-03-06 15:59:58: !!!!!!!!!
2013-03-06 15:59:58: ---------------------------------------------------------------------
2013-03-06 15:59:58: Found Service: UxSms
2013-03-06 15:59:58: Real Path: C:\windows\System32\uxsms.dll
2013-03-06 15:59:58: Display Name: @%SystemRoot%\system32\dwm.exe,-2000
2013-03-06 15:59:58: Description: @%SystemRoot%\system32\dwm.exe,-2001
2013-03-06 15:59:58: ServiceDLL: System32\uxsms.dll
2013-03-06 15:59:58: File size: 29696
2013-03-06 15:59:58: DLL File name: uxsms.dll
2013-03-06 15:59:58: Original File Name: UxSms.dll
2013-03-06 15:59:58: Company: 
2013-03-06 15:59:58: Mod/Cre/Acc time: 20090713201617 20090713182416 20090713182416
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: W32Time
2013-03-06 15:59:59: Real Path: C:\windows\system32\w32time.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\w32time.dll,-200
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\w32time.dll,-201
2013-03-06 15:59:59: ServiceDLL: system32\w32time.dll
2013-03-06 15:59:59: File size: 288768
2013-03-06 15:59:59: DLL File name: w32time.dll
2013-03-06 15:59:59: Original File Name: w32time.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201617 20090713183332 20090713183332
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WbioSrvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\wbiosrvc.dll
2013-03-06 15:59:59: Display Name: @%systemroot%\system32\wbiosrvc.dll,-100
2013-03-06 15:59:59: Description: @%systemroot%\system32\wbiosrvc.dll,-101
2013-03-06 15:59:59: ServiceDLL: System32\wbiosrvc.dll
2013-03-06 15:59:59: File size: 151552
2013-03-06 15:59:59: DLL File name: wbiosrvc.dll
2013-03-06 15:59:59: Original File Name: wbiosrvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201617 20090713183718 20090713183718
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: wcncsvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\wcncsvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\wcncsvc.dll,-4
2013-03-06 15:59:59: ServiceDLL: System32\wcncsvc.dll
2013-03-06 15:59:59: File size: 276992
2013-03-06 15:59:59: DLL File name: wcncsvc.dll
2013-03-06 15:59:59: Original File Name: WCNCSVC.DLL.MUI
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20101120072135 20120319151034 20120319151034
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WcsPlugInService
2013-03-06 15:59:59: Real Path: C:\windows\System32\WcsPlugInService.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\WcsPlugInService.dll,-200
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201
2013-03-06 15:59:59: ServiceDLL: System32\WcsPlugInService.dll
2013-03-06 15:59:59: File size: 32768
2013-03-06 15:59:59: DLL File name: WcsPlugInService.dll
2013-03-06 15:59:59: Original File Name: WcsPlugInService.DLL.MUI
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201618 20090713182513 20090713182513
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WdiServiceHost
2013-03-06 15:59:59: Real Path: C:\windows\system32\wdi.dll
2013-03-06 15:59:59: Display Name: @%systemroot%\system32\wdi.dll,-502
2013-03-06 15:59:59: Description: @%systemroot%\system32\wdi.dll,-503
2013-03-06 15:59:59: ServiceDLL: system32\wdi.dll
2013-03-06 15:59:59: File size: 76288
2013-03-06 15:59:59: DLL File name: wdi.dll
2013-03-06 15:59:59: Original File Name: wdi.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201618 20090713181947 20090713181947
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WdiSystemHost
2013-03-06 15:59:59: Real Path: C:\windows\system32\wdi.dll
2013-03-06 15:59:59: Display Name: @%systemroot%\system32\wdi.dll,-500
2013-03-06 15:59:59: Description: @%systemroot%\system32\wdi.dll,-501
2013-03-06 15:59:59: ServiceDLL: system32\wdi.dll
2013-03-06 15:59:59: File size: 76288
2013-03-06 15:59:59: DLL File name: wdi.dll
2013-03-06 15:59:59: Original File Name: wdi.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201618 20090713181947 20090713181947
2013-03-06 15:59:59: !!!!!!!
2013-03-06 15:59:59: Found Service: WebClient
2013-03-06 15:59:59: Real Path: C:\windows\System32\webclnt.dll
2013-03-06 15:59:59: Display Name: @%systemroot%\system32\webclnt.dll,-100
2013-03-06 15:59:59: Description: @%systemroot%\system32\webclnt.dll,-101
2013-03-06 15:59:59: ServiceDLL: System32\webclnt.dll
2013-03-06 15:59:59: File size: 204800
2013-03-06 15:59:59: DLL File name: webclnt.dll
2013-03-06 15:59:59: Original File Name: davsvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20101120072135 20120319151104 20120319151104
2013-03-06 15:59:59: !!!!!!!!!
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: Wecsvc
2013-03-06 15:59:59: Real Path: C:\windows\system32\wecsvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\wecsvc.dll,-200
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\wecsvc.dll,-201
2013-03-06 15:59:59: ServiceDLL: system32\wecsvc.dll
2013-03-06 15:59:59: File size: 147968
2013-03-06 15:59:59: DLL File name: wecsvc.dll
2013-03-06 15:59:59: Original File Name: wecsvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201618 20090713183005 20090713183005
2013-03-06 15:59:59: !!!!!!!
2013-03-06 15:59:59: Found Service: wercplsupport
2013-03-06 15:59:59: Real Path: C:\windows\System32\wercplsupport.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\System32\wercplsupport.dll,-101
2013-03-06 15:59:59: Description: @%SystemRoot%\System32\wercplsupport.dll,-100
2013-03-06 15:59:59: ServiceDLL: System32\wercplsupport.dll
2013-03-06 15:59:59: File size: 61440
2013-03-06 15:59:59: DLL File name: wercplsupport.dll
2013-03-06 15:59:59: Original File Name: ERC
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201618 20090713182726 20090713182726
2013-03-06 15:59:59: !!!!!!!!!
2013-03-06 15:59:59: !!!!!!!
2013-03-06 15:59:59: Found Service: WerSvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\WerSvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\System32\wersvc.dll,-100
2013-03-06 15:59:59: Description: @%SystemRoot%\System32\wersvc.dll,-101
2013-03-06 15:59:59: ServiceDLL: System32\WerSvc.dll
2013-03-06 15:59:59: File size: 65024
2013-03-06 15:59:59: DLL File name: WerSvc.dll
2013-03-06 15:59:59: Original File Name: wersvc
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201618 20090713182727 20090713182727
2013-03-06 15:59:59: !!!!!!!!!
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: Winmgmt
2013-03-06 15:59:59: Real Path: C:\windows\system32\wbem\WMIsvc.dll
2013-03-06 15:59:59: Display Name: @%Systemroot%\system32\wbem\wmisvc.dll,-205
2013-03-06 15:59:59: Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204
2013-03-06 15:59:59: ServiceDLL: system32\wbem\WMIsvc.dll
2013-03-06 15:59:59: File size: 168960
2013-03-06 15:59:59: DLL File name: WMIsvc.dll
2013-03-06 15:59:59: Original File Name: wmisvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201619 20090713183042 20090713183042
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WinRM
2013-03-06 15:59:59: Real Path: C:\windows\system32\WsmSvc.dll
2013-03-06 15:59:59: Display Name: @%Systemroot%\system32\wsmsvc.dll,-101
2013-03-06 15:59:59: Description: @%Systemroot%\system32\wsmsvc.dll,-102
2013-03-06 15:59:59: ServiceDLL: system32\WsmSvc.dll
2013-03-06 15:59:59: File size: 1175040
2013-03-06 15:59:59: DLL File name: WsmSvc.dll
2013-03-06 15:59:59: Original File Name: WsmSvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20101120072139 20120319151109 20120319151109
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: Wlansvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\wlansvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\System32\wlansvc.dll,-257
2013-03-06 15:59:59: Description: @%SystemRoot%\System32\wlansvc.dll,-258
2013-03-06 15:59:59: ServiceDLL: System32\wlansvc.dll
2013-03-06 15:59:59: File size: 829440
2013-03-06 15:59:59: DLL File name: wlansvc.dll
2013-03-06 15:59:59: Original File Name: wlansvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201619 20090713185201 20090713185201
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WPCSvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\wpcsvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\wpcsvc.dll,-100
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\wpcsvc.dll,-101
2013-03-06 15:59:59: ServiceDLL: System32\wpcsvc.dll
2013-03-06 15:59:59: File size: 10752
2013-03-06 15:59:59: DLL File name: wpcsvc.dll
2013-03-06 15:59:59: Original File Name: wpcsvc.exe.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201620 20090713184010 20090713184010
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WPDBusEnum
2013-03-06 15:59:59: Real Path: C:\windows\system32\wpdbusenum.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\wpdbusenum.dll,-100
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\wpdbusenum.dll,-101
2013-03-06 15:59:59: ServiceDLL: system32\wpdbusenum.dll
2013-03-06 15:59:59: File size: 85504
2013-03-06 15:59:59: DLL File name: wpdbusenum.dll
2013-03-06 15:59:59: Original File Name: WpdBusEnum.DLL.MUI
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20101120072137 20120319151025 20120319151025
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: wscsvc
2013-03-06 15:59:59: Real Path: C:\windows\system32\wscsvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\System32\wscsvc.dll,-200
2013-03-06 15:59:59: Description: @%SystemRoot%\System32\wscsvc.dll,-201
2013-03-06 15:59:59: ServiceDLL: system32\wscsvc.dll
2013-03-06 15:59:59: File size: 73728
2013-03-06 15:59:59: DLL File name: wscsvc.dll
2013-03-06 15:59:59: Original File Name: wscsvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201620 20090713183152 20090713183152
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: wuauserv
2013-03-06 15:59:59: Real Path: C:\windows\system32\wuaueng.dll
2013-03-06 15:59:59: Display Name: @%systemroot%\system32\wuaueng.dll,-105
2013-03-06 15:59:59: Description: @%systemroot%\system32\wuaueng.dll,-106
2013-03-06 15:59:59: ServiceDLL: system32\wuaueng.dll
2013-03-06 15:59:59: File size: 1933848
2013-03-06 15:59:59: DLL File name: wuaueng.dll
2013-03-06 15:59:59: Original File Name: wuaueng.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20120602171917 20120623100544 20120623100544
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: wudfsvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\WUDFSvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\system32\wudfsvc.dll,-1000
2013-03-06 15:59:59: Description: @%SystemRoot%\system32\wudfsvc.dll,-1001
2013-03-06 15:59:59: ServiceDLL: System32\WUDFSvc.dll
2013-03-06 15:59:59: File size: 73216
2013-03-06 15:59:59: DLL File name: WUDFSvc.dll
2013-03-06 15:59:59: Original File Name: WUDFSvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20120725222040 20121114031653 20121114031653
2013-03-06 15:59:59: ---------------------------------------------------------------------
2013-03-06 15:59:59: Found Service: WwanSvc
2013-03-06 15:59:59: Real Path: C:\windows\System32\wwansvc.dll
2013-03-06 15:59:59: Display Name: @%SystemRoot%\System32\wwansvc.dll,-257
2013-03-06 15:59:59: Description: @%SystemRoot%\System32\wwansvc.dll,-258
2013-03-06 15:59:59: ServiceDLL: System32\wwansvc.dll
2013-03-06 15:59:59: File size: 185856
2013-03-06 15:59:59: DLL File name: wwansvc.dll
2013-03-06 15:59:59: Original File Name: WwanSvc.dll.mui
2013-03-06 15:59:59: Company: 
2013-03-06 15:59:59: Mod/Cre/Acc time: 20090713201621 20090713185641 20090713185641
2013-03-06 15:59:59: 
2013-03-06 15:59:59: Looking for SHELL key
2013-03-06 15:59:59: Now looking for bad DLL files in system32
2013-03-06 16:00:53: Folder: GAC
2013-03-06 16:00:53: Folder: GAC_32
2013-03-06 16:00:53: Folder: GAC_MSIL
2013-03-06 16:00:53: Folder: NativeImages_v2.0.50727_32
2013-03-06 16:00:53: Folder: NativeImages_v4.0.30319_32
2013-03-06 16:00:53: Folder: temp
2013-03-06 16:00:53: Folder: tmp
2013-03-06 16:00:56: Checking for bad folder
2013-03-06 16:00:56: Found 1 folders.
2013-03-06 16:00:56: Checking C:\windows\assembly\tmp
2013-03-06 16:00:56: ... Folder test returns: 1
2013-03-06 16:00:56: Done with folder list in C:\windows\assembly\ tmp
2013-03-06 16:00:59: Some drivers where replaced. We need to enforce...
2013-03-06 16:00:59: Drivers replaced:
2013-03-06 16:00:59: B89CFBE8CB247B57D8C10ADAA66B462B
 
11028C6A84A967070CB1286550F2058F
 
2013-03-06 16:01:00: Autonomous mode, clearing out yt folder
2013-03-06 16:01:01: cmd.exe /c start "C:\Users\Vercetti\Desktop\yorkyt.exe"
2013-03-06 16:01:52: Restarting...
2013-03-06 16:04:06: ****************************************************
2013-03-06 16:04:08:  Starting UP ... v 0.0.0.220
2013-03-06 16:04:08: ****************************************************
2013-03-06 16:04:16: Stop TPSRV returns: 2
2013-03-06 16:04:32: Listing processes...
2013-03-06 16:04:32:    :[System Process]:0
2013-03-06 16:04:32:    :System:4
2013-03-06 16:04:32:    :smss.exe:284
2013-03-06 16:04:32:    :avgrsx.exe:388
2013-03-06 16:04:32:    :avgcsrvx.exe:424
2013-03-06 16:04:32:    :csrss.exe:640
2013-03-06 16:04:32:    :wininit.exe:696
2013-03-06 16:04:32:    :csrss.exe:712
2013-03-06 16:04:32:    :winlogon.exe:772
2013-03-06 16:04:32:    :services.exe:820
2013-03-06 16:04:32:    :lsass.exe:828
2013-03-06 16:04:32:    :lsm.exe:840
2013-03-06 16:04:32:    :svchost.exe:940
2013-03-06 16:04:32:    :nvvsvc.exe:1008
2013-03-06 16:04:32:    :svchost.exe:1048
2013-03-06 16:04:32:    :svchost.exe:1180
2013-03-06 16:04:32:    :svchost.exe:1224
2013-03-06 16:04:32:    :svchost.exe:1252
2013-03-06 16:04:32:    :svchost.exe:1284
2013-03-06 16:04:32:    :audiodg.exe:1344
2013-03-06 16:04:32:    :svchost.exe:1376
2013-03-06 16:04:32:    :svchost.exe:1464
2013-03-06 16:04:32:    :nvvsvc.exe:1516
2013-03-06 16:04:32:    :wlanext.exe:1620
2013-03-06 16:04:32:    :conhost.exe:1628
2013-03-06 16:04:32:    :spoolsv.exe:1696
2013-03-06 16:04:32:    :svchost.exe:1748
2013-03-06 16:04:32:    :NetworkLicenseServer.exe:1856
2013-03-06 16:04:32:    :ACService.exe:1876
2013-03-06 16:04:32:    :AppleMobileDeviceService.exe:1896
2013-03-06 16:04:32:    :avgwdsvc.exe:2004
2013-03-06 16:04:32:    :mDNSResponder.exe:2032
2013-03-06 16:04:32:    :DevSvc.exe:108
2013-03-06 16:04:32:    :nSvcAppFlt.exe:584
2013-03-06 16:04:32:    :MSIService.exe:692
2013-03-06 16:04:32:    :sqlservr.exe:888
2013-03-06 16:04:32:    :rndlresolversvc.exe:1976
2013-03-06 16:04:32:    :avgnsx.exe:1824
2013-03-06 16:04:32:    :Updater.exe:2112
2013-03-06 16:04:32:    :sqlwriter.exe:2144
2013-03-06 16:04:32:    :svchost.exe:2168
2013-03-06 16:04:32:    :vmware-usbarbitrator.exe:2268
2013-03-06 16:04:32:    :vmnat.exe:2308
2013-03-06 16:04:32:    :WLIDSVC.EXE:2360
2013-03-06 16:04:32:    :WLIDSVCM.EXE:2464
2013-03-06 16:04:32:    :nSvcIp.exe:2632
2013-03-06 16:04:32:    :vmware-authd.exe:2808
2013-03-06 16:04:32:    :vmnetdhcp.exe:2928
2013-03-06 16:04:32:    :vmware-hostd.exe:3024
2013-03-06 16:04:32:    :WmiPrvSE.exe:3168
2013-03-06 16:04:32:    :svchost.exe:3336
2013-03-06 16:04:32:    :taskeng.exe:3536
2013-03-06 16:04:32:    :taskhost.exe:3552
2013-03-06 16:04:32:    :taskeng.exe:3648
2013-03-06 16:04:32:    :realupgrade.exe:3712
2013-03-06 16:04:32:    :dwm.exe:3840
2013-03-06 16:04:32:    :explorer.exe:3868
2013-03-06 16:04:32:    :yorkyt.exe:2528
2013-03-06 16:04:32:    :WmiPrvSE.exe:2580
2013-03-06 16:04:32:    :rundll32.exe:2828
2013-03-06 16:04:32:    :RtHDVCpl.exe:3696
2013-03-06 16:04:32:    :MGSysCtrl.exe:3516
2013-03-06 16:04:32:    :GrooveMonitor.exe:3524
2013-03-06 16:04:32:    :avgtray.exe:3436
2013-03-06 16:04:32:    :DivXUpdate.exe:3144
2013-03-06 16:04:32:    :realsched.exe:2196
2013-03-06 16:04:32:    :StikyNot.exe:1500
2013-03-06 16:04:32:    :unsecapp.exe:668
2013-03-06 16:04:32:    :SearchIndexer.exe:3456
2013-03-06 16:04:32:    :notepad.exe:4576
2013-03-06 16:04:32:    :svchost.exe:4708
2013-03-06 16:04:32:    :SearchProtocolHost.exe:4748
2013-03-06 16:04:32:    :SearchFilterHost.exe:4780
2013-03-06 16:04:32:    :wmpnscfg.exe:4840
2013-03-06 16:04:32:    :wmpnetwk.exe:4912
2013-03-06 16:04:32: 
2013-03-06 16:04:32: Starting cleanup mode...
2013-03-06 16:05:39:  ... Done with files, now folders
2013-03-06 16:05:45: All DONE
 
 
 
MBAR LOG
 
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
 
Database version: v2013.03.06.13
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Vercetti :: VERCETTI-MSI [administrator]
 
3/6/2013 5:44:37 PM
mbar-log-2013-03-06 (17-44-37).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30608
Time elapsed: 31 minute(s), 58 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
MBAR SYSTEM LOG
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.199000 GHz
Memory total: 3488862208, free: 2068508672
 
------------ Kernel report ------------
     03/06/2013 16:11:02
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\vmci.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\nvstor32.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\giveio.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\fspad_wlh32.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvsmu.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmf6232.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\vmnetadapter.sys
\SystemRoot\system32\DRIVERS\VMNET.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor32.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\vmnetbridge.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\drivers\hcmon.sys
\??\C:\windows\system32\Drivers\vmx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\windows\system32\drivers\vmnetuserif.sys
\SystemRoot\system32\drivers\vstor2-mntapi10-shared.sys
\SystemRoot\system32\DRIVERS\avgidsfilterx.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c5b030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000073\
Lower Device Object: 0xffffffff86b7f030
Lower Device Driver Name: \Driver\nvstor32\
Driver name found: nvstor32
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
Load Function returned 0x0
Downloaded database version: v2013.03.06.13
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86c5b030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86c5a210, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86c5b030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff866bca38, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86b7f030, DeviceName: \Device\00000073\, DriverName: \Driver\nvstor32\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffba6631a0, 0xffffffff86c5b030, 0xffffffff86741380
Lower DeviceData: 0xffffffffb2e6b968, 0xffffffff86b7f030, 0xffffffff86549f08
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
MBR buffers are not equal
MBR is forged! [589dc7ed71be31344fb32a3cd5d0005e]
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: FBD50A03
 
Partition information:
 
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 20971520
 
    Partition 1 type is Other (0x27)
    Partition is ACTIVE.
    Partition starts at LBA: 20973568  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 21178368  Numsec = 362352640
 
    Partition 3 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 383535810  Numsec = 241575918
 
Infected: MBR on Drive 0 --> [Bootkit.TDL4.A.MBR]
Replacement MBR for a drive 0 found
MBR infection found on drive 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Sectors 625130880 - 625142431 --> [Forged physical sectors]
Done!
Performing system, memory and registry scan...
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
 
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.200000 GHz
Memory total: 3488862208, free: 2467229696
 
Removal queue found; removal started
Removal finished
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.200000 GHz
Memory total: 3488862208, free: 2318499840
 
------------ Kernel report ------------
     03/06/2013 17:07:58
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\vmci.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\nvstor32.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\giveio.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\fspad_wlh32.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvsmu.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmf6232.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\vmnetadapter.sys
\SystemRoot\system32\DRIVERS\VMNET.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor32.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\vmnetbridge.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\drivers\hcmon.sys
\??\C:\windows\system32\Drivers\vmx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\windows\system32\drivers\vmnetuserif.sys
\SystemRoot\system32\drivers\vstor2-mntapi10-shared.sys
\SystemRoot\system32\DRIVERS\avgidsfilterx.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c62aa0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xffffffff86b83030
Lower Device Driver Name: \Driver\nvstor32\
Driver name found: nvstor32
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86c62aa0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86c62780, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86c62aa0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff866bbf08, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86b83030, DeviceName: \Device\00000072\, DriverName: \Driver\nvstor32\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffad30bad0, 0xffffffff86c62aa0, 0xffffffff88a57918
Lower DeviceData: 0xffffffffad2d6d38, 0xffffffff86b83030, 0xffffffff85f48048
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: FBD50A03
 
Partition information:
 
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 20971520
 
    Partition 1 type is Other (0x27)
    Partition is ACTIVE.
    Partition starts at LBA: 20973568  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 21178368  Numsec = 362352640
 
    Partition 3 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 383535810  Numsec = 241575918
 
Disk Size: 320072933376 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:41 PM

Posted 06 March 2013 - 08:38 PM

Hello, TechRaven.
Congratulations! You now appear clean! :cool:

 

 

1.

Uninstall Combofix

  •    
  • Make sure that Combofix.exe that you downloaded is on your Desktop but Do not run it!
          o *If it is not on your Desktop, the below will not work.
       
  • Click on StartBtn.gif then Run....
       
  • Now copy & paste the green bolded text in the run-box and click OK.

          ComboFix /Uninstall

    CF_Uninstall-1.jpg

          <Notice the space between the "x" and "/".> <--- It needs to be there
          Windows Vista users: Press the Windows Key + R to bring the Run... Command and then from there you can add in the Combofix /Uninstall


       
  • Please advise if this step is missed for any reason as it performs some important actions:
          "This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
          It also makes a clean Restore Point and flashes all the old restore points in order to prevent possible reinfection from an old one through system restore".

 

2.

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.



Are things running okay? Do you have any more questions?

System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess

  • Download OTC by OldTimer and save it to your desktop.
  • Double click OTC_Icon.jpg icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.


 

One of the most common questions found when cleaning malware is "how did my machine get infected?"

There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest.  It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on.  Whether these things are files or sites it doesn't really matter.  If something is out to get you, and you click on it, it most likely will. 

Below are a list of simple precautions to take to keep your computer clean and running securely:

  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that.  Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean.  For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is.  The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!.  These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software.  For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message  or alert.  When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge.  You can check to see if it's a real alert by right-clicking on the window.  If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your http://en.wikipedia.org/wiki/Taskbar#Screenshots '>Taskbar, right click and chose close.
  • Do not visit pornographic websites.  I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites.  I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
  • When using an Instant Messaging program be cautious about clicking on links people send to you.  It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection.  Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
  • Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money.  By reading the agreement there is a good chance you can spot this and not install the software.
    Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.


Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

  • Windows XP users
    You should visit to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.
  • Windows Vista users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.
  • Windows 7 users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here



Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:


Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running.  This alone can save you a lot of trouble with malware in the future. 
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish).  If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.  If you use a commercial antivirus program you must make sure you keep renewing your subscription.  Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer.  Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you.  Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java).  You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:41 PM

Posted 10 March 2013 - 08:32 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users