Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Window 7 restarts but freezes at shutdown after "ransomware"?


  • Please log in to reply
26 replies to this topic

#1 Konakolo

Konakolo

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 18 June 2013 - 03:19 PM

Hello, I have a Dell N5050 Laptop running Windows 7 Home 64.

 

Two weeks ago stupidly in haste clicked to open a file which launched a screen that stated I have downloaded illegal content, looked very similar to "Your computer has been locked Ransomware" screens in the Virus Removal section of this site.

 

I shut down, ran AVG anti virus, no luck ... restarted computer and from there the pc progressively started to Not shut down, then would not start up. I tried to restore pc, ran Anti virus in Safe Mode, etc, I did a clean install of Windows 7, installed Avast Anti Virus, and tried a USB Boot w/ Hitman Kickstart. No luck same symptoms.

 

The pc only displayed that one screen of ransomeware one time, after that the only problem the computer shows is that the computer WILL restart, NO shutdown because freezes after a few seconds on shutdown screen and I have to push the start up button until it shuts down, also the computer stays black and unresponsive if I allow it to sleep, but lights are on and will drain the battery and stay on all night if I don't force shutdown, and last night the computer decided to start up two times after I forced it to shut down, the pc started itself from a shutdown state about every 3 hours.

 

Any suggestions would be greatly appreciated, thanks.


Edited by hamluis, 30 June 2013 - 06:20 PM.
Moved from Am I Infected to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:08:03 AM

Posted 26 June 2013 - 10:26 AM

Hello Konakolo and welcome to Bleeping Computer! :)

I am D-FRED-BROWN and I will be helping you.

 

Here's what I'd like you to do:

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Let me know how things go. If you at any point have trouble using FRST, please stop and post back here to let me know.


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"
 

-------> Your topic will be closed if you haven't replied within 3 days! <--------
(If I don't respond within 24 hours, please send me a PM)


-DFB



#3 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 27 June 2013 - 01:57 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-06-2013 02
Ran by SYSTEM on 26-06-2013 19:27:29
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-26] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
HKU\Cody\...\Run: [Akamai NetSession Interface] "C:\Users\Cody\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\Cody\...\Run: [SearchProtect] C:\Users\Cody\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
HKU\Cody\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-01-12] (Google Inc.)

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-07] (Conduit)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030440 2013-06-26] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-26] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
S3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
S3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
S3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-26 20:48 - 2013-06-26 20:48 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-26 20:48 - 2013-06-26 20:48 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-06-26 19:26 - 2013-06-26 19:26 - 00000000 ____D C:\FRST
2013-06-21 13:07 - 2013-06-21 13:07 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Macromedia
2013-06-21 13:06 - 2013-06-21 13:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-21 13:06 - 2013-06-21 13:06 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-21 13:06 - 2013-06-21 13:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-06-21 13:06 - 2013-06-21 13:06 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-20 10:53 - 2013-06-20 10:53 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Malwarebytes
2013-06-20 10:52 - 2013-06-20 10:52 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-20 10:52 - 2013-06-20 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-20 10:52 - 2013-06-20 10:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-20 10:52 - 2013-04-04 16:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-20 10:50 - 2013-06-20 10:51 - 10284816 ____A (Malwarebytes Corporation                                    ) C:\Users\Cody\Desktop\mbam-setup.exe
2013-06-20 10:44 - 2013-06-20 14:05 - 00002566 ____A C:\Users\Cody\Desktop\Rkill.txt
2013-06-20 10:44 - 2013-06-20 10:44 - 00000000 ____D C:\Users\Cody\Desktop\rkill
2013-06-20 10:43 - 2013-06-20 10:43 - 01814144 ____A (Bleeping Computer, LLC) C:\Users\Cody\Desktop\iExplore.exe
2013-06-18 13:35 - 2013-06-18 13:35 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-06-17 15:08 - 2013-06-17 15:08 - 00000000 ____D C:\Users\Cody\AppData\Roaming\SoftGrid Client
2013-06-17 15:08 - 2013-06-17 15:08 - 00000000 ____D C:\Users\Cody\AppData\Local\SoftGrid Client
2013-06-17 15:06 - 2013-06-17 15:06 - 00731106 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-06-17 15:05 - 2013-06-17 15:07 - 00000000 ____D C:\Users\Cody\AppData\Roaming\TP
2013-06-17 15:05 - 2013-06-17 15:05 - 01632144 ____A (Microsoft Corporation) C:\Users\Cody\Desktop\setupconsumerc2rolw.exe
2013-06-17 14:51 - 2013-06-17 14:51 - 00002283 ____A C:\Users\Public\Desktop\WinZip.lnk
2013-06-17 14:50 - 2013-06-17 14:55 - 00000000 ____D C:\Users\Cody\AppData\Roaming\SearchProtect
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Mozilla
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Local\WinZip
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Local\CRE
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\ProgramData\WinZip
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files\WinZip
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-06-17 14:50 - 2013-05-07 22:10 - 00770384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-06-17 14:50 - 2013-05-07 22:10 - 00421200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-06-17 14:49 - 2013-06-17 14:49 - 00000889 ____A C:\Users\Public\Desktop\BitTorrent.lnk
2013-06-17 14:49 - 2013-06-17 14:49 - 00000000 ____D C:\Users\Cody\AppData\Local\Conduit
2013-06-17 14:49 - 2013-06-17 14:49 - 00000000 ____D C:\Program Files (x86)\BitTorrentControl_v12
2013-06-17 14:47 - 2013-06-17 15:40 - 00000000 ____D C:\Users\Cody\AppData\Roaming\BitTorrent
2013-06-17 13:56 - 2013-06-17 13:57 - 00000000 ____D C:\Program Files\IDT
2013-06-17 13:54 - 2013-06-17 13:54 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2013-06-17 13:53 - 2013-06-17 13:53 - 30806440 ____A C:\Users\Cody\Documents\R308434.exe
2013-06-17 13:53 - 2013-06-17 13:53 - 05913984 ____A C:\Users\Cody\Documents\R307625.exe
2013-06-17 13:53 - 2013-06-17 13:53 - 00991032 ____A C:\Users\Cody\Documents\DELL_DELL-DIGITAL-DELIVERY_A06_R318926.exe
2013-06-17 13:49 - 2013-06-17 13:49 - 00000000 ____D C:\Users\Cody\AppData\Local\Akamai
2013-06-17 13:14 - 2012-08-23 06:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-17 13:14 - 2012-08-23 06:08 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2013-06-17 13:14 - 2012-08-23 06:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-06-17 13:14 - 2012-08-23 05:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-17 13:14 - 2012-08-23 05:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-17 13:14 - 2012-08-23 05:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-06-17 13:14 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-06-17 13:14 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2013-06-17 13:14 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2013-06-17 13:14 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-06-17 13:13 - 2012-08-23 06:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-17 13:13 - 2012-08-23 05:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-06-17 13:13 - 2012-08-23 05:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-06-17 13:13 - 2012-08-23 05:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-06-17 13:13 - 2012-08-23 05:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-06-17 13:13 - 2012-08-23 05:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-06-17 13:13 - 2012-08-23 05:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-06-17 13:13 - 2012-08-23 04:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-17 13:13 - 2012-08-23 03:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-06-17 13:13 - 2012-08-23 03:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-06-17 13:13 - 2012-08-23 03:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-06-17 13:13 - 2012-08-23 03:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-06-17 13:13 - 2012-08-23 02:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-17 13:13 - 2012-08-23 02:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-06-17 13:13 - 2012-08-23 02:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-17 13:13 - 2012-08-23 02:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-17 13:13 - 2012-08-23 01:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-17 13:13 - 2012-08-23 00:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-06-17 13:13 - 2012-08-23 00:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-17 13:12 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2013-06-17 13:12 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2013-06-17 13:12 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2013-06-17 13:12 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2013-06-17 13:12 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2013-06-17 13:12 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2013-06-17 13:12 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2013-06-17 13:12 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-06-17 13:12 - 2012-03-14 07:00 - 00385024 ____A (CANON INC.) C:\Windows\System32\CNMLMA9.DLL
2013-06-17 13:09 - 2013-06-17 13:09 - 00000000 ____D C:\Users\Cody\AppData\Local\Apps\2.0
2013-06-17 13:09 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-06-17 13:09 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2013-06-17 13:09 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-06-17 13:09 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-06-17 13:09 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2013-06-17 13:09 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-06-17 13:09 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-06-17 13:09 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-06-17 13:09 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-06-17 13:09 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-06-17 13:09 - 2012-08-24 10:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-17 13:09 - 2012-08-24 10:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-17 13:09 - 2012-08-24 10:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-17 13:09 - 2012-08-24 10:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-17 13:09 - 2012-08-24 08:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-06-17 13:09 - 2012-08-24 08:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-06-17 13:09 - 2012-08-24 08:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-06-17 13:09 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-06-17 13:08 - 2012-12-07 05:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-06-17 13:08 - 2012-12-07 05:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-06-17 13:08 - 2012-12-07 04:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-06-17 13:08 - 2012-12-07 04:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-06-17 13:08 - 2012-12-07 03:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-06-17 13:08 - 2012-12-07 03:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-06-17 13:08 - 2012-12-07 03:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-06-17 13:08 - 2012-12-07 03:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-06-17 13:08 - 2012-12-07 03:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-06-17 13:08 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-06-17 13:08 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-06-17 13:08 - 2012-12-07 03:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-06-17 13:08 - 2012-12-07 02:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-06-17 13:08 - 2012-11-29 21:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-06-17 13:08 - 2012-11-29 21:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-06-17 13:08 - 2012-11-29 21:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-06-17 13:08 - 2012-11-29 21:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-06-17 13:08 - 2012-11-29 21:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-17 13:08 - 2012-11-29 21:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-17 13:08 - 2012-11-29 20:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 19:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-06-17 13:08 - 2012-11-29 18:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 18:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 18:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 18:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-06-17 13:08 - 2012-11-29 15:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2013-06-17 13:08 - 2012-11-29 15:15 - 00420064 ____A C:\Windows\System32\locale.nls
2013-06-17 13:08 - 2012-11-21 21:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-06-17 13:08 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-06-17 13:08 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-06-17 13:08 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-06-17 13:08 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-06-17 13:08 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-06-17 13:08 - 2012-08-22 10:12 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-06-17 13:08 - 2012-08-21 13:01 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2013-06-17 13:08 - 2012-07-04 12:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2013-06-17 13:08 - 2012-05-04 03:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-06-17 13:08 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-06-17 13:08 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2013-06-17 13:08 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2013-06-17 13:08 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-06-17 13:08 - 2012-01-04 02:44 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2013-06-17 13:08 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-06-17 13:08 - 2011-12-29 22:26 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2013-06-17 13:08 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-06-17 13:08 - 2011-06-15 21:49 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-06-17 13:08 - 2011-06-15 20:33 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-06-17 13:08 - 2011-05-03 21:25 - 02315776 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-06-17 13:08 - 2011-05-03 21:22 - 02223616 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-06-17 13:08 - 2011-05-03 21:22 - 00778752 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-06-17 13:08 - 2011-05-03 21:22 - 00491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-06-17 13:08 - 2011-05-03 21:22 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-06-17 13:08 - 2011-05-03 21:22 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-06-17 13:08 - 2011-05-03 21:19 - 00591872 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-06-17 13:08 - 2011-05-03 21:19 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-06-17 13:08 - 2011-05-03 21:19 - 00113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-06-17 13:08 - 2011-05-03 20:34 - 01549312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-06-17 13:08 - 2011-05-03 20:32 - 01401344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-06-17 13:08 - 2011-05-03 20:32 - 00666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-06-17 13:08 - 2011-05-03 20:32 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-06-17 13:08 - 2011-05-03 20:32 - 00197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-06-17 13:08 - 2011-05-03 20:32 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-06-17 13:08 - 2011-05-03 20:28 - 00427520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-06-17 13:08 - 2011-05-03 20:28 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-06-17 13:08 - 2011-05-03 20:28 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-06-17 13:08 - 2011-04-22 14:15 - 00027520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-06-17 13:08 - 2011-02-24 22:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-06-17 13:08 - 2011-02-24 21:30 - 02616320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-06-17 13:07 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-17 13:07 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-17 13:07 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-17 13:07 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-17 13:07 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-06-17 13:07 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-06-17 13:07 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-06-17 13:05 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-17 13:05 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-17 13:05 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2013-06-17 13:05 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-06-17 13:05 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2013-06-17 13:05 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2013-06-17 13:05 - 2011-03-24 19:29 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-06-17 13:05 - 2011-03-24 19:29 - 00325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-06-17 13:05 - 2011-03-24 19:29 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-06-17 13:05 - 2011-03-24 19:29 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-06-17 13:05 - 2011-03-24 19:29 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-06-17 13:05 - 2011-03-24 19:29 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-06-17 13:05 - 2011-03-24 19:28 - 00007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-06-17 13:05 - 2011-03-10 22:41 - 00410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-06-17 13:05 - 2011-03-10 22:41 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-06-17 13:05 - 2011-03-10 22:41 - 00166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2013-06-17 13:05 - 2011-03-10 22:41 - 00148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-06-17 13:05 - 2011-03-10 22:41 - 00107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-06-17 13:05 - 2011-03-10 22:41 - 00027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-06-17 13:05 - 2011-03-10 22:33 - 02565632 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-06-17 13:05 - 2011-03-10 22:30 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2013-06-17 13:05 - 2011-03-10 21:33 - 01699328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-06-17 13:05 - 2011-03-10 21:31 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2013-06-17 13:05 - 2011-03-10 20:37 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-06-17 13:05 - 2011-02-18 02:51 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2013-06-17 13:05 - 2011-02-17 21:39 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-06-17 11:50 - 2013-06-17 12:01 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-17 11:48 - 2013-06-17 11:51 - 09833328 ____A (SurfRight B.V.) C:\Users\Cody\Desktop\HitmanPro_x64.exe
2013-06-15 11:28 - 2013-06-02 19:11 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 11:28 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 11:28 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-15 11:28 - 2013-05-16 16:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 11:28 - 2013-05-16 16:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 11:28 - 2013-05-16 16:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 11:28 - 2013-05-16 16:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 11:28 - 2013-05-16 16:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 11:28 - 2013-05-16 16:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 11:28 - 2013-05-16 16:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 11:28 - 2013-05-16 16:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 11:28 - 2013-05-16 16:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 11:28 - 2013-05-14 04:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 11:28 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-15 11:27 - 2013-06-08 06:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 11:27 - 2013-06-08 06:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 11:27 - 2013-06-08 06:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 11:27 - 2013-06-08 06:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 11:27 - 2013-06-08 06:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 11:27 - 2013-06-08 04:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 11:27 - 2013-06-08 03:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 11:27 - 2013-06-08 03:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 11:27 - 2013-06-08 03:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 11:27 - 2013-06-08 03:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 11:27 - 2013-06-08 03:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 11:27 - 2013-06-08 03:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 11:15 - 2013-06-15 11:15 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Adobe
2013-06-14 10:15 - 2013-06-14 10:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-14 10:15 - 2013-06-14 10:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-14 10:15 - 2013-06-14 10:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-14 10:15 - 2013-06-14 10:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-14 10:15 - 2013-06-14 10:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-14 10:15 - 2013-06-14 10:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-14 10:15 - 2013-06-14 10:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-14 10:15 - 2013-06-14 10:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-14 10:15 - 2013-06-14 10:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-14 10:10 - 2013-06-14 10:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 10:09 - 2013-06-14 10:18 - 00011117 ____A C:\Windows\IE10_main.log
2013-06-14 10:03 - 2012-12-16 09:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-06-14 10:03 - 2012-12-16 06:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-06-14 10:03 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-06-14 10:03 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-06-14 10:03 - 2010-09-30 02:41 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-06-14 10:03 - 2010-09-29 22:47 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-06-14 10:00 - 2012-02-29 22:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-06-14 10:00 - 2012-02-29 22:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-06-14 10:00 - 2012-02-29 22:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-06-14 10:00 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-06-14 10:00 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-06-14 09:54 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-14 09:54 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-06-14 09:54 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-06-14 09:54 - 2013-01-02 22:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-06-14 09:54 - 2012-11-08 21:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-06-14 09:54 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-06-14 09:54 - 2012-08-22 10:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-06-14 09:54 - 2011-06-15 02:02 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2013-06-14 09:54 - 2011-06-15 02:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2013-06-14 09:54 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2013-06-14 09:54 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2013-06-14 09:54 - 2011-06-15 00:55 - 00319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-06-14 09:54 - 2011-06-15 00:55 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-06-14 09:54 - 2011-06-15 00:55 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-06-14 09:54 - 2011-06-15 00:55 - 00086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-06-14 09:54 - 2011-06-15 00:55 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-06-14 09:54 - 2011-04-08 22:58 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-06-14 09:54 - 2011-04-08 21:56 - 00123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-06-14 09:54 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-06-14 09:53 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-06-14 09:53 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-06-14 09:53 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-06-14 09:53 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-06-14 09:53 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-06-14 09:53 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-14 09:53 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-06-14 09:53 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-06-14 09:53 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-06-14 09:53 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-14 09:53 - 2013-02-11 20:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-06-14 09:53 - 2012-10-31 21:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-14 09:53 - 2012-10-31 21:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-06-14 09:53 - 2012-10-31 20:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-06-14 09:53 - 2012-10-31 20:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-06-14 09:53 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-06-14 09:53 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2013-06-14 09:53 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-06-14 09:53 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2013-06-14 09:53 - 2011-11-16 22:35 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-06-14 09:53 - 2011-11-16 22:35 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-06-14 09:53 - 2011-11-16 22:35 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-06-14 09:53 - 2011-11-16 22:35 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-06-14 09:53 - 2011-11-16 22:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-06-14 09:53 - 2011-11-16 21:35 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-06-14 09:53 - 2011-10-25 21:25 - 01572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-06-14 09:53 - 2011-10-25 20:32 - 01328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-06-14 09:53 - 2011-07-08 18:46 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-06-14 09:53 - 2011-04-26 18:40 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-06-14 09:53 - 2011-04-26 18:39 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-06-14 09:53 - 2011-03-10 22:34 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-06-14 09:53 - 2011-03-10 22:34 - 01359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-06-14 09:53 - 2011-03-10 21:33 - 01164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-06-14 09:53 - 2011-03-10 21:33 - 01137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-06-14 09:53 - 2011-03-02 22:24 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-06-14 09:53 - 2011-03-02 22:24 - 00183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-06-14 09:53 - 2011-03-02 22:21 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-06-14 09:53 - 2011-03-02 21:38 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-06-14 09:53 - 2011-03-02 21:36 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-06-14 09:53 - 2010-12-23 02:42 - 01118720 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2013-06-14 09:53 - 2010-12-23 02:42 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2013-06-14 09:53 - 2010-12-23 02:36 - 00259072 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-06-14 09:53 - 2010-12-22 21:54 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-06-14 09:53 - 2010-12-22 21:54 - 00642048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-06-14 09:53 - 2010-12-22 21:50 - 00199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-06-14 09:53 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-06-14 09:53 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-06-14 09:52 - 2013-01-03 21:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-06-14 09:52 - 2013-01-03 20:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-06-14 09:52 - 2013-01-03 18:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-06-14 09:52 - 2013-01-03 18:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-06-14 09:52 - 2013-01-03 18:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-06-14 09:52 - 2013-01-03 18:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-06-14 09:52 - 2012-11-19 21:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-06-14 09:52 - 2012-11-19 20:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-06-14 09:52 - 2012-11-01 21:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-06-14 09:52 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-06-14 09:52 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-06-14 09:52 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-06-14 09:51 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-06-14 09:51 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-06-14 09:51 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-06-14 09:51 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-06-14 09:51 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-06-14 09:51 - 2012-03-16 23:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-06-14 09:51 - 2011-12-27 19:59 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-06-14 09:51 - 2011-08-16 21:26 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-06-14 09:51 - 2011-08-16 21:25 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-06-14 09:51 - 2011-08-16 20:24 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-06-14 09:51 - 2011-08-16 20:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-06-14 09:51 - 2011-04-28 19:06 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-06-14 09:51 - 2011-04-28 19:05 - 00410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-06-14 09:51 - 2011-04-28 19:05 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-06-14 09:51 - 2011-02-05 09:10 - 00642944 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-06-14 09:51 - 2011-02-05 09:10 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-06-14 09:51 - 2011-02-05 09:10 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-06-14 09:51 - 2011-02-05 09:10 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-06-14 09:51 - 2011-02-05 09:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-06-14 09:51 - 2011-02-05 09:06 - 00566208 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-06-14 09:51 - 2011-02-05 09:06 - 00518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-06-14 09:50 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-14 09:50 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-14 09:50 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-14 09:50 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-14 09:50 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-14 09:50 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-14 09:50 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-14 09:50 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-14 09:50 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-14 09:50 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-14 09:50 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-14 09:50 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-14 09:50 - 2012-11-22 19:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-06-14 09:50 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-06-14 09:50 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2013-06-14 09:50 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2013-06-14 09:50 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-06-14 09:50 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-06-14 09:50 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-06-14 09:50 - 2011-12-16 00:46 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-06-14 09:50 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-06-14 09:50 - 2011-08-26 21:37 - 00861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-06-14 09:50 - 2011-08-26 21:37 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-06-14 09:50 - 2011-08-26 20:26 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-06-14 09:50 - 2011-08-26 20:26 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-06-14 09:50 - 2011-05-24 03:42 - 00404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-06-14 09:50 - 2011-05-24 02:40 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-06-14 09:50 - 2011-05-24 02:40 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-06-14 09:50 - 2011-05-24 02:39 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-06-14 09:50 - 2011-05-24 02:37 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-06-14 09:50 - 2011-05-02 21:29 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-06-14 09:50 - 2011-05-02 20:30 - 00741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-06-14 09:50 - 2011-02-22 20:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-06-14 09:50 - 2011-02-12 03:34 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2013-06-14 09:49 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-14 09:49 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-06-14 09:49 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-06-14 09:49 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-06-14 09:49 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-06-14 09:49 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-06-14 09:49 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2013-06-14 09:49 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-06-14 09:49 - 2011-10-14 22:31 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-06-14 09:49 - 2011-10-14 21:38 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-06-14 09:44 - 2011-11-16 22:41 - 01731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-06-14 09:44 - 2011-11-16 21:38 - 01292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-06-14 09:43 - 2011-11-19 06:58 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-06-14 09:43 - 2011-11-19 06:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-06-14 09:40 - 2012-02-16 22:38 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-06-14 09:40 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-06-14 09:40 - 2012-02-16 20:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2013-06-14 09:36 - 2013-06-14 09:36 - 00000000 ____D C:\Program Files (x86)\GUME37B.tmp
2013-05-31 15:55 - 2013-05-31 15:55 - 00000000 ___HD C:\$AVG

==================== One Month Modified Files and Folders =======

2013-06-26 21:18 - 2009-07-13 21:08 - 00012876 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-26 21:17 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-26 21:17 - 2009-07-13 20:51 - 00026581 ____A C:\Windows\setupact.log
2013-06-26 21:16 - 2009-01-08 10:31 - 01555679 ____A C:\Windows\WindowsUpdate.log
2013-06-26 21:11 - 2009-07-13 21:13 - 00714754 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-26 21:00 - 2009-07-13 20:45 - 00021072 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-26 21:00 - 2009-07-13 20:45 - 00021072 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-26 20:55 - 2009-01-12 10:08 - 00000000 ____D C:\Users\Cody\AppData\Local\Google
2013-06-26 20:54 - 2009-01-12 10:08 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-26 20:48 - 2013-06-26 20:48 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-26 20:48 - 2013-06-26 20:48 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-06-26 20:48 - 2009-01-12 10:08 - 01030440 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-06-26 20:48 - 2009-01-12 10:08 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-06-26 19:26 - 2013-06-26 19:26 - 00000000 ____D C:\FRST
2013-06-25 23:19 - 2009-01-12 10:08 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 13:21 - 2009-01-12 10:09 - 00002185 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-21 13:07 - 2013-06-21 13:07 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Macromedia
2013-06-21 13:06 - 2013-06-21 13:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-21 13:06 - 2013-06-21 13:06 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-21 13:06 - 2013-06-21 13:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-06-21 13:06 - 2013-06-21 13:06 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-20 14:05 - 2013-06-20 10:44 - 00002566 ____A C:\Users\Cody\Desktop\Rkill.txt
2013-06-20 10:53 - 2013-06-20 10:53 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Malwarebytes
2013-06-20 10:52 - 2013-06-20 10:52 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-20 10:52 - 2013-06-20 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-20 10:52 - 2013-06-20 10:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-20 10:51 - 2013-06-20 10:50 - 10284816 ____A (Malwarebytes Corporation                                    ) C:\Users\Cody\Desktop\mbam-setup.exe
2013-06-20 10:44 - 2013-06-20 10:44 - 00000000 ____D C:\Users\Cody\Desktop\rkill
2013-06-20 10:43 - 2013-06-20 10:43 - 01814144 ____A (Bleeping Computer, LLC) C:\Users\Cody\Desktop\iExplore.exe
2013-06-18 13:35 - 2013-06-18 13:35 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-06-18 10:50 - 2009-01-12 10:08 - 00002081 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-06-18 03:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-17 19:50 - 2010-11-20 19:47 - 00024630 ____A C:\Windows\PFRO.log
2013-06-17 15:40 - 2013-06-17 14:47 - 00000000 ____D C:\Users\Cody\AppData\Roaming\BitTorrent
2013-06-17 15:08 - 2013-06-17 15:08 - 00000000 ____D C:\Users\Cody\AppData\Roaming\SoftGrid Client
2013-06-17 15:08 - 2013-06-17 15:08 - 00000000 ____D C:\Users\Cody\AppData\Local\SoftGrid Client
2013-06-17 15:07 - 2013-06-17 15:05 - 00000000 ____D C:\Users\Cody\AppData\Roaming\TP
2013-06-17 15:06 - 2013-06-17 15:06 - 00731106 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-17 15:06 - 2013-06-17 15:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-06-17 15:06 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-17 15:05 - 2013-06-17 15:05 - 01632144 ____A (Microsoft Corporation) C:\Users\Cody\Desktop\setupconsumerc2rolw.exe
2013-06-17 14:55 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Roaming\SearchProtect
2013-06-17 14:51 - 2013-06-17 14:51 - 00002283 ____A C:\Users\Public\Desktop\WinZip.lnk
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Mozilla
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Local\WinZip
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Users\Cody\AppData\Local\CRE
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\ProgramData\WinZip
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files\WinZip
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-06-17 14:49 - 2013-06-17 14:49 - 00000889 ____A C:\Users\Public\Desktop\BitTorrent.lnk
2013-06-17 14:49 - 2013-06-17 14:49 - 00000000 ____D C:\Users\Cody\AppData\Local\Conduit
2013-06-17 14:49 - 2013-06-17 14:49 - 00000000 ____D C:\Program Files (x86)\BitTorrentControl_v12
2013-06-17 13:57 - 2013-06-17 13:56 - 00000000 ____D C:\Program Files\IDT
2013-06-17 13:54 - 2013-06-17 13:54 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2013-06-17 13:54 - 2009-01-09 10:08 - 00000000 ____D C:\ProgramData\Dell
2013-06-17 13:53 - 2013-06-17 13:53 - 30806440 ____A C:\Users\Cody\Documents\R308434.exe
2013-06-17 13:53 - 2013-06-17 13:53 - 05913984 ____A C:\Users\Cody\Documents\R307625.exe
2013-06-17 13:53 - 2013-06-17 13:53 - 00991032 ____A C:\Users\Cody\Documents\DELL_DELL-DIGITAL-DELIVERY_A06_R318926.exe
2013-06-17 13:49 - 2013-06-17 13:49 - 00000000 ____D C:\Users\Cody\AppData\Local\Akamai
2013-06-17 13:26 - 2010-11-20 23:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-17 13:23 - 2009-01-09 11:48 - 00058016 ____A C:\Users\Cody\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-17 13:20 - 2009-07-13 20:45 - 00275712 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-17 13:18 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-17 13:11 - 2009-01-09 11:38 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-17 13:09 - 2013-06-17 13:09 - 00000000 ____D C:\Users\Cody\AppData\Local\Apps\2.0
2013-06-17 12:01 - 2013-06-17 11:50 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-17 11:51 - 2013-06-17 11:48 - 09833328 ____A (SurfRight B.V.) C:\Users\Cody\Desktop\HitmanPro_x64.exe
2013-06-15 11:15 - 2013-06-15 11:15 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Adobe
2013-06-15 11:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-15 11:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-15 11:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-15 11:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-15 11:08 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-06-15 11:07 - 2010-11-20 23:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-06-14 10:18 - 2013-06-14 10:09 - 00011117 ____A C:\Windows\IE10_main.log
2013-06-14 10:15 - 2013-06-14 10:15 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-14 10:15 - 2013-06-14 10:15 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-14 10:15 - 2013-06-14 10:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-14 10:15 - 2013-06-14 10:15 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-14 10:15 - 2013-06-14 10:15 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-14 10:15 - 2013-06-14 10:15 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-14 10:15 - 2013-06-14 10:15 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-14 10:15 - 2013-06-14 10:15 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-14 10:15 - 2013-06-14 10:15 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-14 10:15 - 2013-06-14 10:15 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-14 10:15 - 2013-06-14 10:15 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-14 10:10 - 2013-06-14 10:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 10:10 - 2013-06-14 10:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 09:36 - 2013-06-14 09:36 - 00000000 ____D C:\Program Files (x86)\GUME37B.tmp
2013-06-08 06:08 - 2013-06-15 11:27 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 06:07 - 2013-06-15 11:27 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 06:06 - 2013-06-15 11:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 06:06 - 2013-06-15 11:27 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 06:06 - 2013-06-15 11:27 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 04:28 - 2013-06-15 11:27 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 03:42 - 2013-06-15 11:27 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 03:40 - 2013-06-15 11:27 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 03:40 - 2013-06-15 11:27 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 03:40 - 2013-06-15 11:27 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 03:40 - 2013-06-15 11:27 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 03:13 - 2013-06-15 11:27 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-02 19:11 - 2013-06-15 11:28 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-31 15:55 - 2013-05-31 15:55 - 00000000 ___HD C:\$AVG

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-06-14 09:59:23
Restore point made on: 2013-06-15 11:27:11
Restore point made on: 2013-06-17 13:09:36
Restore point made on: 2013-06-17 13:54:25
Restore point made on: 2013-06-17 13:57:31
Restore point made on: 2013-06-22 09:59:40
Restore point made on: 2013-06-25 22:07:52

==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 4004.27 MB
Available physical RAM: 3274.45 MB
Total Pagefile: 4002.47 MB
Available Pagefile: 3267.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:419.83 GB) NTFS (Disk=0 Partition=3)
Drive e: (Movies_2) (CDROM) (Total:4.09 GB) (Free:0 GB) UDF
Drive f: (HITMANPRO) (Removable) (Total:3.71 GB) (Free:3.71 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Recovery) (Fixed) (Total:14.65 GB) (Free:7.05 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2C592200)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: C8BBBEFD)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

LastRegBack: 2013-06-18 03:12

==================== End Of Log ============================

 



#4 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:08:03 AM

Posted 27 June 2013 - 02:41 PM

Here's what we're gonna do:

 

It appears that the tools you ran already removed a good chunk of the malware preventing you from booting- we only have a little more to go to get you to boot normally (after that, we have further cleaning to do to ensure there isn't anything left).

 

Please do the following:

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the flashdrive as fixlist.txt

2013-06-17 13:53 - 2013-06-17 13:53 - 30806440 ____A C:\Users\Cody\Documents\R308434.exe
2013-06-17 13:53 - 2013-06-17 13:53 - 05913984 ____A C:\Users\Cody\Documents\R307625.exe
HKU\Cody\...\Run: [SearchProtect] C:\Users\Cody\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-06-17 14:50 - 2013-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-06-26 21:17 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-26 20:54 - 2009-01-12 10:08 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-25 23:19 - 2009-01-12 10:08 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-17 14:49 - 2013-06-17 14:49 - 00000000 ____D C:\Users\Cody\AppData\Local\Conduit
HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
 


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply.

After that- are you able to boot into normal mode? Let me know when you can as we have more malware to remove.


Edited by D-FRED-BROWN, 27 June 2013 - 02:43 PM.


#5 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 June 2013 - 02:18 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-06-2013 02
Ran by SYSTEM at 2013-06-27 21:02:55 Run:1
Running from F:\
Boot Mode: Recovery
==============================================

C:\Users\Cody\Documents\R308434.exe => Moved successfully.
C:\Users\Cody\Documents\R307625.exe => Moved successfully.
HKU\Cody\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect => Value deleted successfully.
C:\Program Files (x86)\SearchProtect => Moved successfully.
C:\Program Files (x86)\Conduit => Moved successfully.
C:\Windows\Tasks\SA.DAT => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Cody\AppData\Local\Conduit => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll => Value deleted successfully.

==== End of Fixlog ====

 



#6 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 June 2013 - 02:40 AM

After Farbar fixlog still wont shut down, still restarts fine :bananas: , still boots up ok, I have also noticed (before Farbar) screen goes black for half second when adding or disconnecting power cable, and opening dvd/cd rom, etc.  

 

Thanks again.



#7 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:08:03 AM

Posted 28 June 2013 - 10:33 AM

I'm not sure I understand. Does the system boot normally now?



#8 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 June 2013 - 12:36 PM

Hey D-FRED-BROWN,

 

Yes it has always booted up normally, the problem after the "ransomware" is that it will not shut down.

 

Thanks for your time.



#9 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:08:03 AM

Posted 28 June 2013 - 12:38 PM

Let's start getting rid of the rest of it:

----------Step 1----------------
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

----------Step 2----------------
Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

----------Step 3----------------
Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.


NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


----------Step 4----------------
Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 5----------------
In your next reply, please include the following:

  • TDSSKiller's logfile
  • MBAR mbar-log.txt and system-log.txt
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt

After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. smile.png



#10 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 29 June 2013 - 03:31 AM

19:45:38.0587 3640  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
19:45:40.0577 3640  ============================================================
19:45:40.0577 3640  Current date / time: 2013/06/28 19:45:40.0577
19:45:40.0577 3640  SystemInfo:
19:45:40.0577 3640 
19:45:40.0577 3640  OS Version: 6.1.7601 ServicePack: 1.0
19:45:40.0577 3640  Product type: Workstation
19:45:40.0578 3640  ComputerName: CODY-PC
19:45:40.0578 3640  UserName: Cody
19:45:40.0578 3640  Windows directory: C:\Windows
19:45:40.0578 3640  System windows directory: C:\Windows
19:45:40.0578 3640  Running under WOW64
19:45:40.0578 3640  Processor architecture: Intel x64
19:45:40.0578 3640  Number of processors: 4
19:45:40.0578 3640  Page size: 0x1000
19:45:40.0578 3640  Boot type: Normal boot
19:45:40.0578 3640  ============================================================
19:45:41.0103 3640  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:45:41.0128 3640  ============================================================
19:45:41.0128 3640  \Device\Harddisk0\DR0:
19:45:41.0128 3640  MBR partitions:
19:45:41.0128 3640  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
19:45:41.0128 3640  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
19:45:41.0128 3640  ============================================================
19:45:41.0148 3640  C: <-> \Device\Harddisk0\DR0\Partition2
19:45:41.0148 3640  ============================================================
19:45:41.0148 3640  Initialize success
19:45:41.0148 3640  ============================================================
19:48:52.0936 4652  ============================================================
19:48:52.0936 4652  Scan started
19:48:52.0936 4652  Mode: Manual;
19:48:52.0936 4652  ============================================================
19:48:53.0151 4652  ================ Scan system memory ========================
19:48:53.0151 4652  Scan interrupted by user!
19:48:53.0151 4652  ================ Scan services =============================
19:48:53.0166 4652  Scan interrupted by user!
19:48:53.0166 4652  ================ Scan global ===============================
19:48:53.0166 4652  Scan interrupted by user!
19:48:53.0166 4652  ================ Scan MBR ==================================
19:48:53.0166 4652  Scan interrupted by user!
19:48:53.0166 4652  ================ Scan VBR ==================================
19:48:53.0166 4652  Scan interrupted by user!
19:48:53.0166 4652  ============================================================
19:48:53.0166 4652  Scan finished
19:48:53.0166 4652  ============================================================
19:48:53.0182 4720  Detected object count: 0
19:48:53.0182 4720  Actual detected object count: 0
19:49:03.0207 4748  ============================================================
19:49:03.0207 4748  Scan started
19:49:03.0207 4748  Mode: Manual;
19:49:03.0207 4748  ============================================================
19:49:03.0323 4748  ================ Scan system memory ========================
19:49:03.0323 4748  System memory - ok
19:49:03.0324 4748  ================ Scan services =============================
19:49:03.0538 4748  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:49:03.0544 4748  1394ohci - ok
19:49:03.0579 4748  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:49:03.0588 4748  ACPI - ok
19:49:03.0617 4748  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:49:03.0620 4748  AcpiPmi - ok
19:49:03.0713 4748  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:49:03.0716 4748  AdobeARMservice - ok
19:49:03.0743 4748  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:49:03.0754 4748  adp94xx - ok
19:49:03.0774 4748  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:49:03.0782 4748  adpahci - ok
19:49:03.0794 4748  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:49:03.0799 4748  adpu320 - ok
19:49:03.0850 4748  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:49:03.0853 4748  AeLookupSvc - ok
19:49:03.0953 4748  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
19:49:03.0955 4748  AESTFilters - ok
19:49:04.0007 4748  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:49:04.0018 4748  AFD - ok
19:49:04.0042 4748  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:49:04.0046 4748  agp440 - ok
19:49:04.0068 4748  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:49:04.0072 4748  ALG - ok
19:49:04.0094 4748  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:49:04.0096 4748  aliide - ok
19:49:04.0107 4748  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:49:04.0109 4748  amdide - ok
19:49:04.0135 4748  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:49:04.0138 4748  AmdK8 - ok
19:49:04.0152 4748  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:49:04.0155 4748  AmdPPM - ok
19:49:04.0186 4748  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:49:04.0191 4748  amdsata - ok
19:49:04.0213 4748  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:49:04.0220 4748  amdsbs - ok
19:49:04.0238 4748  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:49:04.0240 4748  amdxata - ok
19:49:04.0262 4748  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:49:04.0265 4748  AppID - ok
19:49:04.0308 4748  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:49:04.0311 4748  AppIDSvc - ok
19:49:04.0334 4748  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:49:04.0338 4748  Appinfo - ok
19:49:04.0348 4748  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:49:04.0352 4748  arc - ok
19:49:04.0361 4748  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:49:04.0365 4748  arcsas - ok
19:49:04.0394 4748  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:49:04.0396 4748  aswFsBlk - ok
19:49:04.0429 4748  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:49:04.0431 4748  aswMonFlt - ok
19:49:04.0449 4748  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
19:49:04.0451 4748  aswRdr - ok
19:49:04.0473 4748  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:49:04.0475 4748  aswRvrt - ok
19:49:04.0520 4748  [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:49:04.0536 4748  aswSnx - ok
19:49:04.0558 4748  [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:49:04.0565 4748  aswSP - ok
19:49:04.0586 4748  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:49:04.0588 4748  aswTdi - ok
19:49:04.0605 4748  [ 22F521108881DC59837F6FC614E0568F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:49:04.0609 4748  aswVmm - ok
19:49:04.0672 4748  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:49:04.0675 4748  AsyncMac - ok
19:49:04.0713 4748  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:49:04.0715 4748  atapi - ok
19:49:04.0812 4748  [ 80D6820DDB5427363A9D3F2137441C83 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:49:04.0882 4748  athr - ok
19:49:04.0955 4748  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:49:04.0977 4748  AudioEndpointBuilder - ok
19:49:04.0997 4748  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:49:05.0008 4748  AudioSrv - ok
19:49:05.0056 4748  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:49:05.0058 4748  avast! Antivirus - ok
19:49:05.0087 4748  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:49:05.0092 4748  AxInstSV - ok
19:49:05.0156 4748  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:49:05.0167 4748  b06bdrv - ok
19:49:05.0239 4748  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:49:05.0246 4748  b57nd60a - ok
19:49:05.0288 4748  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:49:05.0292 4748  BDESVC - ok
19:49:05.0311 4748  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:49:05.0314 4748  Beep - ok
19:49:05.0366 4748  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:49:05.0401 4748  BFE - ok
19:49:05.0467 4748  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:49:05.0503 4748  BITS - ok
19:49:05.0538 4748  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:49:05.0540 4748  blbdrive - ok
19:49:05.0567 4748  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:49:05.0570 4748  bowser - ok
19:49:05.0593 4748  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:49:05.0596 4748  BrFiltLo - ok
19:49:05.0613 4748  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:49:05.0615 4748  BrFiltUp - ok
19:49:05.0647 4748  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:49:05.0652 4748  Browser - ok
19:49:05.0679 4748  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:49:05.0687 4748  Brserid - ok
19:49:05.0716 4748  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:49:05.0719 4748  BrSerWdm - ok
19:49:05.0737 4748  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:49:05.0740 4748  BrUsbMdm - ok
19:49:05.0747 4748  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:49:05.0750 4748  BrUsbSer - ok
19:49:05.0774 4748  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:49:05.0778 4748  BTHMODEM - ok
19:49:05.0839 4748  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:49:05.0844 4748  bthserv - ok
19:49:05.0895 4748  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:49:05.0899 4748  cdfs - ok
19:49:05.0941 4748  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:49:05.0946 4748  cdrom - ok
19:49:05.0975 4748  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:49:05.0979 4748  CertPropSvc - ok
19:49:05.0993 4748  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:49:05.0996 4748  circlass - ok
19:49:06.0024 4748  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:49:06.0033 4748  CLFS - ok
19:49:06.0135 4748  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:49:06.0139 4748  clr_optimization_v2.0.50727_32 - ok
19:49:06.0222 4748  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:49:06.0226 4748  clr_optimization_v2.0.50727_64 - ok
19:49:06.0261 4748  CltMngSvc - ok
19:49:06.0276 4748  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:49:06.0278 4748  CmBatt - ok
19:49:06.0287 4748  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:49:06.0289 4748  cmdide - ok
19:49:06.0337 4748  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
19:49:06.0348 4748  CNG - ok
19:49:06.0373 4748  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:49:06.0375 4748  Compbatt - ok
19:49:06.0383 4748  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:49:06.0387 4748  CompositeBus - ok
19:49:06.0394 4748  COMSysApp - ok
19:49:06.0527 4748  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:49:06.0537 4748  cphs - ok
19:49:06.0558 4748  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:49:06.0561 4748  crcdisk - ok
19:49:06.0597 4748  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:49:06.0604 4748  CryptSvc - ok
19:49:06.0657 4748  [ DDAC7684F4BC3F655ED31D8AA494E9AB ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:49:06.0670 4748  cvhsvc - ok
19:49:06.0724 4748  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:49:06.0760 4748  DcomLaunch - ok
19:49:06.0817 4748  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:49:06.0826 4748  defragsvc - ok
19:49:06.0875 4748  [ 5C2BF6F94AFE6E585B632EE12F861949 ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
19:49:06.0878 4748  DellDigitalDelivery - ok
19:49:06.0923 4748  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:49:06.0927 4748  DfsC - ok
19:49:06.0956 4748  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:49:06.0966 4748  Dhcp - ok
19:49:06.0973 4748  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:49:06.0976 4748  discache - ok
19:49:07.0000 4748  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:49:07.0002 4748  Disk - ok
19:49:07.0039 4748  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:49:07.0046 4748  Dnscache - ok
19:49:07.0068 4748  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:49:07.0076 4748  dot3svc - ok
19:49:07.0101 4748  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:49:07.0108 4748  DPS - ok
19:49:07.0156 4748  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:49:07.0158 4748  drmkaud - ok
19:49:07.0221 4748  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:49:07.0237 4748  DXGKrnl - ok
19:49:07.0293 4748  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:49:07.0299 4748  EapHost - ok
19:49:07.0424 4748  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:49:07.0516 4748  ebdrv - ok
19:49:07.0542 4748  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:49:07.0546 4748  EFS - ok
19:49:07.0650 4748  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:49:07.0681 4748  ehRecvr - ok
19:49:07.0698 4748  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:49:07.0702 4748  ehSched - ok
19:49:07.0759 4748  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:49:07.0772 4748  elxstor - ok
19:49:07.0790 4748  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:49:07.0793 4748  ErrDev - ok
19:49:07.0851 4748  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:49:07.0862 4748  EventSystem - ok
19:49:07.0891 4748  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:49:07.0898 4748  exfat - ok
19:49:07.0930 4748  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:49:07.0936 4748  fastfat - ok
19:49:07.0996 4748  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:49:08.0031 4748  Fax - ok
19:49:08.0058 4748  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
19:49:08.0060 4748  fdc - ok
19:49:08.0087 4748  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:49:08.0092 4748  fdPHost - ok
19:49:08.0100 4748  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:49:08.0105 4748  FDResPub - ok
19:49:08.0130 4748  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:49:08.0133 4748  FileInfo - ok
19:49:08.0147 4748  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:49:08.0149 4748  Filetrace - ok
19:49:08.0168 4748  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:49:08.0171 4748  flpydisk - ok
19:49:08.0196 4748  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:49:08.0204 4748  FltMgr - ok
19:49:08.0265 4748  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:49:08.0313 4748  FontCache - ok
19:49:08.0398 4748  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:49:08.0403 4748  FontCache3.0.0.0 - ok
19:49:08.0422 4748  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:49:08.0426 4748  FsDepends - ok
19:49:08.0456 4748  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:49:08.0458 4748  Fs_Rec - ok
19:49:08.0504 4748  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:49:08.0510 4748  fvevol - ok
19:49:08.0564 4748  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:49:08.0567 4748  gagp30kx - ok
19:49:08.0627 4748  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:49:08.0663 4748  gpsvc - ok
19:49:08.0716 4748  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:08.0720 4748  gupdate - ok
19:49:08.0739 4748  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:08.0742 4748  gupdatem - ok
19:49:08.0772 4748  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:49:08.0777 4748  gusvc - ok
19:49:08.0832 4748  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:49:08.0835 4748  hcw85cir - ok
19:49:08.0902 4748  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:49:08.0911 4748  HdAudAddService - ok
19:49:08.0939 4748  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:49:08.0943 4748  HDAudBus - ok
19:49:08.0967 4748  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:49:08.0970 4748  HidBatt - ok
19:49:08.0987 4748  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:49:08.0991 4748  HidBth - ok
19:49:09.0020 4748  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:49:09.0023 4748  HidIr - ok
19:49:09.0062 4748  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:49:09.0067 4748  hidserv - ok
19:49:09.0096 4748  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
19:49:09.0099 4748  HidUsb - ok
19:49:09.0164 4748  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:49:09.0171 4748  hkmsvc - ok
19:49:09.0199 4748  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:49:09.0209 4748  HomeGroupListener - ok
19:49:09.0267 4748  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:49:09.0278 4748  HomeGroupProvider - ok
19:49:09.0295 4748  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:49:09.0299 4748  HpSAMD - ok
19:49:09.0321 4748  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:49:09.0338 4748  HTTP - ok
19:49:09.0351 4748  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:49:09.0352 4748  hwpolicy - ok
19:49:09.0375 4748  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:49:09.0379 4748  i8042prt - ok
19:49:09.0428 4748  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:49:09.0436 4748  iaStor - ok
19:49:09.0479 4748  [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:49:09.0482 4748  IAStorDataMgrSvc - ok
19:49:09.0531 4748  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:49:09.0542 4748  iaStorV - ok
19:49:09.0613 4748  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:49:09.0649 4748  idsvc - ok
19:49:09.0804 4748  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:49:09.0950 4748  igfx - ok
19:49:09.0993 4748  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:49:09.0996 4748  iirsp - ok
19:49:10.0073 4748  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:49:10.0077 4748  IJPLMSVC - ok
19:49:10.0147 4748  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:49:10.0181 4748  IKEEXT - ok
19:49:10.0205 4748  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:49:10.0208 4748  intelide - ok
19:49:10.0217 4748  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:49:10.0220 4748  intelppm - ok
19:49:10.0248 4748  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:49:10.0255 4748  IPBusEnum - ok
19:49:10.0282 4748  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:49:10.0287 4748  IpFilterDriver - ok
19:49:10.0355 4748  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:49:10.0376 4748  iphlpsvc - ok
19:49:10.0392 4748  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:49:10.0395 4748  IPMIDRV - ok
19:49:10.0414 4748  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:49:10.0418 4748  IPNAT - ok
19:49:10.0433 4748  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:49:10.0436 4748  IRENUM - ok
19:49:10.0443 4748  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:49:10.0446 4748  isapnp - ok
19:49:10.0469 4748  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:49:10.0477 4748  iScsiPrt - ok
19:49:10.0485 4748  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:49:10.0488 4748  kbdclass - ok
19:49:10.0517 4748  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:49:10.0520 4748  kbdhid - ok
19:49:10.0553 4748  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:49:10.0558 4748  KeyIso - ok
19:49:10.0593 4748  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:49:10.0597 4748  KSecDD - ok
19:49:10.0623 4748  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:49:10.0628 4748  KSecPkg - ok
19:49:10.0636 4748  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:49:10.0640 4748  ksthunk - ok
19:49:10.0707 4748  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:49:10.0721 4748  KtmRm - ok
19:49:10.0773 4748  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:49:10.0785 4748  LanmanServer - ok
19:49:10.0835 4748  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:49:10.0847 4748  LanmanWorkstation - ok
19:49:10.0876 4748  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:49:10.0879 4748  lltdio - ok
19:49:10.0938 4748  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:49:10.0950 4748  lltdsvc - ok
19:49:10.0975 4748  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:49:10.0981 4748  lmhosts - ok
19:49:11.0036 4748  [ 98B16E756243BEA9410E32025B19C06F ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:49:11.0043 4748  LMS - ok
19:49:11.0100 4748  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:49:11.0105 4748  LSI_FC - ok
19:49:11.0114 4748  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:49:11.0119 4748  LSI_SAS - ok
19:49:11.0127 4748  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:49:11.0131 4748  LSI_SAS2 - ok
19:49:11.0140 4748  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:49:11.0145 4748  LSI_SCSI - ok
19:49:11.0157 4748  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:49:11.0161 4748  luafv - ok
19:49:11.0218 4748  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:49:11.0226 4748  Mcx2Svc - ok
19:49:11.0233 4748  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:49:11.0236 4748  megasas - ok
19:49:11.0260 4748  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:49:11.0269 4748  MegaSR - ok
19:49:11.0290 4748  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:49:11.0291 4748  MEIx64 - ok
19:49:11.0363 4748  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:49:11.0370 4748  MMCSS - ok
19:49:11.0394 4748  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:49:11.0397 4748  Modem - ok
19:49:11.0405 4748  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:49:11.0407 4748  monitor - ok
19:49:11.0415 4748  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:49:11.0418 4748  mouclass - ok
19:49:11.0448 4748  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
19:49:11.0451 4748  mouhid - ok
19:49:11.0465 4748  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:49:11.0469 4748  mountmgr - ok
19:49:11.0480 4748  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:49:11.0485 4748  mpio - ok
19:49:11.0503 4748  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:49:11.0506 4748  mpsdrv - ok
19:49:11.0542 4748  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:49:11.0577 4748  MpsSvc - ok
19:49:11.0600 4748  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:49:11.0604 4748  MRxDAV - ok
19:49:11.0642 4748  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:49:11.0647 4748  mrxsmb - ok
19:49:11.0675 4748  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:49:11.0683 4748  mrxsmb10 - ok
19:49:11.0728 4748  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:49:11.0733 4748  mrxsmb20 - ok
19:49:11.0741 4748  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:49:11.0744 4748  msahci - ok
19:49:11.0756 4748  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:49:11.0761 4748  msdsm - ok
19:49:11.0781 4748  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:49:11.0790 4748  MSDTC - ok
19:49:11.0805 4748  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:49:11.0808 4748  Msfs - ok
19:49:11.0823 4748  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:49:11.0825 4748  mshidkmdf - ok
19:49:11.0840 4748  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:49:11.0841 4748  msisadrv - ok
19:49:11.0897 4748  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:49:11.0906 4748  MSiSCSI - ok
19:49:11.0913 4748  msiserver - ok
19:49:11.0936 4748  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:49:11.0938 4748  MSKSSRV - ok
19:49:11.0962 4748  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:49:11.0964 4748  MSPCLOCK - ok
19:49:11.0982 4748  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:49:11.0984 4748  MSPQM - ok
19:49:12.0000 4748  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:49:12.0008 4748  MsRPC - ok
19:49:12.0020 4748  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:49:12.0024 4748  mssmbios - ok
19:49:12.0034 4748  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:49:12.0036 4748  MSTEE - ok
19:49:12.0054 4748  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:49:12.0056 4748  MTConfig - ok
19:49:12.0061 4748  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:49:12.0063 4748  Mup - ok
19:49:12.0107 4748  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:49:12.0120 4748  napagent - ok
19:49:12.0155 4748  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:49:12.0161 4748  NativeWifiP - ok
19:49:12.0204 4748  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:49:12.0244 4748  NDIS - ok
19:49:12.0268 4748  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:49:12.0271 4748  NdisCap - ok
19:49:12.0297 4748  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:49:12.0299 4748  NdisTapi - ok
19:49:12.0312 4748  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:49:12.0315 4748  Ndisuio - ok
19:49:12.0338 4748  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:49:12.0342 4748  NdisWan - ok
19:49:12.0359 4748  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:49:12.0362 4748  NDProxy - ok
19:49:12.0370 4748  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:49:12.0373 4748  NetBIOS - ok
19:49:12.0395 4748  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:49:12.0402 4748  NetBT - ok
19:49:12.0419 4748  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:49:12.0425 4748  Netlogon - ok
19:49:12.0489 4748  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:49:12.0503 4748  Netman - ok
19:49:12.0519 4748  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:49:12.0536 4748  netprofm - ok
19:49:12.0585 4748  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:49:12.0590 4748  NetTcpPortSharing - ok
19:49:12.0605 4748  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:49:12.0608 4748  nfrd960 - ok
19:49:12.0660 4748  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:49:12.0673 4748  NlaSvc - ok
19:49:12.0683 4748  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:49:12.0686 4748  Npfs - ok
19:49:12.0733 4748  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:49:12.0740 4748  nsi - ok
19:49:12.0747 4748  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:49:12.0750 4748  nsiproxy - ok
19:49:12.0827 4748  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:49:12.0881 4748  Ntfs - ok
19:49:12.0901 4748  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:49:12.0904 4748  Null - ok
19:49:12.0956 4748  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
19:49:12.0960 4748  nusb3hub - ok
19:49:13.0016 4748  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
19:49:13.0023 4748  nusb3xhc - ok
19:49:13.0067 4748  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:49:13.0072 4748  nvraid - ok
19:49:13.0120 4748  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:49:13.0125 4748  nvstor - ok
19:49:13.0151 4748  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:49:13.0156 4748  nv_agp - ok
19:49:13.0171 4748  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:49:13.0174 4748  ohci1394 - ok
19:49:13.0236 4748  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:49:13.0242 4748  ose - ok
19:49:13.0447 4748  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:49:13.0573 4748  osppsvc - ok
19:49:13.0633 4748  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:49:13.0646 4748  p2pimsvc - ok
19:49:13.0728 4748  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:49:13.0750 4748  p2psvc - ok
19:49:13.0792 4748  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
19:49:13.0796 4748  Parport - ok
19:49:13.0824 4748  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:49:13.0828 4748  partmgr - ok
19:49:13.0848 4748  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:49:13.0858 4748  PcaSvc - ok
19:49:13.0880 4748  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:49:13.0886 4748  pci - ok
19:49:13.0902 4748  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:49:13.0904 4748  pciide - ok
19:49:13.0926 4748  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:49:13.0932 4748  pcmcia - ok
19:49:13.0941 4748  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:49:13.0943 4748  pcw - ok
19:49:13.0963 4748  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:49:13.0978 4748  PEAUTH - ok
19:49:14.0038 4748  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:49:14.0044 4748  PerfHost - ok
19:49:14.0114 4748  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:49:14.0173 4748  pla - ok
19:49:14.0233 4748  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:49:14.0256 4748  PlugPlay - ok
19:49:14.0276 4748  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:49:14.0284 4748  PNRPAutoReg - ok
19:49:14.0310 4748  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:49:14.0323 4748  PNRPsvc - ok
19:49:14.0383 4748  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:49:14.0401 4748  PolicyAgent - ok
19:49:14.0457 4748  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:49:14.0469 4748  Power - ok
19:49:14.0514 4748  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:49:14.0518 4748  PptpMiniport - ok
19:49:14.0541 4748  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:49:14.0545 4748  Processor - ok
19:49:14.0575 4748  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:49:14.0587 4748  ProfSvc - ok
19:49:14.0608 4748  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:49:14.0613 4748  ProtectedStorage - ok
19:49:14.0649 4748  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:49:14.0653 4748  Psched - ok
19:49:14.0742 4748  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:49:14.0789 4748  ql2300 - ok
19:49:14.0811 4748  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:49:14.0815 4748  ql40xx - ok
19:49:14.0867 4748  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:49:14.0880 4748  QWAVE - ok
19:49:14.0896 4748  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:49:14.0899 4748  QWAVEdrv - ok
19:49:14.0919 4748  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:49:14.0922 4748  RasAcd - ok
19:49:14.0976 4748  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:49:14.0979 4748  RasAgileVpn - ok
19:49:15.0004 4748  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:49:15.0014 4748  RasAuto - ok
19:49:15.0035 4748  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:49:15.0040 4748  Rasl2tp - ok
19:49:15.0070 4748  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:49:15.0091 4748  RasMan - ok
19:49:15.0101 4748  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:49:15.0104 4748  RasPppoe - ok
19:49:15.0141 4748  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:49:15.0144 4748  RasSstp - ok
19:49:15.0159 4748  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:49:15.0167 4748  rdbss - ok
19:49:15.0177 4748  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:49:15.0180 4748  rdpbus - ok
19:49:15.0221 4748  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:49:15.0223 4748  RDPCDD - ok
19:49:15.0240 4748  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:49:15.0242 4748  RDPENCDD - ok
19:49:15.0258 4748  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:49:15.0259 4748  RDPREFMP - ok
19:49:15.0308 4748  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:49:15.0312 4748  RdpVideoMiniport - ok
19:49:15.0346 4748  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:49:15.0353 4748  RDPWD - ok
19:49:15.0379 4748  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:49:15.0385 4748  rdyboost - ok
19:49:15.0430 4748  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:49:15.0438 4748  RemoteAccess - ok
19:49:15.0495 4748  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:49:15.0507 4748  RemoteRegistry - ok
19:49:15.0532 4748  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:49:15.0541 4748  RpcEptMapper - ok
19:49:15.0583 4748  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:49:15.0589 4748  RpcLocator - ok
19:49:15.0624 4748  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:49:15.0640 4748  RpcSs - ok
19:49:15.0658 4748  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:49:15.0661 4748  rspndr - ok
19:49:15.0699 4748  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:49:15.0710 4748  RTL8167 - ok
19:49:15.0731 4748  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:49:15.0736 4748  SamSs - ok
19:49:15.0745 4748  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:49:15.0750 4748  sbp2port - ok
19:49:15.0777 4748  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:49:15.0789 4748  SCardSvr - ok
19:49:15.0806 4748  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:49:15.0809 4748  scfilter - ok
19:49:15.0849 4748  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:49:15.0896 4748  Schedule - ok
19:49:15.0942 4748  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:49:15.0945 4748  SCPolicySvc - ok
19:49:15.0962 4748  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:49:15.0973 4748  SDRSVC - ok
19:49:16.0010 4748  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:49:16.0013 4748  secdrv - ok
19:49:16.0065 4748  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:49:16.0074 4748  seclogon - ok
19:49:16.0109 4748  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:49:16.0118 4748  SENS - ok
19:49:16.0132 4748  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:49:16.0141 4748  SensrSvc - ok
19:49:16.0163 4748  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:49:16.0166 4748  Serenum - ok
19:49:16.0204 4748  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
19:49:16.0209 4748  Serial - ok
19:49:16.0229 4748  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:49:16.0233 4748  sermouse - ok
19:49:16.0272 4748  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:49:16.0283 4748  SessionEnv - ok
19:49:16.0294 4748  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:49:16.0297 4748  sffdisk - ok
19:49:16.0307 4748  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:49:16.0310 4748  sffp_mmc - ok
19:49:16.0320 4748  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:49:16.0323 4748  sffp_sd - ok
19:49:16.0337 4748  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:49:16.0340 4748  sfloppy - ok
19:49:16.0380 4748  [ B2F21560016B3C200FC34F2BD13DE469 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfswin7.sys
19:49:16.0392 4748  Sftfs - ok
19:49:16.0458 4748  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:49:16.0470 4748  sftlist - ok
19:49:16.0505 4748  [ AD9449F3BF407DBD1742A465F2163847 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaywin7.sys
19:49:16.0509 4748  Sftplay - ok
19:49:16.0524 4748  [ 78A1496BA75C7D5700CECB77DDD291BB ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirwin7.sys
19:49:16.0526 4748  Sftredir - ok
19:49:16.0545 4748  [ DA674FD0164D64BD4980A619410D57E3 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvolwin7.sys
19:49:16.0546 4748  Sftvol - ok
19:49:16.0567 4748  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:49:16.0573 4748  sftvsa - ok
19:49:16.0630 4748  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:49:16.0643 4748  SharedAccess - ok
19:49:16.0695 4748  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:49:16.0716 4748  ShellHWDetection - ok
19:49:16.0737 4748  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:49:16.0741 4748  SiSRaid2 - ok
19:49:16.0791 4748  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:49:16.0795 4748  SiSRaid4 - ok
19:49:16.0827 4748  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:49:16.0832 4748  Smb - ok
19:49:16.0860 4748  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:49:16.0869 4748  SNMPTRAP - ok
19:49:16.0888 4748  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:49:16.0890 4748  spldr - ok
19:49:16.0931 4748  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:49:16.0966 4748  Spooler - ok
19:49:17.0072 4748  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:49:17.0147 4748  sppsvc - ok
19:49:17.0159 4748  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:49:17.0165 4748  sppuinotify - ok
19:49:17.0196 4748  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:49:17.0204 4748  srv - ok
19:49:17.0222 4748  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:49:17.0229 4748  srv2 - ok
19:49:17.0256 4748  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:49:17.0260 4748  srvnet - ok
19:49:17.0297 4748  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:49:17.0310 4748  SSDPSRV - ok
19:49:17.0319 4748  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:49:17.0330 4748  SstpSvc - ok
19:49:17.0377 4748  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:49:17.0384 4748  STacSV - ok
19:49:17.0427 4748  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:49:17.0430 4748  stexstor - ok
19:49:17.0460 4748  [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
19:49:17.0474 4748  STHDA - ok
19:49:17.0543 4748  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:49:17.0578 4748  stisvc - ok
19:49:17.0602 4748  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:49:17.0604 4748  swenum - ok
19:49:17.0662 4748  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:49:17.0698 4748  swprv - ok
19:49:17.0759 4748  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:49:17.0818 4748  SysMain - ok
19:49:17.0834 4748  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:49:17.0846 4748  TabletInputService - ok
19:49:17.0868 4748  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:49:17.0889 4748  TapiSrv - ok
19:49:17.0907 4748  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:49:17.0917 4748  TBS - ok
19:49:18.0000 4748  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:49:18.0058 4748  Tcpip - ok
19:49:18.0115 4748  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:49:18.0135 4748  TCPIP6 - ok
19:49:18.0157 4748  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:49:18.0159 4748  tcpipreg - ok
19:49:18.0202 4748  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:49:18.0204 4748  TDPIPE - ok
19:49:18.0238 4748  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:49:18.0241 4748  TDTCP - ok
19:49:18.0256 4748  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:49:18.0260 4748  tdx - ok
19:49:18.0281 4748  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:49:18.0283 4748  TermDD - ok
19:49:18.0349 4748  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:49:18.0383 4748  TermService - ok
19:49:18.0397 4748  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:49:18.0407 4748  Themes - ok
19:49:18.0430 4748  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:49:18.0436 4748  THREADORDER - ok
19:49:18.0463 4748  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:49:18.0475 4748  TrkWks - ok
19:49:18.0564 4748  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:49:18.0570 4748  TrustedInstaller - ok
19:49:18.0593 4748  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:49:18.0597 4748  tssecsrv - ok
19:49:18.0632 4748  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:49:18.0636 4748  TsUsbFlt - ok
19:49:18.0669 4748  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:49:18.0672 4748  TsUsbGD - ok
19:49:18.0755 4748  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:49:18.0760 4748  tunnel - ok
19:49:18.0776 4748  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:49:18.0780 4748  uagp35 - ok
19:49:18.0811 4748  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:49:18.0820 4748  udfs - ok
19:49:18.0881 4748  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:49:18.0891 4748  UI0Detect - ok
19:49:18.0924 4748  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:49:18.0928 4748  uliagpkx - ok
19:49:18.0950 4748  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:49:18.0953 4748  umbus - ok
19:49:18.0977 4748  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:49:18.0979 4748  UmPass - ok
19:49:19.0096 4748  [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:49:19.0174 4748  UNS - ok
19:49:19.0193 4748  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:49:19.0203 4748  upnphost - ok
19:49:19.0224 4748  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:49:19.0227 4748  usbccgp - ok
19:49:19.0277 4748  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:49:19.0281 4748  usbcir - ok
19:49:19.0303 4748  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:49:19.0306 4748  usbehci - ok
19:49:19.0348 4748  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:49:19.0356 4748  usbhub - ok
19:49:19.0376 4748  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:49:19.0380 4748  usbohci - ok
19:49:19.0404 4748  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:49:19.0406 4748  usbprint - ok
19:49:19.0437 4748  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:49:19.0441 4748  usbscan - ok
19:49:19.0471 4748  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
19:49:19.0475 4748  USBSTOR - ok
19:49:19.0495 4748  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:49:19.0498 4748  usbuhci - ok
19:49:19.0558 4748  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:49:19.0564 4748  usbvideo - ok
19:49:19.0613 4748  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:49:19.0623 4748  UxSms - ok
19:49:19.0641 4748  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:49:19.0647 4748  VaultSvc - ok
19:49:19.0707 4748  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:49:19.0709 4748  vdrvroot - ok
19:49:19.0738 4748  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:49:19.0772 4748  vds - ok
19:49:19.0804 4748  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:49:19.0808 4748  vga - ok
19:49:19.0826 4748  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:49:19.0829 4748  VgaSave - ok
19:49:19.0852 4748  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:49:19.0860 4748  vhdmp - ok
19:49:19.0877 4748  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:49:19.0881 4748  viaide - ok
19:49:19.0899 4748  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:49:19.0903 4748  volmgr - ok
19:49:19.0932 4748  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:49:19.0942 4748  volmgrx - ok
19:49:19.0968 4748  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:49:19.0976 4748  volsnap - ok
19:49:19.0988 4748  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:49:19.0994 4748  vsmraid - ok
19:49:20.0082 4748  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:49:20.0140 4748  VSS - ok
19:49:20.0148 4748  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:49:20.0151 4748  vwifibus - ok
19:49:20.0167 4748  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:49:20.0170 4748  vwififlt - ok
19:49:20.0191 4748  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:49:20.0201 4748  W32Time - ok
19:49:20.0222 4748  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:49:20.0224 4748  WacomPen - ok
19:49:20.0253 4748  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:49:20.0257 4748  WANARP - ok
19:49:20.0270 4748  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:49:20.0273 4748  Wanarpv6 - ok
19:49:20.0331 4748  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:49:20.0378 4748  WatAdminSvc - ok
19:49:20.0441 4748  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:49:20.0499 4748  wbengine - ok
19:49:20.0526 4748  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:49:20.0540 4748  WbioSrvc - ok
19:49:20.0570 4748  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:49:20.0587 4748  wcncsvc - ok
19:49:20.0607 4748  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:49:20.0618 4748  WcsPlugInService - ok
19:49:20.0661 4748  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:49:20.0664 4748  Wd - ok
19:49:20.0707 4748  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:49:20.0742 4748  Wdf01000 - ok
19:49:20.0751 4748  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:49:20.0763 4748  WdiServiceHost - ok
19:49:20.0770 4748  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:49:20.0780 4748  WdiSystemHost - ok
19:49:20.0810 4748  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:49:20.0831 4748  WebClient - ok
19:49:20.0856 4748  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:49:20.0872 4748  Wecsvc - ok
19:49:20.0881 4748  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:49:20.0893 4748  wercplsupport - ok
19:49:20.0913 4748  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:49:20.0924 4748  WerSvc - ok
19:49:20.0985 4748  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:49:20.0988 4748  WfpLwf - ok
19:49:21.0022 4748  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:49:21.0025 4748  WIMMount - ok
19:49:21.0053 4748  WinDefend - ok
19:49:21.0066 4748  WinHttpAutoProxySvc - ok
19:49:21.0153 4748  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:49:21.0161 4748  Winmgmt - ok
19:49:21.0228 4748  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:49:21.0298 4748  WinRM - ok
19:49:21.0347 4748  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:49:21.0382 4748  Wlansvc - ok
19:49:21.0401 4748  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:49:21.0402 4748  WmiAcpi - ok
19:49:21.0456 4748  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:49:21.0462 4748  wmiApSrv - ok
19:49:21.0504 4748  WMPNetworkSvc - ok
19:49:21.0541 4748  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:49:21.0551 4748  WPCSvc - ok
19:49:21.0577 4748  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:49:21.0590 4748  WPDBusEnum - ok
19:49:21.0643 4748  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:49:21.0646 4748  ws2ifsl - ok
19:49:21.0662 4748  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:49:21.0674 4748  wscsvc - ok
19:49:21.0681 4748  WSearch - ok
19:49:21.0779 4748  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:49:21.0850 4748  wuauserv - ok
19:49:21.0884 4748  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:49:21.0888 4748  WudfPf - ok
19:49:21.0901 4748  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:49:21.0910 4748  WUDFRd - ok
19:49:21.0936 4748  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:49:21.0945 4748  wudfsvc - ok
19:49:21.0976 4748  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:49:21.0988 4748  WwanSvc - ok
19:49:21.0999 4748  ================ Scan global ===============================
19:49:22.0046 4748  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:49:22.0075 4748  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:49:22.0109 4748  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:49:22.0163 4748  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:49:22.0227 4748  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:49:22.0249 4748  [Global] - ok
19:49:22.0249 4748  ================ Scan MBR ==================================
19:49:22.0268 4748  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:49:22.0565 4748  \Device\Harddisk0\DR0 - ok
19:49:22.0566 4748  ================ Scan VBR ==================================
19:49:22.0570 4748  [ DE4CFC9A6BCEAC4DB23F9F39B2598578 ] \Device\Harddisk0\DR0\Partition1
19:49:22.0574 4748  \Device\Harddisk0\DR0\Partition1 - ok
19:49:22.0592 4748  [ 6199A851336B044F3935ED14F5F8CB7A ] \Device\Harddisk0\DR0\Partition2
19:49:22.0596 4748  \Device\Harddisk0\DR0\Partition2 - ok
19:49:22.0597 4748  ============================================================
19:49:22.0597 4748  Scan finished
19:49:22.0597 4748  ============================================================
19:49:22.0612 4368  Detected object count: 0
19:49:22.0612 4368  Actual detected object count: 0
19:51:30.0894 2500  ============================================================
19:51:30.0894 2500  Scan started
19:51:30.0894 2500  Mode: Manual;
19:51:30.0894 2500  ============================================================
19:51:31.0044 2500  ================ Scan system memory ========================
19:51:31.0044 2500  System memory - ok
19:51:31.0045 2500  ================ Scan services =============================
19:51:31.0317 2500  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:51:31.0321 2500  1394ohci - ok
19:51:31.0347 2500  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:51:31.0353 2500  ACPI - ok
19:51:31.0374 2500  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:51:31.0375 2500  AcpiPmi - ok
19:51:31.0447 2500  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:31.0449 2500  AdobeARMservice - ok
19:51:31.0467 2500  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:51:31.0475 2500  adp94xx - ok
19:51:31.0490 2500  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:51:31.0496 2500  adpahci - ok
19:51:31.0505 2500  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:51:31.0507 2500  adpu320 - ok
19:51:31.0551 2500  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:51:31.0552 2500  AeLookupSvc - ok
19:51:31.0632 2500  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
19:51:31.0634 2500  AESTFilters - ok
19:51:31.0675 2500  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:51:31.0683 2500  AFD - ok
19:51:31.0733 2500  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:51:31.0735 2500  agp440 - ok
19:51:31.0758 2500  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:51:31.0761 2500  ALG - ok
19:51:31.0783 2500  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:51:31.0785 2500  aliide - ok
19:51:31.0797 2500  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:51:31.0798 2500  amdide - ok
19:51:31.0814 2500  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:51:31.0816 2500  AmdK8 - ok
19:51:31.0831 2500  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:51:31.0833 2500  AmdPPM - ok
19:51:31.0866 2500  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:51:31.0868 2500  amdsata - ok
19:51:31.0893 2500  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:51:31.0897 2500  amdsbs - ok
19:51:31.0917 2500  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:51:31.0919 2500  amdxata - ok
19:51:31.0941 2500  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:51:31.0944 2500  AppID - ok
19:51:31.0987 2500  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:51:31.0989 2500  AppIDSvc - ok
19:51:32.0013 2500  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:51:32.0016 2500  Appinfo - ok
19:51:32.0026 2500  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:51:32.0028 2500  arc - ok
19:51:32.0038 2500  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:51:32.0040 2500  arcsas - ok
19:51:32.0073 2500  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:51:32.0074 2500  aswFsBlk - ok
19:51:32.0097 2500  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:51:32.0099 2500  aswMonFlt - ok
19:51:32.0117 2500  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
19:51:32.0119 2500  aswRdr - ok
19:51:32.0141 2500  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:51:32.0144 2500  aswRvrt - ok
19:51:32.0188 2500  [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:51:32.0204 2500  aswSnx - ok
19:51:32.0226 2500  [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:51:32.0233 2500  aswSP - ok
19:51:32.0254 2500  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:51:32.0256 2500  aswTdi - ok
19:51:32.0273 2500  [ 22F521108881DC59837F6FC614E0568F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:51:32.0276 2500  aswVmm - ok
19:51:32.0329 2500  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:32.0330 2500  AsyncMac - ok
19:51:32.0348 2500  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:51:32.0349 2500  atapi - ok
19:51:32.0436 2500  [ 80D6820DDB5427363A9D3F2137441C83 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:51:32.0469 2500  athr - ok
19:51:32.0519 2500  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:51:32.0531 2500  AudioEndpointBuilder - ok
19:51:32.0557 2500  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:51:32.0568 2500  AudioSrv - ok
19:51:32.0613 2500  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:51:32.0615 2500  avast! Antivirus - ok
19:51:32.0633 2500  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:51:32.0636 2500  AxInstSV - ok
19:51:32.0668 2500  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:51:32.0677 2500  b06bdrv - ok
19:51:32.0696 2500  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:32.0701 2500  b57nd60a - ok
19:51:32.0723 2500  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:51:32.0726 2500  BDESVC - ok
19:51:32.0746 2500  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:51:32.0748 2500  Beep - ok
19:51:32.0779 2500  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:51:32.0790 2500  BFE - ok
19:51:32.0857 2500  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:51:32.0877 2500  BITS - ok
19:51:32.0894 2500  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:51:32.0896 2500  blbdrive - ok
19:51:32.0923 2500  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:51:32.0925 2500  bowser - ok
19:51:32.0939 2500  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:51:32.0940 2500  BrFiltLo - ok
19:51:32.0959 2500  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:51:32.0960 2500  BrFiltUp - ok
19:51:32.0992 2500  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:51:32.0994 2500  Browser - ok
19:51:33.0013 2500  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:51:33.0019 2500  Brserid - ok
19:51:33.0040 2500  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:33.0042 2500  BrSerWdm - ok
19:51:33.0061 2500  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:33.0062 2500  BrUsbMdm - ok
19:51:33.0070 2500  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:33.0072 2500  BrUsbSer - ok
19:51:33.0087 2500  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:51:33.0089 2500  BTHMODEM - ok
19:51:33.0152 2500  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:51:33.0155 2500  bthserv - ok
19:51:33.0175 2500  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:51:33.0177 2500  cdfs - ok
19:51:33.0198 2500  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:51:33.0202 2500  cdrom - ok
19:51:33.0221 2500  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:51:33.0224 2500  CertPropSvc - ok
19:51:33.0233 2500  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:51:33.0235 2500  circlass - ok
19:51:33.0269 2500  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:51:33.0277 2500  CLFS - ok
19:51:33.0369 2500  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:33.0372 2500  clr_optimization_v2.0.50727_32 - ok
19:51:33.0457 2500  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:51:33.0460 2500  clr_optimization_v2.0.50727_64 - ok
19:51:33.0465 2500  CltMngSvc - ok
19:51:33.0488 2500  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:51:33.0490 2500  CmBatt - ok
19:51:33.0497 2500  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:51:33.0499 2500  cmdide - ok
19:51:33.0538 2500  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
19:51:33.0546 2500  CNG - ok
19:51:33.0555 2500  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:51:33.0556 2500  Compbatt - ok
19:51:33.0564 2500  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:51:33.0566 2500  CompositeBus - ok
19:51:33.0574 2500  COMSysApp - ok
19:51:33.0706 2500  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:51:33.0713 2500  cphs - ok
19:51:33.0737 2500  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:51:33.0739 2500  crcdisk - ok
19:51:33.0776 2500  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:51:33.0781 2500  CryptSvc - ok
19:51:33.0836 2500  [ DDAC7684F4BC3F655ED31D8AA494E9AB ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:51:33.0849 2500  cvhsvc - ok
19:51:33.0903 2500  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:51:33.0919 2500  DcomLaunch - ok
19:51:33.0974 2500  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:51:33.0981 2500  defragsvc - ok
19:51:34.0020 2500  [ 5C2BF6F94AFE6E585B632EE12F861949 ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
19:51:34.0024 2500  DellDigitalDelivery - ok
19:51:34.0069 2500  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:51:34.0072 2500  DfsC - ok
19:51:34.0090 2500  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:51:34.0097 2500  Dhcp - ok
19:51:34.0107 2500  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:51:34.0109 2500  discache - ok
19:51:34.0117 2500  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:51:34.0120 2500  Disk - ok
19:51:34.0151 2500  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:51:34.0157 2500  Dnscache - ok
19:51:34.0180 2500  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:51:34.0187 2500  dot3svc - ok
19:51:34.0214 2500  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:51:34.0219 2500  DPS - ok
19:51:34.0257 2500  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:51:34.0259 2500  drmkaud - ok
19:51:34.0322 2500  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:51:34.0338 2500  DXGKrnl - ok
19:51:34.0394 2500  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:51:34.0399 2500  EapHost - ok
19:51:34.0525 2500  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:51:34.0555 2500  ebdrv - ok
19:51:34.0576 2500  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:51:34.0580 2500  EFS - ok
19:51:34.0685 2500  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:51:34.0696 2500  ehRecvr - ok
19:51:34.0732 2500  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:51:34.0735 2500  ehSched - ok
19:51:34.0794 2500  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:51:34.0803 2500  elxstor - ok
19:51:34.0825 2500  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:51:34.0826 2500  ErrDev - ok
19:51:34.0865 2500  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:51:34.0874 2500  EventSystem - ok
19:51:34.0893 2500  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:51:34.0897 2500  exfat - ok
19:51:34.0932 2500  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:51:34.0936 2500  fastfat - ok
19:51:34.0988 2500  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:51:35.0001 2500  Fax - ok
19:51:35.0016 2500  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
19:51:35.0017 2500  fdc - ok
19:51:35.0034 2500  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:51:35.0038 2500  fdPHost - ok
19:51:35.0046 2500  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:51:35.0050 2500  FDResPub - ok
19:51:35.0065 2500  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:51:35.0068 2500  FileInfo - ok
19:51:35.0082 2500  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:51:35.0084 2500  Filetrace - ok
19:51:35.0104 2500  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:51:35.0105 2500  flpydisk - ok
19:51:35.0120 2500  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:51:35.0126 2500  FltMgr - ok
19:51:35.0178 2500  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:51:35.0199 2500  FontCache - ok
19:51:35.0278 2500  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:51:35.0280 2500  FontCache3.0.0.0 - ok
19:51:35.0291 2500  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:51:35.0293 2500  FsDepends - ok
19:51:35.0325 2500  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:51:35.0327 2500  Fs_Rec - ok
19:51:35.0362 2500  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:51:35.0367 2500  fvevol - ok
19:51:35.0410 2500  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:51:35.0412 2500  gagp30kx - ok
19:51:35.0474 2500  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:51:35.0489 2500  gpsvc - ok
19:51:35.0529 2500  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:51:35.0532 2500  gupdate - ok
19:51:35.0540 2500  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:51:35.0544 2500  gupdatem - ok
19:51:35.0575 2500  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:51:35.0578 2500  gusvc - ok
19:51:35.0601 2500  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:51:35.0603 2500  hcw85cir - ok
19:51:35.0660 2500  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:51:35.0666 2500  HdAudAddService - ok
19:51:35.0686 2500  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:51:35.0689 2500  HDAudBus - ok
19:51:35.0714 2500  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:51:35.0716 2500  HidBatt - ok
19:51:35.0734 2500  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:51:35.0737 2500  HidBth - ok
19:51:35.0756 2500  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:51:35.0758 2500  HidIr - ok
19:51:35.0797 2500  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:51:35.0802 2500  hidserv - ok
19:51:35.0809 2500  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
19:51:35.0812 2500  HidUsb - ok
19:51:35.0866 2500  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:51:35.0873 2500  hkmsvc - ok
19:51:35.0902 2500  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:51:35.0910 2500  HomeGroupListener - ok
19:51:35.0969 2500  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:51:35.0979 2500  HomeGroupProvider - ok
19:51:35.0997 2500  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:51:36.0000 2500  HpSAMD - ok
19:51:36.0022 2500  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:51:36.0034 2500  HTTP - ok
19:51:36.0053 2500  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:51:36.0055 2500  hwpolicy - ok
19:51:36.0064 2500  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:51:36.0067 2500  i8042prt - ok
19:51:36.0108 2500  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:51:36.0116 2500  iaStor - ok
19:51:36.0160 2500  [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:51:36.0161 2500  IAStorDataMgrSvc - ok
19:51:36.0201 2500  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:51:36.0208 2500  iaStorV - ok
19:51:36.0282 2500  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:51:36.0296 2500  idsvc - ok
19:51:36.0460 2500  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:51:36.0514 2500  igfx - ok
19:51:36.0562 2500  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:51:36.0563 2500  iirsp - ok
19:51:36.0631 2500  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
19:51:36.0633 2500  IJPLMSVC - ok
19:51:36.0705 2500  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:51:36.0722 2500  IKEEXT - ok
19:51:36.0733 2500  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:51:36.0735 2500  intelide - ok
19:51:36.0743 2500  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:51:36.0746 2500  intelppm - ok
19:51:36.0761 2500  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:51:36.0765 2500  IPBusEnum - ok
19:51:36.0773 2500  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:51:36.0775 2500  IpFilterDriver - ok
19:51:36.0811 2500  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:51:36.0823 2500  iphlpsvc - ok
19:51:36.0839 2500  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:51:36.0842 2500  IPMIDRV - ok
19:51:36.0861 2500  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:51:36.0864 2500  IPNAT - ok
19:51:36.0880 2500  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:51:36.0882 2500  IRENUM - ok
19:51:36.0889 2500  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:51:36.0891 2500  isapnp - ok
19:51:36.0916 2500  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:51:36.0921 2500  iScsiPrt - ok
19:51:36.0930 2500  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:51:36.0932 2500  kbdclass - ok
19:51:36.0953 2500  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:51:36.0954 2500  kbdhid - ok
19:51:36.0977 2500  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:51:36.0983 2500  KeyIso - ok
19:51:37.0018 2500  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:51:37.0021 2500  KSecDD - ok
19:51:37.0048 2500  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:51:37.0052 2500  KSecPkg - ok
19:51:37.0060 2500  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:51:37.0062 2500  ksthunk - ok
19:51:37.0120 2500  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:51:37.0139 2500  KtmRm - ok
19:51:37.0195 2500  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:51:37.0200 2500  LanmanServer - ok
19:51:37.0247 2500  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:51:37.0251 2500  LanmanWorkstation - ok
19:51:37.0258 2500  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:51:37.0259 2500  lltdio - ok
19:51:37.0315 2500  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:51:37.0319 2500  lltdsvc - ok
19:51:37.0333 2500  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:51:37.0335 2500  lmhosts - ok
19:51:37.0369 2500  [ 98B16E756243BEA9410E32025B19C06F ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:51:37.0371 2500  LMS - ok
19:51:37.0396 2500  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:51:37.0397 2500  LSI_FC - ok
19:51:37.0426 2500  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:51:37.0427 2500  LSI_SAS - ok
19:51:37.0432 2500  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:51:37.0433 2500  LSI_SAS2 - ok
19:51:37.0439 2500  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:51:37.0441 2500  LSI_SCSI - ok
19:51:37.0445 2500  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:51:37.0447 2500  luafv - ok
19:51:37.0497 2500  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:51:37.0500 2500  Mcx2Svc - ok
19:51:37.0503 2500  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:51:37.0505 2500  megasas - ok
19:51:37.0512 2500  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:51:37.0514 2500  MegaSR - ok
19:51:37.0525 2500  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:51:37.0526 2500  MEIx64 - ok
19:51:37.0565 2500  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:51:37.0572 2500  MMCSS - ok
19:51:37.0586 2500  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:51:37.0588 2500  Modem - ok
19:51:37.0596 2500  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:51:37.0598 2500  monitor - ok
19:51:37.0605 2500  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:51:37.0608 2500  mouclass - ok
19:51:37.0628 2500  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
19:51:37.0629 2500  mouhid - ok
19:51:37.0635 2500  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:51:37.0637 2500  mountmgr - ok
19:51:37.0643 2500  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:51:37.0646 2500  mpio - ok
19:51:37.0660 2500  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:51:37.0662 2500  mpsdrv - ok
19:51:37.0686 2500  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:51:37.0696 2500  MpsSvc - ok
19:51:37.0712 2500  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:51:37.0715 2500  MRxDAV - ok
19:51:37.0744 2500  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:51:37.0748 2500  mrxsmb - ok
19:51:37.0765 2500  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:51:37.0770 2500  mrxsmb10 - ok
19:51:37.0797 2500  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:51:37.0798 2500  mrxsmb20 - ok
19:51:37.0814 2500  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:51:37.0814 2500  msahci - ok
19:51:37.0821 2500  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:51:37.0822 2500  msdsm - ok
19:51:37.0838 2500  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:51:37.0841 2500  MSDTC - ok
19:51:37.0848 2500  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:51:37.0848 2500  Msfs - ok
19:51:37.0859 2500  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:51:37.0859 2500  mshidkmdf - ok
19:51:37.0876 2500  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:51:37.0877 2500  msisadrv - ok
19:51:37.0932 2500  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:51:37.0939 2500  MSiSCSI - ok
19:51:37.0949 2500  msiserver - ok
19:51:37.0971 2500  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:51:37.0972 2500  MSKSSRV - ok
19:51:37.0986 2500  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:37.0988 2500  MSPCLOCK - ok
19:51:37.0995 2500  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:51:37.0996 2500  MSPQM - ok
19:51:38.0006 2500  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:51:38.0011 2500  MsRPC - ok
19:51:38.0019 2500  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:51:38.0020 2500  mssmbios - ok
19:51:38.0037 2500  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:51:38.0038 2500  MSTEE - ok
19:51:38.0056 2500  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:51:38.0057 2500  MTConfig - ok
19:51:38.0063 2500  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:51:38.0065 2500  Mup - ok
19:51:38.0109 2500  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:51:38.0120 2500  napagent - ok
19:51:38.0135 2500  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:51:38.0139 2500  NativeWifiP - ok
19:51:38.0185 2500  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:51:38.0194 2500  NDIS - ok
19:51:38.0215 2500  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:38.0216 2500  NdisCap - ok
19:51:38.0221 2500  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:38.0223 2500  NdisTapi - ok
19:51:38.0229 2500  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:38.0231 2500  Ndisuio - ok
19:51:38.0250 2500  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:38.0252 2500  NdisWan - ok
19:51:38.0257 2500  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:51:38.0258 2500  NDProxy - ok
19:51:38.0263 2500  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:51:38.0264 2500  NetBIOS - ok
19:51:38.0284 2500  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:51:38.0287 2500  NetBT - ok
19:51:38.0299 2500  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:51:38.0301 2500  Netlogon - ok
19:51:38.0358 2500  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:51:38.0369 2500  Netman - ok
19:51:38.0385 2500  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:51:38.0396 2500  netprofm - ok
19:51:38.0443 2500  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:51:38.0447 2500  NetTcpPortSharing - ok
19:51:38.0463 2500  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:51:38.0465 2500  nfrd960 - ok
19:51:38.0507 2500  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:51:38.0520 2500  NlaSvc - ok
19:51:38.0530 2500  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:51:38.0533 2500  Npfs - ok
19:51:38.0580 2500  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:51:38.0587 2500  nsi - ok
19:51:38.0594 2500  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:51:38.0597 2500  nsiproxy - ok
19:51:38.0670 2500  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:51:38.0694 2500  Ntfs - ok
19:51:38.0714 2500  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:51:38.0715 2500  Null - ok
19:51:38.0758 2500  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
19:51:38.0759 2500  nusb3hub - ok
19:51:38.0807 2500  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
19:51:38.0812 2500  nusb3xhc - ok
19:51:38.0847 2500  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:51:38.0851 2500  nvraid - ok
19:51:38.0889 2500  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:51:38.0893 2500  nvstor - ok
19:51:38.0909 2500  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:51:38.0912 2500  nv_agp - ok
19:51:38.0929 2500  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:51:38.0931 2500  ohci1394 - ok
19:51:38.0961 2500  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:38.0965 2500  ose - ok
19:51:39.0165 2500  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:39.0198 2500  osppsvc - ok
19:51:39.0246 2500  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:51:39.0258 2500  p2pimsvc - ok
19:51:39.0316 2500  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:51:39.0321 2500  p2psvc - ok
19:51:39.0361 2500  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
19:51:39.0364 2500  Parport - ok
19:51:39.0394 2500  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:51:39.0396 2500  partmgr - ok
19:51:39.0417 2500  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:51:39.0429 2500  PcaSvc - ok
19:51:39.0449 2500  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:51:39.0453 2500  pci - ok
19:51:39.0471 2500  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:51:39.0473 2500  pciide - ok
19:51:39.0495 2500  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:51:39.0500 2500  pcmcia - ok
19:51:39.0508 2500  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:51:39.0511 2500  pcw - ok
19:51:39.0532 2500  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:51:39.0543 2500  PEAUTH - ok
19:51:39.0595 2500  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:51:39.0601 2500  PerfHost - ok
19:51:39.0694 2500  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:51:39.0721 2500  pla - ok
19:51:39.0757 2500  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:51:39.0771 2500  PlugPlay - ok
19:51:39.0789 2500  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:51:39.0797 2500  PNRPAutoReg - ok
19:51:39.0825 2500  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:51:39.0836 2500  PNRPsvc - ok
19:51:39.0908 2500  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:51:39.0919 2500  PolicyAgent - ok
19:51:39.0971 2500  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:51:39.0983 2500  Power - ok
19:51:40.0028 2500  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:51:40.0031 2500  PptpMiniport - ok
19:51:40.0055 2500  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:51:40.0057 2500  Processor - ok
19:51:40.0088 2500  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:51:40.0098 2500  ProfSvc - ok
19:51:40.0110 2500  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:51:40.0116 2500  ProtectedStorage - ok
19:51:40.0140 2500  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:51:40.0144 2500  Psched - ok
19:51:40.0233 2500  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:51:40.0258 2500  ql2300 - ok
19:51:40.0279 2500  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:51:40.0281 2500  ql40xx - ok
19:51:40.0336 2500  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:51:40.0347 2500  QWAVE - ok
19:51:40.0365 2500  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:51:40.0367 2500  QWAVEdrv - ok
19:51:40.0377 2500  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:51:40.0379 2500  RasAcd - ok
19:51:40.0422 2500  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:40.0423 2500  RasAgileVpn - ok
19:51:40.0439 2500  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:51:40.0446 2500  RasAuto - ok
19:51:40.0470 2500  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:40.0473 2500  Rasl2tp - ok
19:51:40.0504 2500  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:51:40.0514 2500  RasMan - ok
19:51:40.0522 2500  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:40.0524 2500  RasPppoe - ok
19:51:40.0553 2500  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:51:40.0555 2500  RasSstp - ok
19:51:40.0566 2500  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:51:40.0571 2500  rdbss - ok
19:51:40.0599 2500  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:51:40.0601 2500  rdpbus - ok
19:51:40.0622 2500  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:40.0623 2500  RDPCDD - ok
19:51:40.0641 2500  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:51:40.0643 2500  RDPENCDD - ok
19:51:40.0659 2500  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:51:40.0661 2500  RDPREFMP - ok
19:51:40.0699 2500  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:51:40.0700 2500  RdpVideoMiniport - ok
19:51:40.0724 2500  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:51:40.0729 2500  RDPWD - ok
19:51:40.0739 2500  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:51:40.0742 2500  rdyboost - ok
19:51:40.0787 2500  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:51:40.0792 2500  RemoteAccess - ok
19:51:40.0841 2500  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:51:40.0851 2500  RemoteRegistry - ok
19:51:40.0878 2500  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:51:40.0885 2500  RpcEptMapper - ok
19:51:40.0929 2500  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:51:40.0934 2500  RpcLocator - ok
19:51:40.0970 2500  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:51:40.0986 2500  RpcSs - ok
19:51:41.0005 2500  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:51:41.0008 2500  rspndr - ok
19:51:41.0045 2500  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:51:41.0055 2500  RTL8167 - ok
19:51:41.0077 2500  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:51:41.0083 2500  SamSs - ok
19:51:41.0092 2500  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:51:41.0095 2500  sbp2port - ok
19:51:41.0122 2500  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:51:41.0132 2500  SCardSvr - ok
19:51:41.0152 2500  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:51:41.0154 2500  scfilter - ok
19:51:41.0195 2500  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:51:41.0218 2500  Schedule - ok
19:51:41.0265 2500  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:51:41.0268 2500  SCPolicySvc - ok
19:51:41.0285 2500  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:51:41.0295 2500  SDRSVC - ok
19:51:41.0312 2500  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:51:41.0314 2500  secdrv - ok
19:51:41.0366 2500  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:51:41.0374 2500  seclogon - ok
19:51:41.0399 2500  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:51:41.0408 2500  SENS - ok
19:51:41.0423 2500  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:51:41.0430 2500  SensrSvc - ok
19:51:41.0453 2500  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:51:41.0456 2500  Serenum - ok
19:51:41.0473 2500  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
19:51:41.0476 2500  Serial - ok
19:51:41.0497 2500  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:51:41.0499 2500  sermouse - ok
19:51:41.0529 2500  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:51:41.0539 2500  SessionEnv - ok
19:51:41.0551 2500  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:51:41.0553 2500  sffdisk - ok
19:51:41.0562 2500  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:51:41.0564 2500  sffp_mmc - ok
19:51:41.0572 2500  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:51:41.0574 2500  sffp_sd - ok
19:51:41.0606 2500  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:51:41.0608 2500  sfloppy - ok
19:51:41.0671 2500  [ B2F21560016B3C200FC34F2BD13DE469 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfswin7.sys
19:51:41.0684 2500  Sftfs - ok
19:51:41.0738 2500  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:51:41.0746 2500  sftlist - ok
19:51:41.0773 2500  [ AD9449F3BF407DBD1742A465F2163847 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaywin7.sys
19:51:41.0779 2500  Sftplay - ok
19:51:41.0804 2500  [ 78A1496BA75C7D5700CECB77DDD291BB ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirwin7.sys
19:51:41.0806 2500  Sftredir - ok
19:51:41.0824 2500  [ DA674FD0164D64BD4980A619410D57E3 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvolwin7.sys
19:51:41.0826 2500  Sftvol - ok
19:51:41.0847 2500  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:51:41.0851 2500  sftvsa - ok
19:51:41.0910 2500  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:51:41.0919 2500  SharedAccess - ok
19:51:41.0974 2500  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:51:41.0987 2500  ShellHWDetection - ok
19:51:42.0005 2500  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:51:42.0007 2500  SiSRaid2 - ok
19:51:42.0047 2500  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:51:42.0049 2500  SiSRaid4 - ok
19:51:42.0062 2500  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:51:42.0064 2500  Smb - ok
19:51:42.0072 2500  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:51:42.0077 2500  SNMPTRAP - ok
19:51:42.0089 2500  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:51:42.0091 2500  spldr - ok
19:51:42.0134 2500  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:51:42.0149 2500  Spooler - ok
19:51:42.0248 2500  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:51:42.0279 2500  sppsvc - ok
19:51:42.0294 2500  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:51:42.0297 2500  sppuinotify - ok
19:51:42.0329 2500  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:51:42.0337 2500  srv - ok
19:51:42.0359 2500  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:51:42.0367 2500  srv2 - ok
19:51:42.0392 2500  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:51:42.0397 2500  srvnet - ok
19:51:42.0421 2500  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:51:42.0432 2500  SSDPSRV - ok
19:51:42.0442 2500  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:51:42.0451 2500  SstpSvc - ok
19:51:42.0488 2500  [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:51:42.0492 2500  STacSV - ok
19:51:42.0540 2500  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:51:42.0542 2500  stexstor - ok
19:51:42.0573 2500  [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
19:51:42.0583 2500  STHDA - ok
19:51:42.0655 2500  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:51:42.0672 2500  stisvc - ok
19:51:42.0692 2500  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:51:42.0694 2500  swenum - ok
19:51:42.0719 2500  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:51:42.0735 2500  swprv - ok
19:51:42.0794 2500  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:51:42.0820 2500  SysMain - ok
19:51:42.0835 2500  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:51:42.0841 2500  TabletInputService - ok
19:51:42.0891 2500  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:51:42.0905 2500  TapiSrv - ok
19:51:42.0931 2500  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:51:42.0940 2500  TBS - ok
19:51:43.0013 2500  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:51:43.0034 2500  Tcpip - ok
19:51:43.0100 2500  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:51:43.0121 2500  TCPIP6 - ok
19:51:43.0203 2500  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:51:43.0205 2500  tcpipreg - ok
19:51:43.0259 2500  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:51:43.0262 2500  TDPIPE - ok
19:51:43.0295 2500  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:51:43.0297 2500  TDTCP - ok
19:51:43.0313 2500  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:51:43.0316 2500  tdx - ok
19:51:43.0338 2500  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:51:43.0341 2500  TermDD - ok
19:51:43.0407 2500  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:51:43.0425 2500  TermService - ok
19:51:43.0443 2500  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:51:43.0453 2500  Themes - ok
19:51:43.0476 2500  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:51:43.0482 2500  THREADORDER - ok
19:51:43.0498 2500  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:51:43.0508 2500  TrkWks - ok
19:51:43.0599 2500  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:51:43.0603 2500  TrustedInstaller - ok
19:51:43.0628 2500  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:43.0631 2500  tssecsrv - ok
19:51:43.0656 2500  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:51:43.0659 2500  TsUsbFlt - ok
19:51:43.0681 2500  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:51:43.0683 2500  TsUsbGD - ok
19:51:43.0746 2500  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:51:43.0750 2500  tunnel - ok
19:51:43.0767 2500  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:51:43.0769 2500  uagp35 - ok
19:51:43.0802 2500  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:51:43.0809 2500  udfs - ok
19:51:43.0871 2500  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:51:43.0881 2500  UI0Detect - ok
19:51:43.0892 2500  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:51:43.0895 2500  uliagpkx - ok
19:51:43.0918 2500  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:51:43.0921 2500  umbus - ok
19:51:43.0945 2500  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:51:43.0947 2500  UmPass - ok
19:51:44.0054 2500  [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:51:44.0094 2500  UNS - ok
19:51:44.0116 2500  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:51:44.0124 2500  upnphost - ok
19:51:44.0148 2500  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:44.0149 2500  usbccgp - ok
19:51:44.0167 2500  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:51:44.0170 2500  usbcir - ok
19:51:44.0193 2500  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:51:44.0196 2500  usbehci - ok
19:51:44.0227 2500  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:51:44.0234 2500  usbhub - ok
19:51:44.0256 2500  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:51:44.0258 2500  usbohci - ok
19:51:44.0283 2500  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:51:44.0285 2500  usbprint - ok
19:51:44.0317 2500  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:51:44.0319 2500  usbscan - ok
19:51:44.0350 2500  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
19:51:44.0354 2500  USBSTOR - ok
19:51:44.0374 2500  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:51:44.0377 2500  usbuhci - ok
19:51:44.0426 2500  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:51:44.0431 2500  usbvideo - ok
19:51:44.0481 2500  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:51:44.0491 2500  UxSms - ok
19:51:44.0510 2500  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:51:44.0515 2500  VaultSvc - ok
19:51:44.0564 2500  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:51:44.0566 2500  vdrvroot - ok
19:51:44.0595 2500  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:51:44.0612 2500  vds - ok
19:51:44.0628 2500  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:44.0631 2500  vga - ok
19:51:44.0650 2500  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:51:44.0652 2500  VgaSave - ok
19:51:44.0676 2500  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:51:44.0681 2500  vhdmp - ok
19:51:44.0701 2500  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:51:44.0703 2500  viaide - ok
19:51:44.0723 2500  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:51:44.0726 2500  volmgr - ok
19:51:44.0755 2500  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:51:44.0762 2500  volmgrx - ok
19:51:44.0781 2500  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:51:44.0788 2500  volsnap - ok
19:51:44.0798 2500  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:51:44.0802 2500  vsmraid - ok
19:51:44.0884 2500  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:51:44.0913 2500  VSS - ok
19:51:44.0918 2500  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:51:44.0920 2500  vwifibus - ok
19:51:44.0925 2500  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:51:44.0927 2500  vwififlt - ok
19:51:44.0938 2500  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:51:44.0946 2500  W32Time - ok
19:51:44.0968 2500  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:51:44.0970 2500  WacomPen - ok
19:51:44.0975 2500  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:51:44.0977 2500  WANARP - ok
19:51:44.0983 2500  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:51:44.0984 2500  Wanarpv6 - ok
19:51:45.0042 2500  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:51:45.0061 2500  WatAdminSvc - ok
19:51:45.0109 2500  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:51:45.0139 2500  wbengine - ok
19:51:45.0160 2500  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:51:45.0167 2500  WbioSrvc - ok
19:51:45.0176 2500  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:51:45.0184 2500  wcncsvc - ok
19:51:45.0197 2500  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:51:45.0203 2500  WcsPlugInService - ok
19:51:45.0218 2500  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:51:45.0219 2500  Wd - ok
19:51:45.0265 2500  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:51:45.0278 2500  Wdf01000 - ok
19:51:45.0303 2500  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:51:45.0313 2500  WdiServiceHost - ok
19:51:45.0320 2500  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:51:45.0330 2500  WdiSystemHost - ok
19:51:45.0355 2500  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:51:45.0367 2500  WebClient - ok
19:51:45.0391 2500  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:51:45.0402 2500  Wecsvc - ok
19:51:45.0411 2500  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:51:45.0419 2500  wercplsupport - ok
19:51:45.0437 2500  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:51:45.0442 2500  WerSvc - ok
19:51:45.0453 2500  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:45.0454 2500  WfpLwf - ok
19:51:45.0468 2500  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:51:45.0469 2500  WIMMount - ok
19:51:45.0488 2500  WinDefend - ok
19:51:45.0494 2500  WinHttpAutoProxySvc - ok
19:51:45.0577 2500  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:51:45.0583 2500  Winmgmt - ok
19:51:45.0662 2500  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:51:45.0691 2500  WinRM - ok
19:51:45.0725 2500  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:51:45.0736 2500  Wlansvc - ok
19:51:45.0747 2500  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:51:45.0748 2500  WmiAcpi - ok
19:51:45.0802 2500  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:51:45.0807 2500  wmiApSrv - ok
19:51:45.0827 2500  WMPNetworkSvc - ok
19:51:45.0843 2500  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:51:45.0850 2500  WPCSvc - ok
19:51:45.0867 2500  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:51:45.0875 2500  WPDBusEnum - ok
19:51:45.0922 2500  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:51:45.0924 2500  ws2ifsl - ok
19:51:45.0942 2500  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:51:45.0952 2500  wscsvc - ok
19:51:45.0959 2500  WSearch - ok
19:51:46.0059 2500  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:51:46.0093 2500  wuauserv - ok
19:51:46.0119 2500  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:51:46.0121 2500  WudfPf - ok
19:51:46.0128 2500  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:46.0131 2500  WUDFRd - ok
19:51:46.0148 2500  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:51:46.0154 2500  wudfsvc - ok
19:51:46.0188 2500  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:51:46.0195 2500  WwanSvc - ok
19:51:46.0203 2500  ================ Scan global ===============================
19:51:46.0247 2500  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:51:46.0287 2500  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:51:46.0321 2500  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:51:46.0376 2500  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:51:46.0440 2500  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:51:46.0452 2500  [Global] - ok
19:51:46.0453 2500  ================ Scan MBR ==================================
19:51:46.0469 2500  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:51:46.0820 2500  \Device\Harddisk0\DR0 - ok
19:51:46.0821 2500  ================ Scan VBR ==================================
19:51:46.0826 2500  [ DE4CFC9A6BCEAC4DB23F9F39B2598578 ] \Device\Harddisk0\DR0\Partition1
19:51:46.0830 2500  \Device\Harddisk0\DR0\Partition1 - ok
19:51:46.0849 2500  [ 6199A851336B044F3935ED14F5F8CB7A ] \Device\Harddisk0\DR0\Partition2
19:51:46.0853 2500  \Device\Harddisk0\DR0\Partition2 - ok
19:51:46.0854 2500  ============================================================
19:51:46.0854 2500  Scan finished
19:51:46.0854 2500  ============================================================
19:51:46.0871 4384  Detected object count: 0
19:51:46.0871 4384  Actual detected object count: 0
19:52:09.0486 4404  Deinitialize success
 



#11 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 29 June 2013 - 03:34 AM

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.06.01.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Cody :: CODY-PC [administrator]

6/28/2013 8:16:58 PM
mbar-log-2013-06-28 (20-16-58).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 235849
Time elapsed: 8 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.06.29.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Cody :: CODY-PC [administrator]

6/28/2013 8:31:35 PM
mbar-log-2013-06-28 (20-31-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 231155
Time elapsed: 10 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



#12 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 29 June 2013 - 03:36 AM

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16618

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 4198785024, free: 2516901888

Initializing...
------------ Kernel report ------------
     06/28/2013 20:16:53
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\drivers\USBSTOR.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\Sftvolwin7.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfswin7.sys
\SystemRoot\system32\DRIVERS\Sftplaywin7.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirwin7.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\gdi32.dll
\Windows\System32\shell32.dll
\Windows\System32\kernel32.dll
\Windows\System32\nsi.dll
\Windows\System32\psapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\sechost.dll
\Windows\System32\imagehlp.dll
\Windows\System32\msvcrt.dll
\Windows\System32\user32.dll
\Windows\System32\usp10.dll
\Windows\System32\setupapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\msctf.dll
\Windows\System32\iertutil.dll
\Windows\System32\difxapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\lpk.dll
\Windows\System32\urlmon.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\wininet.dll
\Windows\System32\shlwapi.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800736b790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000077\
Lower Device Object: 0xfffffa8006f1fb60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005ff1060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80040ed050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005ff1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005ff1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005ff1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80040e9e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80040ed050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2C592200

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30926848  Numsec = 945844272

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa800736b790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006f25b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800736b790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8006f1fb60, DeviceName: \Device\00000077\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_206848_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16618

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 4198785024, free: 2993999872

Downloaded database version: v2013.06.29.01
Initializing...
------------ Kernel report ------------
     06/28/2013 20:31:30
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\drivers\USBSTOR.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\Sftvolwin7.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfswin7.sys
\SystemRoot\system32\DRIVERS\Sftplaywin7.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirwin7.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\comdlg32.dll
\Windows\System32\lpk.dll
\Windows\System32\ws2_32.dll
\Windows\System32\normaliz.dll
\Windows\System32\advapi32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\sechost.dll
\Windows\System32\usp10.dll
\Windows\System32\msvcrt.dll
\Windows\System32\shell32.dll
\Windows\System32\msctf.dll
\Windows\System32\gdi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\iertutil.dll
\Windows\System32\kernel32.dll
\Windows\System32\nsi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\psapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imagehlp.dll
\Windows\System32\ole32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\user32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8007366790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000077\
Lower Device Object: 0xfffffa8006efbb60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800470d060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004126050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800470d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800470db20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800470d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80041015c0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004126050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2C592200

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30926848  Numsec = 945844272

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8007366790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006f02b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007366790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8006efbb60, DeviceName: \Device\00000077\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_206848_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished



ComboFix 13-06-28.02 - Cody 06/28/2013  21:34:40.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4004.2631 [GMT -10:00]
Running from: c:\users\Cody\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-28 to 2013-06-29  )))))))))))))))))))))))))))))))
.
.
2013-06-29 07:38 . 2013-06-29 07:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-29 06:16 . 2013-06-29 06:42 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-06-28 06:03 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B90B438-2141-4DDA-A4C7-AD160820F8A9}\mpengine.dll
2013-06-27 06:18 . 2013-06-27 06:18 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-06-27 06:17 . 2013-06-27 06:21 -------- d-----w- c:\users\Cody\AppData\Local\Adobe
2013-06-27 03:26 . 2013-06-27 03:26 -------- d-----w- C:\FRST
2013-06-21 21:06 . 2013-06-21 21:06 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-21 21:06 . 2013-06-21 21:06 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-21 21:06 . 2013-06-21 21:06 -------- d-----w- c:\windows\SysWow64\Macromed
2013-06-21 21:06 . 2013-06-21 21:06 -------- d-----w- c:\windows\system32\Macromed
2013-06-20 18:53 . 2013-06-20 18:53 -------- d-----w- c:\users\Cody\AppData\Roaming\Malwarebytes
2013-06-20 18:52 . 2013-06-20 18:52 -------- d-----w- c:\programdata\Malwarebytes
2013-06-20 18:52 . 2013-04-05 00:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-20 18:52 . 2013-06-29 05:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-20 18:52 . 2013-06-20 18:52 -------- d-----w- c:\users\Cody\AppData\Local\Programs
2013-06-18 21:35 . 2013-06-18 21:35 -------- d-----w- c:\programdata\VirtualizedApplications
2013-06-17 23:08 . 2013-06-29 06:27 -------- d-----w- c:\users\Cody\AppData\Roaming\SoftGrid Client
2013-06-17 23:08 . 2013-06-17 23:08 -------- d-----w- c:\users\Cody\AppData\Local\SoftGrid Client
2013-06-17 23:06 . 2013-06-17 23:06 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2013-06-17 23:06 . 2013-06-17 23:06 -------- d-----w- c:\windows\PCHEALTH
2013-06-17 23:06 . 2013-06-17 23:06 -------- d-----w- c:\program files\Microsoft Office
2013-06-17 23:05 . 2013-06-17 23:07 -------- d-----w- c:\users\Cody\AppData\Roaming\TP
2013-06-17 22:50 . 2013-06-29 05:58 -------- d-----w- c:\users\Cody\AppData\Local\WinZip
2013-06-17 22:50 . 2013-06-17 22:50 -------- d-----w- c:\users\Cody\AppData\Local\CRE
2013-06-17 22:50 . 2013-06-29 05:58 -------- d-----w- c:\programdata\WinZip
2013-06-17 22:50 . 2013-06-17 22:50 -------- d-----w- c:\program files\WinZip
2013-06-17 22:50 . 2013-06-17 22:55 -------- d-----w- c:\users\Cody\AppData\Roaming\SearchProtect
2013-06-17 22:49 . 2013-06-17 22:49 -------- d-----w- c:\program files (x86)\BitTorrentControl_v12
2013-06-17 22:47 . 2013-06-17 23:40 -------- d-----w- c:\users\Cody\AppData\Roaming\BitTorrent
2013-06-17 21:56 . 2013-06-17 21:57 -------- d-----w- c:\program files\IDT
2013-06-17 21:54 . 2013-06-17 21:54 -------- d-----w- c:\program files (x86)\Dell Digital Delivery
2013-06-17 21:49 . 2013-06-28 17:29 -------- d-----w- c:\users\Cody\AppData\Local\Akamai
2013-06-17 21:14 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-06-17 21:14 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-06-17 21:14 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-06-17 21:14 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-06-17 21:14 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2013-06-17 21:14 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-17 21:14 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-17 21:14 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-06-17 21:14 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-06-17 21:14 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-06-17 21:14 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-06-17 21:12 . 2012-03-14 15:00 385024 ----a-w- c:\windows\system32\CNMLMA9.DLL
2013-06-17 21:12 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-06-17 21:12 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-06-17 21:12 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-06-17 21:12 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-06-17 21:12 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-06-17 21:12 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-06-17 21:12 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-06-17 21:08 . 2012-12-07 11:20 43520 ----a-w- c:\windows\system32\csrr.rs
2013-06-17 21:07 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-17 21:07 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-06-17 21:07 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-06-17 21:07 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-17 21:07 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-06-17 21:07 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-17 21:07 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-17 19:50 . 2013-06-17 20:01 -------- d-----w- c:\programdata\HitmanPro
2013-06-15 19:27 . 2013-06-08 12:28 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-15 19:08 . 2013-06-15 19:08 -------- d-----w- c:\windows\SysWow64\Wat
2013-06-15 19:08 . 2013-06-15 19:08 -------- d-----w- c:\windows\system32\Wat
2013-06-14 18:10 . 2013-06-14 18:10 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 18:03 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-06-14 18:03 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-06-14 18:03 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-06-14 18:03 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-06-14 18:03 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-06-14 18:03 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-06-14 18:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-06-14 18:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-06-14 18:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-06-14 18:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-06-14 18:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-06-14 17:53 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-06-14 17:52 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-06-14 17:52 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-06-14 17:52 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-06-14 17:52 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-06-14 17:52 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-06-14 17:52 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-06-14 17:52 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-06-14 17:52 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-06-14 17:52 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-06-14 17:52 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-06-14 17:52 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-06-14 17:52 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-06-14 17:50 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-14 17:49 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-14 17:44 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2013-06-14 17:44 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-06-14 17:43 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-06-14 17:43 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-06-14 17:40 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-06-14 17:40 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-06-14 17:40 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-06-14 17:36 . 2013-06-14 17:36 -------- d-----w- c:\program files (x86)\GUME37B.tmp
2013-05-31 23:55 . 2013-05-31 23:55 -------- d-----w- C:\$AVG
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-28 06:03 . 2009-01-12 18:08 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 06:03 . 2009-01-12 18:08 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-28 06:03 . 2009-01-12 18:08 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2009-01-12 18:08 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2009-01-12 18:08 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2009-01-12 18:08 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2009-01-12 18:08 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2009-01-12 18:08 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2009-01-12 18:07 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2009-01-12 18:08 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 12:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-06-17 21:08 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-06-17 21:08 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-06-17 21:08 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-06-17 21:08 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-06-17 21:08 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-06-17 21:08 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll" [2013-05-16 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
2013-05-16 12:13 231712 ----a-w- c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll" [2013-05-16 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Cody\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-12 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfswin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfswin7.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaywin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaywin7.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirwin7.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvolwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvolwin7.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 21:19 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - (no file)
AddRemove-SearchProtect - c:\program files (x86)\SearchProtect\bin\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-28  21:39:54
ComboFix-quarantined-files.txt  2013-06-29 07:39
.
Pre-Run: 451,783,413,760 bytes free
Post-Run: 451,800,133,632 bytes free
.
- - End Of File - - 2196868C09FC1BF01192D369A1CCEEB1
D41D8CD98F00B204E9800998ECF8427E
 



#13 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 29 June 2013 - 03:43 AM

Hey D -FRED-Brown,

 

I can't find original step "4" Screen317 txt results I did not copy when finished and can not find saved text document like others, so I ran again,

these are the results. PC still will not shutdown after two tries, same symptoms.

 

 

 Results of screen317's Security Check version 0.99.68 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
avast! Antivirus  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Adobe Reader XI 
 Google Chrome 27.0.1453.110 
 Google Chrome 27.0.1453.116 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

 



#14 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:08:03 AM

Posted 29 June 2013 - 11:01 AM

Weird that the system won't reboot. I suspect it's due to malware. Let's make progress on cleaning all this junk up and re-evaluate afterwards:

 

 

Please do the following:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KILLALL::

 

File::
c:\program files (x86)\GUME37B.tmp
c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe

Folder::
c:\program files (x86)\SearchProtect

Driver::
CltMngSvc

Reboot::



Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now
 

#15 Konakolo

Konakolo
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 29 June 2013 - 01:35 PM

Hello D-FRED-BROWN,

 

I ran Combofix using that by dragging CFScript.txt into Combofix icon, it started to run but then said "access denied cannot save file, click next" and kept saying that for at least ten files, so I just kept clicking next. After it was done, maybe thirty seconds, no .txt document was produced, I searched and looked in C:. 

 

I have disabled Windows Defender and Firewall, and Avast and Malwarebytes, I have know idea why Combofix would act that way, but it seemed like it was being interfered with?

 

Thanks.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users