Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having permissions and high cpu problems


  • This topic is locked This topic is locked
17 replies to this topic

#1 lion2727

lion2727

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 31 January 2015 - 04:04 AM

I get high cpu with iexplore.exe and sometimes other processes, as well as changed startpage and wont let me change in registry, says (error writing new value contents) and i did put the whole prefix in. and aswell i found scvhost in syswow64 and deleted it, been ongoing problem had it at bay then came back a bit ago when i recovered computer so tells me its on the recovery partition aswell, and causes lots of lag when online streaming or downloading, here is the attached hijack log with mail. I feel it is a deep infection hiding itself and causing me alot of grief, once in a while the computer will work fine with no high cpu issues but most the time it runs higher than it should i close other process when using internet to prevent 100 percent cpu usage and keep my fan from going crazy, malwarebyte says no threats, i have aswell ran jrt,combofix,and others none has gotten rid of it, and i am too early in reading registry keys (learning on my own research) to want to alter to much.Also sometimes my anti virus gets shutoff.

 

                        Thank You

Attached Files


Edited by lion2727, 31 January 2015 - 09:03 PM.
moved from Windows 7 to the appropriate forum. HJT are allowed only in Malware Removal Logs forum


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 01 February 2015 - 10:11 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 lion2727

lion2727
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 01 February 2015 - 03:17 PM

Thank you for your help, its been a hassle.  I did notice that rundll.32 was running 50percent of my cpu even when offline and I exited the process tree and cpu went down but still running high when on iexplore.exe seems to be worse when flash runs more on websites. but here are the documents ask for, thank you again.

 

 

# AdwCleaner v4.109 - Report created 01/02/2015 at 15:01:46
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : MK - MK-PC
# Running from : C:\Users\MK\Downloads\Evony\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v40.0.2214.94

[C:\Users\MK\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\MK\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [936 octets] - [28/01/2015 09:57:27]
AdwCleaner[R1].txt - [1274 octets] - [01/02/2015 14:59:38]
AdwCleaner[S0].txt - [1002 octets] - [28/01/2015 10:00:20]
AdwCleaner[S1].txt - [1203 octets] - [01/02/2015 15:01:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1263 octets] ##########

 

And here is the FRST.text

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by MK (administrator) on MK-PC on 01-02-2015 15:05:17
Running from C:\Users\MK\Downloads\Anti-V
Loaded Profiles: MK (Available profiles: MK)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(USTechSupport) C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\vsserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes Corporation) C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbamservice.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(USTechSupport) C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(USTechSupport) C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\bdagent.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Malwarebytes Corporation) C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\bdagent.exe [1445552 2013-01-08] (USTechSupport)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2426222986-2913429428-2715109983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {E809B4A1-7CFA-4A8D-859C-153077D3902C} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 -> {E809B4A1-7CFA-4A8D-859C-153077D3902C} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> DefaultScope {56D9FE92-F435-4708-9D84-0760D4C56E29} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS625
SearchScopes: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> {56D9FE92-F435-4708-9D84-0760D4C56E29} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS625
SearchScopes: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> {774EA97B-FCC8-42F9-B9C7-A7E19EA252D0} URL =
SearchScopes: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> {E809B4A1-7CFA-4A8D-859C-153077D3902C} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\MK\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 MBAMScheduler; C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 taisregispinger; C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2191240 2011-10-22] (Toshiba America Information Systems.)
R2 UPDATESRV; C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\updatesrv.exe [66008 2012-12-26] (USTechSupport)
R2 VSSERV; C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\vsserv.exe [1644816 2012-11-20] (USTechSupport)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe /s [X]
S2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll" /prefetch:1

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2012-10-10] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2012-10-10] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Early Detection Center 4.0\Early Detection Center 4.0 Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
U5 BDSandBox; C:\windows\system32\drivers\bdsandbox.sys [82384 2012-09-21] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [145696 2012-08-29] (BitDefender LLC)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [350160 2012-10-31] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 15:05 - 2015-02-01 15:05 - 00000000 ____D () C:\FRST
2015-02-01 03:45 - 2015-02-01 03:45 - 00000957 _____ () C:\Users\MK\Desktop\Revo Uninstaller.lnk
2015-02-01 03:09 - 2015-02-01 03:09 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-01 03:09 - 2015-02-01 03:09 - 00000000 ____D () C:\windows\system32\Macromed
2015-02-01 01:47 - 2015-02-01 01:48 - 00000000 ____D () C:\Users\MK\Downloads\SNES
2015-02-01 00:54 - 2015-02-01 02:34 - 00000000 ____D () C:\Users\MK\Downloads\Sega
2015-02-01 00:53 - 2015-02-01 02:40 - 00000000 ____D () C:\Users\MK\Downloads\PS
2015-02-01 00:51 - 2015-02-01 06:44 - 00000000 ____D () C:\Users\MK\Downloads\NES
2015-02-01 00:50 - 2015-02-01 02:51 - 00000000 ____D () C:\Users\MK\Downloads\PS2
2015-02-01 00:42 - 2015-02-01 00:44 - 00000000 ____D () C:\Users\MK\Downloads\Wii
2015-02-01 00:24 - 2015-02-01 00:24 - 00000000 __SHD () C:\Users\MK\AppData\Local\EmieUserList
2015-02-01 00:24 - 2015-02-01 00:24 - 00000000 __SHD () C:\Users\MK\AppData\Local\EmieSiteList
2015-02-01 00:24 - 2015-02-01 00:24 - 00000000 __SHD () C:\Users\MK\AppData\Local\EmieBrowserModeList
2015-01-31 23:26 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2015-01-31 23:20 - 2015-01-31 23:20 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-01-31 23:20 - 2015-01-31 23:20 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-01-31 23:20 - 2015-01-31 23:20 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-01-31 23:20 - 2015-01-31 23:20 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-01-31 23:20 - 2015-01-31 23:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2015-01-31 23:20 - 2015-01-31 23:20 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2015-01-31 23:20 - 2015-01-31 23:20 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-01-31 23:20 - 2015-01-31 23:20 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-01-31 23:20 - 2015-01-31 23:20 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2015-01-31 23:20 - 2015-01-31 23:20 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2015-01-31 23:20 - 2015-01-31 23:20 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2015-01-31 23:20 - 2015-01-31 23:20 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2015-01-31 23:20 - 2015-01-31 23:20 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-01-31 23:17 - 2015-01-31 23:17 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-01-31 23:17 - 2015-01-31 23:17 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-01-31 23:17 - 2015-01-31 23:17 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-01-31 23:17 - 2015-01-31 23:17 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-01-31 23:17 - 2015-01-31 23:17 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-01-31 23:17 - 2015-01-31 23:17 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-01-31 23:16 - 2015-01-31 23:16 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2015-01-31 23:16 - 2015-01-31 23:16 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-31 23:09 - 2015-01-31 23:09 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-31 23:04 - 2015-01-31 23:26 - 00013054 _____ () C:\windows\IE11_main.log
2015-01-31 23:04 - 2015-01-31 23:04 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2015-01-31 23:04 - 2015-01-31 23:04 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2015-01-31 22:22 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fs_rec.sys
2015-01-31 22:22 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\wmi.dll
2015-01-31 22:22 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmi.dll
2015-01-31 22:19 - 2015-01-31 22:19 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2015-01-31 22:18 - 2015-02-01 05:55 - 00000000 ____D () C:\Users\MK\Downloads\N64
2015-01-31 22:15 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-31 22:13 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2015-01-31 22:13 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2015-01-31 22:13 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2015-01-31 22:13 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2015-01-31 22:12 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2015-01-31 22:12 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2015-01-31 22:12 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2015-01-31 22:12 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2015-01-31 15:29 - 2014-03-24 21:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-01-31 15:29 - 2014-03-24 21:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-01-31 12:17 - 2015-01-31 12:17 - 00000000 __RHD () C:\MSOCache
2015-01-31 06:40 - 2015-02-01 15:03 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1d03d4ab1907ffb.job
2015-01-31 06:40 - 2015-02-01 00:45 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1d03d4ab2c226a5.job
2015-01-31 06:40 - 2015-01-31 06:40 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d03d4ab2c226a5
2015-01-31 06:40 - 2015-01-31 06:40 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1d03d4ab1907ffb
2015-01-31 02:28 - 2015-02-01 15:04 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 02:27 - 2015-01-31 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-31 02:27 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-31 02:27 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-31 02:27 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-31 00:21 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-31 00:21 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-01-31 00:21 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-01-31 00:21 - 2013-02-15 01:08 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-01-31 00:21 - 2013-02-15 01:06 - 03717632 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-01-31 00:21 - 2013-02-15 01:02 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-01-31 00:21 - 2013-02-14 23:37 - 03217408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-01-31 00:21 - 2013-02-14 23:34 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-01-31 00:21 - 2013-02-14 22:25 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-01-31 00:20 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-01-31 00:20 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-01-31 00:20 - 2011-10-26 00:25 - 01572864 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-01-31 00:20 - 2011-10-26 00:25 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-01-31 00:20 - 2011-10-25 23:32 - 01328128 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-01-31 00:20 - 2011-10-25 23:32 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-01-31 00:18 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2015-01-31 00:18 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2015-01-31 00:18 - 2011-11-17 01:35 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2015-01-31 00:18 - 2011-11-17 00:35 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2015-01-31 00:16 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-31 00:16 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2015-01-31 00:16 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2015-01-31 00:16 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2015-01-31 00:16 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2015-01-31 00:16 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2015-01-31 00:16 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2015-01-31 00:16 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-01-31 00:16 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-31 00:16 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-31 00:16 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2015-01-31 00:16 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2015-01-31 00:16 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-01-31 00:16 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-01-31 00:16 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-01-31 00:16 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-01-31 00:16 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-01-31 00:16 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-01-31 00:16 - 2013-04-12 09:45 - 01656680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2015-01-31 00:15 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-01-31 00:15 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2015-01-30 22:55 - 2015-01-30 22:55 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-30 22:20 - 2015-01-30 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-30 22:14 - 2015-01-30 22:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-30 20:45 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2015-01-30 20:45 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-01-30 20:45 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-01-30 20:45 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-01-30 20:45 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-01-30 20:44 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-30 20:44 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-30 20:44 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-30 20:44 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-30 20:44 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-01-30 20:44 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-01-30 20:44 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-01-30 20:44 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-01-30 20:44 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2015-01-30 20:44 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2015-01-30 20:44 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-01-30 20:44 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2015-01-30 20:44 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2015-01-30 20:44 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-01-30 20:44 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-01-30 20:44 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-01-30 20:44 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-01-30 20:44 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2015-01-30 20:44 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2015-01-30 20:44 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2015-01-30 20:44 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2015-01-30 20:44 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2015-01-30 20:44 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2015-01-30 20:44 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2015-01-30 20:44 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2015-01-30 20:44 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2015-01-30 20:44 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-01-30 20:44 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-01-30 20:44 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-01-30 20:44 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-01-30 20:44 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-01-30 20:44 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-01-30 20:44 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-01-30 20:44 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-01-30 20:44 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-01-30 20:44 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-01-30 20:44 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-30 20:44 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-30 20:43 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-01-30 20:43 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2015-01-30 20:43 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2015-01-30 20:43 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2015-01-30 20:43 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2015-01-30 20:43 - 2013-07-12 05:40 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2015-01-30 20:43 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2015-01-30 20:43 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2015-01-30 20:43 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2015-01-30 20:43 - 2013-02-11 23:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2015-01-30 20:43 - 2012-11-28 17:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2015-01-30 20:43 - 2012-11-28 17:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2015-01-30 20:43 - 2012-11-28 17:56 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-01-30 20:43 - 2012-04-26 00:41 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2015-01-30 20:43 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll
2015-01-30 20:43 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe
2015-01-30 20:42 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-01-30 20:42 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-01-30 20:42 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-01-30 20:42 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-01-30 20:42 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-01-30 20:42 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-01-30 20:42 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-01-30 20:42 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-01-30 20:42 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2015-01-30 20:42 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2015-01-30 20:42 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2015-01-30 20:42 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2015-01-30 20:42 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2015-01-30 20:42 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2015-01-30 20:42 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-01-30 20:42 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-01-30 20:42 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-01-30 20:42 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-01-30 20:42 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-01-30 20:42 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-01-30 20:42 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-01-30 20:42 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-01-30 20:42 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-01-30 20:42 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-01-30 20:42 - 2013-02-27 00:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-01-30 20:42 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2015-01-30 20:42 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2015-01-30 20:35 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2015-01-30 20:35 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2015-01-30 20:35 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2015-01-30 20:35 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2015-01-30 20:35 - 2012-04-27 22:55 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2015-01-30 20:35 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2015-01-30 18:49 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-01-30 18:49 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2015-01-30 18:49 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-01-30 18:49 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2015-01-30 18:49 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-01-30 18:49 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-01-30 18:49 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-01-30 18:49 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-01-30 18:49 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-01-30 18:49 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-01-30 18:49 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-01-30 18:49 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-01-30 18:49 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-01-30 18:49 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2015-01-30 18:48 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-01-30 18:48 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-30 18:48 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-01-30 18:48 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-01-30 18:48 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-30 18:48 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-01-30 18:48 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-01-30 18:48 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-01-30 18:48 - 2012-09-25 17:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2015-01-30 18:48 - 2012-09-25 17:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2015-01-30 17:05 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2015-01-30 17:05 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2015-01-30 17:04 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-01-30 15:11 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-30 15:11 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2015-01-30 15:11 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2015-01-30 15:11 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2015-01-30 15:11 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2015-01-30 15:11 - 2012-11-22 22:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2015-01-30 15:10 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-30 15:10 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-30 15:10 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-30 15:10 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-30 15:10 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-30 15:10 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-30 15:10 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-01-30 15:10 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-01-30 15:10 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-01-30 15:10 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-01-30 15:10 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-30 15:10 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-30 15:09 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2015-01-30 15:09 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2015-01-30 15:09 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-01-30 15:09 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-01-30 15:09 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-01-30 15:09 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-01-30 15:09 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-01-30 15:09 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-01-30 15:09 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-01-30 15:09 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-01-30 15:09 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-01-30 15:09 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-01-30 15:09 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-01-30 15:09 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-01-30 15:04 - 2012-07-04 17:16 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\netapi32.dll
2015-01-30 15:04 - 2012-07-04 17:13 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\browser.dll
2015-01-30 15:04 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\browcli.dll
2015-01-30 15:04 - 2012-07-04 16:16 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\netapi32.dll
2015-01-30 15:04 - 2012-07-04 16:14 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\browcli.dll
2015-01-30 14:01 - 2015-01-30 14:01 - 00002997 _____ () C:\Users\MK\Desktop\HiJackThis.lnk
2015-01-30 14:01 - 2015-01-30 14:01 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-01-30 14:01 - 2012-06-06 01:02 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2015-01-30 14:01 - 2012-06-06 00:03 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2015-01-30 13:50 - 2015-01-30 13:50 - 00372382 _____ () C:\ProgramData\1422643722.bdinstall.bin
2015-01-30 13:50 - 2015-01-30 13:50 - 00002386 _____ () C:\Users\Public\Desktop\Early Detection Center 4.0.lnk
2015-01-30 13:50 - 2015-01-30 13:50 - 00000796 ____H () C:\bdr-cf01
2015-01-30 13:50 - 2015-01-30 13:50 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Early Detection Center 4.0
2015-01-30 13:50 - 2015-01-30 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Early Detection Center 4.0
2015-01-30 13:49 - 2015-01-30 13:50 - 00253404 ____H () C:\bdr-ld01
2015-01-30 13:49 - 2015-01-30 13:50 - 00009216 ____H () C:\bdr-ld01.mbr
2015-01-30 13:49 - 2015-01-30 13:50 - 00000000 ____D () C:\ProgramData\Early Detection Center 4.0
2015-01-30 13:49 - 2015-01-30 13:49 - 00000000 ____D () C:\Program Files\Early Detection Center 4.0
2015-01-30 13:49 - 2012-11-20 21:16 - 36709478 ____H () C:\bdr-im01.gz
2015-01-30 13:49 - 2012-10-31 13:13 - 00350160 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2015-01-30 13:49 - 2012-08-29 18:24 - 00145696 _____ (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys
2015-01-30 13:49 - 2012-08-15 15:28 - 02510608 ____H () C:\bdr-bz01
2015-01-30 13:01 - 2015-01-30 13:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-29 21:34 - 2015-01-29 21:34 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2
2015-01-29 21:34 - 2015-01-29 21:34 - 00000000 ___HD () C:\ProgramData\CanonEPP
2015-01-29 21:34 - 2015-01-29 21:34 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2015-01-29 21:33 - 2015-01-29 21:33 - 00000000 ____D () C:\ProgramData\CanonIJMSetup
2015-01-29 21:32 - 2015-01-29 21:32 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-01-29 21:32 - 2015-01-29 21:32 - 00000000 ____D () C:\Program Files\Common Files\CANON
2015-01-29 21:29 - 2015-01-29 21:29 - 00000000 ____D () C:\Program Files\Canon
2015-01-29 21:28 - 2015-01-29 21:28 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-01-29 21:28 - 2015-01-29 21:28 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-29 21:27 - 2015-01-30 16:37 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-01-29 03:31 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-01-29 03:31 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-01-29 03:31 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-01-29 03:31 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-01-29 03:31 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-01-29 03:31 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-01-29 03:31 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-01-29 03:05 - 2015-01-31 22:19 - 00000000 ____D () C:\windows\system32\MRT
2015-01-28 10:09 - 2015-01-28 10:09 - 00000964 _____ () C:\Users\MK\Desktop\JRT.txt
2015-01-28 10:03 - 2015-01-28 10:03 - 00000000 ____D () C:\windows\ERUNT
2015-01-28 09:57 - 2015-02-01 15:01 - 00000000 ____D () C:\AdwCleaner
2015-01-28 08:32 - 2015-02-01 13:57 - 00000362 _____ () C:\windows\system32\checkdnsid.xml
2015-01-28 08:26 - 2015-02-01 03:11 - 00000000 ____D () C:\Users\MK\AppData\Local\Adobe
2015-01-28 07:09 - 2015-01-28 07:09 - 00372738 _____ () C:\ProgramData\1422446430.bdinstall.bin
2015-01-28 07:04 - 2015-01-28 07:04 - 00000385 _____ () C:\windows\system32\user_gensett.xml
2015-01-28 07:04 - 2015-01-28 07:04 - 00000385 _____ () C:\Users\MK\AppData\Roaminguser_gensett.xml
2015-01-28 07:03 - 2015-01-28 07:03 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-28 07:03 - 2015-01-28 07:03 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-28 07:03 - 2012-10-10 15:00 - 00705552 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2015-01-28 07:03 - 2012-10-10 15:00 - 00587024 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2015-01-28 07:03 - 2012-09-21 18:16 - 00082384 _____ (BitDefender SRL) C:\windows\system32\Drivers\bdsandbox.sys
2015-01-28 07:03 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll
2015-01-28 07:01 - 2015-01-28 07:01 - 00000000 ____D () C:\Users\MK\AppData\Roaming\QuickScan
2015-01-28 07:00 - 2015-01-30 13:49 - 00000000 ____D () C:\Program Files\Common Files\Early Detection Center 4.0
2015-01-28 07:00 - 2015-01-28 07:00 - 00000149 _____ () C:\USTSInstallInfo.log
2015-01-28 06:42 - 2015-01-28 06:42 - 00000000 ____D () C:\windows\system32\Drivers\NortonPCCheckupx64
2015-01-28 06:42 - 2010-05-11 17:08 - 00002435 _____ () C:\Users\Public\Desktop\Walmart Photo.lnk
2015-01-28 06:41 - 2015-01-28 06:41 - 00000000 ____D () C:\Program Files (x86)\Toshiba Online Backup
2015-01-28 06:40 - 2015-01-29 00:57 - 00000000 ____D () C:\ProgramData\Norton
2015-01-28 06:39 - 2015-02-01 15:05 - 00000000 ____D () C:\Users\MK\Downloads\Anti-V
2015-01-28 06:35 - 2015-01-31 06:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-28 06:35 - 2015-01-28 06:35 - 00000000 ____D () C:\Program Files\Google
2015-01-28 06:34 - 2015-02-01 15:03 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 06:34 - 2015-02-01 00:39 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 06:34 - 2015-01-28 06:35 - 00000000 ____D () C:\ProgramData\Google
2015-01-28 06:34 - 2015-01-28 06:35 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-28 06:34 - 2015-01-28 06:34 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-28 06:34 - 2015-01-28 06:34 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-28 06:34 - 2015-01-28 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-28 06:33 - 2010-06-02 07:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2015-01-28 06:33 - 2010-06-02 07:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2015-01-28 06:33 - 2010-06-02 07:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2015-01-28 06:33 - 2010-06-02 07:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2015-01-28 06:33 - 2010-06-02 07:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2015-01-28 06:33 - 2010-06-02 07:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2015-01-28 06:33 - 2010-05-26 14:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2015-01-28 06:33 - 2009-09-04 20:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2015-01-28 06:33 - 2009-09-04 20:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll
2015-01-28 06:33 - 2009-09-04 20:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2015-01-28 06:33 - 2009-09-04 20:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2015-01-28 06:33 - 2009-09-04 20:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2015-01-28 06:33 - 2009-09-04 20:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2015-01-28 06:33 - 2009-09-04 20:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2015-01-28 06:33 - 2009-03-16 17:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2015-01-28 06:33 - 2009-03-16 17:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2015-01-28 06:33 - 2009-03-16 17:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2015-01-28 06:33 - 2009-03-16 17:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2015-01-28 06:33 - 2009-03-16 17:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2015-01-28 06:33 - 2009-03-16 17:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2015-01-28 06:33 - 2009-03-09 18:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2015-01-28 06:33 - 2009-03-09 18:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2015-01-28 06:33 - 2009-03-09 18:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2015-01-28 06:33 - 2009-03-09 18:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2015-01-28 06:33 - 2008-10-15 10:03 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2015-01-28 06:33 - 2008-10-15 09:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2015-01-28 06:33 - 2008-10-15 09:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2015-01-28 06:33 - 2008-10-15 09:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2015-01-28 06:33 - 2008-10-15 09:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2015-01-28 06:33 - 2008-10-15 09:22 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll
2015-01-28 06:33 - 2008-10-15 09:22 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll
2015-01-28 06:33 - 2008-07-30 09:20 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2015-01-28 06:33 - 2008-07-30 09:20 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2015-01-28 06:33 - 2008-07-30 09:20 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2015-01-28 06:33 - 2008-07-30 09:20 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2015-01-28 06:33 - 2008-07-30 09:20 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2015-01-28 06:33 - 2008-07-30 09:20 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2015-01-28 06:33 - 2008-07-10 14:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2015-01-28 06:33 - 2008-07-10 14:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2015-01-28 06:33 - 2008-07-10 14:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2015-01-28 06:33 - 2008-07-10 14:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2015-01-28 06:33 - 2008-07-10 14:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2015-01-28 06:33 - 2008-07-10 14:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2015-01-28 06:33 - 2008-05-30 17:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2015-01-28 06:33 - 2008-05-30 17:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2015-01-28 06:33 - 2008-05-30 17:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2015-01-28 06:33 - 2008-05-30 17:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2015-01-28 06:33 - 2008-05-30 17:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2015-01-28 06:33 - 2008-05-30 17:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2015-01-28 06:33 - 2008-05-30 17:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2015-01-28 06:33 - 2008-05-30 17:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2015-01-28 06:33 - 2008-05-30 17:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2015-01-28 06:33 - 2008-05-30 17:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2015-01-28 06:33 - 2008-05-30 17:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2015-01-28 06:33 - 2008-05-30 17:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2015-01-28 06:33 - 2008-05-30 17:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2015-01-28 06:33 - 2008-05-30 17:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2015-01-28 06:33 - 2008-03-05 19:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2015-01-28 06:33 - 2008-03-05 19:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2015-01-28 06:33 - 2008-03-05 19:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2015-01-28 06:33 - 2008-03-05 19:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2015-01-28 06:33 - 2008-03-05 19:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2015-01-28 06:33 - 2008-03-05 19:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2015-01-28 06:33 - 2008-03-05 18:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2015-01-28 06:33 - 2008-03-05 18:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2015-01-28 06:33 - 2008-03-05 18:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2015-01-28 06:33 - 2008-03-05 18:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2015-01-28 06:33 - 2008-02-06 02:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2015-01-28 06:33 - 2008-02-06 02:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2015-01-28 06:31 - 2015-01-30 16:37 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2015-01-28 06:31 - 2015-01-28 06:43 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Corporation
2015-01-28 06:31 - 2015-01-28 06:34 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-28 06:31 - 2015-01-28 06:31 - 00001726 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com - Shopping.lnk
2015-01-28 06:31 - 2015-01-28 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com
2015-01-28 06:31 - 2015-01-28 06:31 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-28 06:30 - 2015-01-28 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero
2015-01-28 06:30 - 2015-01-28 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
2015-01-28 06:30 - 2015-01-28 06:30 - 00000000 ____D () C:\Program Files (x86)\Corel
2015-01-28 06:30 - 2009-07-30 23:22 - 00027784 _____ (TOSHIBA Corporation.) C:\windows\system32\Drivers\tdcmdpst.sys
2015-01-28 06:29 - 2007-10-22 06:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2015-01-28 06:29 - 2007-10-22 06:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2015-01-28 06:29 - 2007-10-22 06:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2015-01-28 06:29 - 2007-10-22 06:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2015-01-28 06:29 - 2007-10-12 18:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2015-01-28 06:29 - 2007-10-12 18:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2015-01-28 06:29 - 2007-10-12 18:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2015-01-28 06:29 - 2007-10-12 18:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2015-01-28 06:29 - 2007-10-02 12:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2015-01-28 06:29 - 2007-10-02 12:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2015-01-28 06:29 - 2007-07-20 03:57 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2015-01-28 06:29 - 2007-07-20 03:57 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2015-01-28 06:29 - 2007-07-19 21:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2015-01-28 06:29 - 2007-07-19 21:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2015-01-28 06:29 - 2007-07-19 21:14 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2015-01-28 06:29 - 2007-07-19 21:14 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2015-01-28 06:29 - 2007-07-19 21:14 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2015-01-28 06:29 - 2007-07-19 21:14 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2015-01-28 06:29 - 2007-06-20 23:49 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2015-01-28 06:29 - 2007-06-20 23:46 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2015-01-28 06:29 - 2007-05-16 19:45 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2015-01-28 06:29 - 2007-05-16 19:45 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2015-01-28 06:29 - 2007-05-16 19:45 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2015-01-28 06:29 - 2007-05-16 19:45 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2015-01-28 06:29 - 2007-05-16 19:45 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2015-01-28 06:29 - 2007-05-16 19:45 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2015-01-28 06:29 - 2007-04-04 21:55 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2015-01-28 06:29 - 2007-04-04 21:55 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2015-01-28 06:29 - 2007-04-04 21:54 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2015-01-28 06:29 - 2007-04-04 21:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2015-01-28 06:29 - 2007-03-15 19:57 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2015-01-28 06:29 - 2007-03-15 19:57 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2015-01-28 06:29 - 2007-03-12 19:42 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2015-01-28 06:29 - 2007-03-12 19:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2015-01-28 06:29 - 2007-03-12 19:42 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2015-01-28 06:29 - 2007-03-12 19:42 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2015-01-28 06:29 - 2007-03-05 15:42 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2015-01-28 06:29 - 2007-03-05 15:42 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2015-01-28 06:29 - 2007-01-24 18:27 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2015-01-28 06:29 - 2007-01-24 18:27 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2015-01-28 06:29 - 2006-12-08 15:02 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2015-01-28 06:29 - 2006-12-08 15:00 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2015-01-28 06:29 - 2006-11-29 16:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2015-01-28 06:29 - 2006-11-29 16:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2015-01-28 06:29 - 2006-11-29 16:06 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2015-01-28 06:29 - 2006-11-29 16:06 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2015-01-28 06:29 - 2006-09-28 19:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2015-01-28 06:29 - 2006-09-28 19:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2015-01-28 06:29 - 2006-09-28 19:05 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2015-01-28 06:29 - 2006-09-28 19:04 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2015-01-28 06:29 - 2006-07-28 12:31 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2015-01-28 06:29 - 2006-07-28 12:30 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2015-01-28 06:29 - 2006-07-28 12:30 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2015-01-28 06:29 - 2006-07-28 12:30 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2015-01-28 06:29 - 2006-05-31 10:24 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2015-01-28 06:29 - 2006-05-31 10:22 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2015-01-28 06:29 - 2006-03-31 15:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2015-01-28 06:29 - 2006-03-31 15:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2015-01-28 06:29 - 2006-03-31 15:40 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
2015-01-28 06:29 - 2006-03-31 15:39 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll
2015-01-28 06:29 - 2006-03-31 15:39 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
2015-01-28 06:29 - 2006-03-31 15:39 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll
2015-01-28 06:29 - 2006-02-03 11:43 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2015-01-28 06:29 - 2006-02-03 11:43 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2015-01-28 06:29 - 2006-02-03 11:42 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2015-01-28 06:29 - 2006-02-03 11:42 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2015-01-28 06:29 - 2006-02-03 11:41 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
2015-01-28 06:29 - 2006-02-03 11:41 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll
2015-01-28 06:29 - 2005-12-05 21:09 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2015-01-28 06:29 - 2005-12-05 21:09 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2015-01-28 06:29 - 2005-07-22 22:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2015-01-28 06:29 - 2005-07-22 22:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2015-01-28 06:29 - 2005-05-26 18:34 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2015-01-28 06:29 - 2005-05-26 18:34 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2015-01-28 06:29 - 2005-03-18 20:19 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2015-01-28 06:29 - 2005-03-18 20:19 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2015-01-28 06:29 - 2005-02-05 22:45 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2015-01-28 06:29 - 2005-02-05 22:45 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2015-01-28 06:25 - 2015-01-30 16:37 - 00000000 ____D () C:\Program Files (x86)\PlayReady
2015-01-28 06:25 - 2015-01-28 06:25 - 00002067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Toshiba Book Place.lnk
2015-01-28 06:25 - 2015-01-28 06:25 - 00000000 ____D () C:\Users\Public\Book Place
2015-01-28 06:23 - 2011-02-08 22:07 - 00038096 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\PGEffect.sys
2015-01-28 06:22 - 2010-10-20 17:41 - 00138656 _____ (TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe
2015-01-28 06:19 - 1999-10-12 21:47 - 00024576 _____ (Toshiba) C:\windows\SysWOW64\TSCI.dll
2015-01-28 06:19 - 1999-10-12 21:45 - 00024576 _____ (Toshiba) C:\windows\SysWOW64\THCI.dll
2015-01-28 06:18 - 2005-04-15 23:58 - 01351392 _____ (Microsoft Corporation) C:\windows\SysWOW64\COMCTL32.OCX
2015-01-28 06:17 - 2015-01-28 06:17 - 00000000 ____D () C:\windows\SysWOW64\sda
2015-01-28 06:17 - 2015-01-28 06:17 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-28 06:17 - 2010-10-08 14:49 - 09112168 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RtsUStoricon.dll
2015-01-28 06:17 - 2010-10-08 14:49 - 00422504 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtsUStor.dll
2015-01-28 06:17 - 2010-10-08 14:49 - 00243712 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2015-01-28 06:17 - 2009-07-07 12:51 - 00009216 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\FwLnk.sys
2015-01-28 06:17 - 2006-03-23 17:44 - 00009728 _____ (TOSHIBA Corp.) C:\windows\SysWOW64\TCMSVR.dll
2015-01-28 06:17 - 2004-03-09 19:00 - 01081616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscomctl.ocx
2015-01-28 06:17 - 2004-03-09 19:00 - 00152848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Comdlg32.ocx
2015-01-28 06:16 - 2015-01-28 06:16 - 00000000 ____D () C:\windows\SysWOW64\Atheros_L1e
2015-01-28 06:13 - 2015-01-28 06:18 - 00016012 _____ () C:\windows\DPINST.LOG
2015-01-28 06:13 - 2015-01-28 06:14 - 00000000 ____D () C:\Program Files (x86)\Realtek WLAN Driver
2015-01-28 06:13 - 2015-01-28 06:13 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-01-28 06:13 - 2015-01-28 06:13 - 00000000 ____D () C:\Program Files\Synaptics
2015-01-28 06:13 - 2011-01-05 04:08 - 01109096 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8192ce.sys
2015-01-28 06:13 - 2010-12-22 19:24 - 00626792 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl819xp.sys
2015-01-28 06:13 - 2010-12-17 19:04 - 01221224 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8192se.sys
2015-01-28 06:13 - 2010-12-01 12:31 - 00451072 _____ () C:\windows\SysWOW64\ISSRemoveSP.exe
2015-01-28 06:13 - 2010-04-01 17:01 - 00442368 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8187Se.sys
2015-01-28 06:13 - 2010-03-31 14:10 - 00450048 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8187B.sys
2015-01-28 06:10 - 2015-01-28 06:10 - 00000000 ____D () C:\Program Files\CONEXANT
2015-01-28 06:07 - 2010-11-06 02:45 - 00438808 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStor.sys
2015-01-28 06:06 - 2015-01-28 06:06 - 00015814 _____ () C:\windows\system32\results.xml
2015-01-28 06:06 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2015-01-28 06:06 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2015-01-28 06:06 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys
2015-01-28 06:04 - 2015-01-28 06:04 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-01-28 06:03 - 2015-01-28 06:04 - 00000000 ____D () C:\Intel
2015-01-28 06:03 - 2011-02-01 16:06 - 00008192 _____ () C:\windows\system32\Drivers\IntelMEFWVer.dll
2015-01-28 06:03 - 2010-10-19 19:34 - 00056344 _____ (Intel Corporation) C:\windows\system32\Drivers\HECIx64.sys
2015-01-28 06:01 - 2015-01-28 06:07 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-28 06:01 - 2010-12-23 14:09 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2015-01-28 06:00 - 2015-02-01 15:04 - 01289382 _____ () C:\windows\WindowsUpdate.log
2015-01-28 05:25 - 2015-01-30 09:42 - 00000895 _____ () C:\Users\MK\Desktop\NewCityGoals.txt
2015-01-28 05:25 - 2015-01-28 05:25 - 01502643 _____ () C:\Users\MK\Desktop\WarReport.swf
2015-01-28 05:25 - 2015-01-28 05:25 - 00000327 _____ () C:\Users\MK\Desktop\NewCityScript.txt
2015-01-28 05:23 - 2015-01-30 16:37 - 00000000 ____D () C:\Users\MK\Downloads\Evony
2015-01-28 04:59 - 2015-02-01 00:12 - 00111448 _____ () C:\Users\MK\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 04:59 - 2015-01-28 08:26 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Adobe
2015-01-28 04:59 - 2015-01-28 04:59 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Toshiba
2015-01-28 04:59 - 2015-01-28 04:59 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Google
2015-01-28 04:58 - 2015-02-01 00:11 - 00001428 _____ () C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-28 04:58 - 2015-01-28 19:58 - 00000000 ____D () C:\Users\MK\AppData\Local\Google
2015-01-28 04:58 - 2015-01-28 04:58 - 00000000 ____D () C:\Users\MK\AppData\Local\TOSHIBA
2015-01-28 04:57 - 2015-01-30 14:01 - 00000000 ____D () C:\Users\MK\AppData\Local\VirtualStore
2015-01-28 04:57 - 2015-01-28 04:57 - 00000013 __RSH () C:\windows\system32\Drivers\fbd.sys
2015-01-28 04:56 - 2015-01-28 04:56 - 00000000 ____D () C:\Users\MK\AppData\Roaming\WinBatch
2015-01-28 04:56 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-01-28 04:56 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-01-28 04:56 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-01-28 04:56 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-01-28 04:56 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-01-28 04:56 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-01-28 04:56 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-01-28 04:56 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-01-28 04:56 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-01-28 04:56 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-01-28 04:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-01-28 04:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-01-28 04:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-01-28 04:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-01-28 04:55 - 2015-01-30 13:39 - 00000000 ____D () C:\Users\MK
2015-01-28 04:55 - 2015-01-28 04:55 - 00000020 ___SH () C:\Users\MK\ntuser.ini
2015-01-28 04:55 - 2011-10-30 21:34 - 00000000 ____D () C:\Users\MK\AppData\Roaming\Macromedia
2015-01-28 04:55 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-28 04:55 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\MK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 15:03 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-01 15:03 - 2009-07-13 23:51 - 00033041 _____ () C:\windows\setupact.log
2015-02-01 15:02 - 2010-11-20 22:47 - 00538116 _____ () C:\windows\PFRO.log
2015-02-01 12:14 - 2009-07-14 00:13 - 00713888 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-01 10:58 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-01 10:58 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-01 10:58 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2015-02-01 03:11 - 2011-10-30 21:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-01 03:09 - 2011-10-30 21:34 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-31 23:57 - 2009-07-13 23:45 - 00436128 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-31 23:54 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-31 23:54 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-31 23:54 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-31 23:54 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2015-01-31 23:54 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2015-01-31 23:54 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\zh-HK
2015-01-31 23:54 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\tr-TR
2015-01-31 23:54 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-01-31 23:54 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-31 01:16 - 2011-10-30 21:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-30 22:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-30 16:37 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-30 16:37 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-30 16:37 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-30 16:37 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\com
2015-01-30 16:37 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\Setup
2015-01-30 16:37 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\com
2015-01-30 16:37 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-01-30 16:37 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\servicing
2015-01-30 16:37 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\AppCompat
2015-01-30 16:36 - 2011-10-30 21:34 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2015-01-30 16:36 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration
2015-01-28 08:27 - 2011-10-30 21:33 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-28 06:54 - 2009-07-14 00:38 - 00025600 ___SH () C:\windows\system32\config\BCD-Template.LOG
2015-01-28 06:54 - 2009-07-14 00:32 - 00028672 _____ () C:\windows\system32\config\BCD-Template
2015-01-28 06:51 - 2009-07-13 23:46 - 00004059 _____ () C:\windows\DtcInstall.log
2015-01-28 06:43 - 2011-10-30 21:30 - 00000000 ____D () C:\Program Files\TOSHIBA
2015-01-28 06:43 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-28 06:41 - 2011-10-30 21:34 - 00000000 ____D () C:\ProgramData\Toshiba
2015-01-28 06:33 - 2011-10-30 21:35 - 00219323 _____ () C:\windows\DirectX.log
2015-01-28 06:29 - 2011-10-30 21:14 - 00000000 ___HD () C:\windows\msdownld.tmp
2015-01-28 06:29 - 2011-10-30 21:13 - 00012869 _____ () C:\windows\IE9_main.log
2015-01-28 05:59 - 2011-10-30 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-01-28 05:57 - 2011-10-30 21:08 - 00003652 _____ () C:\windows\TSSysprep.log
2015-01-28 04:58 - 2010-11-21 02:06 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2015-01-28 04:57 - 2011-10-31 13:48 - 00000000 ____D () C:\windows\Panther
2015-01-28 04:57 - 2011-10-30 21:45 - 00000000 ____D () C:\Users\Public\TEMP
2015-01-28 04:57 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\Sysprep
2015-01-28 04:56 - 2011-10-30 21:33 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2015-01-28 04:56 - 2011-10-30 21:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-28 04:55 - 2009-07-14 00:32 - 00000000 ____D () C:\windows\system32\restore
2015-01-28 04:55 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries

==================== Files in the root of some directories =======

2015-01-28 07:09 - 2015-01-28 07:09 - 0372738 _____ () C:\ProgramData\1422446430.bdinstall.bin
2015-01-30 13:50 - 2015-01-30 13:50 - 0372382 _____ () C:\ProgramData\1422643722.bdinstall.bin

Some content of TEMP:
====================
C:\Users\MK\AppData\Local\Temp\Quarantine.exe
C:\Users\MK\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-28 13:17

==================== End Of Log ============================

 

 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 02 February 2015 - 08:24 AM

Remove this program using the Add/Remove Programs applet.

Early Detection Center 4.0 (HKLM\...\Early Detection Center 4.0) (Version: 16.24.0.1682 - Early Detection Center 4.0) <==== ATTENTION!

===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

HKLM\...\Run: [] => [X]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
Restore your Windows 7 to the Last good configuration
Follow the instructions on this page.

http://windows.microsoft.com/en-ca/windows/using-last-known-good-configuration#1TC=windows-7
<<<>>>S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe /s [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

======

#5 lion2727

lion2727
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 02 February 2015 - 09:53 AM

Hello

 

                The program I removed was my anti virus wondering if I can put back on later, but the iexplore.exe is getting spikes runs cpu anywhere from 5 to 90 percent at any given time when opening browser or webpage but mostly 10 to 40 percent once loaded not sure what a normal level would be, but seems to run a bit better than before, will keep an eye on it today see how it goes for a day.

                        Thank you

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by MK at 2015-02-02 09:10:00 Run:1
Running from C:\Users\MK\Downloads\Anti-V
Loaded Profiles: MK (Available profiles: MK)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

CloseProcesses:

HKLM\...\Run: [] => [X]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2426222986-2913429428-2715109983-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
Restore your Windows 7 to the Last good configuration
Follow the instructions on this page.

http://windows.microsoft.com/en-ca/windows/using-last-known-good-configuration#1TC=windows-7
<<<>>>S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe /s [X]

End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2426222986-2913429428-2715109983-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\gcswf32.dll not found.
C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll not found.
Restore your Windows 7 to the Last good configuration => Error: No automatic fix found for this entry.
Follow the instructions on this page. => Error: No automatic fix found for this entry.
http://windows.microsoft.com/en-ca/windows/using-last-known-good-configuration#1TC=windows-7 => Error: No automatic fix found for this entry.
<<<>>>S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe /s [X] => Error: No automatic fix found for this entry.

The system needed a reboot.

==== End of Fixlog 09:10:01 ====

 

 

 Results of screen317's Security Check version 0.99.96 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 25 
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31 
 Google Chrome 12.0.742.100 Google Chrome out of date! 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 MK Downloads Anti-V Malwarebytes Anti-Malware\mbamscheduler.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 02 February 2015 - 10:47 AM

Did remove the Early Detection Center from USTechSupport remove you Bitdefender also?

Re install the application if you need it.
===

If you have removed Norton it may just be that some remant items are still around.
Norton does not let go that easy. I suggest you run the uninstaller for the version you had.

Refer to this site.
https://support.norton.com/sp/en/us/home/current/solutions/kb20080710133834EN_EndUserProfile_en_us?abproduct=home&abversion=1&pvid=f-home

===

Remove this old version of Java™ 6 Update 25 using the Add/Remove programs.
===

This command was wronly placed in the Fixlist text. My mistake.

Restore your Windows 7 to the Last good configuration
Follow the instructions on this page.

http://windows.microsoft.com/en-ca/windows/using-last-known-good-configuration#1TC=windows-7
<<<>>>

How is the computer running now?

#7 lion2727

lion2727
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 03 February 2015 - 01:36 AM

Yeah I had Norton come installed with computer but had different anti-v the Early Detection Center, and removed Norton so all the files for Norton were left behind, it didn't remove the bit defender though. I have reinstalled the Early Detection Center Now since I didn't want to be online without virus protection. next time ill use Revo Uninstaller to remove to get all remnants. I have removed Java 6 Update 25 via add and remove. I noticed when not online or online though a rundll32.exe running at least 50percent cpu, but the file was located in the syswow64 folder, to my knowledge the main location should be system32 but I have read there can be multiple locations for it, so I just ended the processes tree, and changed the name of the file in the( folder syswow64) (file rundll32.exe)  to see if it makes a difference so far my cpu is staying pretty low 1 to 40 percent range depending on what im doing. but I didn't delete it just in case it messes something up and can rename it back. I wonder if spyware has changed itself to look like needed file and run undetected. Let me know if I should change the file back, but seems to be doing better as of now. not skipping as much with video or streaming, I was now able to change startpage in registry back, and I haven't seen my anti virus shutoff automatically. will let you know if that changes on me. Thank you very much, Let me know if you need me to do anymore scans etc you might need done.



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 03 February 2015 - 09:55 AM

Use the computer for a few days and let me know how it goes.

#9 lion2727

lion2727
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 04 February 2015 - 07:38 AM

It started back up again, high iexplore.exe cpu usage, and I noticed files that were removed had been put back, and my permissions were changed back to S-1-15-2-1 I had the permissions for iexplore files to administrators.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 04 February 2015 - 09:36 AM

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Wait for further instructions.

#11 lion2727

lion2727
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 05 February 2015 - 03:02 AM

02:37:53.0660 0x3454  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
02:37:58.0425 0x3454  ============================================================
02:37:58.0425 0x3454  Current date / time: 2015/02/05 02:37:58.0425
02:37:58.0426 0x3454  SystemInfo:
02:37:58.0426 0x3454 
02:37:58.0426 0x3454  OS Version: 6.1.7601 ServicePack: 1.0
02:37:58.0426 0x3454  Product type: Workstation
02:37:58.0426 0x3454  ComputerName: MK-PC
02:37:58.0426 0x3454  UserName: MK
02:37:58.0427 0x3454  Windows directory: C:\windows
02:37:58.0427 0x3454  System windows directory: C:\windows
02:37:58.0427 0x3454  Running under WOW64
02:37:58.0427 0x3454  Processor architecture: Intel x64
02:37:58.0427 0x3454  Number of processors: 2
02:37:58.0427 0x3454  Page size: 0x1000
02:37:58.0427 0x3454  Boot type: Normal boot
02:37:58.0427 0x3454  ============================================================
02:37:58.0682 0x3454  KLMD registered as C:\windows\system32\drivers\51314321.sys
02:37:59.0229 0x3454  System UUID: {37D88D5B-3FB0-3300-5EAB-1B260BD6A096}
02:37:59.0887 0x3454  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:37:59.0896 0x3454  ============================================================
02:37:59.0896 0x3454  \Device\Harddisk0\DR0:
02:37:59.0896 0x3454  MBR partitions:
02:37:59.0896 0x3454  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48A13000
02:37:59.0896 0x3454  ============================================================
02:37:59.0924 0x3454  C: <-> \Device\Harddisk0\DR0\Partition1
02:37:59.0924 0x3454  ============================================================
02:37:59.0924 0x3454  Initialize success
02:37:59.0924 0x3454  ============================================================
02:38:01.0849 0x43ac  ============================================================
02:38:01.0849 0x43ac  Scan started
02:38:01.0849 0x43ac  Mode: Manual;
02:38:01.0849 0x43ac  ============================================================
02:38:01.0849 0x43ac  KSN ping started
02:38:05.0388 0x43ac  KSN ping finished: true
02:38:07.0211 0x43ac  ================ Scan system memory ========================
02:38:07.0211 0x43ac  System memory - ok
02:38:07.0212 0x43ac  ================ Scan services =============================
02:38:07.0475 0x43ac  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
02:38:07.0489 0x43ac  1394ohci - ok
02:38:07.0547 0x43ac  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
02:38:07.0559 0x43ac  ACPI - ok
02:38:07.0591 0x43ac  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
02:38:07.0594 0x43ac  AcpiPmi - ok
02:38:07.0703 0x43ac  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:38:07.0710 0x43ac  AdobeARMservice - ok
02:38:07.0797 0x43ac  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
02:38:07.0821 0x43ac  adp94xx - ok
02:38:07.0887 0x43ac  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
02:38:07.0898 0x43ac  adpahci - ok
02:38:07.0907 0x43ac  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
02:38:07.0913 0x43ac  adpu320 - ok
02:38:07.0949 0x43ac  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
02:38:07.0952 0x43ac  AeLookupSvc - ok
02:38:08.0024 0x43ac  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
02:38:08.0046 0x43ac  AFD - ok
02:38:08.0087 0x43ac  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
02:38:08.0094 0x43ac  agp440 - ok
02:38:08.0119 0x43ac  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
02:38:08.0123 0x43ac  ALG - ok
02:38:08.0147 0x43ac  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
02:38:08.0149 0x43ac  aliide - ok
02:38:08.0157 0x43ac  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
02:38:08.0160 0x43ac  amdide - ok
02:38:08.0177 0x43ac  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
02:38:08.0180 0x43ac  AmdK8 - ok
02:38:08.0185 0x43ac  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
02:38:08.0189 0x43ac  AmdPPM - ok
02:38:08.0204 0x43ac  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
02:38:08.0209 0x43ac  amdsata - ok
02:38:08.0233 0x43ac  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
02:38:08.0240 0x43ac  amdsbs - ok
02:38:08.0260 0x43ac  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
02:38:08.0262 0x43ac  amdxata - ok
02:38:08.0274 0x43ac  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
02:38:08.0277 0x43ac  AppID - ok
02:38:08.0299 0x43ac  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
02:38:08.0301 0x43ac  AppIDSvc - ok
02:38:08.0352 0x43ac  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
02:38:08.0356 0x43ac  Appinfo - ok
02:38:08.0390 0x43ac  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
02:38:08.0407 0x43ac  arc - ok
02:38:08.0453 0x43ac  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
02:38:08.0461 0x43ac  arcsas - ok
02:38:08.0481 0x43ac  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
02:38:08.0484 0x43ac  AsyncMac - ok
02:38:08.0512 0x43ac  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
02:38:08.0514 0x43ac  atapi - ok
02:38:08.0613 0x43ac  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
02:38:08.0636 0x43ac  AudioEndpointBuilder - ok
02:38:08.0657 0x43ac  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\windows\System32\Audiosrv.dll
02:38:08.0673 0x43ac  AudioSrv - ok
02:38:08.0749 0x43ac  [ E7433C0C2505D8DEE6CA2A446C355595, 6C485A87FAE28FD63433446CEFE6ECE7188D8A849590B12D13031862A237F4B6 ] avc3            C:\windows\system32\DRIVERS\avc3.sys
02:38:08.0768 0x43ac  avc3 - ok
02:38:08.0847 0x43ac  [ 3CA0BD46B2FC65393A9B1DCAF6E2F7E7, BA6B781EE0A89D54B427CAE8EF80CF5694E06FF866C1FC301C4A7D8694C6B6D5 ] avckf           C:\windows\system32\DRIVERS\avckf.sys
02:38:08.0870 0x43ac  avckf - ok
02:38:08.0911 0x43ac  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
02:38:08.0915 0x43ac  AxInstSV - ok
02:38:08.0975 0x43ac  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
02:38:08.0995 0x43ac  b06bdrv - ok
02:38:09.0042 0x43ac  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
02:38:09.0050 0x43ac  b57nd60a - ok
02:38:09.0089 0x43ac  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
02:38:09.0093 0x43ac  BDESVC - ok
02:38:09.0222 0x43ac  [ 4CE4B0098FC315C237FA8867F07886C4, 475B2D86EE7658372D868ABC9ACA965FDD8212D3AE2C6E4749DC53DBA3DC19D6 ] bdfwfpf         C:\Program Files\Common Files\Early Detection Center 4.0\Early Detection Center 4.0 Firewall\bdfwfpf.sys
02:38:09.0231 0x43ac  bdfwfpf - ok
02:38:09.0305 0x43ac  [ F4683F14A40B05438A8B6E3B4EE765AC, 977B31796A329956A4B5ED2305F70FD1ECA7C8261DD99A88CAABB922C96B2A4F ] BDSandBox       C:\windows\system32\drivers\bdsandbox.sys
02:38:09.0321 0x43ac  BDSandBox - ok
02:38:09.0339 0x43ac  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
02:38:09.0343 0x43ac  Beep - ok
02:38:09.0452 0x43ac  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
02:38:09.0476 0x43ac  BFE - ok
02:38:09.0527 0x43ac  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
02:38:09.0568 0x43ac  BITS - ok
02:38:09.0601 0x43ac  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
02:38:09.0603 0x43ac  blbdrive - ok
02:38:09.0631 0x43ac  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
02:38:09.0637 0x43ac  bowser - ok
02:38:09.0662 0x43ac  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
02:38:09.0665 0x43ac  BrFiltLo - ok
02:38:09.0669 0x43ac  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
02:38:09.0671 0x43ac  BrFiltUp - ok
02:38:09.0713 0x43ac  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
02:38:09.0724 0x43ac  Browser - ok
02:38:09.0764 0x43ac  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
02:38:09.0774 0x43ac  Brserid - ok
02:38:09.0779 0x43ac  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
02:38:09.0784 0x43ac  BrSerWdm - ok
02:38:09.0788 0x43ac  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
02:38:09.0790 0x43ac  BrUsbMdm - ok
02:38:09.0794 0x43ac  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
02:38:09.0796 0x43ac  BrUsbSer - ok
02:38:09.0801 0x43ac  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
02:38:09.0804 0x43ac  BTHMODEM - ok
02:38:09.0850 0x43ac  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
02:38:09.0853 0x43ac  bthserv - ok
02:38:09.0873 0x43ac  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
02:38:09.0876 0x43ac  cdfs - ok
02:38:09.0929 0x43ac  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
02:38:09.0947 0x43ac  cdrom - ok
02:38:09.0981 0x43ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
02:38:09.0987 0x43ac  CertPropSvc - ok
02:38:10.0015 0x43ac  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
02:38:10.0018 0x43ac  circlass - ok
02:38:10.0051 0x43ac  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
02:38:10.0063 0x43ac  CLFS - ok
02:38:10.0282 0x43ac  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
02:38:10.0344 0x43ac  ClickToRunSvc - ok
02:38:10.0436 0x43ac  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:38:10.0464 0x43ac  clr_optimization_v2.0.50727_32 - ok
02:38:10.0496 0x43ac  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:38:10.0500 0x43ac  clr_optimization_v2.0.50727_64 - ok
02:38:10.0531 0x43ac  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
02:38:10.0534 0x43ac  CmBatt - ok
02:38:10.0550 0x43ac  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
02:38:10.0552 0x43ac  cmdide - ok
02:38:10.0638 0x43ac  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
02:38:10.0651 0x43ac  CNG - ok
02:38:10.0778 0x43ac  [ A260BE645DD096D90318C8CF98536720, ACFDC643485AAAB40ABB3A00C8D9F2E962AF273B95118F0CD19FB8E93E8BF032 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
02:38:10.0825 0x43ac  CnxtHdAudService - ok
02:38:10.0865 0x43ac  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
02:38:10.0866 0x43ac  Compbatt - ok
02:38:10.0886 0x43ac  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
02:38:10.0888 0x43ac  CompositeBus - ok
02:38:10.0903 0x43ac  COMSysApp - ok
02:38:10.0919 0x43ac  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
02:38:10.0921 0x43ac  crcdisk - ok
02:38:10.0979 0x43ac  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
02:38:10.0997 0x43ac  CryptSvc - ok
02:38:11.0040 0x43ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
02:38:11.0057 0x43ac  DcomLaunch - ok
02:38:11.0105 0x43ac  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
02:38:11.0113 0x43ac  defragsvc - ok
02:38:11.0129 0x43ac  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
02:38:11.0132 0x43ac  DfsC - ok
02:38:11.0168 0x43ac  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
02:38:11.0177 0x43ac  Dhcp - ok
02:38:11.0214 0x43ac  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
02:38:11.0216 0x43ac  discache - ok
02:38:11.0241 0x43ac  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
02:38:11.0243 0x43ac  Disk - ok
02:38:11.0285 0x43ac  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
02:38:11.0291 0x43ac  Dnscache - ok
02:38:11.0300 0x43ac  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
02:38:11.0308 0x43ac  dot3svc - ok
02:38:11.0323 0x43ac  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
02:38:11.0328 0x43ac  DPS - ok
02:38:11.0378 0x43ac  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
02:38:11.0379 0x43ac  drmkaud - ok
02:38:11.0454 0x43ac  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
02:38:11.0486 0x43ac  DXGKrnl - ok
02:38:11.0515 0x43ac  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
02:38:11.0519 0x43ac  EapHost - ok
02:38:11.0683 0x43ac  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
02:38:11.0766 0x43ac  ebdrv - ok
02:38:11.0828 0x43ac  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
02:38:11.0834 0x43ac  EFS - ok
02:38:11.0958 0x43ac  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
02:38:11.0978 0x43ac  ehRecvr - ok
02:38:11.0994 0x43ac  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
02:38:11.0998 0x43ac  ehSched - ok
02:38:12.0049 0x43ac  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
02:38:12.0063 0x43ac  elxstor - ok
02:38:12.0068 0x43ac  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
02:38:12.0070 0x43ac  ErrDev - ok
02:38:12.0174 0x43ac  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
02:38:12.0196 0x43ac  EventSystem - ok
02:38:12.0220 0x43ac  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
02:38:12.0226 0x43ac  exfat - ok
02:38:12.0235 0x43ac  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
02:38:12.0241 0x43ac  fastfat - ok
02:38:12.0314 0x43ac  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
02:38:12.0334 0x43ac  Fax - ok
02:38:12.0366 0x43ac  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
02:38:12.0368 0x43ac  fdc - ok
02:38:12.0393 0x43ac  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
02:38:12.0396 0x43ac  fdPHost - ok
02:38:12.0424 0x43ac  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
02:38:12.0426 0x43ac  FDResPub - ok
02:38:12.0461 0x43ac  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
02:38:12.0466 0x43ac  FileInfo - ok
02:38:12.0486 0x43ac  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
02:38:12.0491 0x43ac  Filetrace - ok
02:38:12.0538 0x43ac  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
02:38:12.0542 0x43ac  flpydisk - ok
02:38:12.0580 0x43ac  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
02:38:12.0593 0x43ac  FltMgr - ok
02:38:12.0690 0x43ac  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
02:38:12.0722 0x43ac  FontCache - ok
02:38:12.0774 0x43ac  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:38:12.0777 0x43ac  FontCache3.0.0.0 - ok
02:38:12.0799 0x43ac  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
02:38:12.0802 0x43ac  FsDepends - ok
02:38:12.0851 0x43ac  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
02:38:12.0857 0x43ac  Fs_Rec - ok
02:38:12.0899 0x43ac  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
02:38:12.0914 0x43ac  fvevol - ok
02:38:12.0927 0x43ac  [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk           C:\windows\system32\DRIVERS\FwLnk.sys
02:38:12.0931 0x43ac  FwLnk - ok
02:38:12.0959 0x43ac  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
02:38:12.0962 0x43ac  gagp30kx - ok
02:38:13.0037 0x43ac  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
02:38:13.0089 0x43ac  GamesAppService - ok
02:38:13.0167 0x43ac  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
02:38:13.0191 0x43ac  gpsvc - ok
02:38:13.0268 0x43ac  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:38:13.0276 0x43ac  gupdate - ok
02:38:13.0298 0x43ac  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:38:13.0305 0x43ac  gupdatem - ok
02:38:13.0367 0x43ac  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:38:13.0437 0x43ac  gusvc - ok
02:38:13.0498 0x43ac  [ BF2763FEA9704B1D9AA2C7719423251A, 3A177423CC7E974D0D1CF9A6D86090CC2B6AB972B4395E751E4834BADF845EBB ] gzflt           C:\windows\system32\DRIVERS\gzflt.sys
02:38:13.0509 0x43ac  gzflt - ok
02:38:13.0550 0x43ac  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
02:38:13.0555 0x43ac  hcw85cir - ok
02:38:13.0625 0x43ac  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
02:38:13.0641 0x43ac  HdAudAddService - ok
02:38:13.0670 0x43ac  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
02:38:13.0675 0x43ac  HDAudBus - ok
02:38:13.0695 0x43ac  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
02:38:13.0697 0x43ac  HidBatt - ok
02:38:13.0704 0x43ac  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
02:38:13.0708 0x43ac  HidBth - ok
02:38:13.0733 0x43ac  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
02:38:13.0736 0x43ac  HidIr - ok
02:38:13.0758 0x43ac  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
02:38:13.0761 0x43ac  hidserv - ok
02:38:13.0814 0x43ac  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
02:38:13.0817 0x43ac  HidUsb - ok
02:38:13.0862 0x43ac  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
02:38:13.0872 0x43ac  hkmsvc - ok
02:38:13.0902 0x43ac  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
02:38:13.0913 0x43ac  HomeGroupListener - ok
02:38:13.0944 0x43ac  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
02:38:13.0953 0x43ac  HomeGroupProvider - ok
02:38:13.0992 0x43ac  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
02:38:13.0996 0x43ac  HpSAMD - ok
02:38:14.0105 0x43ac  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
02:38:14.0128 0x43ac  HTTP - ok
02:38:14.0162 0x43ac  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
02:38:14.0163 0x43ac  hwpolicy - ok
02:38:14.0204 0x43ac  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
02:38:14.0212 0x43ac  i8042prt - ok
02:38:14.0295 0x43ac  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
02:38:14.0305 0x43ac  iaStor - ok
02:38:14.0344 0x43ac  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
02:38:14.0355 0x43ac  iaStorV - ok
02:38:14.0427 0x43ac  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:38:14.0455 0x43ac  idsvc - ok
02:38:14.0473 0x43ac  IEEtwCollectorService - ok
02:38:14.0925 0x43ac  [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550DC3AED07A02030 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
02:38:15.0412 0x43ac  igfx - ok
02:38:15.0482 0x43ac  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
02:38:15.0488 0x43ac  iirsp - ok
02:38:15.0592 0x43ac  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
02:38:15.0617 0x43ac  IKEEXT - ok
02:38:15.0624 0x43ac  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
02:38:15.0626 0x43ac  intelide - ok
02:38:15.0658 0x43ac  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
02:38:15.0661 0x43ac  intelppm - ok
02:38:15.0707 0x43ac  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
02:38:15.0715 0x43ac  IPBusEnum - ok
02:38:15.0742 0x43ac  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
02:38:15.0749 0x43ac  IpFilterDriver - ok
02:38:15.0800 0x43ac  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
02:38:15.0819 0x43ac  iphlpsvc - ok
02:38:15.0834 0x43ac  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
02:38:15.0838 0x43ac  IPMIDRV - ok
02:38:15.0844 0x43ac  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
02:38:15.0849 0x43ac  IPNAT - ok
02:38:15.0875 0x43ac  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
02:38:15.0877 0x43ac  IRENUM - ok
02:38:15.0880 0x43ac  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
02:38:15.0882 0x43ac  isapnp - ok
02:38:15.0907 0x43ac  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
02:38:15.0916 0x43ac  iScsiPrt - ok
02:38:15.0929 0x43ac  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
02:38:15.0932 0x43ac  kbdclass - ok
02:38:15.0959 0x43ac  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
02:38:15.0961 0x43ac  kbdhid - ok
02:38:15.0972 0x43ac  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
02:38:15.0974 0x43ac  KeyIso - ok
02:38:16.0024 0x43ac  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
02:38:16.0027 0x43ac  KSecDD - ok
02:38:16.0080 0x43ac  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
02:38:16.0092 0x43ac  KSecPkg - ok
02:38:16.0125 0x43ac  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
02:38:16.0129 0x43ac  ksthunk - ok
02:38:16.0184 0x43ac  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
02:38:16.0206 0x43ac  KtmRm - ok
02:38:16.0266 0x43ac  [ 045FB70BC993B691517CE309045FF02D, DF8D4755DB8440999CAABE1B25181D76342E0F79D9979A0600ECCAFA60E4130D ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
02:38:16.0279 0x43ac  L1C - ok
02:38:16.0344 0x43ac  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
02:38:16.0363 0x43ac  LanmanServer - ok
02:38:16.0384 0x43ac  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
02:38:16.0394 0x43ac  LanmanWorkstation - ok
02:38:16.0452 0x43ac  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
02:38:16.0458 0x43ac  lltdio - ok
02:38:16.0515 0x43ac  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
02:38:16.0538 0x43ac  lltdsvc - ok
02:38:16.0567 0x43ac  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
02:38:16.0569 0x43ac  lmhosts - ok
02:38:16.0672 0x43ac  [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
02:38:16.0694 0x43ac  LMS - ok
02:38:16.0729 0x43ac  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
02:38:16.0737 0x43ac  LSI_FC - ok
02:38:16.0779 0x43ac  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
02:38:16.0783 0x43ac  LSI_SAS - ok
02:38:16.0797 0x43ac  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
02:38:16.0801 0x43ac  LSI_SAS2 - ok
02:38:16.0824 0x43ac  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
02:38:16.0832 0x43ac  LSI_SCSI - ok
02:38:16.0886 0x43ac  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
02:38:16.0895 0x43ac  luafv - ok
02:38:16.0947 0x43ac  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
02:38:16.0958 0x43ac  MBAMProtector - ok
02:38:17.0146 0x43ac  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbamscheduler.exe
02:38:17.0195 0x43ac  MBAMScheduler - ok
02:38:17.0296 0x43ac  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Users\MK\Downloads\Anti-V\Malwarebytes Anti-Malware\mbamservice.exe
02:38:17.0322 0x43ac  MBAMService - ok
02:38:17.0371 0x43ac  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
02:38:17.0384 0x43ac  MBAMWebAccessControl - ok
02:38:17.0417 0x43ac  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
02:38:17.0429 0x43ac  Mcx2Svc - ok
02:38:17.0463 0x43ac  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
02:38:17.0472 0x43ac  megasas - ok
02:38:17.0523 0x43ac  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
02:38:17.0537 0x43ac  MegaSR - ok
02:38:17.0553 0x43ac  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
02:38:17.0559 0x43ac  MEIx64 - ok
02:38:17.0580 0x43ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
02:38:17.0584 0x43ac  MMCSS - ok
02:38:17.0588 0x43ac  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
02:38:17.0591 0x43ac  Modem - ok
02:38:17.0606 0x43ac  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
02:38:17.0608 0x43ac  monitor - ok
02:38:17.0619 0x43ac  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
02:38:17.0621 0x43ac  mouclass - ok
02:38:17.0663 0x43ac  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\drivers\mouhid.sys
02:38:17.0665 0x43ac  mouhid - ok
02:38:17.0710 0x43ac  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
02:38:17.0713 0x43ac  mountmgr - ok
02:38:17.0737 0x43ac  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
02:38:17.0746 0x43ac  mpio - ok
02:38:17.0777 0x43ac  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
02:38:17.0780 0x43ac  mpsdrv - ok
02:38:17.0830 0x43ac  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
02:38:17.0854 0x43ac  MpsSvc - ok
02:38:17.0911 0x43ac  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
02:38:17.0928 0x43ac  MRxDAV - ok
02:38:17.0959 0x43ac  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
02:38:17.0969 0x43ac  mrxsmb - ok
02:38:17.0993 0x43ac  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
02:38:18.0001 0x43ac  mrxsmb10 - ok
02:38:18.0028 0x43ac  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
02:38:18.0032 0x43ac  mrxsmb20 - ok
02:38:18.0057 0x43ac  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\DRIVERS\msahci.sys
02:38:18.0059 0x43ac  msahci - ok
02:38:18.0074 0x43ac  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
02:38:18.0079 0x43ac  msdsm - ok
02:38:18.0101 0x43ac  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
02:38:18.0107 0x43ac  MSDTC - ok
02:38:18.0118 0x43ac  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
02:38:18.0120 0x43ac  Msfs - ok
02:38:18.0140 0x43ac  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
02:38:18.0141 0x43ac  mshidkmdf - ok
02:38:18.0160 0x43ac  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
02:38:18.0161 0x43ac  msisadrv - ok
02:38:18.0205 0x43ac  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
02:38:18.0225 0x43ac  MSiSCSI - ok
02:38:18.0228 0x43ac  msiserver - ok
02:38:18.0258 0x43ac  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
02:38:18.0260 0x43ac  MSKSSRV - ok
02:38:18.0289 0x43ac  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
02:38:18.0292 0x43ac  MSPCLOCK - ok
02:38:18.0299 0x43ac  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
02:38:18.0302 0x43ac  MSPQM - ok
02:38:18.0329 0x43ac  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
02:38:18.0339 0x43ac  MsRPC - ok
02:38:18.0358 0x43ac  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
02:38:18.0360 0x43ac  mssmbios - ok
02:38:18.0379 0x43ac  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
02:38:18.0381 0x43ac  MSTEE - ok
02:38:18.0385 0x43ac  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
02:38:18.0391 0x43ac  MTConfig - ok
02:38:18.0427 0x43ac  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
02:38:18.0429 0x43ac  Mup - ok
02:38:18.0477 0x43ac  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
02:38:18.0500 0x43ac  napagent - ok
02:38:18.0549 0x43ac  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
02:38:18.0559 0x43ac  NativeWifiP - ok
02:38:18.0605 0x43ac  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\windows\system32\drivers\ndis.sys
02:38:18.0631 0x43ac  NDIS - ok
02:38:18.0660 0x43ac  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
02:38:18.0663 0x43ac  NdisCap - ok
02:38:18.0687 0x43ac  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
02:38:18.0689 0x43ac  NdisTapi - ok
02:38:18.0709 0x43ac  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
02:38:18.0712 0x43ac  Ndisuio - ok
02:38:18.0736 0x43ac  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
02:38:18.0742 0x43ac  NdisWan - ok
02:38:18.0762 0x43ac  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
02:38:18.0765 0x43ac  NDProxy - ok
02:38:18.0786 0x43ac  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
02:38:18.0787 0x43ac  NetBIOS - ok
02:38:18.0810 0x43ac  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
02:38:18.0818 0x43ac  NetBT - ok
02:38:18.0838 0x43ac  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
02:38:18.0840 0x43ac  Netlogon - ok
02:38:18.0875 0x43ac  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
02:38:18.0885 0x43ac  Netman - ok
02:38:18.0938 0x43ac  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
02:38:18.0951 0x43ac  netprofm - ok
02:38:18.0997 0x43ac  [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:38:19.0008 0x43ac  NetTcpPortSharing - ok
02:38:19.0049 0x43ac  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
02:38:19.0052 0x43ac  nfrd960 - ok
02:38:19.0109 0x43ac  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
02:38:19.0128 0x43ac  NlaSvc - ok
02:38:19.0131 0x43ac  Norton PC Checkup Application Launcher - ok
02:38:19.0143 0x43ac  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
02:38:19.0145 0x43ac  Npfs - ok
02:38:19.0178 0x43ac  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
02:38:19.0181 0x43ac  nsi - ok
02:38:19.0200 0x43ac  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
02:38:19.0202 0x43ac  nsiproxy - ok
02:38:19.0330 0x43ac  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
02:38:19.0373 0x43ac  Ntfs - ok
02:38:19.0401 0x43ac  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
02:38:19.0435 0x43ac  Null - ok
02:38:19.0468 0x43ac  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
02:38:19.0480 0x43ac  nvraid - ok
02:38:19.0492 0x43ac  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
02:38:19.0499 0x43ac  nvstor - ok
02:38:19.0537 0x43ac  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
02:38:19.0542 0x43ac  nv_agp - ok
02:38:19.0563 0x43ac  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
02:38:19.0568 0x43ac  ohci1394 - ok
02:38:19.0652 0x43ac  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:38:19.0688 0x43ac  ose - ok
02:38:19.0979 0x43ac  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:38:20.0189 0x43ac  osppsvc - ok
02:38:20.0230 0x43ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
02:38:20.0240 0x43ac  p2pimsvc - ok
02:38:20.0260 0x43ac  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
02:38:20.0273 0x43ac  p2psvc - ok
02:38:20.0302 0x43ac  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
02:38:20.0306 0x43ac  Parport - ok
02:38:20.0344 0x43ac  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
02:38:20.0346 0x43ac  partmgr - ok
02:38:20.0363 0x43ac  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
02:38:20.0369 0x43ac  PcaSvc - ok
02:38:20.0372 0x43ac  PCCUJobMgr - ok
02:38:20.0397 0x43ac  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
02:38:20.0403 0x43ac  pci - ok
02:38:20.0427 0x43ac  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\DRIVERS\pciide.sys
02:38:20.0429 0x43ac  pciide - ok
02:38:20.0467 0x43ac  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
02:38:20.0480 0x43ac  pcmcia - ok
02:38:20.0495 0x43ac  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
02:38:20.0498 0x43ac  pcw - ok
02:38:20.0536 0x43ac  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
02:38:20.0553 0x43ac  PEAUTH - ok
02:38:20.0660 0x43ac  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
02:38:20.0677 0x43ac  PerfHost - ok
02:38:20.0701 0x43ac  [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
02:38:20.0709 0x43ac  PGEffect - ok
02:38:20.0816 0x43ac  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
02:38:20.0858 0x43ac  pla - ok
02:38:20.0917 0x43ac  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
02:38:20.0935 0x43ac  PlugPlay - ok
02:38:20.0968 0x43ac  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
02:38:20.0972 0x43ac  PNRPAutoReg - ok
02:38:21.0009 0x43ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
02:38:21.0019 0x43ac  PNRPsvc - ok
02:38:21.0058 0x43ac  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
02:38:21.0075 0x43ac  PolicyAgent - ok
02:38:21.0110 0x43ac  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
02:38:21.0117 0x43ac  Power - ok
02:38:21.0150 0x43ac  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
02:38:21.0154 0x43ac  PptpMiniport - ok
02:38:21.0174 0x43ac  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
02:38:21.0177 0x43ac  Processor - ok
02:38:21.0223 0x43ac  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
02:38:21.0230 0x43ac  ProfSvc - ok
02:38:21.0239 0x43ac  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
02:38:21.0241 0x43ac  ProtectedStorage - ok
02:38:21.0275 0x43ac  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
02:38:21.0279 0x43ac  Psched - ok
02:38:21.0359 0x43ac  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
02:38:21.0398 0x43ac  ql2300 - ok
02:38:21.0415 0x43ac  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
02:38:21.0420 0x43ac  ql40xx - ok
02:38:21.0451 0x43ac  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
02:38:21.0459 0x43ac  QWAVE - ok
02:38:21.0476 0x43ac  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
02:38:21.0481 0x43ac  QWAVEdrv - ok
02:38:21.0484 0x43ac  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
02:38:21.0486 0x43ac  RasAcd - ok
02:38:21.0527 0x43ac  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
02:38:21.0533 0x43ac  RasAgileVpn - ok
02:38:21.0554 0x43ac  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
02:38:21.0562 0x43ac  RasAuto - ok
02:38:21.0579 0x43ac  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
02:38:21.0585 0x43ac  Rasl2tp - ok
02:38:21.0626 0x43ac  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
02:38:21.0638 0x43ac  RasMan - ok
02:38:21.0668 0x43ac  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
02:38:21.0672 0x43ac  RasPppoe - ok
02:38:21.0679 0x43ac  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
02:38:21.0683 0x43ac  RasSstp - ok
02:38:21.0729 0x43ac  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
02:38:21.0737 0x43ac  rdbss - ok
02:38:21.0749 0x43ac  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
02:38:21.0751 0x43ac  rdpbus - ok
02:38:21.0774 0x43ac  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
02:38:21.0775 0x43ac  RDPCDD - ok
02:38:21.0791 0x43ac  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
02:38:21.0793 0x43ac  RDPENCDD - ok
02:38:21.0805 0x43ac  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
02:38:21.0806 0x43ac  RDPREFMP - ok
02:38:21.0834 0x43ac  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
02:38:21.0844 0x43ac  RDPWD - ok
02:38:21.0883 0x43ac  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
02:38:21.0889 0x43ac  rdyboost - ok
02:38:21.0913 0x43ac  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
02:38:21.0918 0x43ac  RemoteAccess - ok
02:38:21.0951 0x43ac  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
02:38:21.0957 0x43ac  RemoteRegistry - ok
02:38:21.0971 0x43ac  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
02:38:21.0974 0x43ac  RpcEptMapper - ok
02:38:22.0005 0x43ac  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
02:38:22.0007 0x43ac  RpcLocator - ok
02:38:22.0039 0x43ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
02:38:22.0052 0x43ac  RpcSs - ok
02:38:22.0142 0x43ac  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
02:38:22.0165 0x43ac  rspndr - ok
02:38:22.0235 0x43ac  [ 0E3DCF76F11DC431B088A2DFD7265CDA, 7FCC8A9C28B8B2E9EC6AB9FFF7354929838134F61DB9D5BB96C5F6A7ABDC6B6A ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
02:38:22.0253 0x43ac  RSUSBSTOR - ok
02:38:22.0316 0x43ac  [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
02:38:22.0352 0x43ac  RTL8192Ce - ok
02:38:22.0361 0x43ac  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
02:38:22.0363 0x43ac  SamSs - ok
02:38:22.0376 0x43ac  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
02:38:22.0380 0x43ac  sbp2port - ok
02:38:22.0402 0x43ac  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
02:38:22.0409 0x43ac  SCardSvr - ok
02:38:22.0430 0x43ac  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
02:38:22.0432 0x43ac  scfilter - ok
02:38:22.0484 0x43ac  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
02:38:22.0514 0x43ac  Schedule - ok
02:38:22.0549 0x43ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
02:38:22.0556 0x43ac  SCPolicySvc - ok
02:38:22.0588 0x43ac  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
02:38:22.0604 0x43ac  SDRSVC - ok
02:38:22.0645 0x43ac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
02:38:22.0649 0x43ac  secdrv - ok
02:38:22.0669 0x43ac  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
02:38:22.0676 0x43ac  seclogon - ok
02:38:22.0722 0x43ac  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
02:38:22.0731 0x43ac  SENS - ok
02:38:22.0767 0x43ac  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
02:38:22.0774 0x43ac  SensrSvc - ok
02:38:22.0804 0x43ac  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
02:38:22.0807 0x43ac  Serenum - ok
02:38:22.0838 0x43ac  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
02:38:22.0844 0x43ac  Serial - ok
02:38:22.0857 0x43ac  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
02:38:22.0861 0x43ac  sermouse - ok
02:38:22.0895 0x43ac  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
02:38:22.0901 0x43ac  SessionEnv - ok
02:38:22.0904 0x43ac  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
02:38:22.0906 0x43ac  sffdisk - ok
02:38:22.0926 0x43ac  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
02:38:22.0928 0x43ac  sffp_mmc - ok
02:38:22.0966 0x43ac  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
02:38:22.0970 0x43ac  sffp_sd - ok
02:38:23.0008 0x43ac  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
02:38:23.0010 0x43ac  sfloppy - ok
02:38:23.0049 0x43ac  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
02:38:23.0065 0x43ac  SharedAccess - ok
02:38:23.0104 0x43ac  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
02:38:23.0117 0x43ac  ShellHWDetection - ok
02:38:23.0143 0x43ac  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
02:38:23.0146 0x43ac  SiSRaid2 - ok
02:38:23.0152 0x43ac  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
02:38:23.0155 0x43ac  SiSRaid4 - ok
02:38:23.0172 0x43ac  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
02:38:23.0176 0x43ac  Smb - ok
02:38:23.0219 0x43ac  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
02:38:23.0222 0x43ac  SNMPTRAP - ok
02:38:23.0234 0x43ac  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
02:38:23.0236 0x43ac  spldr - ok
02:38:23.0268 0x43ac  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\windows\System32\spoolsv.exe
02:38:23.0285 0x43ac  Spooler - ok
02:38:23.0468 0x43ac  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
02:38:23.0558 0x43ac  sppsvc - ok
02:38:23.0583 0x43ac  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
02:38:23.0587 0x43ac  sppuinotify - ok
02:38:23.0609 0x43ac  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
02:38:23.0622 0x43ac  srv - ok
02:38:23.0679 0x43ac  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
02:38:23.0698 0x43ac  srv2 - ok
02:38:23.0722 0x43ac  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
02:38:23.0730 0x43ac  srvnet - ok
02:38:23.0770 0x43ac  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
02:38:23.0781 0x43ac  SSDPSRV - ok
02:38:23.0799 0x43ac  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
02:38:23.0805 0x43ac  SstpSvc - ok
02:38:23.0817 0x43ac  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
02:38:23.0819 0x43ac  stexstor - ok
02:38:23.0858 0x43ac  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
02:38:23.0875 0x43ac  stisvc - ok
02:38:23.0899 0x43ac  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
02:38:23.0901 0x43ac  swenum - ok
02:38:23.0948 0x43ac  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
02:38:23.0963 0x43ac  swprv - ok
02:38:24.0009 0x43ac  [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
02:38:24.0021 0x43ac  SynTP - ok
02:38:24.0167 0x43ac  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
02:38:24.0213 0x43ac  SysMain - ok
02:38:24.0228 0x43ac  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
02:38:24.0232 0x43ac  TabletInputService - ok
02:38:24.0253 0x43ac  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
02:38:24.0263 0x43ac  TapiSrv - ok
02:38:24.0294 0x43ac  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
02:38:24.0298 0x43ac  TBS - ok
02:38:24.0442 0x43ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
02:38:24.0490 0x43ac  Tcpip - ok
02:38:24.0550 0x43ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
02:38:24.0591 0x43ac  TCPIP6 - ok
02:38:24.0624 0x43ac  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
02:38:24.0626 0x43ac  tcpipreg - ok
02:38:24.0647 0x43ac  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
02:38:24.0652 0x43ac  tdcmdpst - ok
02:38:24.0673 0x43ac  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
02:38:24.0674 0x43ac  TDPIPE - ok
02:38:24.0702 0x43ac  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
02:38:24.0704 0x43ac  TDTCP - ok
02:38:24.0718 0x43ac  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
02:38:24.0722 0x43ac  tdx - ok
02:38:24.0751 0x43ac  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
02:38:24.0754 0x43ac  TermDD - ok
02:38:24.0831 0x43ac  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
02:38:24.0850 0x43ac  TermService - ok
02:38:24.0877 0x43ac  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
02:38:24.0881 0x43ac  Themes - ok
02:38:24.0892 0x43ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
02:38:24.0895 0x43ac  THREADORDER - ok
02:38:25.0003 0x43ac  [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
02:38:25.0006 0x43ac  TMachInfo - ok
02:38:25.0060 0x43ac  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv         C:\windows\system32\TODDSrv.exe
02:38:25.0066 0x43ac  TODDSrv - ok
02:38:25.0173 0x43ac  [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951DFF5494B6BFC012 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
02:38:25.0192 0x43ac  TosCoSrv - ok
02:38:25.0220 0x43ac  [ 29D0886CF250FCEF1BF9E65AB8D2C0C8, 8D852DB100AC68A07A6E2AD21198410EAAB36E83BB8BAEA71CB698680B5DCE71 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
02:38:25.0224 0x43ac  TOSHIBA HDD SSD Alert Service - ok
02:38:25.0273 0x43ac  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64       C:\windows\system32\DRIVERS\tos_sps64.sys
02:38:25.0286 0x43ac  tos_sps64 - ok
02:38:25.0312 0x43ac  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
02:38:25.0318 0x43ac  TrkWks - ok
02:38:25.0386 0x43ac  [ B66EE1D68197DFB9AA24F961E68ACDCC, EB7536089BAF2384437EDE964F7A20AE00C988B8CCB61A8F12CB2BBD84C4FB6E ] trufos          C:\windows\system32\DRIVERS\trufos.sys
02:38:25.0400 0x43ac  trufos - ok
02:38:25.0481 0x43ac  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
02:38:25.0493 0x43ac  TrustedInstaller - ok
02:38:25.0514 0x43ac  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
02:38:25.0517 0x43ac  tssecsrv - ok
02:38:25.0542 0x43ac  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
02:38:25.0545 0x43ac  TsUsbFlt - ok
02:38:25.0563 0x43ac  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
02:38:25.0565 0x43ac  TsUsbGD - ok
02:38:25.0615 0x43ac  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
02:38:25.0620 0x43ac  tunnel - ok
02:38:25.0639 0x43ac  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
02:38:25.0640 0x43ac  TVALZ - ok
02:38:25.0662 0x43ac  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
02:38:25.0666 0x43ac  uagp35 - ok
02:38:25.0689 0x43ac  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
02:38:25.0699 0x43ac  udfs - ok
02:38:25.0730 0x43ac  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
02:38:25.0734 0x43ac  UI0Detect - ok
02:38:25.0759 0x43ac  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
02:38:25.0762 0x43ac  uliagpkx - ok
02:38:25.0789 0x43ac  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
02:38:25.0791 0x43ac  umbus - ok
02:38:25.0817 0x43ac  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
02:38:25.0819 0x43ac  UmPass - ok
02:38:26.0041 0x43ac  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
02:38:26.0108 0x43ac  UNS - ok
02:38:26.0201 0x43ac  [ FC248AFF7C2F310B92EB2065AF0A3720, 0D5BE6159D4C976A5496D6ED8D74121EF9665D7E82051336466302639E536010 ] UPDATESRV       C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\updatesrv.exe
02:38:26.0207 0x43ac  UPDATESRV - ok
02:38:26.0264 0x43ac  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
02:38:26.0280 0x43ac  upnphost - ok
02:38:26.0340 0x43ac  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
02:38:26.0348 0x43ac  usbaudio - ok
02:38:26.0376 0x43ac  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
02:38:26.0382 0x43ac  usbccgp - ok
02:38:26.0447 0x43ac  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
02:38:26.0459 0x43ac  usbcir - ok
02:38:26.0477 0x43ac  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
02:38:26.0486 0x43ac  usbehci - ok
02:38:26.0559 0x43ac  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
02:38:26.0578 0x43ac  usbhub - ok
02:38:26.0592 0x43ac  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
02:38:26.0596 0x43ac  usbohci - ok
02:38:26.0627 0x43ac  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\drivers\usbprint.sys
02:38:26.0629 0x43ac  usbprint - ok
02:38:26.0636 0x43ac  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
02:38:26.0639 0x43ac  USBSTOR - ok
02:38:26.0651 0x43ac  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
02:38:26.0655 0x43ac  usbuhci - ok
02:38:26.0690 0x43ac  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
02:38:26.0699 0x43ac  usbvideo - ok
02:38:26.0727 0x43ac  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
02:38:26.0730 0x43ac  UxSms - ok
02:38:26.0739 0x43ac  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
02:38:26.0741 0x43ac  VaultSvc - ok
02:38:26.0770 0x43ac  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
02:38:26.0772 0x43ac  vdrvroot - ok
02:38:26.0806 0x43ac  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
02:38:26.0823 0x43ac  vds - ok
02:38:26.0838 0x43ac  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
02:38:26.0840 0x43ac  vga - ok
02:38:26.0855 0x43ac  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
02:38:26.0857 0x43ac  VgaSave - ok
02:38:26.0866 0x43ac  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
02:38:26.0873 0x43ac  vhdmp - ok
02:38:26.0877 0x43ac  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
02:38:26.0878 0x43ac  viaide - ok
02:38:26.0889 0x43ac  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
02:38:26.0891 0x43ac  volmgr - ok
02:38:26.0914 0x43ac  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
02:38:26.0924 0x43ac  volmgrx - ok
02:38:26.0954 0x43ac  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\windows\system32\drivers\volsnap.sys
02:38:26.0961 0x43ac  volsnap - ok
02:38:26.0983 0x43ac  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
02:38:26.0990 0x43ac  vsmraid - ok
02:38:27.0100 0x43ac  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
02:38:27.0142 0x43ac  VSS - ok
02:38:27.0278 0x43ac  [ CC6A09BFA676B7E1679A2EE874061991, D2441A0F27925FA3F38E7C8C117C9B388EED9F7A4BCBD8CF9CAC74C6E2F37E83 ] VSSERV          C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\vsserv.exe
02:38:27.0320 0x43ac  VSSERV - ok
02:38:27.0330 0x43ac  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
02:38:27.0332 0x43ac  vwifibus - ok
02:38:27.0368 0x43ac  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
02:38:27.0371 0x43ac  vwififlt - ok
02:38:27.0434 0x43ac  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
02:38:27.0449 0x43ac  W32Time - ok
02:38:27.0471 0x43ac  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
02:38:27.0473 0x43ac  WacomPen - ok
02:38:27.0515 0x43ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
02:38:27.0519 0x43ac  WANARP - ok
02:38:27.0524 0x43ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
02:38:27.0526 0x43ac  Wanarpv6 - ok
02:38:27.0637 0x43ac  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
02:38:27.0670 0x43ac  WatAdminSvc - ok
02:38:27.0765 0x43ac  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
02:38:27.0811 0x43ac  wbengine - ok
02:38:27.0832 0x43ac  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
02:38:27.0840 0x43ac  WbioSrvc - ok
02:38:27.0864 0x43ac  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
02:38:27.0875 0x43ac  wcncsvc - ok
02:38:27.0926 0x43ac  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
02:38:27.0934 0x43ac  WcsPlugInService - ok
02:38:27.0961 0x43ac  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
02:38:27.0964 0x43ac  Wd - ok
02:38:28.0060 0x43ac  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
02:38:28.0083 0x43ac  Wdf01000 - ok
02:38:28.0119 0x43ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
02:38:28.0124 0x43ac  WdiServiceHost - ok
02:38:28.0129 0x43ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
02:38:28.0133 0x43ac  WdiSystemHost - ok
02:38:28.0153 0x43ac  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\windows\System32\webclnt.dll
02:38:28.0162 0x43ac  WebClient - ok
02:38:28.0178 0x43ac  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
02:38:28.0187 0x43ac  Wecsvc - ok
02:38:28.0203 0x43ac  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
02:38:28.0207 0x43ac  wercplsupport - ok
02:38:28.0231 0x43ac  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
02:38:28.0236 0x43ac  WerSvc - ok
02:38:28.0267 0x43ac  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
02:38:28.0269 0x43ac  WfpLwf - ok
02:38:28.0284 0x43ac  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
02:38:28.0286 0x43ac  WIMMount - ok
02:38:28.0307 0x43ac  WinDefend - ok
02:38:28.0311 0x43ac  WinHttpAutoProxySvc - ok
02:38:28.0388 0x43ac  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
02:38:28.0401 0x43ac  Winmgmt - ok
02:38:28.0534 0x43ac  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
02:38:28.0586 0x43ac  WinRM - ok
02:38:28.0676 0x43ac  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
02:38:28.0680 0x43ac  WinUsb - ok
02:38:28.0758 0x43ac  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
02:38:28.0785 0x43ac  Wlansvc - ok
02:38:28.0865 0x43ac  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:38:28.0877 0x43ac  wlcrasvc - ok
02:38:29.0053 0x43ac  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:38:29.0111 0x43ac  wlidsvc - ok
02:38:29.0129 0x43ac  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
02:38:29.0131 0x43ac  WmiAcpi - ok
02:38:29.0158 0x43ac  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
02:38:29.0165 0x43ac  wmiApSrv - ok
02:38:29.0213 0x43ac  WMPNetworkSvc - ok
02:38:29.0252 0x43ac  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
02:38:29.0255 0x43ac  WPCSvc - ok
02:38:29.0275 0x43ac  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
02:38:29.0281 0x43ac  WPDBusEnum - ok
02:38:29.0301 0x43ac  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
02:38:29.0303 0x43ac  ws2ifsl - ok
02:38:29.0312 0x43ac  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
02:38:29.0317 0x43ac  wscsvc - ok
02:38:29.0368 0x43ac  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
02:38:29.0372 0x43ac  WSDPrintDevice - ok
02:38:29.0386 0x43ac  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\windows\system32\DRIVERS\WSDScan.sys
02:38:29.0392 0x43ac  WSDScan - ok
02:38:29.0399 0x43ac  WSearch - ok
02:38:29.0541 0x43ac  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
02:38:29.0605 0x43ac  wuauserv - ok
02:38:29.0630 0x43ac  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
02:38:29.0634 0x43ac  WudfPf - ok
02:38:29.0661 0x43ac  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
02:38:29.0666 0x43ac  WUDFRd - ok
02:38:29.0689 0x43ac  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
02:38:29.0693 0x43ac  wudfsvc - ok
02:38:29.0714 0x43ac  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\windows\System32\wwansvc.dll
02:38:29.0742 0x43ac  WwanSvc - ok
02:38:29.0843 0x43ac  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\windows\system32\DRIVERS\xnacc.sys
02:38:29.0870 0x43ac  xnacc - ok
02:38:29.0889 0x43ac  ================ Scan global ===============================
02:38:29.0916 0x43ac  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
02:38:29.0973 0x43ac  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
02:38:29.0994 0x43ac  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
02:38:30.0065 0x43ac  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
02:38:30.0117 0x43ac  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
02:38:30.0138 0x43ac  [ Global ] - ok
02:38:30.0138 0x43ac  ================ Scan MBR ==================================
02:38:30.0156 0x43ac  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
02:38:30.0382 0x43ac  \Device\Harddisk0\DR0 - ok
02:38:30.0383 0x43ac  ================ Scan VBR ==================================
02:38:30.0387 0x43ac  [ 58FB38858C3A80D7BB3B50757A2DE4C8 ] \Device\Harddisk0\DR0\Partition1
02:38:30.0390 0x43ac  \Device\Harddisk0\DR0\Partition1 - ok
02:38:30.0391 0x43ac  ================ Scan generic autorun ======================
02:38:30.0444 0x43ac  [ 64E498DF53A9481C0F65923B8E1AF8FF, C3DC9C5A4659811129593A5538BDBBC812B4FF8386445F144918B5A1733316A2 ] C:\windows\system32\igfxtray.exe
02:38:30.0455 0x43ac  IgfxTray - ok
02:38:30.0488 0x43ac  [ D2AF25E2921BACC9B87E1AB7054F22D2, 847472F224A3AD34738A6F9DBEF327AC5B741B1382760F9F441E361EB875CE80 ] C:\windows\system32\hkcmd.exe
02:38:30.0499 0x43ac  HotKeysCmds - ok
02:38:30.0527 0x43ac  [ E58E1B907C67DE1FD65BE37EB3C5E79D, 83DC46A2AF97315D86AB6AF909820518268D7D71403385129CF33BDF6FD3F82C ] C:\windows\system32\igfxpers.exe
02:38:30.0539 0x43ac  Persistence - ok
02:38:30.0625 0x43ac  [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
02:38:30.0679 0x43ac  SmartAudio - ok
02:38:30.0680 0x43ac  SynTPEnh - ok
02:38:30.0681 0x43ac  TPwrMain - ok
02:38:30.0703 0x43ac  [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
02:38:30.0707 0x43ac  TosVolRegulator - ok
02:38:30.0739 0x43ac  [ 426350B428CD70D037A3326EB9E5EDFD, B7B1A20D1D75661533CF983EA0C6E520B928AF6FCCDA70C488FC8FC566B5AF7F ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
02:38:30.0762 0x43ac  TosSENotify - ok
02:38:30.0764 0x43ac  TosNC - ok
02:38:30.0765 0x43ac  TosReelTimeMonitor - ok
02:38:30.0872 0x43ac  [ F075A898DDEDCB9DA2243DCB87124D95, 52B1C1B1DA21F386AC1BC8D2FCB571575C55BAF053ADFB8819886CDA528FEBE5 ] C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\bdagent.exe
02:38:30.0909 0x43ac  Bdagent - ok
02:38:31.0103 0x43ac  [ 8629773FE7379BB7095A61936CC6BD24, 819E5108B50614D83C34A0A91D30D4EEAE88E17F22D4D15FD469E53932DC1292 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
02:38:31.0171 0x43ac  CanonMyPrinter - ok
02:38:31.0232 0x43ac  [ 1705B6E6E1D883965F32C7D3B8E78CE6, 8C7208DB10158087FD6CFA3AB439AE4C403BE3FF7689CAB79C4ED5C7A44A65C2 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
02:38:31.0265 0x43ac  ToshibaServiceStation - ok
02:38:31.0372 0x43ac  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
02:38:31.0400 0x43ac  Adobe ARM - ok
02:38:31.0560 0x43ac  [ 3B78ACCCAA5132638E7CF419F4A965C7, C91DD62901778FEB6BDBABD6F736D59FD85361AE53867AD232C90D22ECB7B49F ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
02:38:31.0564 0x3d74  Object required for P2P: [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport
02:38:31.0590 0x43ac  CanonSolutionMenuEx - ok
02:38:31.0648 0x43ac  [ C14CF3A71C99E7AD48ECC928886317AC, A1D363ACFA79C08EE6DD32A572BB389EC02A42D12E0E14FF1680AE6987754833 ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
02:38:31.0658 0x43ac  IJNetworkScanUtility - ok
02:38:31.0762 0x43ac  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:38:31.0802 0x43ac  Sidebar - ok
02:38:31.0824 0x43ac  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:38:31.0828 0x43ac  mctadmin - ok
02:38:31.0863 0x43ac  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:38:31.0887 0x43ac  Sidebar - ok
02:38:31.0894 0x43ac  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:38:31.0897 0x43ac  mctadmin - ok
02:38:31.0899 0x43ac  Adobe Speed Launcher - ok
02:38:31.0900 0x43ac  RunCanonMsetUp - ok
02:38:31.0902 0x43ac  Waiting for KSN requests completion. In queue: 182
02:38:32.0902 0x43ac  Waiting for KSN requests completion. In queue: 182
02:38:33.0902 0x43ac  Waiting for KSN requests completion. In queue: 182
02:38:34.0582 0x1560  Object required for P2P: [ DF8126BD41180351A093A3AD2FC8903B ] volsnap
02:38:34.0902 0x43ac  Waiting for KSN requests completion. In queue: 181
02:38:35.0069 0x3d74  Object send P2P result: true
02:38:35.0902 0x43ac  Waiting for KSN requests completion. In queue: 61
02:38:36.0902 0x43ac  Waiting for KSN requests completion. In queue: 61
02:38:37.0509 0x1560  Object send P2P result: true
02:38:37.0988 0x43ac  AV detected via SS2: Early Detection Center 4.0 Antivirus, C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\wscfix.exe ( 16.24.0.1669 ), 0x41000 ( enabled : updated )
02:38:37.0990 0x43ac  AV detected via SS2: Early Detection Center 4.0 Antivirus, C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\wscfix.exe ( 16.24.0.1669 ), 0x41000 ( enabled : updated )
02:38:37.0998 0x43ac  Win FW state via NFP2: enabled
02:38:40.0712 0x43ac  ============================================================
02:38:40.0712 0x43ac  Scan finished
02:38:40.0712 0x43ac  ============================================================
02:38:40.0730 0x17e8  Detected object count: 0
02:38:40.0730 0x17e8  Actual detected object count: 0
02:47:37.0085 0x2830  Deinitialize success

 

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-02-05 02:48:28
-----------------------------
02:48:28.145    OS Version: Windows x64 6.1.7601 Service Pack 1
02:48:28.145    Number of processors: 2 586 0x2A07
02:48:28.145    ComputerName: MK-PC  UserName: MK
02:48:29.580    Initialize success
02:48:29.631    VM: initialized successfully
02:48:29.632    VM: Intel CPU virtualization not supported
02:48:49.836    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
02:48:49.839    Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 3
02:48:49.988    Disk 0 MBR read successfully
02:48:49.990    Disk 0 MBR scan
02:48:49.993    Disk 0 Windows VISTA default MBR code
02:48:50.009    Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS         1500 MB offset 2048
02:48:50.013    Disk 0 default boot code
02:48:50.023    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       594982 MB offset 3074048
02:48:50.055    Disk 0 Partition 3 00     17 Hidd HPFS/NTFS NTFS        13997 MB offset 1221597184
02:48:50.201    Disk 0 scanning C:\windows\system32\drivers
02:48:56.442    Service scanning
02:48:58.828    Service bdfwfpf C:\Program Files\Common Files\Early Detection Center 4.0\Early Detection Center 4.0 Firewall\bdfwfpf.sys **LOCKED** 5
02:49:19.989    Modules scanning
02:49:20.009    Disk 0 trace - called modules:
02:49:20.077    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
02:49:20.087    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004f2b060]
02:49:20.093    3 CLASSPNP.SYS[fffff88001b2943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ddb050]
02:49:20.099    Disk 0 statistics 101782/0/0 @ 8.71 MB/s
02:49:20.106    Scan finished successfully
02:49:32.244    Disk 0 MBR has been saved successfully to "C:\Users\MK\Desktop\MBR.dat"
02:49:32.275    The log file has been saved successfully to "C:\Users\MK\Desktop\aswMBR.txt"

 

Attached Files

  • Attached File  MBR.zip   567bytes   0 downloads


#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 05 February 2015 - 10:47 AM

The Master Boot sector is OK.

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

#13 lion2727

lion2727
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 08 February 2015 - 06:27 AM

Sorry it took couple of days had been busy but here is the report you asked for.

 

 

 

 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : MK [Administrator]
Mode : Delete -- Date : 02/08/2015  06:22:46

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 30 (Driver: Loaded) ¤¤¤
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x758507ae (jmp 0xfffffffffe032095|jmp 0xffffffffffffe6b2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x758507ae (jmp 0xfffffffffe032e09|jmp 0xffffffffffffdad2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtMapViewOfSection : Unknown @ 0x758507ae (jmp 0xfffffffffe0319a1|jmp 0xffffffffffffef9a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtUnmapViewOfSection : Unknown @ 0x758507ae (jmp 0xfffffffffe031a09|jmp 0xffffffffffffef02|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x758507ae (jmp 0xfffffffffe030331|jmp 0xffffffffffffe4ea|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x758507ae (jmp 0xfffffffffe0303f1|jmp 0xffffffffffffe87a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x758507ae (jmp 0xfffffffffe033955|jmp 0xffffffffffffcc92|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtSetInformationProcess : Unknown @ 0x758507ae (jmp 0xfffffffffe033029|jmp 0xffffffffffffda3a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x758507ae (jmp 0xfffffffffe032189|jmp 0xffffffffffffe7e2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x758507ae (jmp 0xfffffffffe03109d|jmp 0xffffffffffffd90a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtSetValueKey : Unknown @ 0x758507ae (jmp 0xfffffffffe033865|jmp 0xffffffffffffcb62|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtCreateFile : Unknown @ 0x758507ae (jmp 0xfffffffffe032c65|jmp 0xffffffffffffd872|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x758507ae (jmp 0xfffffffffe031e65|jmp 0xffffffffffffe912|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - RtlCreateProcessParametersEx : Unknown @ 0x758507ae (jmp 0xfffffffffdff1bb6|jmp 0xffffffffffffdc9a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x758507ae (jmp 0xfffffffffe033a99|jmp 0xffffffffffffcd2a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x758507ae (jmp 0xfffffffffe03302d|jmp 0xffffffffffffcdc2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtQueueApcThread : Unknown @ 0x758507ae (jmp 0xfffffffffe031f1d|jmp 0xffffffffffffe74a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x758507ae (jmp 0xfffffffffe031045|jmp 0xffffffffffffeca2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) KERNEL32.dll - CreateToolhelp32Snapshot : Unknown @ 0x758507ae (jmp 0xffffffffff50ace2|jmp 0xffffffffffffe582|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) USER32.dll - PostMessageW : Unknown @ 0x758507ae (jmp 0x752f248c|jmp 0xffffffffffffce5a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtVdmControl : Unknown @ 0x758507ae (jmp 0xfffffffffe031551|jmp 0xffffffffffffd152|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) USER32.dll - GetMessageA : Unknown @ 0x758507ae (jmp 0x752fb996|jmp 0xffffffffffffd022|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) USER32.dll - PostMessageA : Unknown @ 0x758507ae (jmp 0x752efaef|jmp 0xffffffffffffcef2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) USER32.dll - GetMessageW : Unknown @ 0x758507ae (jmp 0x752fbd1f|jmp 0xffffffffffffcf8a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) USER32.dll - SetWinEventHook : Unknown @ 0x758507ae (jmp 0x752f33c8|jmp 0xffffffffffffe3ba|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) KERNEL32.dll - MoveFileExW : Unknown @ 0x758507ae (jmp 0xffffffffff51950c|jmp 0xffffffffffffd57a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x758507ae (jmp 0xfffffffffe031df5|jmp 0xffffffffffffd9a2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ADVAPI32.dll - OpenServiceW : Unknown @ 0x758507ae (jmp 0xffffffffffdb5a45|jmp 0xffffffffffffe15a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ADVAPI32.dll - CloseServiceHandle : Unknown @ 0x758507ae (jmp 0xffffffffffdaf23d|jmp 0xffffffffffffdd32|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) KERNEL32.dll - GetStartupInfoA : Unknown @ 0x758507ae (jmp 0xffffffffff5325a1|jmp 0xffffffffffffd1ea|call 0x1fe)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++
--- User ---
[MBR] 10b1442b23c7e6c9f13486ff00217900
[BSP] fd4d75c4f54a6d637e328cb7ee04706c : HP MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 594982 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1221597184 | Size: 13997 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_02082015_061432.log - RKreport_DEL_02082015_061637.log - RKreport_DEL_02082015_061658.log - RKreport_DEL_02082015_061752.log
RKreport_DEL_02082015_061848.log - RKreport_SCN_02082015_062216.log



#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 08 February 2015 - 08:44 AM

[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x758507ae (jmp 0xfffffffffe032095|jmp 0xffffffffffffe6b2|call 0x1fe)

All OK these items are set by BitDefender.
===

iexplore.exe seems to be worse when flash runs more on websites. but here are the documents ask for, thank you again.


I suggest your remove Flash From Internet Explorer (IE)

Download and run their uninstaller. Follow the instructions on the page.
https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html

When done restart the computer normally.

Close all windows and programs.

Reinstall flash.
Flash test site:
http://www.adobe.com/software/flash/about/
Install the new version.

How is it now?

#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,222 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:00 PM

Posted 14 February 2015 - 09:31 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users